45.160.148.149

Basic Info

City: unknown

Region: unknown

Country: Brazil

Internet Service Provider: Asm Equipamentos de Informatica Ltda

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	2019-10-16 02:59:44,598 fail2ban.actions [843]: NOTICE [sshd] Ban 45.160.148.149 2019-10-16 06:06:25,654 fail2ban.actions [843]: NOTICE [sshd] Ban 45.160.148.149 2019-10-16 09:11:51,293 fail2ban.actions [843]: NOTICE [sshd] Ban 45.160.148.149 ...	2019-11-28 15:40:17

Type

Details

Datetime

attack

2019-10-16 02:59:44,598 fail2ban.actions        [843]: NOTICE  [sshd] Ban 45.160.148.149
2019-10-16 06:06:25,654 fail2ban.actions        [843]: NOTICE  [sshd] Ban 45.160.148.149
2019-10-16 09:11:51,293 fail2ban.actions        [843]: NOTICE  [sshd] Ban 45.160.148.149
...

2019-11-28 15:40:17

Comments on same subnet:

IP	Type	Details	Datetime
45.160.148.142	attackbotsspam	Sep 30 15:15:52 www sshd\[57522\]: Invalid user ft from 45.160.148.142 Sep 30 15:15:52 www sshd\[57522\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.160.148.142 Sep 30 15:15:54 www sshd\[57522\]: Failed password for invalid user ft from 45.160.148.142 port 49386 ssh2 ...	2019-09-30 22:16:21
45.160.148.142	attackspambots	Sep 27 04:07:00 web9 sshd\[301\]: Invalid user desenv from 45.160.148.142 Sep 27 04:07:00 web9 sshd\[301\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.160.148.142 Sep 27 04:07:01 web9 sshd\[301\]: Failed password for invalid user desenv from 45.160.148.142 port 33132 ssh2 Sep 27 04:12:04 web9 sshd\[1248\]: Invalid user jaquilante from 45.160.148.142 Sep 27 04:12:04 web9 sshd\[1248\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.160.148.142	2019-09-27 22:21:20
45.160.148.140	attackbots	Sep 9 05:10:35 php1 sshd\[27176\]: Invalid user compsx from 45.160.148.140 Sep 9 05:10:35 php1 sshd\[27176\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.160.148.140 Sep 9 05:10:37 php1 sshd\[27176\]: Failed password for invalid user compsx from 45.160.148.140 port 45030 ssh2 Sep 9 05:15:49 php1 sshd\[27610\]: Invalid user george from 45.160.148.140 Sep 9 05:15:49 php1 sshd\[27610\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.160.148.140	2019-09-10 05:01:58
45.160.148.2	attackspambots	Aug 27 22:51:49 lnxmail61 sshd[2855]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.160.148.2	2019-08-28 06:33:07
45.160.148.133	attack	Jul 30 08:48:48 lnxded64 sshd[11052]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.160.148.133	2019-07-30 20:19:40
45.160.148.14	attackbotsspam	Jul 23 11:56:17 rpi sshd[19586]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.160.148.14 Jul 23 11:56:19 rpi sshd[19586]: Failed password for invalid user ubuntu from 45.160.148.14 port 45846 ssh2	2019-07-23 18:21:20
45.160.148.14	attackbots	Jul 23 03:07:34 rpi sshd[9006]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.160.148.14 Jul 23 03:07:36 rpi sshd[9006]: Failed password for invalid user duncan from 45.160.148.14 port 56236 ssh2	2019-07-23 09:12:17
45.160.148.14	attackspambots	Jul 22 16:10:29 rpi sshd[32200]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.160.148.14 Jul 22 16:10:31 rpi sshd[32200]: Failed password for invalid user portail from 45.160.148.14 port 40322 ssh2	2019-07-22 22:14:38
45.160.148.14	attackspam	Jul 19 05:10:30 mail sshd[30514]: Failed password for invalid user pgadmin from 45.160.148.14 port 42400 ssh2 Jul 19 05:10:30 mail sshd[30514]: Received disconnect from 45.160.148.14: 11: Bye Bye [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=45.160.148.14	2019-07-20 22:06:15
45.160.148.14	attackbotsspam	Jul 10 21:30:13 s02-markstaller sshd[18348]: Invalid user mongouser from 45.160.148.14 Jul 10 21:30:15 s02-markstaller sshd[18348]: Failed password for invalid user mongouser from 45.160.148.14 port 37914 ssh2 Jul 10 21:33:14 s02-markstaller sshd[18483]: Invalid user ibmuser from 45.160.148.14 Jul 10 21:33:16 s02-markstaller sshd[18483]: Failed password for invalid user ibmuser from 45.160.148.14 port 36366 ssh2 Jul 10 21:35:07 s02-markstaller sshd[18540]: Invalid user squirrel from 45.160.148.14 Jul 10 21:35:08 s02-markstaller sshd[18540]: Failed password for invalid user squirrel from 45.160.148.14 port 53370 ssh2 Jul 10 21:36:50 s02-markstaller sshd[18628]: Invalid user campus from 45.160.148.14 Jul 10 21:36:52 s02-markstaller sshd[18628]: Failed password for invalid user campus from 45.160.148.14 port 42142 ssh2 Jul 10 21:38:38 s02-markstaller sshd[18683]: Invalid user ch from 45.160.148.14 Jul 10 21:38:40 s02-markstaller sshd[18683]: Failed password for invalid user........ ------------------------------	2019-07-12 08:25:55

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.160.148.149
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 26430
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.160.148.149.			IN	A

;; AUTHORITY SECTION:
.			483	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019112800 1800 900 604800 86400

;; Query time: 175 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Nov 28 15:40:14 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 149.148.160.45.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 149.148.160.45.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
96.77.182.189	attack	May 9 03:08:07 inter-technics sshd[25675]: Invalid user rahul from 96.77.182.189 port 47054 May 9 03:08:07 inter-technics sshd[25675]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=96.77.182.189 May 9 03:08:07 inter-technics sshd[25675]: Invalid user rahul from 96.77.182.189 port 47054 May 9 03:08:09 inter-technics sshd[25675]: Failed password for invalid user rahul from 96.77.182.189 port 47054 ssh2 May 9 03:11:29 inter-technics sshd[26002]: Invalid user webmaster from 96.77.182.189 port 50792 ...	2020-05-09 17:26:12
195.231.4.203	attackspambots	May 9 02:26:06 haigwepa sshd[29125]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.231.4.203 May 9 02:26:08 haigwepa sshd[29125]: Failed password for invalid user bni from 195.231.4.203 port 34522 ssh2 ...	2020-05-09 17:38:16
185.176.27.2	attack	05/08/2020-22:55:20.076113 185.176.27.2 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2020-05-09 17:28:29
122.51.34.215	attackspam	May 9 04:24:29 host sshd[52836]: Invalid user ftpuser from 122.51.34.215 port 46934 ...	2020-05-09 17:06:43
92.63.194.107	attackspambots	(sshd) Failed SSH login from 92.63.194.107 (NL/Netherlands/-): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: May 9 04:48:35 ubnt-55d23 sshd[4541]: Invalid user admin from 92.63.194.107 port 44849 May 9 04:48:37 ubnt-55d23 sshd[4541]: Failed password for invalid user admin from 92.63.194.107 port 44849 ssh2	2020-05-09 17:29:23
183.88.240.187	attackbotsspam	SMTP brute force ...	2020-05-09 17:31:03
167.172.145.231	attackspam	(sshd) Failed SSH login from 167.172.145.231 (US/United States/-): 5 in the last 3600 secs	2020-05-09 17:35:21
220.85.206.96	attack	May 9 02:43:38 game-panel sshd[27775]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.85.206.96 May 9 02:43:40 game-panel sshd[27775]: Failed password for invalid user manager from 220.85.206.96 port 60732 ssh2 May 9 02:47:02 game-panel sshd[27927]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.85.206.96	2020-05-09 17:17:40
64.225.64.215	attackbotsspam	2020-05-09T04:40:04.758426vps751288.ovh.net sshd\[18893\]: Invalid user sridhar from 64.225.64.215 port 52214 2020-05-09T04:40:04.768417vps751288.ovh.net sshd\[18893\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=kamdonghwan.com 2020-05-09T04:40:06.968725vps751288.ovh.net sshd\[18893\]: Failed password for invalid user sridhar from 64.225.64.215 port 52214 ssh2 2020-05-09T04:44:04.084076vps751288.ovh.net sshd\[18933\]: Invalid user eu from 64.225.64.215 port 40550 2020-05-09T04:44:04.094881vps751288.ovh.net sshd\[18933\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=kamdonghwan.com	2020-05-09 17:22:18
65.49.20.106	attack	Hack Attempt	2020-05-09 17:05:28
52.200.80.202	attack	May 9 04:47:39 vpn01 sshd[30567]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.200.80.202 May 9 04:47:40 vpn01 sshd[30567]: Failed password for invalid user dave from 52.200.80.202 port 53244 ssh2 ...	2020-05-09 16:59:10
125.64.94.221	attack	May 9 03:05:03 debian-2gb-nbg1-2 kernel: \[11245181.470551\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=125.64.94.221 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=237 ID=54321 PROTO=TCP SPT=47954 DPT=5985 WINDOW=65535 RES=0x00 SYN URGP=0	2020-05-09 17:11:35
185.234.218.249	attack	May 09 04:41:51 pop3-login: Info: Aborted login \(auth failed, 1 attempts in 2 secs\): user=\, method=PLAIN, rip=185.234.218.249, lip=192.168.100.101, session=\\ May 09 04:41:56 pop3-login: Info: Aborted login \(auth failed, 1 attempts in 6 secs\): user=\, method=PLAIN, rip=185.234.218.249, lip=192.168.100.101, session=\\ May 09 04:41:57 pop3-login: Info: Aborted login \(auth failed, 1 attempts in 6 secs\): user=\, method=PLAIN, rip=185.234.218.249, lip=192.168.100.101, session=\\ May 09 04:41:58 pop3-login: Info: Aborted login \(auth failed, 1 attempts in 6 secs\): user=\, method=PLAIN, rip=185.234.218.249, lip=192.168.100.101, session=\\ May 09 04:42:05 pop3-login: Info: Aborted login \(auth failed, 1 attempts in 10 secs\): user=\, method=PLAIN, rip=185.234.218.249, lip=192.168.100.101, session=\\ May	2020-05-09 17:14:20
103.108.228.111	attackspam	May 9 04:29:51 ns381471 sshd[21392]: Failed password for root from 103.108.228.111 port 58940 ssh2	2020-05-09 17:27:23
51.75.254.172	attackspam	May 9 07:37:11 webhost01 sshd[13238]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.254.172 May 9 07:37:13 webhost01 sshd[13238]: Failed password for invalid user kp from 51.75.254.172 port 60234 ssh2 ...	2020-05-09 17:25:56

Recently Reported IPs

49.232.162.235	113.183.132.155	107.175.246.210	87.236.23.224
124.205.34.199	3.94.138.106	114.67.103.161	125.89.64.157
88.99.65.178	192.227.241.102	120.29.75.66	113.21.114.172
168.228.114.91	94.43.188.136	119.120.181.79	107.174.148.186
66.172.47.25	107.172.229.190	51.89.28.226	23.90.31.216