170.244.212.104

Basic Info

City: unknown

Region: unknown

Country: Brazil

Internet Service Provider: Ponto Wifi Ltda ME

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	SMTP/25/465/587-993/995 Probe, Reject, BadAuth, Hack, SPAM -	2019-07-08 16:49:46

Comments on same subnet:

IP	Type	Details	Datetime
170.244.212.42	attack	Honeypot attack, port: 81, PTR: 170.244.212.42.pontowifi.net.	2020-02-14 19:53:10
170.244.212.110	attack	SMTP/25/465/587-993/995 Probe, Reject, BadAuth, Hack, SPAM -	2019-07-08 16:46:57
170.244.212.118	attackbots	SMTP/25/465/587-993/995 Probe, Reject, BadAuth, Hack, SPAM -	2019-07-08 16:45:21
170.244.212.155	attackbots	SMTP/25/465/587-993/995 Probe, Reject, BadAuth, Hack, SPAM -	2019-07-08 16:43:51
170.244.212.162	attack	SMTP/25/465/587-993/995 Probe, Reject, BadAuth, Hack, SPAM -	2019-07-08 16:41:32
170.244.212.247	attackspambots	SMTP/25/465/587-993/995 Probe, Reject, BadAuth, Hack, SPAM -	2019-07-08 16:38:13
170.244.212.155	attackbots	failed_logins	2019-07-08 11:06:06
170.244.212.169	attackbots	SMTP Fraud Orders	2019-07-08 01:23:08

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 170.244.212.104
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 56112
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;170.244.212.104.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019070800 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Jul 08 16:49:36 CST 2019
;; MSG SIZE  rcvd: 119

Host info

104.212.244.170.in-addr.arpa domain name pointer 170.244.212.104.pontowifi.net.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
104.212.244.170.in-addr.arpa	name = 170.244.212.104.pontowifi.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
51.91.159.46	attack	$f2bV_matches	2020-09-29 04:18:00
183.232.228.66	attackspambots	Lines containing failures of 183.232.228.66 Sep 28 11:00:11 MAKserver05 sshd[2190]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.232.228.66 user=r.r Sep 28 11:00:13 MAKserver05 sshd[2190]: Failed password for r.r from 183.232.228.66 port 57758 ssh2 Sep 28 11:00:13 MAKserver05 sshd[2190]: Received disconnect from 183.232.228.66 port 57758:11: Bye Bye [preauth] Sep 28 11:00:13 MAKserver05 sshd[2190]: Disconnected from authenticating user r.r 183.232.228.66 port 57758 [preauth] Sep 28 11:33:19 MAKserver05 sshd[4545]: Invalid user rh from 183.232.228.66 port 35406 Sep 28 11:33:19 MAKserver05 sshd[4545]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.232.228.66 Sep 28 11:33:21 MAKserver05 sshd[4545]: Failed password for invalid user rh from 183.232.228.66 port 35406 ssh2 Sep 28 11:33:21 MAKserver05 sshd[4545]: Received disconnect from 183.232.228.66 port 35406:11: Bye Bye [preauth] S........ ------------------------------	2020-09-29 04:05:31
85.186.99.51	attackbots	Port Scan: TCP/443	2020-09-29 03:59:23
177.188.168.54	attackbots	Sep 28 19:54:54 vps8769 sshd[15445]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.188.168.54 Sep 28 19:54:56 vps8769 sshd[15445]: Failed password for invalid user download from 177.188.168.54 port 56417 ssh2 ...	2020-09-29 03:54:02
110.49.70.249	attackspambots	2020-09-28T16:42:54.575498abusebot-3.cloudsearch.cf sshd[20720]: Invalid user sysadmin from 110.49.70.249 port 42321 2020-09-28T16:42:54.581315abusebot-3.cloudsearch.cf sshd[20720]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.49.70.249 2020-09-28T16:42:54.575498abusebot-3.cloudsearch.cf sshd[20720]: Invalid user sysadmin from 110.49.70.249 port 42321 2020-09-28T16:42:56.386889abusebot-3.cloudsearch.cf sshd[20720]: Failed password for invalid user sysadmin from 110.49.70.249 port 42321 ssh2 2020-09-28T16:46:51.059223abusebot-3.cloudsearch.cf sshd[20777]: Invalid user kibana from 110.49.70.249 port 6494 2020-09-28T16:46:51.065811abusebot-3.cloudsearch.cf sshd[20777]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.49.70.249 2020-09-28T16:46:51.059223abusebot-3.cloudsearch.cf sshd[20777]: Invalid user kibana from 110.49.70.249 port 6494 2020-09-28T16:46:53.739840abusebot-3.cloudsearch.cf sshd[20777 ...	2020-09-29 03:47:12
112.85.42.69	attackbotsspam	Sep 28 08:25:37 serwer sshd\[32583\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.69 user=root Sep 28 08:25:39 serwer sshd\[32583\]: Failed password for root from 112.85.42.69 port 56322 ssh2 Sep 28 08:25:42 serwer sshd\[32583\]: Failed password for root from 112.85.42.69 port 56322 ssh2 Sep 28 08:25:45 serwer sshd\[32583\]: Failed password for root from 112.85.42.69 port 56322 ssh2 Sep 28 08:25:48 serwer sshd\[32583\]: Failed password for root from 112.85.42.69 port 56322 ssh2 Sep 28 08:25:51 serwer sshd\[32583\]: Failed password for root from 112.85.42.69 port 56322 ssh2 Sep 28 08:25:51 serwer sshd\[32583\]: error: maximum authentication attempts exceeded for root from 112.85.42.69 port 56322 ssh2 \[preauth\] Sep 28 08:25:54 serwer sshd\[32616\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.69 user=root Sep 28 08:25:56 serwer sshd\[32616\]: Failed password for root from ...	2020-09-29 03:52:34
106.54.112.173	attack	2020-09-28T17:59:14.284681abusebot-6.cloudsearch.cf sshd[9351]: Invalid user teamspeak from 106.54.112.173 port 44482 2020-09-28T17:59:14.290120abusebot-6.cloudsearch.cf sshd[9351]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.112.173 2020-09-28T17:59:14.284681abusebot-6.cloudsearch.cf sshd[9351]: Invalid user teamspeak from 106.54.112.173 port 44482 2020-09-28T17:59:16.516711abusebot-6.cloudsearch.cf sshd[9351]: Failed password for invalid user teamspeak from 106.54.112.173 port 44482 ssh2 2020-09-28T18:02:15.487597abusebot-6.cloudsearch.cf sshd[9413]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.112.173 user=root 2020-09-28T18:02:17.895106abusebot-6.cloudsearch.cf sshd[9413]: Failed password for root from 106.54.112.173 port 55242 ssh2 2020-09-28T18:05:07.097950abusebot-6.cloudsearch.cf sshd[9425]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost ...	2020-09-29 03:57:48
106.12.18.125	attackspam	Time: Sun Sep 27 11:28:58 2020 +0000 IP: 106.12.18.125 (CN/China/-) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Sep 27 11:19:38 3 sshd[10480]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.18.125 user=root Sep 27 11:19:40 3 sshd[10480]: Failed password for root from 106.12.18.125 port 51140 ssh2 Sep 27 11:25:44 3 sshd[24600]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.18.125 user=root Sep 27 11:25:46 3 sshd[24600]: Failed password for root from 106.12.18.125 port 37704 ssh2 Sep 27 11:28:55 3 sshd[32285]: Invalid user svn from 106.12.18.125 port 45120	2020-09-29 04:04:16
165.22.61.112	attackbotsspam	Invalid user ethos from 165.22.61.112 port 8533	2020-09-29 04:08:44
118.89.138.117	attackbots	Invalid user cs from 118.89.138.117 port 63044	2020-09-29 03:48:26
90.176.150.123	attackbotsspam	Sep 28 20:22:08 roki-contabo sshd\[23843\]: Invalid user ghost2 from 90.176.150.123 Sep 28 20:22:08 roki-contabo sshd\[23843\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=90.176.150.123 Sep 28 20:22:10 roki-contabo sshd\[23843\]: Failed password for invalid user ghost2 from 90.176.150.123 port 55093 ssh2 Sep 28 20:26:34 roki-contabo sshd\[25179\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=90.176.150.123 user=backup Sep 28 20:26:36 roki-contabo sshd\[25179\]: Failed password for backup from 90.176.150.123 port 36830 ssh2 ...	2020-09-29 04:19:39
112.80.35.2	attackbotsspam	Sep 28 12:05:51 propaganda sshd[92020]: Connection from 112.80.35.2 port 65534 on 10.0.0.161 port 22 rdomain "" Sep 28 12:05:53 propaganda sshd[92020]: Connection closed by 112.80.35.2 port 65534 [preauth]	2020-09-29 04:18:37
206.189.188.218	attackspambots	Fail2Ban Ban Triggered	2020-09-29 03:55:12
117.34.91.22	attackspam	Invalid user menu from 117.34.91.22 port 54888	2020-09-29 03:51:58
149.56.15.98	attackspambots	2020-09-28T01:33:29.897563hostname sshd[34832]: Failed password for invalid user deploy from 149.56.15.98 port 47507 ssh2 ...	2020-09-29 03:44:05

Recently Reported IPs

170.150.187.48	170.150.187.151	36.238.57.57	45.161.173.135
170.150.184.61	170.0.72.36	128.90.16.46	169.149.230.26
93.85.95.198	216.174.151.89	201.95.91.4	189.200.130.174
238.146.85.35	99.103.38.170	169.149.217.14	41.37.65.208
21.5.45.237	176.233.224.40	168.205.59.8	168.205.223.74