Must be a valid IPv4 or IPv6 ip address, e.g. 127.0.0.1 or 2001:DB8:0:0:8:800:200C:417A
Basic Info

City: unknown

Region: unknown

Country: Brazil

Internet Service Provider: Hope Internet - Ltda

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:
Type Details Datetime
attack
Aug 29 22:05:13 Ubuntu-1404-trusty-64-minimal sshd\[13689\]: Invalid user apache from 45.165.48.2
Aug 29 22:05:13 Ubuntu-1404-trusty-64-minimal sshd\[13689\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.165.48.2
Aug 29 22:05:15 Ubuntu-1404-trusty-64-minimal sshd\[13689\]: Failed password for invalid user apache from 45.165.48.2 port 55160 ssh2
Aug 29 22:23:53 Ubuntu-1404-trusty-64-minimal sshd\[28759\]: Invalid user apagar from 45.165.48.2
Aug 29 22:23:53 Ubuntu-1404-trusty-64-minimal sshd\[28759\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.165.48.2
2019-08-30 09:11:46
Comments on same subnet:
No discussion about this subnet yet..
Whois info:
b
Dig info:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.165.48.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 239
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.165.48.2.			IN	A

;; AUTHORITY SECTION:
.			2319	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019082901 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Aug 30 09:11:37 CST 2019
;; MSG SIZE  rcvd: 115
Host info
Host 2.48.165.45.in-addr.arpa. not found: 3(NXDOMAIN)
Nslookup info:
Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 2.48.165.45.in-addr.arpa: NXDOMAIN
Related IP info:
Related comments:
IP Type Details Datetime
120.151.222.78 attackbots
May 13 12:41:27 lanister sshd[21434]: Invalid user valentina from 120.151.222.78
May 13 12:41:27 lanister sshd[21434]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.151.222.78
May 13 12:41:27 lanister sshd[21434]: Invalid user valentina from 120.151.222.78
May 13 12:41:29 lanister sshd[21434]: Failed password for invalid user valentina from 120.151.222.78 port 45930 ssh2
2020-05-14 03:23:32
69.167.40.150 attack
Fraud Attack running bots
2020-05-14 03:29:43
2002:b9ea:db69::b9ea:db69 attackspam
May 13 17:53:44 web01.agentur-b-2.de postfix/smtpd[247624]: warning: unknown[2002:b9ea:db69::b9ea:db69]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
May 13 17:53:44 web01.agentur-b-2.de postfix/smtpd[247624]: lost connection after AUTH from unknown[2002:b9ea:db69::b9ea:db69]
May 13 17:56:32 web01.agentur-b-2.de postfix/smtpd[247624]: warning: unknown[2002:b9ea:db69::b9ea:db69]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
May 13 17:56:32 web01.agentur-b-2.de postfix/smtpd[247624]: lost connection after AUTH from unknown[2002:b9ea:db69::b9ea:db69]
May 13 17:56:39 web01.agentur-b-2.de postfix/smtpd[256113]: warning: unknown[2002:b9ea:db69::b9ea:db69]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
2020-05-14 03:00:00
200.66.82.250 attackbots
web-1 [ssh] SSH Attack
2020-05-14 03:12:19
221.130.130.238 attackbots
CMS (WordPress or Joomla) login attempt.
2020-05-14 03:24:18
78.189.190.149 attackbotsspam
Unauthorized connection attempt from IP address 78.189.190.149 on Port 445(SMB)
2020-05-14 03:16:49
54.36.150.46 attackbotsspam
[Wed May 13 19:32:46.298684 2020] [:error] [pid 23852:tid 140604151064320] [client 54.36.150.46:52804] [client 54.36.150.46] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "AhrefsBot" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-913-SCANNER-DETECTION.conf"] [line "183"] [id "913102"] [msg "Found User-Agent associated with web crawler/bot"] [data "Matched Data: AhrefsBot found within REQUEST_HEADERS:User-Agent: mozilla/5.0 (compatible; ahrefsbot/6.1; +http://ahrefs.com/robot/)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-reputation-crawler"] [tag "OWASP_CRS"] [tag "OWASP_CRS/AUTOMATION/CRAWLER"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [tag "paranoia-level/2"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/index.php/component/tags/tag/1955-kalender-tanam-katam-terpadu-kota-mojokerto-tahun-2016-2017"] [u
...
2020-05-14 03:20:52
81.28.100.4 attack
May 13 14:09:05 mail.srvfarm.net postfix/smtpd[541148]: NOQUEUE: reject: RCPT from unknown[81.28.100.4]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo=
May 13 14:10:14 mail.srvfarm.net postfix/smtpd[552887]: NOQUEUE: reject: RCPT from unknown[81.28.100.4]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo=
May 13 14:10:14 mail.srvfarm.net postfix/smtpd[540848]: NOQUEUE: reject: RCPT from unknown[81.28.100.4]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo=
May 13 14:10:17 mail.srvfarm.net postfix/smtpd[540971]: NOQUEUE: reject: RCPT from unknown[81.28.100.4]: 450 4.1.8 
2020-05-14 02:53:23
106.13.207.113 attackspam
2020-05-13 19:48:57,104 fail2ban.actions: WARNING [ssh] Ban 106.13.207.113
2020-05-14 03:01:32
142.93.73.45 attackspam
" "
2020-05-14 03:00:31
158.101.29.207 attackbots
SSH brute-force: detected 10 distinct usernames within a 24-hour window.
2020-05-14 03:15:48
203.130.255.2 attackbots
Unauthorized access or intrusion attempt detected from Thor banned IP
2020-05-14 03:01:19
85.24.194.43 attackspam
Invalid user musikbot from 85.24.194.43 port 45854
2020-05-14 03:28:37
222.128.29.230 attackspambots
Icarus honeypot on github
2020-05-14 03:23:05
87.246.7.105 attackspambots
May 13 14:13:07 mail.srvfarm.net postfix/smtpd[541160]: warning: unknown[87.246.7.105]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
May 13 14:13:07 mail.srvfarm.net postfix/smtpd[541160]: lost connection after AUTH from unknown[87.246.7.105]
May 13 14:13:22 mail.srvfarm.net postfix/smtpd[541152]: warning: unknown[87.246.7.105]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
May 13 14:13:22 mail.srvfarm.net postfix/smtpd[541152]: lost connection after AUTH from unknown[87.246.7.105]
May 13 14:13:40 mail.srvfarm.net postfix/smtpd[552887]: warning: unknown[87.246.7.105]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
2020-05-14 02:53:04

Recently Reported IPs

224.188.121.229 153.160.16.133 66.84.147.3 75.149.191.85
182.71.108.154 65.48.129.185 222.45.16.245 66.155.94.179
142.103.107.243 89.39.107.191 120.237.231.110 177.21.202.251
191.53.56.59 119.51.108.200 85.214.122.154 181.29.12.19
79.249.252.236 42.54.164.164 78.141.107.74 45.247.129.60