103.149.34.70 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Indonesia

Internet Service Provider: PT. Krisna Berkat Investindo

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt from IP address 103.149.34.70 on Port 445(SMB)	2020-08-22 04:19:39

Comments on same subnet:

IP	Type	Details	Datetime
103.149.34.22	attackspam	Unauthorized connection attempt from IP address 103.149.34.22 on Port 445(SMB)	2020-09-25 00:32:16
103.149.34.22	attack	Unauthorized connection attempt from IP address 103.149.34.22 on Port 445(SMB)	2020-09-24 16:11:53
103.149.34.22	attackspambots	Unauthorized connection attempt from IP address 103.149.34.22 on Port 445(SMB)	2020-09-24 07:36:43
103.149.34.22	attackspambots	Icarus honeypot on github	2020-09-13 02:59:55
103.149.34.22	attackspambots	Icarus honeypot on github	2020-09-12 19:03:36
103.149.34.14	attackbotsspam	1589458758 - 05/14/2020 14:19:18 Host: 103.149.34.14/103.149.34.14 Port: 445 TCP Blocked	2020-05-15 04:43:34

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.149.34.70
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 42838
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;103.149.34.70.			IN	A

;; AUTHORITY SECTION:
.			231	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020082101 1800 900 604800 86400

;; Query time: 31 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Aug 22 04:19:36 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 70.34.149.103.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 70.34.149.103.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
199.127.61.38	attack	Brute-force attempt banned	2020-09-29 13:39:49
211.80.102.189	attackbots	$f2bV_matches	2020-09-29 13:46:39
52.172.199.83	attackspam	Sep 29 07:53:10 abendstille sshd\[13593\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.172.199.83 user=root Sep 29 07:53:12 abendstille sshd\[13593\]: Failed password for root from 52.172.199.83 port 53956 ssh2 Sep 29 07:57:15 abendstille sshd\[18115\]: Invalid user f from 52.172.199.83 Sep 29 07:57:15 abendstille sshd\[18115\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.172.199.83 Sep 29 07:57:17 abendstille sshd\[18115\]: Failed password for invalid user f from 52.172.199.83 port 58182 ssh2 ...	2020-09-29 14:03:21
156.96.118.58	attackbots	SMTP	2020-09-29 13:57:08
49.233.85.167	attack	Lines containing failures of 49.233.85.167 Sep 28 00:16:42 mx-in-01 sshd[10900]: Invalid user ems from 49.233.85.167 port 14381 Sep 28 00:16:42 mx-in-01 sshd[10900]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.85.167 Sep 28 00:16:44 mx-in-01 sshd[10900]: Failed password for invalid user ems from 49.233.85.167 port 14381 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=49.233.85.167	2020-09-29 14:03:34
129.211.10.111	attackbotsspam	20 attempts against mh-ssh on echoip	2020-09-29 13:43:18
119.123.177.156	attackbotsspam	SSH auth scanning - multiple failed logins	2020-09-29 13:51:10
185.136.52.158	attack	Sep 29 06:05:29 rocket sshd[24776]: Failed password for root from 185.136.52.158 port 52738 ssh2 Sep 29 06:11:48 rocket sshd[25619]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.136.52.158 ...	2020-09-29 13:26:28
122.51.41.109	attack	Invalid user big from 122.51.41.109 port 35824	2020-09-29 13:59:33
61.132.52.24	attack	Invalid user hue from 61.132.52.24 port 33496	2020-09-29 13:40:10
51.15.207.74	attackspam	Sep 29 05:07:10 gospond sshd[2077]: Invalid user atan from 51.15.207.74 port 39476 ...	2020-09-29 13:41:47
178.128.226.161	attack	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-09-29 14:04:04
180.218.224.84	attackspambots	Brute force SMTP login attempted. ...	2020-09-29 13:38:07
116.72.200.140	attack	Telnet Honeypot -> Telnet Bruteforce / Login	2020-09-29 13:41:30
189.18.14.176	attackbotsspam	1601325574 - 09/28/2020 22:39:34 Host: 189.18.14.176/189.18.14.176 Port: 445 TCP Blocked	2020-09-29 13:50:08

Recently Reported IPs

110.168.128.203	51.15.137.10	111.195.15.230	168.21.4.45
19.160.238.102	189.95.84.169	155.4.169.155	32.65.241.17
187.196.79.38	77.81.109.18	103.28.187.24	99.241.151.206
50.10.30.223	45.129.33.59	34.91.55.242	104.197.85.155
179.61.251.33	46.92.145.102	1.4.196.19	166.170.28.131