189.45.37.254 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Brazil

Internet Service Provider: Sul Americana Tecnologia e Informatica Ltda.

Hostname: unknown

Organization: Vogel Soluções em Telecom e Informática S/A

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Feb 14 19:51:02 jane sshd[30703]: Failed password for root from 189.45.37.254 port 36803 ssh2 Feb 14 19:59:22 jane sshd[4395]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.45.37.254 ...	2020-02-15 03:25:18
attackspambots	Jan 3 16:01:08 ns3042688 sshd\[16315\]: Invalid user upload from 189.45.37.254 Jan 3 16:01:09 ns3042688 sshd\[16315\]: Failed password for invalid user upload from 189.45.37.254 port 54282 ssh2 Jan 3 16:02:42 ns3042688 sshd\[16919\]: Invalid user acct from 189.45.37.254 Jan 3 16:02:45 ns3042688 sshd\[16919\]: Failed password for invalid user acct from 189.45.37.254 port 59000 ssh2 Jan 3 16:04:15 ns3042688 sshd\[17500\]: Invalid user naq from 189.45.37.254 ...	2020-01-04 00:14:41
attackbots	Dec 31 23:34:14 dev0-dcde-rnet sshd[32099]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.45.37.254 Dec 31 23:34:15 dev0-dcde-rnet sshd[32099]: Failed password for invalid user admin from 189.45.37.254 port 49793 ssh2 Dec 31 23:51:58 dev0-dcde-rnet sshd[32331]: Failed password for root from 189.45.37.254 port 41079 ssh2	2020-01-01 08:00:09
attack	Dec 30 04:40:52 hpm sshd\[12718\]: Invalid user lenore from 189.45.37.254 Dec 30 04:40:52 hpm sshd\[12718\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=gw.stech.net.br Dec 30 04:40:55 hpm sshd\[12718\]: Failed password for invalid user lenore from 189.45.37.254 port 44975 ssh2 Dec 30 04:45:35 hpm sshd\[13087\]: Invalid user QWERTY12 from 189.45.37.254 Dec 30 04:45:35 hpm sshd\[13087\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=gw.stech.net.br	2019-12-30 23:18:57
attack	Dec 7 12:47:39 MK-Soft-VM3 sshd[15852]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.45.37.254 Dec 7 12:47:41 MK-Soft-VM3 sshd[15852]: Failed password for invalid user margalit from 189.45.37.254 port 58757 ssh2 ...	2019-12-07 20:27:43
attackspam	Automatic report - Banned IP Access	2019-11-28 23:19:00
attackbots	Repeated brute force against a port	2019-11-25 06:37:49
attackbots	Honeypot attack, port: 445, PTR: gw.stech.net.br.	2019-11-21 07:14:08
attack	Honeypot attack, port: 445, PTR: gw.stech.net.br.	2019-11-06 15:59:30
attackspambots	[SMB remote code execution attempt: port tcp/445] *(RWIN=1024)(08261144)	2019-08-26 19:50:04
attackspam	Honeypot attack, port: 445, PTR: gw.stech.net.br.	2019-08-03 06:50:38
attackbotsspam	Jun 13 10:25:19 ubuntu sshd[3102]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.45.37.254 Jun 13 10:25:21 ubuntu sshd[3102]: Failed password for invalid user qn from 189.45.37.254 port 50844 ssh2 Jun 13 10:28:58 ubuntu sshd[3184]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.45.37.254 Jun 13 10:29:00 ubuntu sshd[3184]: Failed password for invalid user edu from 189.45.37.254 port 33665 ssh2	2019-08-01 08:46:10
attackbotsspam	Honeypot attack, port: 445, PTR: gw.stech.net.br.	2019-07-30 05:06:01
attackspambots	Honeypot attack, port: 445, PTR: gw.stech.net.br.	2019-07-25 01:57:40
attack	Honeypot attack, port: 445, PTR: gw.stech.net.br.	2019-07-23 07:13:20
attackbotsspam	Jul 4 16:07:30 server01 sshd\[25093\]: Invalid user megan from 189.45.37.254 Jul 4 16:07:30 server01 sshd\[25093\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.45.37.254 Jul 4 16:07:32 server01 sshd\[25093\]: Failed password for invalid user megan from 189.45.37.254 port 60410 ssh2 ...	2019-07-05 03:21:09
attackbotsspam	Feb 23 00:42:08 motanud sshd\[21951\]: Invalid user ec2-user from 189.45.37.254 port 56604 Feb 23 00:42:08 motanud sshd\[21951\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.45.37.254 Feb 23 00:42:09 motanud sshd\[21951\]: Failed password for invalid user ec2-user from 189.45.37.254 port 56604 ssh2	2019-07-03 00:57:32

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 189.45.37.254
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 28629
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;189.45.37.254.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019033102 1800 900 604800 86400

;; Query time: 54 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Mon Apr 01 14:27:53 +08 2019
;; MSG SIZE  rcvd: 117

Host info

254.37.45.189.in-addr.arpa domain name pointer gw.stech.net.br.

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
254.37.45.189.in-addr.arpa	name = gw.stech.net.br.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
105.226.79.37	attack	Automatic report - Port Scan Attack	2020-07-23 14:53:13
40.68.94.141	attackbotsspam	Jul 23 04:16:22 124388 sshd[29443]: Invalid user schneider from 40.68.94.141 port 41854 Jul 23 04:16:22 124388 sshd[29443]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.68.94.141 Jul 23 04:16:22 124388 sshd[29443]: Invalid user schneider from 40.68.94.141 port 41854 Jul 23 04:16:24 124388 sshd[29443]: Failed password for invalid user schneider from 40.68.94.141 port 41854 ssh2 Jul 23 04:20:58 124388 sshd[29752]: Invalid user cba from 40.68.94.141 port 57838	2020-07-23 14:41:55
107.170.254.146	attack	Jul 23 06:18:36 jumpserver sshd[192698]: Invalid user sport from 107.170.254.146 port 33926 Jul 23 06:18:38 jumpserver sshd[192698]: Failed password for invalid user sport from 107.170.254.146 port 33926 ssh2 Jul 23 06:23:00 jumpserver sshd[192733]: Invalid user glenn from 107.170.254.146 port 48944 ...	2020-07-23 14:31:14
46.4.60.249	attackspam	20 attempts against mh-misbehave-ban on twig	2020-07-23 14:44:44
52.17.98.131	attack	21 attempts against mh-misbehave-ban on apple	2020-07-23 14:32:04
35.229.45.205	attack	35.229.45.205 - - [23/Jul/2020:05:56:36 +0200] "GET /wp-login.php HTTP/1.1" 200 6310 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 35.229.45.205 - - [23/Jul/2020:05:56:37 +0200] "POST /wp-login.php HTTP/1.1" 200 6561 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 35.229.45.205 - - [23/Jul/2020:05:56:38 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-07-23 14:46:10
139.215.217.180	attack	Invalid user tu from 139.215.217.180 port 38577	2020-07-23 14:16:44
213.32.23.58	attackbots	Jul 23 05:52:53 XXXXXX sshd[7894]: Invalid user ubuntu from 213.32.23.58 port 37386	2020-07-23 14:15:13
186.189.208.246	attack	Jul 23 06:46:07 vps sshd[1036134]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.189.208.246 Jul 23 06:46:10 vps sshd[1036134]: Failed password for invalid user git from 186.189.208.246 port 55535 ssh2 Jul 23 06:53:03 vps sshd[16636]: Invalid user suporte from 186.189.208.246 port 33547 Jul 23 06:53:03 vps sshd[16636]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.189.208.246 Jul 23 06:53:05 vps sshd[16636]: Failed password for invalid user suporte from 186.189.208.246 port 33547 ssh2 ...	2020-07-23 14:20:44
167.114.114.114	attackspam	2020-07-23T03:53:10.085888shield sshd\[29162\]: Invalid user ts3bot from 167.114.114.114 port 60994 2020-07-23T03:53:10.094258shield sshd\[29162\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.ip-167-114-114.net 2020-07-23T03:53:11.895729shield sshd\[29162\]: Failed password for invalid user ts3bot from 167.114.114.114 port 60994 ssh2 2020-07-23T03:57:05.189312shield sshd\[29839\]: Invalid user gio from 167.114.114.114 port 46530 2020-07-23T03:57:05.198327shield sshd\[29839\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.ip-167-114-114.net	2020-07-23 14:26:34
139.99.105.138	attack	$f2bV_matches	2020-07-23 14:14:32
14.207.8.17	attackbots	Jul 23 09:02:01 lukav-desktop sshd\[26615\]: Invalid user administrator from 14.207.8.17 Jul 23 09:02:01 lukav-desktop sshd\[26615\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.207.8.17 Jul 23 09:02:03 lukav-desktop sshd\[26615\]: Failed password for invalid user administrator from 14.207.8.17 port 59064 ssh2 Jul 23 09:09:05 lukav-desktop sshd\[28288\]: Invalid user wendi from 14.207.8.17 Jul 23 09:09:05 lukav-desktop sshd\[28288\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.207.8.17	2020-07-23 14:14:53
86.89.82.2	attack	2020-07-23T05:57:10.452680n23.at sshd[4121542]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=86.89.82.2 2020-07-23T05:57:10.375481n23.at sshd[4121542]: Invalid user pi from 86.89.82.2 port 59886 2020-07-23T05:57:13.195366n23.at sshd[4121542]: Failed password for invalid user pi from 86.89.82.2 port 59886 ssh2 ...	2020-07-23 14:17:21
188.165.238.199	attack	Jul 23 05:49:14 onepixel sshd[3684078]: Invalid user kato from 188.165.238.199 port 53008 Jul 23 05:49:14 onepixel sshd[3684078]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.165.238.199 Jul 23 05:49:14 onepixel sshd[3684078]: Invalid user kato from 188.165.238.199 port 53008 Jul 23 05:49:16 onepixel sshd[3684078]: Failed password for invalid user kato from 188.165.238.199 port 53008 ssh2 Jul 23 05:53:24 onepixel sshd[3686062]: Invalid user gw from 188.165.238.199 port 37182	2020-07-23 14:15:41
185.63.253.200	spambots	bokep	2020-07-23 14:53:38

Recently Reported IPs

201.150.151.211	61.189.47.93	27.150.169.29	198.27.67.152
183.81.98.159	139.199.181.192	223.112.102.250	118.2.39.254
41.10.194.5	27.74.241.212	181.165.150.33	177.1.179.18
175.126.123.151	89.36.215.178	85.113.60.66	211.151.95.139
203.81.93.212	140.143.236.227	218.76.158.162	197.51.245.107