Must be a valid IPv4 or IPv6 ip address, e.g. 127.0.0.1 or 2001:DB8:0:0:8:800:200C:417A
Basic Info

City: unknown

Region: unknown

Country: Netherlands

Internet Service Provider: Nice IT Customers Network

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:
Type Details Datetime
attack
SQL Injection Attempts
2020-05-26 18:28:11
attackbotsspam
(mod_security) mod_security (id:210492) triggered by 45.9.148.221 (NL/Netherlands/-): 5 in the last 3600 secs
2020-05-13 18:43:39
attackbots
/wso2_pack.php -  and about 20 similarly pathetic attempts.
2020-04-19 16:03:11
Comments on same subnet:
IP Type Details Datetime
45.9.148.29 attackbots
Fail2Ban Ban Triggered
2020-09-09 20:28:52
45.9.148.29 attack
Fail2Ban Ban Triggered
2020-09-09 14:26:03
45.9.148.29 attackbots
Fail2Ban Ban Triggered
2020-09-09 06:37:37
45.9.148.82 attackspam
Probable attack : HTTPS hit by IP; not hostname
2020-08-05 05:13:44
45.9.148.125 attack
2020-07-23 15:43:19
45.9.148.194 attack
/adminer/adminer.php
2020-07-08 02:48:46
45.9.148.91 attack
sca
2020-07-05 19:44:20
45.9.148.194 attackbotsspam
404 NOT FOUND
2020-07-04 16:33:20
45.9.148.91 attackspambots
Unauthorized connection attempt detected from IP address 45.9.148.91 to port 53
2020-06-24 12:48:06
45.9.148.213 attackbots
schuetzenmusikanten.de 45.9.148.213 [20/Jun/2020:14:18:46 +0200] "POST /xmlrpc.php HTTP/1.0" 301 511 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko"
schuetzenmusikanten.de 45.9.148.213 [20/Jun/2020:14:18:48 +0200] "POST /xmlrpc.php HTTP/1.0" 200 3595 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko"
2020-06-20 22:24:58
45.9.148.91 attackspambots
IP: 45.9.148.91
Ports affected
    HTTP protocol over TLS/SSL (443) 
Abuse Confidence rating 100%
Found in DNSBL('s)
ASN Details
   AS49447 Nice IT Services Group Inc.
   Netherlands (NL)
   CIDR 45.9.148.0/23
Log Date: 10/06/2020 8:12:49 AM UTC
2020-06-10 16:38:20
45.9.148.215 attackspambots
xmlrpc attack
2020-06-05 21:27:32
45.9.148.220 attackbotsspam
(mod_security) mod_security (id:210492) triggered by 45.9.148.220 (NL/Netherlands/-): 5 in the last 3600 secs
2020-05-31 07:52:05
45.9.148.131 attack
SSH login attempts.
2020-05-28 14:52:20
45.9.148.213 attackbots
Tor exit node
2020-05-28 02:35:30
Whois info:
b
Dig info:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.9.148.221
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 55021
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.9.148.221.			IN	A

;; AUTHORITY SECTION:
.			598	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020041900 1800 900 604800 86400

;; Query time: 89 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Apr 19 16:03:05 CST 2020
;; MSG SIZE  rcvd: 116
Host info
Host 221.148.9.45.in-addr.arpa. not found: 3(NXDOMAIN)
Nslookup info:
Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 221.148.9.45.in-addr.arpa: NXDOMAIN
Related IP info:
Related comments:
IP Type Details Datetime
80.82.70.118 attackspambots
Jun 29 10:24:22 : SSH login attempts with invalid user
2020-06-30 06:20:07
36.92.1.31 attackspam
36.92.1.31 - - [29/Jun/2020:20:47:45 +0100] "POST /wp-login.php HTTP/1.1" 200 1993 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
36.92.1.31 - - [29/Jun/2020:20:47:53 +0100] "POST /wp-login.php HTTP/1.1" 200 2040 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
36.92.1.31 - - [29/Jun/2020:20:48:02 +0100] "POST /wp-login.php HTTP/1.1" 200 2043 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
...
2020-06-30 06:11:57
95.111.74.98 attack
Jun 29 23:50:51 lukav-desktop sshd\[3254\]: Invalid user xzw from 95.111.74.98
Jun 29 23:50:51 lukav-desktop sshd\[3254\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.111.74.98
Jun 29 23:50:53 lukav-desktop sshd\[3254\]: Failed password for invalid user xzw from 95.111.74.98 port 52996 ssh2
Jun 29 23:54:15 lukav-desktop sshd\[3294\]: Invalid user rizal from 95.111.74.98
Jun 29 23:54:15 lukav-desktop sshd\[3294\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.111.74.98
2020-06-30 06:05:41
45.179.113.128 attackbots
Port probing on unauthorized port 23
2020-06-30 06:38:57
212.70.149.2 attack
2020-06-30T00:31:14.069664www postfix/smtpd[31443]: warning: unknown[212.70.149.2]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
2020-06-30T00:31:50.293220www postfix/smtpd[31443]: warning: unknown[212.70.149.2]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
2020-06-30T00:32:32.121071www postfix/smtpd[31443]: warning: unknown[212.70.149.2]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
...
2020-06-30 06:36:42
112.85.42.72 attackspambots
Jun 30 01:02:52 pkdns2 sshd\[32065\]: Failed password for root from 112.85.42.72 port 10718 ssh2Jun 30 01:04:28 pkdns2 sshd\[32131\]: Failed password for root from 112.85.42.72 port 14726 ssh2Jun 30 01:07:54 pkdns2 sshd\[32286\]: Failed password for root from 112.85.42.72 port 41638 ssh2Jun 30 01:11:31 pkdns2 sshd\[32461\]: Failed password for root from 112.85.42.72 port 44922 ssh2Jun 30 01:12:00 pkdns2 sshd\[32463\]: Failed password for root from 112.85.42.72 port 32909 ssh2Jun 30 01:12:02 pkdns2 sshd\[32463\]: Failed password for root from 112.85.42.72 port 32909 ssh2
...
2020-06-30 06:19:42
60.167.177.159 attackspambots
Jun 29 23:54:25 fhem-rasp sshd[24922]: Connection closed by 60.167.177.159 port 39932 [preauth]
...
2020-06-30 06:09:28
42.200.78.78 attackspam
Invalid user youtrack from 42.200.78.78 port 51624
2020-06-30 06:04:06
182.253.19.122 attack
SSH bruteforce
2020-06-30 06:10:44
202.78.201.41 attackspambots
invalid user
2020-06-30 06:38:32
13.82.219.14 attack
Multiple SSH login attempts.
2020-06-30 06:32:23
123.196.116.245 attack
" "
2020-06-30 06:39:28
125.99.173.162 attackbotsspam
2020-06-30T00:03:19.289065vps751288.ovh.net sshd\[29614\]: Invalid user test1 from 125.99.173.162 port 38619
2020-06-30T00:03:19.296365vps751288.ovh.net sshd\[29614\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.99.173.162
2020-06-30T00:03:21.441343vps751288.ovh.net sshd\[29614\]: Failed password for invalid user test1 from 125.99.173.162 port 38619 ssh2
2020-06-30T00:05:18.288047vps751288.ovh.net sshd\[29704\]: Invalid user uhs from 125.99.173.162 port 20704
2020-06-30T00:05:18.298199vps751288.ovh.net sshd\[29704\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.99.173.162
2020-06-30 06:29:34
110.137.177.17 attackspam
Port probing on unauthorized port 23
2020-06-30 06:14:33
92.222.75.41 attackbotsspam
Jun 29 22:31:22 django-0 sshd[1554]: Invalid user aldo from 92.222.75.41
...
2020-06-30 06:34:59

Recently Reported IPs

34.96.193.70 1.34.8.19 200.24.199.66 185.50.25.49
50.115.168.179 124.127.200.227 179.26.253.35 211.159.162.81
151.84.206.249 49.233.142.63 46.88.49.48 27.73.113.226
87.26.240.19 187.188.130.12 27.72.112.96 113.31.108.75
101.75.199.157 151.80.42.186 62.234.183.213 188.75.3.42