154.70.48.124 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Kenya

Internet Service Provider: Wananchi Group Kenya

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Oct 16 21:28:05 sso sshd[2866]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.70.48.124 Oct 16 21:28:07 sso sshd[2866]: Failed password for invalid user admin from 154.70.48.124 port 49575 ssh2 ...	2019-10-17 04:42:23

Type

Details

Datetime

attackspam

Oct 16 21:28:05 sso sshd[2866]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.70.48.124
Oct 16 21:28:07 sso sshd[2866]: Failed password for invalid user admin from 154.70.48.124 port 49575 ssh2
...

2019-10-17 04:42:23

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 154.70.48.124
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 48995
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;154.70.48.124.			IN	A

;; AUTHORITY SECTION:
.			199	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019101601 1800 900 604800 86400

;; Query time: 185 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Oct 17 04:42:19 CST 2019
;; MSG SIZE  rcvd: 117

Host info

Host 124.48.70.154.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 124.48.70.154.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
59.61.206.221	attackspam	Sep 26 00:07:01 ip-172-31-62-245 sshd\[26600\]: Invalid user tricia from 59.61.206.221\ Sep 26 00:07:03 ip-172-31-62-245 sshd\[26600\]: Failed password for invalid user tricia from 59.61.206.221 port 39589 ssh2\ Sep 26 00:11:42 ip-172-31-62-245 sshd\[26700\]: Invalid user odroid from 59.61.206.221\ Sep 26 00:11:44 ip-172-31-62-245 sshd\[26700\]: Failed password for invalid user odroid from 59.61.206.221 port 60035 ssh2\ Sep 26 00:16:27 ip-172-31-62-245 sshd\[26716\]: Invalid user test8 from 59.61.206.221\	2019-09-26 08:42:08
112.217.150.113	attack	Unauthorized SSH login attempts	2019-09-26 08:32:44
121.14.70.29	attackspam	Sep 25 10:48:13 hiderm sshd\[4987\]: Invalid user fc from 121.14.70.29 Sep 25 10:48:13 hiderm sshd\[4987\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.14.70.29 Sep 25 10:48:14 hiderm sshd\[4987\]: Failed password for invalid user fc from 121.14.70.29 port 49165 ssh2 Sep 25 10:51:36 hiderm sshd\[5231\]: Invalid user sigmund from 121.14.70.29 Sep 25 10:51:36 hiderm sshd\[5231\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.14.70.29	2019-09-26 08:36:25
51.91.212.215	attackspam	Sep 26 02:41:27 SilenceServices sshd[16091]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.91.212.215 Sep 26 02:41:29 SilenceServices sshd[16091]: Failed password for invalid user jason from 51.91.212.215 port 53990 ssh2 Sep 26 02:45:00 SilenceServices sshd[16960]: Failed password for root from 51.91.212.215 port 39178 ssh2	2019-09-26 08:49:43
196.40.156.49	attackbots	Sep 26 07:33:15 webhost01 sshd[27675]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.40.156.49 Sep 26 07:33:17 webhost01 sshd[27675]: Failed password for invalid user lao from 196.40.156.49 port 59146 ssh2 ...	2019-09-26 09:00:20
58.56.140.62	attack	2019-09-25T20:01:06.1044191495-001 sshd\[29090\]: Failed password for invalid user git from 58.56.140.62 port 19650 ssh2 2019-09-25T20:12:40.6786991495-001 sshd\[29839\]: Invalid user kiuchi from 58.56.140.62 port 8289 2019-09-25T20:12:40.6822121495-001 sshd\[29839\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.56.140.62 2019-09-25T20:12:42.4527941495-001 sshd\[29839\]: Failed password for invalid user kiuchi from 58.56.140.62 port 8289 ssh2 2019-09-25T20:16:35.7842891495-001 sshd\[29987\]: Invalid user admin from 58.56.140.62 port 62337 2019-09-25T20:16:35.7930941495-001 sshd\[29987\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.56.140.62 ...	2019-09-26 08:28:23
123.207.74.24	attackbotsspam	Sep 25 12:42:31 hpm sshd\[18688\]: Invalid user adela from 123.207.74.24 Sep 25 12:42:31 hpm sshd\[18688\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.207.74.24 Sep 25 12:42:33 hpm sshd\[18688\]: Failed password for invalid user adela from 123.207.74.24 port 50122 ssh2 Sep 25 12:45:53 hpm sshd\[19098\]: Invalid user user from 123.207.74.24 Sep 25 12:45:53 hpm sshd\[19098\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.207.74.24	2019-09-26 08:41:04
81.22.45.27	attackbots	Port Scan detected from 81.22.45.27 (RU/Russia/-). 4 hits in the last 45 seconds	2019-09-26 08:40:21
54.37.14.3	attack	Sep 26 01:17:22 localhost sshd\[9949\]: Invalid user rgakii from 54.37.14.3 port 33106 Sep 26 01:17:22 localhost sshd\[9949\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.14.3 Sep 26 01:17:24 localhost sshd\[9949\]: Failed password for invalid user rgakii from 54.37.14.3 port 33106 ssh2	2019-09-26 08:53:51
78.128.113.114	attackbotsspam	Sep 26 02:51:33 relay postfix/smtpd\[13705\]: warning: unknown\[78.128.113.114\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 26 02:51:43 relay postfix/smtpd\[13705\]: warning: unknown\[78.128.113.114\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 26 02:53:46 relay postfix/smtpd\[673\]: warning: unknown\[78.128.113.114\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 26 02:53:57 relay postfix/smtpd\[672\]: warning: unknown\[78.128.113.114\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 26 02:55:04 relay postfix/smtpd\[26904\]: warning: unknown\[78.128.113.114\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-09-26 08:58:43
153.36.242.143	attack	Sep 26 07:45:33 webhost01 sshd[27841]: Failed password for root from 153.36.242.143 port 58539 ssh2 ...	2019-09-26 08:55:38
201.63.224.36	attack	firewall-block, port(s): 445/tcp	2019-09-26 09:05:54
190.85.108.186	attackspam	Sep 25 20:51:30 sshgateway sshd\[14853\]: Invalid user joh from 190.85.108.186 Sep 25 20:51:30 sshgateway sshd\[14853\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.85.108.186 Sep 25 20:51:32 sshgateway sshd\[14853\]: Failed password for invalid user joh from 190.85.108.186 port 49674 ssh2	2019-09-26 08:38:10
187.177.78.163	attack	Automatic report - Port Scan Attack	2019-09-26 08:44:33
187.149.82.115	attack	Automatic report - Port Scan Attack	2019-09-26 08:24:54

Recently Reported IPs

1.59.173.194	184.198.229.224	72.192.148.22	162.215.232.145
138.59.82.48	79.147.30.212	74.124.25.140	104.238.196.100
142.76.238.127	211.195.14.233	239.83.112.110	28.55.153.119
138.121.120.67	227.165.31.150	69.21.9.187	73.210.107.178
78.161.92.115	236.16.152.146	93.86.98.253	203.60.2.111