162.218.48.74 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: Trentahost

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	suspicious action Tue, 03 Mar 2020 10:21:50 -0300	2020-03-04 04:00:57
attackspambots	162.218.48.74 - - [20/Jul/2019:03:27:08 +0200] "GET /wp-login.php HTTP/1.1" 200 1301 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 162.218.48.74 - - [20/Jul/2019:03:27:09 +0200] "POST /wp-login.php HTTP/1.1" 200 1704 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 162.218.48.74 - - [20/Jul/2019:03:27:10 +0200] "GET /wp-login.php HTTP/1.1" 200 1301 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 162.218.48.74 - - [20/Jul/2019:03:27:11 +0200] "POST /wp-login.php HTTP/1.1" 200 1684 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 162.218.48.74 - - [20/Jul/2019:03:27:11 +0200] "GET /wp-login.php HTTP/1.1" 200 1301 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 162.218.48.74 - - [20/Jul/2019:03:27:12 +0200] "POST /wp-login.php HTTP/1.1" 200 1688 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-07-20 15:41:40

Type

Details

Datetime

attack

suspicious action Tue, 03 Mar 2020 10:21:50 -0300

2020-03-04 04:00:57

attackspambots

162.218.48.74 - - [20/Jul/2019:03:27:08 +0200] "GET /wp-login.php HTTP/1.1" 200 1301 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
162.218.48.74 - - [20/Jul/2019:03:27:09 +0200] "POST /wp-login.php HTTP/1.1" 200 1704 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
162.218.48.74 - - [20/Jul/2019:03:27:10 +0200] "GET /wp-login.php HTTP/1.1" 200 1301 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
162.218.48.74 - - [20/Jul/2019:03:27:11 +0200] "POST /wp-login.php HTTP/1.1" 200 1684 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
162.218.48.74 - - [20/Jul/2019:03:27:11 +0200] "GET /wp-login.php HTTP/1.1" 200 1301 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
162.218.48.74 - - [20/Jul/2019:03:27:12 +0200] "POST /wp-login.php HTTP/1.1" 200 1688 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
...

2019-07-20 15:41:40

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 162.218.48.74
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 61232
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;162.218.48.74.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019072000 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Jul 20 15:41:31 CST 2019
;; MSG SIZE  rcvd: 117

Host info

74.48.218.162.in-addr.arpa domain name pointer server1.trentahost.com.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
74.48.218.162.in-addr.arpa	name = server1.trentahost.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
222.186.42.57	attack	2020-09-10T04:57:40.758867shield sshd\[3474\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.57 user=root 2020-09-10T04:57:42.715851shield sshd\[3474\]: Failed password for root from 222.186.42.57 port 10879 ssh2 2020-09-10T04:57:44.899783shield sshd\[3474\]: Failed password for root from 222.186.42.57 port 10879 ssh2 2020-09-10T04:57:47.170179shield sshd\[3474\]: Failed password for root from 222.186.42.57 port 10879 ssh2 2020-09-10T04:58:29.060733shield sshd\[3537\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.57 user=root	2020-09-10 13:01:52
91.213.119.246	attackspambots	Dovecot Invalid User Login Attempt.	2020-09-10 12:34:51
80.237.20.20	attackspambots	Brute forcing email accounts	2020-09-10 12:57:37
47.244.190.211	attack	Tried our host z.	2020-09-10 12:47:23
106.53.97.24	attackspambots	2020-09-10T01:56:56.681404paragon sshd[15083]: Failed password for invalid user callahan from 106.53.97.24 port 35162 ssh2 2020-09-10T02:00:20.051823paragon sshd[15128]: Invalid user guest from 106.53.97.24 port 60106 2020-09-10T02:00:20.055189paragon sshd[15128]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.97.24 2020-09-10T02:00:20.051823paragon sshd[15128]: Invalid user guest from 106.53.97.24 port 60106 2020-09-10T02:00:22.457305paragon sshd[15128]: Failed password for invalid user guest from 106.53.97.24 port 60106 ssh2 ...	2020-09-10 12:39:52
81.200.243.228	attackspam	Brute forcing email accounts	2020-09-10 13:03:07
203.195.67.17	attackbotsspam	15489/tcp 22041/tcp 9585/tcp... [2020-07-10/09-09]29pkt,14pt.(tcp)	2020-09-10 13:12:47
142.93.212.91	attackbots	Bruteforce detected by fail2ban	2020-09-10 12:37:34
101.109.218.4	attackbotsspam	Sep 9 13:57:21 ws22vmsma01 sshd[156940]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.109.218.4 Sep 9 13:57:22 ws22vmsma01 sshd[156940]: Failed password for invalid user guest from 101.109.218.4 port 57970 ssh2 ...	2020-09-10 13:16:37
218.92.0.224	attackbotsspam	Sep 10 06:33:20 theomazars sshd[22682]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.224 user=root Sep 10 06:33:22 theomazars sshd[22682]: Failed password for root from 218.92.0.224 port 24458 ssh2	2020-09-10 12:50:26
104.140.188.22	attackbots	2020-09-09 20:01:44 Reject access to port(s):3389 1 times a day	2020-09-10 13:11:18
61.177.172.61	attackbotsspam	2020-09-10T06:34:51.626315vps773228.ovh.net sshd[5476]: Failed password for root from 61.177.172.61 port 1547 ssh2 2020-09-10T06:34:55.030332vps773228.ovh.net sshd[5476]: Failed password for root from 61.177.172.61 port 1547 ssh2 2020-09-10T06:34:57.984048vps773228.ovh.net sshd[5476]: Failed password for root from 61.177.172.61 port 1547 ssh2 2020-09-10T06:35:01.017216vps773228.ovh.net sshd[5476]: Failed password for root from 61.177.172.61 port 1547 ssh2 2020-09-10T06:35:04.460778vps773228.ovh.net sshd[5476]: Failed password for root from 61.177.172.61 port 1547 ssh2 ...	2020-09-10 12:35:27
35.173.137.140	attack	Port Scan detected from 35.173.137.140 (US/United States/ec2-35-173-137-140.compute-1.amazonaws.com). 7 hits in the last 75 seconds	2020-09-10 13:01:06
125.43.69.155	attack	SSH	2020-09-10 12:53:01
222.186.175.148	attackspambots	Sep 9 21:58:17 dignus sshd[5024]: Failed password for root from 222.186.175.148 port 62636 ssh2 Sep 9 21:58:20 dignus sshd[5024]: Failed password for root from 222.186.175.148 port 62636 ssh2 Sep 9 21:58:24 dignus sshd[5024]: Failed password for root from 222.186.175.148 port 62636 ssh2 Sep 9 21:58:27 dignus sshd[5024]: Failed password for root from 222.186.175.148 port 62636 ssh2 Sep 9 21:58:30 dignus sshd[5024]: Failed password for root from 222.186.175.148 port 62636 ssh2 ...	2020-09-10 13:11:41

Recently Reported IPs

134.73.161.240	80.242.33.204	156.196.83.139	113.172.229.96
185.186.16.74	175.8.61.238	182.96.187.40	67.198.233.132
171.251.163.23	39.104.24.116	121.34.32.242	52.83.55.127
94.180.218.35	200.66.118.96	77.247.108.159	222.186.172.4
186.251.208.111	2.207.25.60	103.45.103.200	192.99.212.104