Must be a valid IPv4 or IPv6 ip address, e.g. 127.0.0.1 or 2001:DB8:0:0:8:800:200C:417A
Basic Info

City: unknown

Region: unknown

Country: United States of America

Internet Service Provider: SendGrid Inc.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:
Type Details Datetime
attackbotsspam
Jun 11 22:19:38 www0 postfix/smtpd[16023]: warning: hostname o1.ptr394.bwrtek.com does not resolve to address 149.72.70.55: Name or service not known
Jun 11 22:19:38 www0 postfix/smtpd[16023]: connect from unknown[149.72.70.55]
Jun x@x
Jun 11 22:19:40 www0 postfix/smtpd[16023]: lost connection after RCPT from unknown[149.72.70.55]
Jun 11 22:19:40 www0 postfix/smtpd[16023]: disconnect from unknown[149.72.70.55]
Jun 11 22:20:18 www0 postfix/smtpd[16023]: warning: hostname o1.ptr394.bwrtek.com does not resolve to address 149.72.70.55: Name or service not known
Jun 11 22:20:18 www0 postfix/smtpd[16023]: connect from unknown[149.72.70.55]
Jun x@x
Jun 11 22:20:20 www0 postfix/smtpd[16023]: lost connection after RCPT from unknown[149.72.70.55]
Jun 11 22:20:20 www0 postfix/smtpd[16023]: disconnect from unknown[149.72.70.55]
Jun 11 22:21:38 www0 postfix/smtpd[16023]: warning: hostname o1.ptr394.bwrtek.com does not resolve to address 149.72.70.55: Name or service not known
Jun 11........
-------------------------------
2020-06-13 00:27:29
Comments on same subnet:
No discussion about this subnet yet..
Whois info:
b
Dig info:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 149.72.70.55
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 45908
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;149.72.70.55.			IN	A

;; AUTHORITY SECTION:
.			392	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020061200 1800 900 604800 86400

;; Query time: 104 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Jun 13 00:27:21 CST 2020
;; MSG SIZE  rcvd: 116
Host info
55.70.72.149.in-addr.arpa domain name pointer o1.ptr394.bwrtek.com.
Nslookup info:
Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
55.70.72.149.in-addr.arpa	name = o1.ptr394.bwrtek.com.

Authoritative answers can be found from:
Related IP info:
Related comments:
IP Type Details Datetime
91.229.112.10 attackspambots
[N10.H2.VM2] Port Scanner Detected Blocked by UFW
2020-08-28 04:41:20
36.112.172.125 attackbotsspam
Aug 27 20:31:25 instance-2 sshd[16663]: Failed password for root from 36.112.172.125 port 56364 ssh2
Aug 27 20:32:49 instance-2 sshd[16691]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.112.172.125 
Aug 27 20:32:51 instance-2 sshd[16691]: Failed password for invalid user deploy from 36.112.172.125 port 45810 ssh2
2020-08-28 04:33:39
180.76.181.47 attack
malicious Brute-Force reported by https://www.patrick-binder.de
...
2020-08-28 04:30:59
197.51.193.194 attack
Attempted connection to port 81.
2020-08-28 04:56:46
182.188.38.174 attack
Unauthorized connection attempt from IP address 182.188.38.174 on Port 445(SMB)
2020-08-28 04:44:16
222.186.175.215 attack
(sshd) Failed SSH login from 222.186.175.215 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Aug 27 22:41:24 amsweb01 sshd[26657]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.215  user=root
Aug 27 22:41:26 amsweb01 sshd[26657]: Failed password for root from 222.186.175.215 port 38776 ssh2
Aug 27 22:41:29 amsweb01 sshd[26657]: Failed password for root from 222.186.175.215 port 38776 ssh2
Aug 27 22:41:32 amsweb01 sshd[26657]: Failed password for root from 222.186.175.215 port 38776 ssh2
Aug 27 22:41:35 amsweb01 sshd[26657]: Failed password for root from 222.186.175.215 port 38776 ssh2
2020-08-28 04:50:29
160.153.245.175 attack
"GET /test/wp-login.php HTTP/1.1" 

PORT     STATE SERVICE  VERSION
21/tcp   open  ftp      Pure-FTPd
22/tcp   open  ssh      OpenSSH 7.4 (protocol 2.0)
25/tcp   open  smtp?
53/tcp   open  domain?
80/tcp   open  http     LiteSpeed httpd
110/tcp  open  pop3     Dovecot pop3d
111/tcp  open  rpcbind
143/tcp  open  imap     Dovecot imapd
443/tcp  open  ssl/http LiteSpeed httpd
465/tcp  open  ssl/smtp Exim smtpd 4.93
587/tcp  open  smtp     Exim smtpd 4.93
993/tcp  open  imaps?
995/tcp  open  pop3s?
3306/tcp open  mysql?
2020-08-28 05:05:12
180.76.177.2 attackspam
2020-08-27T18:33:54+0200 Failed SSH Authentication/Brute Force Attack. (Server 9)
2020-08-28 04:43:35
198.50.177.42 attack
Aug 27 19:16:14 vmd26974 sshd[11913]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.50.177.42
Aug 27 19:16:16 vmd26974 sshd[11913]: Failed password for invalid user client from 198.50.177.42 port 41754 ssh2
...
2020-08-28 04:28:44
45.129.33.23 attack
ET DROP Dshield Block Listed Source group 1 - port: 33894 proto: tcp cat: Misc Attackbytes: 60
2020-08-28 04:37:47
24.16.139.106 attackspambots
Aug 27 14:07:05 askasleikir sshd[33363]: Failed password for root from 24.16.139.106 port 59110 ssh2
Aug 27 14:03:09 askasleikir sshd[33340]: Failed password for invalid user chenrui from 24.16.139.106 port 51722 ssh2
Aug 27 14:14:43 askasleikir sshd[33399]: Failed password for invalid user na from 24.16.139.106 port 45656 ssh2
2020-08-28 04:40:07
202.137.10.182 attackbots
Bruteforce detected by fail2ban
2020-08-28 04:44:28
139.162.122.110 attack
Aug 27 19:42:58 marvibiene sshd[43692]: Invalid user  from 139.162.122.110 port 43766
Aug 27 19:42:58 marvibiene sshd[43692]: Failed none for invalid user  from 139.162.122.110 port 43766 ssh2
Aug 27 19:42:58 marvibiene sshd[43692]: Invalid user  from 139.162.122.110 port 43766
Aug 27 19:42:58 marvibiene sshd[43692]: Failed none for invalid user  from 139.162.122.110 port 43766 ssh2
2020-08-28 04:49:42
223.113.74.54 attack
SSH invalid-user multiple login attempts
2020-08-28 04:34:57
222.124.17.227 attack
Fail2Ban
2020-08-28 04:34:05

Recently Reported IPs

155.93.197.214 14.255.117.26 167.99.162.47 199.234.18.156
17.3.198.231 39.63.1.211 45.9.63.76 156.96.116.248
103.131.71.62 34.76.60.69 228.241.232.200 45.64.99.173
138.8.145.224 220.243.231.12 143.161.19.162 224.206.194.1
25.195.224.25 199.153.158.36 75.22.90.199 128.100.11.153