104.149.70.34 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: Psychz Networks

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	RDP Bruteforce	2019-08-07 10:17:50

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.149.70.34
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 61672
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.149.70.34.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019080602 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Aug 07 10:17:41 CST 2019
;; MSG SIZE  rcvd: 117

Host info

34.70.149.104.in-addr.arpa has no PTR record

Nslookup info:

;; Got SERVFAIL reply from 67.207.67.2, trying next server
Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 34.70.149.104.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
18.18.248.17	attackspam	Sep 8 15:54:04 shivevps sshd[22629]: Failed password for root from 18.18.248.17 port 30579 ssh2 Sep 8 15:54:06 shivevps sshd[22629]: Failed password for root from 18.18.248.17 port 30579 ssh2 Sep 8 15:54:09 shivevps sshd[22629]: Failed password for root from 18.18.248.17 port 30579 ssh2 ...	2020-09-09 02:51:42
1.225.69.35	attack	Sep 7 18:36:15 logopedia-1vcpu-1gb-nyc1-01 sshd[155242]: Failed password for root from 1.225.69.35 port 52202 ssh2 ...	2020-09-09 02:25:39
114.84.82.71	attackbotsspam	Lines containing failures of 114.84.82.71 Sep 7 05:43:39 shared04 sshd[24382]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.84.82.71 user=r.r Sep 7 05:43:40 shared04 sshd[24382]: Failed password for r.r from 114.84.82.71 port 45160 ssh2 Sep 7 05:43:41 shared04 sshd[24382]: Received disconnect from 114.84.82.71 port 45160:11: Bye Bye [preauth] Sep 7 05:43:41 shared04 sshd[24382]: Disconnected from authenticating user r.r 114.84.82.71 port 45160 [preauth] Sep 7 05:48:03 shared04 sshd[25993]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.84.82.71 user=r.r Sep 7 05:48:05 shared04 sshd[25993]: Failed password for r.r from 114.84.82.71 port 46622 ssh2 Sep 7 05:48:06 shared04 sshd[25993]: Received disconnect from 114.84.82.71 port 46622:11: Bye Bye [preauth] Sep 7 05:48:06 shared04 sshd[25993]: Disconnected from authenticating user r.r 114.84.82.71 port 46622 [preauth] ........ -----------------------------------	2020-09-09 02:39:21
107.172.211.78	attackspam	2020-09-07 11:42:03.296187-0500 localhost smtpd[72242]: NOQUEUE: reject: RCPT from unknown[107.172.211.78]: 554 5.7.1 Service unavailable; Client host [107.172.211.78] blocked using zen.spamhaus.org; https://www.spamhaus.org/sbl/query/SBLCSS; from= to= proto=ESMTP helo=<00fd8916.asainprodate.co>	2020-09-09 02:52:39
23.129.64.213	attackspam	2020-09-08T13:18[Censored Hostname] sshd[19094]: Failed password for root from 23.129.64.213 port 59551 ssh2 2020-09-08T13:18[Censored Hostname] sshd[19094]: Failed password for root from 23.129.64.213 port 59551 ssh2 2020-09-08T13:18[Censored Hostname] sshd[19094]: Failed password for root from 23.129.64.213 port 59551 ssh2[...]	2020-09-09 02:53:58
176.59.142.212	attackspambots	SMB Server BruteForce Attack	2020-09-09 02:37:35
89.115.245.50	attackspam	89.115.245.50 - - [08/Sep/2020:10:28:31 +0200] "GET /wp-login.php HTTP/1.1" 200 8558 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 89.115.245.50 - - [08/Sep/2020:10:28:32 +0200] "POST /wp-login.php HTTP/1.1" 200 8809 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 89.115.245.50 - - [08/Sep/2020:10:28:33 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-09-09 02:35:21
62.133.169.43	attackspam	Automatic report - Banned IP Access	2020-09-09 02:31:06
188.166.58.29	attackbots	2020-09-08T15:20:05.660419ks3355764 sshd[2871]: Invalid user D from 188.166.58.29 port 41282 2020-09-08T15:20:07.583152ks3355764 sshd[2871]: Failed password for invalid user D from 188.166.58.29 port 41282 ssh2 ...	2020-09-09 02:46:17
85.99.139.153	attackbots	Honeypot attack, port: 445, PTR: 85.99.139.153.static.ttnet.com.tr.	2020-09-09 02:29:10
190.111.151.201	attackspambots	Sep 7 19:31:01 rocket sshd[16919]: Failed password for root from 190.111.151.201 port 39142 ssh2 Sep 7 19:35:26 rocket sshd[17581]: Failed password for root from 190.111.151.201 port 41958 ssh2 ...	2020-09-09 02:24:32
77.43.163.127	attackbotsspam	Honeypot attack, port: 445, PTR: homeuser77.43.163.127.ccl.perm.ru.	2020-09-09 02:26:36
220.244.58.58	attackbots	220.244.58.58 (AU/Australia/-), 6 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 8 18:40:53 server sshd[8432]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.145.192.205 user=root Sep 8 18:40:55 server sshd[8432]: Failed password for root from 212.145.192.205 port 48308 ssh2 Sep 8 18:30:53 server sshd[7016]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.158.189.0 user=root Sep 8 18:30:55 server sshd[7016]: Failed password for root from 51.158.189.0 port 53102 ssh2 Sep 8 18:47:08 server sshd[9267]: Failed password for root from 220.244.58.58 port 59568 ssh2 Sep 8 18:49:47 server sshd[9589]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.5.157.124 user=root IP Addresses Blocked: 212.145.192.205 (ES/Spain/-) 51.158.189.0 (FR/France/-)	2020-09-09 02:54:17
198.71.238.14	attackbotsspam	Automatic report - XMLRPC Attack	2020-09-09 02:26:52
188.166.222.99	attackspam	Port scanning [2 denied]	2020-09-09 02:45:52

Recently Reported IPs

1.173.126.114	35.226.130.240	138.186.42.250	93.67.134.47
114.40.232.213	182.254.136.65	101.99.23.105	52.172.178.54
189.156.223.160	142.93.149.132	184.140.50.165	48.87.184.216
167.82.180.47	110.249.254.66	92.208.115.102	187.137.86.233
54.36.148.219	5.219.26.199	61.54.183.177	190.104.39.187