103.149.34.70 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Indonesia

Internet Service Provider: PT. Krisna Berkat Investindo

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt from IP address 103.149.34.70 on Port 445(SMB)	2020-08-22 04:19:39

Comments on same subnet:

IP	Type	Details	Datetime
103.149.34.22	attackspam	Unauthorized connection attempt from IP address 103.149.34.22 on Port 445(SMB)	2020-09-25 00:32:16
103.149.34.22	attack	Unauthorized connection attempt from IP address 103.149.34.22 on Port 445(SMB)	2020-09-24 16:11:53
103.149.34.22	attackspambots	Unauthorized connection attempt from IP address 103.149.34.22 on Port 445(SMB)	2020-09-24 07:36:43
103.149.34.22	attackspambots	Icarus honeypot on github	2020-09-13 02:59:55
103.149.34.22	attackspambots	Icarus honeypot on github	2020-09-12 19:03:36
103.149.34.14	attackbotsspam	1589458758 - 05/14/2020 14:19:18 Host: 103.149.34.14/103.149.34.14 Port: 445 TCP Blocked	2020-05-15 04:43:34

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.149.34.70
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 42838
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;103.149.34.70.			IN	A

;; AUTHORITY SECTION:
.			231	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020082101 1800 900 604800 86400

;; Query time: 31 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Aug 22 04:19:36 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 70.34.149.103.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 70.34.149.103.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
27.152.113.122	attack	fraudulent SSH attempt	2019-10-16 10:35:41
185.104.185.39	attackspambots	Automatic report - XMLRPC Attack	2019-10-16 09:56:47
58.218.211.25	attack	Oct 15 23:49:28 MK-Soft-VM3 sshd[26462]: Failed password for root from 58.218.211.25 port 60304 ssh2 ...	2019-10-16 10:07:52
194.28.89.150	attackbots	[portscan] Port scan	2019-10-16 10:15:49
123.206.134.27	attackspambots	Oct 15 00:12:40 new sshd[13020]: Failed password for invalid user hub from 123.206.134.27 port 41222 ssh2 Oct 15 00:12:40 new sshd[13020]: Received disconnect from 123.206.134.27: 11: Bye Bye [preauth] Oct 15 00:29:07 new sshd[17120]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.206.134.27 user=r.r Oct 15 00:29:09 new sshd[17120]: Failed password for r.r from 123.206.134.27 port 60394 ssh2 Oct 15 00:29:09 new sshd[17120]: Received disconnect from 123.206.134.27: 11: Bye Bye [preauth] Oct 15 00:33:22 new sshd[18238]: Failed password for invalid user sentry from 123.206.134.27 port 43350 ssh2 Oct 15 00:33:22 new sshd[18238]: Received disconnect from 123.206.134.27: 11: Bye Bye [preauth] Oct 15 00:37:20 new sshd[19347]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.206.134.27 user=r.r Oct 15 00:37:21 new sshd[19347]: Failed password for r.r from 123.206.134.27 port 54526 ssh2 Oct........ -------------------------------	2019-10-16 10:17:50
134.175.80.27	attack	Oct 15 22:38:58 markkoudstaal sshd[20513]: Failed password for root from 134.175.80.27 port 53460 ssh2 Oct 15 22:43:30 markkoudstaal sshd[20976]: Failed password for root from 134.175.80.27 port 35780 ssh2	2019-10-16 10:04:55
125.99.173.162	attackspam	Oct 16 01:09:27 meumeu sshd[7406]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.99.173.162 Oct 16 01:09:29 meumeu sshd[7406]: Failed password for invalid user jamal from 125.99.173.162 port 31576 ssh2 Oct 16 01:14:42 meumeu sshd[8171]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.99.173.162 ...	2019-10-16 09:57:40
222.186.180.6	attack	Oct 16 04:05:53 dcd-gentoo sshd[15709]: User root from 222.186.180.6 not allowed because none of user's groups are listed in AllowGroups Oct 16 04:05:58 dcd-gentoo sshd[15709]: error: PAM: Authentication failure for illegal user root from 222.186.180.6 Oct 16 04:05:53 dcd-gentoo sshd[15709]: User root from 222.186.180.6 not allowed because none of user's groups are listed in AllowGroups Oct 16 04:05:58 dcd-gentoo sshd[15709]: error: PAM: Authentication failure for illegal user root from 222.186.180.6 Oct 16 04:05:53 dcd-gentoo sshd[15709]: User root from 222.186.180.6 not allowed because none of user's groups are listed in AllowGroups Oct 16 04:05:58 dcd-gentoo sshd[15709]: error: PAM: Authentication failure for illegal user root from 222.186.180.6 Oct 16 04:05:58 dcd-gentoo sshd[15709]: Failed keyboard-interactive/pam for invalid user root from 222.186.180.6 port 63906 ssh2 ...	2019-10-16 10:09:28
59.13.139.42	attackspam	vps1:pam-generic	2019-10-16 10:26:40
193.70.1.220	attackbotsspam	ssh failed login	2019-10-16 10:02:04
35.240.217.103	attack	Invalid user julian from 35.240.217.103 port 54742	2019-10-16 10:14:43
162.243.10.64	attack	2019-10-15T16:12:11.052008ns525875 sshd\[28805\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.10.64 user=root 2019-10-15T16:12:13.610566ns525875 sshd\[28805\]: Failed password for root from 162.243.10.64 port 56386 ssh2 2019-10-15T16:15:49.869968ns525875 sshd\[939\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.10.64 user=root 2019-10-15T16:15:51.686639ns525875 sshd\[939\]: Failed password for root from 162.243.10.64 port 39400 ssh2 ...	2019-10-16 10:29:54
213.95.36.213	attack	Lines containing failures of 213.95.36.213 Oct 15 08:47:20 shared04 sshd[5482]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.95.36.213 user=r.r Oct 15 08:47:22 shared04 sshd[5482]: Failed password for r.r from 213.95.36.213 port 14211 ssh2 Oct 15 08:47:22 shared04 sshd[5482]: Received disconnect from 213.95.36.213 port 14211:11: Bye Bye [preauth] Oct 15 08:47:22 shared04 sshd[5482]: Disconnected from authenticating user r.r 213.95.36.213 port 14211 [preauth] Oct 15 09:09:41 shared04 sshd[12877]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.95.36.213 user=r.r Oct 15 09:09:42 shared04 sshd[12877]: Failed password for r.r from 213.95.36.213 port 18933 ssh2 Oct 15 09:09:42 shared04 sshd[12877]: Received disconnect from 213.95.36.213 port 18933:11: Bye Bye [preauth] Oct 15 09:09:42 shared04 sshd[12877]: Disconnected from authenticating user r.r 213.95.36.213 port 18933 [preauth] Oc........ ------------------------------	2019-10-16 10:35:56
36.89.93.233	attackbots	Oct 15 23:59:01 www_kotimaassa_fi sshd[31870]: Failed password for root from 36.89.93.233 port 46536 ssh2 ...	2019-10-16 10:09:55
185.176.27.26	attack	10/15/2019-21:44:41.455190 185.176.27.26 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-10-16 10:34:45

Recently Reported IPs

110.168.128.203	51.15.137.10	111.195.15.230	168.21.4.45
19.160.238.102	189.95.84.169	155.4.169.155	32.65.241.17
187.196.79.38	77.81.109.18	103.28.187.24	99.241.151.206
50.10.30.223	45.129.33.59	34.91.55.242	104.197.85.155
179.61.251.33	46.92.145.102	1.4.196.19	166.170.28.131