Must be a valid IPv4 or IPv6 ip address, e.g. 127.0.0.1 or 2001:DB8:0:0:8:800:200C:417A
Basic Info

City: unknown

Region: unknown

Country: Dominican Republic

Internet Service Provider: Compania Dominicana de Telefonos C. Por A. - Codetel

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:
Type Details Datetime
attackbots
...
2020-02-02 00:14:26
attackspam
2020-01-13T06:40:34.079406scmdmz1 sshd[28390]: Invalid user mmy from 148.0.63.43 port 49124
2020-01-13T06:40:34.083074scmdmz1 sshd[28390]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.0.63.43
2020-01-13T06:40:34.079406scmdmz1 sshd[28390]: Invalid user mmy from 148.0.63.43 port 49124
2020-01-13T06:40:36.207470scmdmz1 sshd[28390]: Failed password for invalid user mmy from 148.0.63.43 port 49124 ssh2
2020-01-13T06:43:14.140161scmdmz1 sshd[28576]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.0.63.43  user=root
2020-01-13T06:43:16.229426scmdmz1 sshd[28576]: Failed password for root from 148.0.63.43 port 48230 ssh2
...
2020-01-13 18:42:42
Comments on same subnet:
IP Type Details Datetime
148.0.63.202 attack
[01/Jun/2020 14:43:09] Failed SMTP login from 148.0.63.202 whostnameh SASL method CRAM-MD5.
[01/Jun/2020 x@x
[01/Jun/2020 14:43:15] Failed SMTP login from 148.0.63.202 whostnameh SASL method PLAIN.


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=148.0.63.202
2020-06-02 00:32:53
Whois info:
b
Dig info:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 148.0.63.43
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 12499
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;148.0.63.43.			IN	A

;; AUTHORITY SECTION:
.			545	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020011300 1800 900 604800 86400

;; Query time: 91 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jan 13 18:42:38 CST 2020
;; MSG SIZE  rcvd: 115
Host info
43.63.0.148.in-addr.arpa domain name pointer 43.63.0.148.d.dyn.claro.net.do.
Nslookup info:
Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
43.63.0.148.in-addr.arpa	name = 43.63.0.148.d.dyn.claro.net.do.

Authoritative answers can be found from:
Related IP info:
Related comments:
IP Type Details Datetime
213.217.1.38 attackbots
SSH Scan
2020-06-10 14:37:23
144.34.210.56 attackspam
$f2bV_matches
2020-06-10 14:14:21
146.185.130.101 attack
Jun 10 07:56:52 piServer sshd[964]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.185.130.101 
Jun 10 07:56:54 piServer sshd[964]: Failed password for invalid user lizehan from 146.185.130.101 port 51724 ssh2
Jun 10 08:03:27 piServer sshd[1399]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.185.130.101 
...
2020-06-10 14:09:45
2.134.202.108 attackspam
Port probing on unauthorized port 445
2020-06-10 14:30:05
122.177.225.191 attack
Automatic report - XMLRPC Attack
2020-06-10 14:39:50
150.136.220.58 attackspambots
Jun 10 16:15:28 NG-HHDC-SVS-001 sshd[2498]: Invalid user ko from 150.136.220.58
...
2020-06-10 14:28:05
195.54.161.40 attackbots
 TCP (SYN) 195.54.161.40:53110 -> port 5815, len 44
2020-06-10 14:06:01
45.14.150.103 attackbotsspam
$f2bV_matches
2020-06-10 14:13:16
178.32.44.233 attackbots
Jun 10 08:38:17 vps639187 sshd\[7078\]: Invalid user sinusbot from 178.32.44.233 port 41450
Jun 10 08:38:17 vps639187 sshd\[7078\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.32.44.233
Jun 10 08:38:19 vps639187 sshd\[7078\]: Failed password for invalid user sinusbot from 178.32.44.233 port 41450 ssh2
...
2020-06-10 14:41:53
203.245.29.148 attackbots
SSH Brute-Forcing (server1)
2020-06-10 14:07:19
51.75.208.177 attackbots
2020-06-10 05:36:57,545 fail2ban.actions        [937]: NOTICE  [sshd] Ban 51.75.208.177
2020-06-10 06:14:42,490 fail2ban.actions        [937]: NOTICE  [sshd] Ban 51.75.208.177
2020-06-10 06:50:37,721 fail2ban.actions        [937]: NOTICE  [sshd] Ban 51.75.208.177
2020-06-10 07:24:02,103 fail2ban.actions        [937]: NOTICE  [sshd] Ban 51.75.208.177
2020-06-10 07:57:59,630 fail2ban.actions        [937]: NOTICE  [sshd] Ban 51.75.208.177
...
2020-06-10 14:31:19
114.84.166.72 attack
Jun 10 07:22:22 eventyay sshd[29416]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.84.166.72
Jun 10 07:22:24 eventyay sshd[29416]: Failed password for invalid user hj from 114.84.166.72 port 34850 ssh2
Jun 10 07:26:54 eventyay sshd[29547]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.84.166.72
...
2020-06-10 14:20:23
192.42.116.25 attackspam
prod6
...
2020-06-10 14:05:13
182.48.234.227 attack
failed_logins
2020-06-10 14:15:59
138.197.136.72 attack
138.197.136.72 - - [10/Jun/2020:05:53:21 +0200] "GET /wp-login.php HTTP/1.1" 200 6433 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
138.197.136.72 - - [10/Jun/2020:05:53:23 +0200] "POST /wp-login.php HTTP/1.1" 200 6684 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
138.197.136.72 - - [10/Jun/2020:05:53:24 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
2020-06-10 14:01:51

Recently Reported IPs

230.95.32.87 14.161.48.254 36.77.209.78 50.235.236.44
221.225.21.205 127.145.182.28 31.43.95.254 103.126.151.26
125.165.179.206 91.96.254.72 219.77.120.152 190.207.71.103
45.225.140.208 85.214.60.185 85.172.107.95 36.249.180.67
117.240.137.90 159.166.17.204 47.111.229.152 88.133.239.207