Must be a valid IPv4 or IPv6 ip address, e.g. 127.0.0.1 or 2001:DB8:0:0:8:800:200C:417A
Basic Info

City: unknown

Region: unknown

Country: Brazil

Internet Service Provider: Prefeitura Municipal de Sapiranga

Hostname: unknown

Organization: unknown

Usage Type: Government

Comments:
Type Details Datetime
attackbotsspam
Lines containing failures of 45.168.148.26
May  4 01:45:30 shared01 sshd[24691]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.168.148.26  user=r.r
May  4 01:45:33 shared01 sshd[24691]: Failed password for r.r from 45.168.148.26 port 51070 ssh2
May  4 01:45:33 shared01 sshd[24691]: Received disconnect from 45.168.148.26 port 51070:11: Bye Bye [preauth]
May  4 01:45:33 shared01 sshd[24691]: Disconnected from authenticating user r.r 45.168.148.26 port 51070 [preauth]
May  4 02:00:24 shared01 sshd[29619]: Invalid user dqq from 45.168.148.26 port 50501
May  4 02:00:24 shared01 sshd[29619]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.168.148.26
May  4 02:00:26 shared01 sshd[29619]: Failed password for invalid user dqq from 45.168.148.26 port 50501 ssh2
May  4 02:00:26 shared01 sshd[29619]: Received disconnect from 45.168.148.26 port 50501:11: Bye Bye [preauth]
May  4 02:00:26 shared01 ........
------------------------------
2020-05-05 13:54:39
Comments on same subnet:
No discussion about this subnet yet..
Whois info:
b
Dig info:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.168.148.26
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 99
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.168.148.26.			IN	A

;; AUTHORITY SECTION:
.			590	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020050500 1800 900 604800 86400

;; Query time: 358 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue May 05 13:54:34 CST 2020
;; MSG SIZE  rcvd: 117
Host info
Host 26.148.168.45.in-addr.arpa. not found: 3(NXDOMAIN)
Nslookup info:
Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 26.148.168.45.in-addr.arpa: NXDOMAIN
Related IP info:
Related comments:
IP Type Details Datetime
183.146.209.68 attackspam
Invalid user desktop from 183.146.209.68 port 41817
2019-07-24 10:09:11
86.191.61.55 attackspambots
Automatic report - Port Scan Attack
2019-07-24 10:10:31
106.52.26.30 attack
[Aegis] @ 2019-07-23 21:11:59  0100 -> Attempted Administrator Privilege Gain: ET SCAN LibSSH Based Frequent SSH Connections Likely BruteForce Attack
2019-07-24 10:26:30
185.24.124.209 attackspam
Lines containing failures of 185.24.124.209
Jul 23 21:46:38 omfg postfix/smtpd[24136]: connect from unknown[185.24.124.209]
Jul x@x
Jul 23 21:46:50 omfg postfix/smtpd[24136]: lost connection after DATA from unknown[185.24.124.209]
Jul 23 21:46:50 omfg postfix/smtpd[24136]: disconnect from unknown[185.24.124.209] ehlo=1 mail=1 rcpt=0/1 data=0/1 commands=2/4


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=185.24.124.209
2019-07-24 09:46:38
51.68.46.156 attackspam
Jul 24 05:53:33 areeb-Workstation sshd\[12230\]: Invalid user stef from 51.68.46.156
Jul 24 05:53:33 areeb-Workstation sshd\[12230\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.46.156
Jul 24 05:53:35 areeb-Workstation sshd\[12230\]: Failed password for invalid user stef from 51.68.46.156 port 42714 ssh2
...
2019-07-24 10:20:32
78.100.18.81 attackbotsspam
Jul 24 04:22:07 srv-4 sshd\[25977\]: Invalid user flex from 78.100.18.81
Jul 24 04:22:07 srv-4 sshd\[25977\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=78.100.18.81
Jul 24 04:22:09 srv-4 sshd\[25977\]: Failed password for invalid user flex from 78.100.18.81 port 49556 ssh2
...
2019-07-24 09:56:26
139.59.30.201 attack
SSH/22 MH Probe, BF, Hack -
2019-07-24 09:39:16
80.181.73.50 attackspambots
port scan and connect, tcp 23 (telnet)
2019-07-24 09:49:47
46.105.112.107 attack
Jul 24 07:13:50 vibhu-HP-Z238-Microtower-Workstation sshd\[3014\]: Invalid user station from 46.105.112.107
Jul 24 07:13:50 vibhu-HP-Z238-Microtower-Workstation sshd\[3014\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.105.112.107
Jul 24 07:13:53 vibhu-HP-Z238-Microtower-Workstation sshd\[3014\]: Failed password for invalid user station from 46.105.112.107 port 50384 ssh2
Jul 24 07:18:05 vibhu-HP-Z238-Microtower-Workstation sshd\[3137\]: Invalid user oracle from 46.105.112.107
Jul 24 07:18:05 vibhu-HP-Z238-Microtower-Workstation sshd\[3137\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.105.112.107
...
2019-07-24 09:58:45
179.238.219.120 attackspam
Jul 23 21:57:42 amida sshd[734120]: Invalid user fy from 179.238.219.120
Jul 23 21:57:42 amida sshd[734120]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=179-238-219-120.user3p.veloxzone.com.br 
Jul 23 21:57:44 amida sshd[734120]: Failed password for invalid user fy from 179.238.219.120 port 40786 ssh2
Jul 23 21:57:44 amida sshd[734120]: Received disconnect from 179.238.219.120: 11: Bye Bye [preauth]
Jul 23 22:03:03 amida sshd[736017]: Invalid user test from 179.238.219.120
Jul 23 22:03:03 amida sshd[736017]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=179-238-219-120.user3p.veloxzone.com.br 


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=179.238.219.120
2019-07-24 09:40:19
188.165.220.213 attackspambots
Invalid user ca from 188.165.220.213 port 58360
2019-07-24 10:16:17
180.151.16.226 attack
Automatic report - Port Scan Attack
2019-07-24 10:15:44
128.199.230.56 attack
Jul 24 03:28:57 s64-1 sshd[10902]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.230.56
Jul 24 03:28:59 s64-1 sshd[10902]: Failed password for invalid user cali from 128.199.230.56 port 56091 ssh2
Jul 24 03:34:10 s64-1 sshd[10999]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.230.56
...
2019-07-24 09:51:31
109.87.112.221 attackbots
port scan and connect, tcp 23 (telnet)
2019-07-24 10:16:54
117.69.30.194 attackbotsspam
Jul 23 21:51:43 mxgate1 postfix/postscreen[8780]: CONNECT from [117.69.30.194]:2779 to [176.31.12.44]:25
Jul 23 21:51:43 mxgate1 postfix/dnsblog[8782]: addr 117.69.30.194 listed by domain cbl.abuseat.org as 127.0.0.2
Jul 23 21:51:43 mxgate1 postfix/dnsblog[8781]: addr 117.69.30.194 listed by domain zen.spamhaus.org as 127.0.0.4
Jul 23 21:51:43 mxgate1 postfix/dnsblog[8781]: addr 117.69.30.194 listed by domain zen.spamhaus.org as 127.0.0.3
Jul 23 21:51:43 mxgate1 postfix/dnsblog[8781]: addr 117.69.30.194 listed by domain zen.spamhaus.org as 127.0.0.11
Jul 23 21:51:43 mxgate1 postfix/dnsblog[8784]: addr 117.69.30.194 listed by domain b.barracudacentral.org as 127.0.0.2
Jul 23 21:51:49 mxgate1 postfix/postscreen[8780]: DNSBL rank 4 for [117.69.30.194]:2779
Jul x@x
Jul 23 21:51:50 mxgate1 postfix/postscreen[8780]: DISCONNECT [117.69.30.194]:2779


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=117.69.30.194
2019-07-24 09:56:07

Recently Reported IPs

86.145.43.197 190.79.2.103 189.77.24.220 186.90.13.111
139.255.19.196 24.148.96.50 200.153.11.84 58.182.216.44
61.188.103.193 119.193.183.239 118.126.106.196 85.251.48.15
107.182.177.173 57.16.21.76 73.82.137.47 14.242.175.184
102.150.183.220 165.92.5.198 115.226.235.131 226.106.228.18