Must be a valid IPv4 or IPv6 ip address, e.g. 127.0.0.1 or 2001:DB8:0:0:8:800:200C:417A
Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: Charter Communications Inc

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:
Type Details Datetime
attack
Port Scan: UDP/1234
2019-09-03 02:55:36
Comments on same subnet:
No discussion about this subnet yet..
Whois info:
b
Dig info:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.48.49.221
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 56459
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.48.49.221.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019090201 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Sep 03 02:55:31 CST 2019
;; MSG SIZE  rcvd: 116
Host info
221.49.48.45.in-addr.arpa domain name pointer cpe-45-48-49-221.socal.res.rr.com.
Nslookup info:
Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
221.49.48.45.in-addr.arpa	name = cpe-45-48-49-221.socal.res.rr.com.

Authoritative answers can be found from:
Related IP info:
Related comments:
IP Type Details Datetime
195.201.149.44 attack
WP Authentication failure
2019-06-23 07:17:26
202.142.81.150 attackbots
Attempt to run wp-login.php
2019-06-23 07:11:36
160.153.146.164 attack
xmlrpc attack
2019-06-23 07:56:11
205.185.114.235 attack
¯\_(ツ)_/¯
2019-06-23 07:14:51
173.249.44.75 attackbots
Trawling for classified logins
2019-06-23 07:38:19
2.188.166.254 attackbots
Jun 17 09:42:34 mxgate1 postfix/postscreen[10196]: CONNECT from [2.188.166.254]:47551 to [176.31.12.44]:25
Jun 17 09:42:34 mxgate1 postfix/dnsblog[10199]: addr 2.188.166.254 listed by domain zen.spamhaus.org as 127.0.0.4
Jun 17 09:42:34 mxgate1 postfix/dnsblog[10199]: addr 2.188.166.254 listed by domain zen.spamhaus.org as 127.0.0.3
Jun 17 09:42:34 mxgate1 postfix/dnsblog[10201]: addr 2.188.166.254 listed by domain cbl.abuseat.org as 127.0.0.2
Jun 17 09:42:34 mxgate1 postfix/dnsblog[10197]: addr 2.188.166.254 listed by domain ix.dnsbl.xxxxxx.net as 127.0.0.2
Jun 17 09:42:34 mxgate1 postfix/postscreen[10196]: PREGREET 21 after 0.27 from [2.188.166.254]:47551: EHLO luxuryclass.hostname

Jun 17 09:42:34 mxgate1 postfix/postscreen[10196]: DNSBL rank 4 for [2.188.166.254]:47551
Jun x@x
Jun 17 09:42:35 mxgate1 postfix/postscreen[10196]: HANGUP after 0.81 from [2.188.166.254]:47551 in tests after SMTP handshake
Jun 17 09:42:35 mxgate1 postfix/postscreen[10196]: DISCONNECT [2.1........
-------------------------------
2019-06-23 07:47:18
177.106.121.21 attackspam
Wordpress XMLRPC attack
2019-06-23 07:52:08
37.32.11.106 attackbots
Jun 21 16:56:00 our-server-hostname postfix/smtpd[8880]: connect from unknown[37.32.11.106]
Jun x@x
Jun x@x
Jun x@x
Jun 21 16:56:03 our-server-hostname postfix/smtpd[8880]: lost connection after RCPT from unknown[37.32.11.106]
Jun 21 16:56:03 our-server-hostname postfix/smtpd[8880]: disconnect from unknown[37.32.11.106]


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=37.32.11.106
2019-06-23 07:38:47
152.231.108.67 attackspambots
SMB Server BruteForce Attack
2019-06-23 07:19:16
132.148.142.117 attack
belitungshipwreck.org 132.148.142.117 \[22/Jun/2019:17:02:48 +0200\] "POST /wp-login.php HTTP/1.1" 200 5597 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
belitungshipwreck.org 132.148.142.117 \[22/Jun/2019:17:02:49 +0200\] "POST /wp-login.php HTTP/1.1" 200 5575 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
2019-06-23 07:20:42
200.9.67.2 attack
Jun 21 01:01:30 mail01 postfix/postscreen[12133]: CONNECT from [200.9.67.2]:34633 to [94.130.181.95]:25
Jun 21 01:01:30 mail01 postfix/dnsblog[12136]: addr 200.9.67.2 listed by domain ix.dnsbl.xxxxxx.net as 127.0.0.2
Jun 21 01:01:31 mail01 postfix/dnsblog[12468]: addr 200.9.67.2 listed by domain zen.spamhaus.org as 127.0.0.3
Jun 21 01:01:31 mail01 postfix/dnsblog[12468]: addr 200.9.67.2 listed by domain zen.spamhaus.org as 127.0.0.4
Jun 21 01:01:31 mail01 postfix/postscreen[12133]: PREGREET 15 after 0.57 from [200.9.67.2]:34633: EHLO 1930.com

Jun 21 01:01:31 mail01 postfix/postscreen[12133]: DNSBL rank 4 for [200.9.67.2]:34633
Jun x@x
Jun x@x
Jun 21 01:01:35 mail01 postfix/postscreen[12133]: HANGUP after 3.8 from [200.9.67.2]:34633 in tests after SMTP handshake
Jun 21 01:01:35 mail01 postfix/postscreen[12133]: DISCONNECT [200.9.67.2]:34633


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=200.9.67.2
2019-06-23 07:37:46
201.231.21.149 attackspam
Autoban   201.231.21.149 AUTH/CONNECT
2019-06-23 07:27:10
78.12.74.196 attack
WP Authentication failure
2019-06-23 07:26:34
71.6.199.23 attackbotsspam
5601/tcp 20547/tcp 26/tcp...
[2019-04-22/06-22]757pkt,259pt.(tcp),50pt.(udp)
2019-06-23 07:22:45
139.199.48.216 attackbotsspam
Jun 22 17:26:38 hosting sshd[13071]: Invalid user www-data from 139.199.48.216 port 56816
Jun 22 17:26:38 hosting sshd[13071]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.48.216
Jun 22 17:26:38 hosting sshd[13071]: Invalid user www-data from 139.199.48.216 port 56816
Jun 22 17:26:40 hosting sshd[13071]: Failed password for invalid user www-data from 139.199.48.216 port 56816 ssh2
Jun 22 17:29:22 hosting sshd[13086]: Invalid user tiao from 139.199.48.216 port 45768
...
2019-06-23 07:19:32

Recently Reported IPs

117.185.34.150 114.86.85.50 74.234.39.24 113.131.200.40
112.242.16.39 112.240.220.187 101.95.3.66 86.85.44.83
83.69.15.6 73.130.128.39 69.167.162.141 66.215.104.166
66.215.104.165 66.116.120.196 58.245.82.2 35.187.176.240
18.209.48.50 220.132.248.197 136.94.155.244 164.140.22.9