104.149.70.34 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: Psychz Networks

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	RDP Bruteforce	2019-08-07 10:17:50

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.149.70.34
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 61672
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.149.70.34.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019080602 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Aug 07 10:17:41 CST 2019
;; MSG SIZE  rcvd: 117

Host info

34.70.149.104.in-addr.arpa has no PTR record

Nslookup info:

;; Got SERVFAIL reply from 67.207.67.2, trying next server
Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 34.70.149.104.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
94.176.5.253	attack	(Jul 3) LEN=44 TTL=244 ID=20805 DF TCP DPT=23 WINDOW=14600 SYN (Jul 3) LEN=44 TTL=244 ID=17579 DF TCP DPT=23 WINDOW=14600 SYN (Jul 3) LEN=44 TTL=244 ID=33768 DF TCP DPT=23 WINDOW=14600 SYN (Jul 3) LEN=44 TTL=244 ID=24045 DF TCP DPT=23 WINDOW=14600 SYN (Jul 3) LEN=44 TTL=244 ID=24379 DF TCP DPT=23 WINDOW=14600 SYN (Jul 3) LEN=44 TTL=244 ID=17127 DF TCP DPT=23 WINDOW=14600 SYN (Jul 2) LEN=44 TTL=244 ID=44215 DF TCP DPT=23 WINDOW=14600 SYN (Jul 2) LEN=44 TTL=244 ID=62918 DF TCP DPT=23 WINDOW=14600 SYN (Jul 2) LEN=44 TTL=244 ID=37512 DF TCP DPT=23 WINDOW=14600 SYN (Jul 2) LEN=44 TTL=244 ID=7298 DF TCP DPT=23 WINDOW=14600 SYN (Jul 2) LEN=44 TTL=244 ID=32330 DF TCP DPT=23 WINDOW=14600 SYN (Jul 2) LEN=44 TTL=244 ID=40656 DF TCP DPT=23 WINDOW=14600 SYN (Jul 2) LEN=44 TTL=244 ID=62714 DF TCP DPT=23 WINDOW=14600 SYN (Jul 2) LEN=44 TTL=244 ID=4903 DF TCP DPT=23 WINDOW=14600 SYN (Jul 2) LEN=44 TTL=244 ID=36496 DF TCP DPT=23 WINDOW=14600 SY...	2019-07-03 21:22:24
195.159.205.88	attackspam	195.159.205.88 - - \[03/Jul/2019:13:29:19 +0000\] "POST /wp-admin/admin-ajax.php HTTP/1.1" 200 54 "https://centric.upup.se/" "Mozilla/5.0 \(Windows NT 10.0\; Win64\; x64\) AppleWebKit/537.36 \(KHTML, like Gecko\) Chrome/58.0.3029.110 Safari/537.36 Edge/16.16299" "-"195.159.205.88 - - \[03/Jul/2019:13:29:19 +0000\] "POST /wp-admin/admin-ajax.php HTTP/1.1" 200 54 "https://centric.upup.se/" "Mozilla/5.0 \(Windows NT 10.0\; Win64\; x64\) AppleWebKit/537.36 \(KHTML, like Gecko\) Chrome/58.0.3029.110 Safari/537.36 Edge/16.16299" "-"195.159.205.88 - - \[03/Jul/2019:13:29:20 +0000\] "POST /wp-admin/admin-ajax.php HTTP/1.1" 200 54 "https://centric.upup.se/" "Mozilla/5.0 \(Windows NT 10.0\; Win64\; x64\) AppleWebKit/537.36 \(KHTML, like Gecko\) Chrome/58.0.3029.110 Safari/537.36 Edge/16.16299" "-"195.159.205.88 - - \[03/Jul/2019:13:29:20 +0000\] "POST /wp-admin/admin-ajax.php HTTP/1.1" 200 54 "https://centric.upup.se/" "Mozilla/5.0 \(Windows NT 10.0\; Win64\; x64\) AppleWebKit/537.36 \(KHTML, like Gecko\) Chrome/58.0.3	2019-07-03 21:32:32
185.216.32.212	attackspambots	/posting.php?mode=post&f=3	2019-07-03 22:01:22
213.77.62.84	attack	Jul 3 05:38:47 localhost sshd\[32036\]: Invalid user servers from 213.77.62.84 port 47844 Jul 3 05:38:47 localhost sshd\[32036\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.77.62.84 Jul 3 05:38:49 localhost sshd\[32036\]: Failed password for invalid user servers from 213.77.62.84 port 47844 ssh2 ...	2019-07-03 21:27:55
5.63.151.121	attack	" "	2019-07-03 21:35:48
167.99.65.138	attackspambots	SSH Brute-Forcing (ownc)	2019-07-03 21:41:45
185.163.100.228	attackbots	23/tcp [2019-07-03]1pkt	2019-07-03 21:21:22
218.56.138.166	attackspam	Jul 3 06:41:49 icinga sshd[6872]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.56.138.166 Jul 3 06:41:50 icinga sshd[6872]: Failed password for invalid user git from 218.56.138.166 port 44504 ssh2 ...	2019-07-03 21:19:00
14.143.245.11	attack	Jul 3 14:55:47 vtv3 sshd\[22789\]: Invalid user nessus1 from 14.143.245.11 port 60231 Jul 3 14:55:47 vtv3 sshd\[22789\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.143.245.11 Jul 3 14:55:49 vtv3 sshd\[22789\]: Failed password for invalid user nessus1 from 14.143.245.11 port 60231 ssh2 Jul 3 15:00:38 vtv3 sshd\[25080\]: Invalid user ultra from 14.143.245.11 port 27300 Jul 3 15:00:38 vtv3 sshd\[25080\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.143.245.11 Jul 3 15:12:23 vtv3 sshd\[30955\]: Invalid user firewall from 14.143.245.11 port 49732 Jul 3 15:12:23 vtv3 sshd\[30955\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.143.245.11 Jul 3 15:12:25 vtv3 sshd\[30955\]: Failed password for invalid user firewall from 14.143.245.11 port 49732 ssh2 Jul 3 15:15:18 vtv3 sshd\[32668\]: Invalid user prevision from 14.143.245.11 port 36936 Jul 3 15:15:18 vtv3 sshd\[	2019-07-03 21:41:13
210.211.96.112	attackspam	Jul 3 13:28:43 MK-Soft-VM6 sshd\[27482\]: Invalid user carter from 210.211.96.112 port 45360 Jul 3 13:28:43 MK-Soft-VM6 sshd\[27482\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.211.96.112 Jul 3 13:28:45 MK-Soft-VM6 sshd\[27482\]: Failed password for invalid user carter from 210.211.96.112 port 45360 ssh2 ...	2019-07-03 21:59:01
182.160.114.45	attackbots	Jul 3 15:29:52 v22018076622670303 sshd\[30226\]: Invalid user llll from 182.160.114.45 port 40684 Jul 3 15:29:52 v22018076622670303 sshd\[30226\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.160.114.45 Jul 3 15:29:54 v22018076622670303 sshd\[30226\]: Failed password for invalid user llll from 182.160.114.45 port 40684 ssh2 ...	2019-07-03 21:32:06
52.53.171.233	attackspam	port scan and connect, tcp 5984 (couchdb)	2019-07-03 21:42:55
198.108.66.69	attackspam	" "	2019-07-03 21:36:23
171.97.249.124	attackbots	Unauthorised access (Jul 3) SRC=171.97.249.124 LEN=40 TTL=240 ID=10933 DF TCP DPT=23 WINDOW=14600 SYN	2019-07-03 21:40:08
27.50.24.83	attackbots	SSH Bruteforce Attack	2019-07-03 22:14:25

Recently Reported IPs

1.173.126.114	35.226.130.240	138.186.42.250	93.67.134.47
114.40.232.213	182.254.136.65	101.99.23.105	52.172.178.54
189.156.223.160	142.93.149.132	184.140.50.165	48.87.184.216
167.82.180.47	110.249.254.66	92.208.115.102	187.137.86.233
54.36.148.219	5.219.26.199	61.54.183.177	190.104.39.187