IP address

Search at other sites:

.292148.113.208.45ns5032588.ip-148-113-208.net

Shodan(more info)

Passive DNS

IP blacklists

DataPlane SSH conn

148.113.208.45 is listed on the DataPlane SSH conn blacklist.

Description: DataPlane.org is a community-powered Internet data, feeds,<br>and measurement resource for operators, by operators. IP addresses that<br>has been seen initiating an unsolicited SSH connection to a remote host.
Type of feed: primary (feed detail page)

Last checked at: 2024-12-22 15:10:02.109000
Was present on blacklist at: 2024-11-21 19:10, 2024-11-21 23:10, 2024-11-22 03:10, 2024-11-22 07:10, 2024-11-22 11:10, 2024-11-22 15:10, 2024-11-22 19:10, 2024-11-22 23:10, 2024-11-23 03:10, 2024-11-23 07:10, 2024-11-23 11:10, 2024-11-23 15:10, 2024-11-23 19:10, 2024-11-23 23:10, 2024-11-24 03:10, 2024-11-24 07:10, 2024-11-24 11:10, 2024-11-24 15:10, 2024-11-24 19:10, 2024-11-24 23:10, 2024-11-25 03:10, 2024-11-25 07:10, 2024-11-25 11:10, 2024-11-25 15:10, 2024-11-25 19:10, 2024-11-25 23:10, 2024-11-26 03:10, 2024-11-26 07:10, 2024-11-26 11:10, 2024-11-26 15:10, 2024-11-26 19:10, 2024-11-26 23:10, 2024-11-27 03:10, 2024-11-27 07:10, 2024-11-27 11:10, 2024-11-27 15:10, 2024-11-27 19:10, 2024-11-27 23:10, 2024-11-28 03:10, 2024-11-28 07:10, 2024-11-28 11:10, 2024-11-28 15:10, 2024-11-28 19:10, 2024-11-28 23:10, 2024-11-29 03:10, 2024-11-29 07:10, 2024-11-29 11:10, 2024-11-29 15:10, 2024-11-29 19:10, 2024-11-29 23:10, 2024-11-30 03:10, 2024-11-30 07:10, 2024-11-30 11:10, 2024-11-30 15:10, 2024-11-30 19:10, 2024-11-30 23:10, 2024-12-01 03:10, 2024-12-01 07:10, 2024-12-01 11:10, 2024-12-01 15:10, 2024-12-01 19:10, 2024-12-01 23:10, 2024-12-02 03:10, 2024-12-02 07:10, 2024-12-02 11:10, 2024-12-02 15:10, 2024-12-02 19:10, 2024-12-02 23:10, 2024-12-03 03:10, 2024-12-03 07:10, 2024-12-03 11:10, 2024-12-03 15:10, 2024-12-03 19:10, 2024-12-04 03:10, 2024-12-04 07:10, 2024-12-04 11:10, 2024-12-04 15:10, 2024-12-04 19:10, 2024-12-04 23:10, 2024-12-05 03:10, 2024-12-05 07:10, 2024-12-05 11:10, 2024-12-05 15:10, 2024-12-05 19:10, 2024-12-05 23:10, 2024-12-06 03:10, 2024-12-06 07:10, 2024-12-06 11:10, 2024-12-06 15:10, 2024-12-06 19:10, 2024-12-06 23:10, 2024-12-07 03:10, 2024-12-07 07:10, 2024-12-07 11:10, 2024-12-07 15:10, 2024-12-07 19:10, 2024-12-07 23:10, 2024-12-08 03:10, 2024-12-08 07:10, 2024-12-08 11:10, 2024-12-08 15:10, 2024-12-08 19:10, 2024-12-08 23:10, 2024-12-09 03:10, 2024-12-09 07:10, 2024-12-09 11:10, 2024-12-09 15:10, 2024-12-09 19:10, 2024-12-09 23:10, 2024-12-10 03:10, 2024-12-10 07:10, 2024-12-10 11:10, 2024-12-10 15:10, 2024-12-10 19:10, 2024-12-10 23:10, 2024-12-11 03:10, 2024-12-11 07:10, 2024-12-11 11:10, 2024-12-11 15:10, 2024-12-11 19:10, 2024-12-11 23:10, 2024-12-12 03:10, 2024-12-12 07:10, 2024-12-12 11:10, 2024-12-12 15:10, 2024-12-12 19:10, 2024-12-12 23:10, 2024-12-13 03:10, 2024-12-13 07:10, 2024-12-13 11:10, 2024-12-13 15:10, 2024-12-13 19:10, 2024-12-13 23:10, 2024-12-14 03:10, 2024-12-14 07:10, 2024-12-14 11:10, 2024-12-14 15:10, 2024-12-14 19:10, 2024-12-14 23:10, 2024-12-15 03:10, 2024-12-15 07:10, 2024-12-15 11:10, 2024-12-15 15:10, 2024-12-15 19:10, 2024-12-15 23:10, 2024-12-16 03:10, 2024-12-16 07:10, 2024-12-16 11:10, 2024-12-16 15:10, 2024-12-16 19:10, 2024-12-16 23:10, 2024-12-17 03:10, 2024-12-17 07:10, 2024-12-17 11:10, 2024-12-17 15:10, 2024-12-17 19:10, 2024-12-17 23:10, 2024-12-18 03:10, 2024-12-18 07:10, 2024-12-18 11:10, 2024-12-18 15:10, 2024-12-18 19:10, 2024-12-18 23:10, 2024-12-19 03:10, 2024-12-19 07:10, 2024-12-19 11:10, 2024-12-19 15:10, 2024-12-19 19:10, 2024-12-19 23:10, 2024-12-20 03:10, 2024-12-20 07:10, 2024-12-20 11:10, 2024-12-20 15:10, 2024-12-20 19:10, 2024-12-20 23:10, 2024-12-21 03:10, 2024-12-21 07:10, 2024-12-21 11:10, 2024-12-21 15:10, 2024-12-21 19:10, 2024-12-21 23:10, 2024-12-22 03:10, 2024-12-22 07:10, 2024-12-22 11:10, 2024-12-22 15:10

DataPlane VNC RFB

148.113.208.45 is listed on the DataPlane VNC RFB blacklist.

Description: DataPlane.org is a community-powered Internet data, feeds,<br>and measurement resource for operators, by operators. IPs initiating<br>an unsolicited VNC remote frame buffer (RFB) session to a remote host.
Type of feed: primary (feed detail page)

Last checked at: 2024-12-22 11:10:01.148000
Was present on blacklist at: 2024-11-21 23:10, 2024-11-22 07:10, 2024-11-22 15:10, 2024-11-22 19:10, 2024-11-23 15:10, 2024-11-23 23:10, 2024-11-25 15:10, 2024-11-25 19:10, 2024-11-26 15:10, 2024-11-27 07:10, 2024-11-28 19:10, 2024-11-29 23:10, 2024-11-30 15:10, 2024-11-30 19:10, 2024-12-03 03:10, 2024-12-03 07:10, 2024-12-04 07:10, 2024-12-04 15:10, 2024-12-04 23:10, 2024-12-05 07:10, 2024-12-06 11:10, 2024-12-07 03:10, 2024-12-07 07:10, 2024-12-07 11:10, 2024-12-07 19:10, 2024-12-08 11:10, 2024-12-09 07:10, 2024-12-11 11:10, 2024-12-12 07:10, 2024-12-12 11:10, 2024-12-12 15:10, 2024-12-13 07:10, 2024-12-13 11:10, 2024-12-13 15:10, 2024-12-14 03:10, 2024-12-14 11:10, 2024-12-14 15:10, 2024-12-15 23:10, 2024-12-16 11:10, 2024-12-16 15:10, 2024-12-16 19:10, 2024-12-17 11:10, 2024-12-17 19:10, 2024-12-17 23:10, 2024-12-18 03:10, 2024-12-18 07:10, 2024-12-18 15:10, 2024-12-18 19:10, 2024-12-18 23:10, 2024-12-19 03:10, 2024-12-19 11:10, 2024-12-19 15:10, 2024-12-19 19:10, 2024-12-19 23:10, 2024-12-20 11:10, 2024-12-20 19:10, 2024-12-20 23:10, 2024-12-21 03:10, 2024-12-21 11:10, 2024-12-21 15:10, 2024-12-21 23:10, 2024-12-22 03:10, 2024-12-22 07:10, 2024-12-22 11:10

CI Army

148.113.208.45 is listed on the CI Army blacklist.

Description: Collective Intelligence Network Security is a Threat Intelligence<br>database that provides scores for IPs. Source of unspecified malicious attacks<br>most of them will be active attackers/scanners
Type of feed: primary (feed detail page)

Last checked at: 2024-12-22 03:50:00.928000
Was present on blacklist at: 2024-11-22 03:50, 2024-11-23 03:50, 2024-11-24 03:50, 2024-11-25 03:50, 2024-11-26 03:50, 2024-11-27 03:50, 2024-11-28 03:50, 2024-11-29 03:50, 2024-11-30 03:50, 2024-12-01 03:50, 2024-12-02 03:50, 2024-12-03 03:50, 2024-12-04 03:50, 2024-12-05 03:50, 2024-12-06 03:50, 2024-12-07 03:50, 2024-12-08 03:50, 2024-12-09 03:50, 2024-12-10 03:50, 2024-12-19 03:50, 2024-12-20 03:50, 2024-12-21 03:50, 2024-12-22 03:50

Turris greylist

148.113.208.45 is listed on the Turris greylist blacklist.

Description: Greylist is the output of the Turris research project by CZ.NIC,<br>which collects data of malicious IPs.
Type of feed: primary (feed detail page)

Last checked at: 2024-12-21 22:15:00.210000
Was present on blacklist at: 2024-11-22 22:15, 2024-11-23 22:15, 2024-11-24 22:15, 2024-11-25 22:15, 2024-11-26 22:15, 2024-11-27 22:15, 2024-11-28 22:15, 2024-11-29 22:15, 2024-11-30 22:15, 2024-12-01 22:15, 2024-12-03 22:15, 2024-12-04 22:15, 2024-12-05 22:15, 2024-12-06 22:15, 2024-12-07 22:15, 2024-12-08 22:15, 2024-12-09 22:15, 2024-12-10 22:15, 2024-12-11 22:15, 2024-12-12 22:15, 2024-12-13 22:15, 2024-12-14 22:15, 2024-12-15 22:15, 2024-12-16 22:15, 2024-12-17 22:15, 2024-12-18 22:15, 2024-12-19 22:15, 2024-12-20 22:15, 2024-12-21 22:15

AbuseIPDB

148.113.208.45 is listed on the AbuseIPDB blacklist.

Description: AbuseIPDB is a project managed by Marathon Studios Inc.<br>Lists IPs performing a malicious activity (DDoS, spam, phishing...)
Type of feed: primary (feed detail page)

Last checked at: 2024-12-22 05:00:00.500000
Was present on blacklist at: 2024-11-23 05:00, 2024-11-24 05:00, 2024-11-25 05:00, 2024-11-26 05:00, 2024-11-27 05:00, 2024-11-28 05:00, 2024-11-29 05:00, 2024-11-30 05:00, 2024-12-01 05:00, 2024-12-02 05:00, 2024-12-03 05:00, 2024-12-04 05:00, 2024-12-05 05:00, 2024-12-06 05:00, 2024-12-07 05:00, 2024-12-08 05:00, 2024-12-09 05:00, 2024-12-11 05:00, 2024-12-13 05:00, 2024-12-14 05:00, 2024-12-15 05:00, 2024-12-16 05:00, 2024-12-19 05:00, 2024-12-20 05:00, 2024-12-21 05:00, 2024-12-22 05:00

UCEPROTECT L1

148.113.208.45 is listed on the UCEPROTECT L1 blacklist.

Description: UCEPROTECT-NETWORK list of spam IPs.
Type of feed: primary (feed detail page)

Last checked at: 2024-12-22 08:45:00.789000
Was present on blacklist at: 2024-11-24 16:45, 2024-11-25 00:45, 2024-11-25 08:45, 2024-11-25 16:45, 2024-11-26 00:45, 2024-11-26 08:45, 2024-11-26 16:45, 2024-11-27 00:45, 2024-11-27 08:45, 2024-11-27 16:45, 2024-11-28 00:45, 2024-11-28 08:45, 2024-11-28 16:45, 2024-11-29 00:45, 2024-11-29 08:45, 2024-11-29 16:45, 2024-11-30 00:45, 2024-11-30 08:45, 2024-11-30 16:45, 2024-12-01 00:45, 2024-12-01 08:45, 2024-12-01 16:45, 2024-12-02 00:45, 2024-12-02 08:45, 2024-12-02 16:45, 2024-12-03 00:45, 2024-12-03 08:45, 2024-12-03 16:45, 2024-12-04 00:45, 2024-12-04 08:45, 2024-12-04 16:45, 2024-12-05 00:45, 2024-12-05 08:45, 2024-12-05 16:45, 2024-12-06 00:45, 2024-12-06 08:45, 2024-12-06 16:45, 2024-12-07 00:45, 2024-12-07 08:45, 2024-12-07 16:45, 2024-12-08 00:45, 2024-12-08 08:45, 2024-12-08 16:45, 2024-12-09 00:45, 2024-12-09 08:45, 2024-12-09 16:45, 2024-12-10 00:45, 2024-12-10 08:45, 2024-12-10 16:45, 2024-12-11 00:45, 2024-12-11 08:45, 2024-12-11 16:45, 2024-12-12 00:45, 2024-12-12 08:45, 2024-12-13 00:45, 2024-12-13 08:45, 2024-12-13 16:45, 2024-12-14 00:45, 2024-12-14 08:45, 2024-12-14 16:45, 2024-12-15 00:45, 2024-12-15 08:45, 2024-12-15 16:45, 2024-12-16 00:45, 2024-12-16 08:45, 2024-12-16 16:45, 2024-12-17 00:45, 2024-12-17 08:45, 2024-12-17 16:45, 2024-12-18 00:45, 2024-12-18 08:45, 2024-12-18 16:45, 2024-12-19 00:45, 2024-12-19 08:45, 2024-12-19 16:45, 2024-12-20 00:45, 2024-12-20 08:45, 2024-12-20 16:45, 2024-12-21 00:45, 2024-12-21 08:45, 2024-12-21 16:45, 2024-12-22 00:45, 2024-12-22 08:45

DataPlane TELNET login

148.113.208.45 is listed on the DataPlane TELNET login blacklist.

Description: DataPlane.org is a community-powered Internet data, feeds,<br>and measurement resource for operators, by operators. IPs trying<br>an unsolicited login via TELNET password authentication.
Type of feed: primary (feed detail page)

Last checked at: 2024-11-27 07:10:03.602000
Was present on blacklist at: 2024-11-27 07:10

Spamhaus XBL CBL

148.113.208.45 is listed on the Spamhaus XBL CBL blacklist.

Description: The Spamhaus Exploits Block List (XBL) is a realtime database of IP addresses of hijacked PCs infected by illegal 3rd party exploits, including open proxies, worms/viruses with built-in spam engines, and other types of trojan-horse exploits.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2024-12-18 14:37:50.227000
Was present on blacklist at: 2024-11-27 14:37, 2024-12-04 14:37, 2024-12-11 14:37, 2024-12-18 14:37

Warden events (160)

2024-12-22

IntrusionUserCompromise (node.cfb4f7): 3

2024-12-20

IntrusionUserCompromise (node.cfb4f7): 39

2024-12-17

IntrusionUserCompromise (node.cfb4f7): 9

2024-12-16

IntrusionUserCompromise (node.cfb4f7): 3

2024-12-15

IntrusionUserCompromise (node.cfb4f7): 18

2024-12-14

IntrusionUserCompromise (node.cfb4f7): 12

2024-12-13

IntrusionUserCompromise (node.cfb4f7): 12

2024-12-11

IntrusionUserCompromise (node.cfb4f7): 21

2024-12-08

IntrusionUserCompromise (node.cfb4f7): 6

2024-12-07

IntrusionUserCompromise (node.cfb4f7): 12

2024-12-06

IntrusionUserCompromise (node.cfb4f7): 3

2024-11-19

AnomalyTraffic (node.ffe95c): 1

ReconScanning (node.4dc198): 2

ReconScanning (node.ce2b59): 2

2024-11-06

ReconScanning (node.4dc198): 1

ReconScanning (node.ce2b59): 1

2024-10-30

AnomalyTraffic (node.ffe95c): 2

ReconScanning (node.ce2b59): 5

ReconScanning (node.4dc198): 8

DShield reports (IP summary, reports)

2024-10-30

Number of reports: 247

Distinct targets: 171

2024-11-19

Number of reports: 13

Distinct targets: 8

2024-11-21

Number of reports: 1444

Distinct targets: 623

2024-11-22

Number of reports: 3274

Distinct targets: 1695

2024-11-23

Number of reports: 2983

Distinct targets: 2095

2024-11-24

Number of reports: 4163

Distinct targets: 2251

2024-11-25

Number of reports: 4260

Distinct targets: 2435

2024-11-26

Number of reports: 4880

Distinct targets: 2776

2024-11-27

Number of reports: 4215

Distinct targets: 2350

2024-11-28

Number of reports: 6615

Distinct targets: 4036

2024-11-29

Number of reports: 5536

Distinct targets: 3629

2024-11-30

Number of reports: 6527

Distinct targets: 4022

2024-12-01

Number of reports: 5339

Distinct targets: 3561

2024-12-02

Number of reports: 5787

Distinct targets: 3169

2024-12-03

Number of reports: 6454

Distinct targets: 4218

2024-12-04

Number of reports: 6476

Distinct targets: 4013

2024-12-05

Number of reports: 3159

Distinct targets: 1843

2024-12-06

Number of reports: 508

Distinct targets: 401

2024-12-07

Number of reports: 5978

Distinct targets: 3626

2024-12-08

Number of reports: 3252

Distinct targets: 2138

2024-12-09

Number of reports: 4279

Distinct targets: 2518

2024-12-10

Number of reports: 458

Distinct targets: 316

2024-12-11

Number of reports: 1139

Distinct targets: 546

2024-12-12

Number of reports: 438

Distinct targets: 269

2024-12-13

Number of reports: 1109

Distinct targets: 374

2024-12-14

Number of reports: 834

Distinct targets: 229

2024-12-15

Number of reports: 1342

Distinct targets: 462

2024-12-16

Number of reports: 1135

Distinct targets: 371

2024-12-17

Number of reports: 673

Distinct targets: 269

2024-12-18

Number of reports: 1013

Distinct targets: 509

2024-12-19

Number of reports: 1915

Distinct targets: 1123

2024-12-20

Number of reports: 3238

Distinct targets: 1502

2024-12-21

Number of reports: 2087

Distinct targets: 1482

OTX pulses

[674343cd234f64831ccc69e7] 2024-11-24 15:18:37.281000 | Telnet honeypot logs for 2024-11-24

Author name:	jnazario
Pulse modified:	2024-11-24 15:18:37.281000
Indicator created:	2024-11-24 15:18:38
Indicator role:	None
Indicator title:
Indicator expiration:	2024-12-24 15:00:00

[674343cceab55a4636e1893b] 2024-11-24 15:18:34.348000 | SSH honeypot logs for 2024-11-24

Author name:	jnazario
Pulse modified:	2024-11-24 15:18:34.348000
Indicator created:	2024-11-24 15:18:37
Indicator role:	None
Indicator title:
Indicator expiration:	2024-12-24 15:00:00

[674343c9e0f5064a4c0f8118] 2024-11-24 15:18:33.911000 | RDP honeypot logs for 2024/11/24

Author name:	jnazario
Pulse modified:	2024-11-24 15:18:33.911000
Indicator created:	2024-11-24 15:18:34
Indicator role:	None
Indicator title:
Indicator expiration:	2024-12-24 15:00:00

[674343c73b832061106462de] 2024-11-24 15:18:31.954000 | Redis honeypot logs for 2024-11-24

Author name:	jnazario
Pulse modified:	2024-11-24 15:18:31.954000
Indicator created:	2024-11-24 15:18:32
Indicator role:	None
Indicator title:
Indicator expiration:	2024-12-24 15:00:00

[6754673311fb7cf90d667fa5] 2024-12-07 15:18:11.267000 | RDP honeypot logs for 2024/12/07

Author name:	jnazario
Pulse modified:	2024-12-07 15:18:11.267000
Indicator created:	2024-12-07 15:18:12
Indicator role:	None
Indicator title:
Indicator expiration:	2025-01-06 15:00:00

[675da2c96dcd87c9bcdc54bd] 2024-12-14 15:22:49.072000 | Telnet honeypot logs for 2024-12-14

Author name:	jnazario
Pulse modified:	2024-12-14 15:22:49.072000
Indicator created:	2024-12-14 15:22:49
Indicator role:	None
Indicator title:
Indicator expiration:	2025-01-13 15:00:00

[675da2c863043c9440a7149a] 2024-12-14 15:22:48.030000 | RDP honeypot logs for 2024/12/14

Author name:	jnazario
Pulse modified:	2024-12-14 15:22:48.030000
Indicator created:	2024-12-14 15:22:48
Indicator role:	None
Indicator title:
Indicator expiration:	2025-01-13 15:00:00

[675ef4c8b100a9f1bb1a3461] 2024-12-15 15:24:56.543000 | RDP honeypot logs for 2024/12/15

Author name:	jnazario
Pulse modified:	2024-12-15 15:24:56.543000
Indicator created:	2024-12-15 15:24:57
Indicator role:	None
Indicator title:
Indicator expiration:	2025-01-14 15:00:00

[676044b60fd09a866c77920c] 2024-12-16 15:18:14.455000 | RDP honeypot logs for 2024/12/16

Author name:	jnazario
Pulse modified:	2024-12-16 15:18:14.455000
Indicator created:	2024-12-16 15:18:15
Indicator role:	None
Indicator title:
Indicator expiration:	2025-01-15 15:00:00

[67619636c4891fa87d472c62] 2024-12-17 15:18:14.845000 | Telnet honeypot logs for 2024-12-17

Author name:	jnazario
Pulse modified:	2024-12-17 15:18:14.845000
Indicator created:	2024-12-17 15:18:15
Indicator role:	None
Indicator title:
Indicator expiration:	2025-01-16 15:00:00

[6762e7b9e8d0d2266ef99b1e] 2024-12-18 15:18:17.532000 | Telnet honeypot logs for 2024-12-18

Author name:	jnazario
Pulse modified:	2024-12-18 15:18:17.532000
Indicator created:	2024-12-18 15:18:18
Indicator role:	None
Indicator title:
Indicator expiration:	2025-01-17 15:00:00

[6766dd35e5b2481de091bc0a] 2024-12-21 15:22:29.554000 | RDP honeypot logs for 2024/12/21

Author name:	jnazario
Pulse modified:	2024-12-21 15:22:29.554000
Indicator created:	2024-12-21 15:22:30
Indicator role:	None
Indicator title:
Indicator expiration:	2025-01-20 15:00:00

Origin AS

AS16276 - OVH

BGP Prefix

148.113.128.0/17

geo

Canada

🕑 America/Toronto

hostname

ns5032588.ip-148-113-208.net

hostname_class

['ip_in_hostname']

Address block ('inetnum' or 'NetRange' in whois database)

148.113.0.0 - 148.113.255.255

last_activity

2024-12-22 04:20:27

last_warden_event

2024-12-22 04:20:27

rep

0.29157004583449597

reserved_range

0

ts_added

2024-10-30 14:37:47.019000

ts_last_update

2024-12-22 15:12:12.211000

Warden event timeline

DShield event timeline

Presence on blacklists

OTX pulses