45.160.149.4 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Brazil

Internet Service Provider: Asm Equipamentos de Informatica Ltda

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Sep 3 13:23:34 markkoudstaal sshd[17023]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.160.149.4 Sep 3 13:23:36 markkoudstaal sshd[17023]: Failed password for invalid user franbella from 45.160.149.4 port 41714 ssh2 Sep 3 13:28:47 markkoudstaal sshd[17494]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.160.149.4	2019-09-04 00:11:35

Type

Details

Datetime

attackbots

Sep  3 13:23:34 markkoudstaal sshd[17023]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.160.149.4
Sep  3 13:23:36 markkoudstaal sshd[17023]: Failed password for invalid user franbella from 45.160.149.4 port 41714 ssh2
Sep  3 13:28:47 markkoudstaal sshd[17494]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.160.149.4

2019-09-04 00:11:35

Comments on same subnet:

IP	Type	Details	Datetime
45.160.149.46	attackbots	2019-08-13T10:23:07.767021abusebot-4.cloudsearch.cf sshd\[28586\]: Invalid user vic from 45.160.149.46 port 57620	2019-08-14 01:54:04
45.160.149.46	attackbotsspam	Aug 10 16:57:00 www4 sshd\[20646\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.160.149.46 user=root Aug 10 16:57:02 www4 sshd\[20646\]: Failed password for root from 45.160.149.46 port 47156 ssh2 Aug 10 17:02:30 www4 sshd\[21424\]: Invalid user tgz from 45.160.149.46 ...	2019-08-10 22:06:25
45.160.149.47	attack	Jul 29 02:28:48 server sshd\[28498\]: User root from 45.160.149.47 not allowed because listed in DenyUsers Jul 29 02:28:48 server sshd\[28498\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.160.149.47 user=root Jul 29 02:28:50 server sshd\[28498\]: Failed password for invalid user root from 45.160.149.47 port 49650 ssh2 Jul 29 02:34:26 server sshd\[5864\]: Invalid user com from 45.160.149.47 port 44972 Jul 29 02:34:26 server sshd\[5864\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.160.149.47	2019-07-29 13:18:42
45.160.149.47	attackspambots	Jul 27 19:32:03 yabzik sshd[944]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.160.149.47 Jul 27 19:32:05 yabzik sshd[944]: Failed password for invalid user welc0m3 from 45.160.149.47 port 37258 ssh2 Jul 27 19:38:02 yabzik sshd[3223]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.160.149.47	2019-07-28 03:09:10

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.160.149.4
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 9171
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.160.149.4.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019090300 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Sep 04 00:11:21 CST 2019
;; MSG SIZE  rcvd: 116

Host info

Host 4.149.160.45.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 4.149.160.45.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
45.55.190.106	attack	Sep 17 15:59:40 webhost01 sshd[23568]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.190.106 Sep 17 15:59:42 webhost01 sshd[23568]: Failed password for invalid user oracle from 45.55.190.106 port 45323 ssh2 ...	2019-09-17 17:04:31
14.187.48.102	attack	Sep 17 03:34:23 MK-Soft-VM6 sshd\[13701\]: Invalid user admin from 14.187.48.102 port 53830 Sep 17 03:34:23 MK-Soft-VM6 sshd\[13701\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.187.48.102 Sep 17 03:34:25 MK-Soft-VM6 sshd\[13701\]: Failed password for invalid user admin from 14.187.48.102 port 53830 ssh2 ...	2019-09-17 17:35:05
190.64.141.18	attack	Sep 17 11:30:28 microserver sshd[35097]: Invalid user public from 190.64.141.18 port 60842 Sep 17 11:30:28 microserver sshd[35097]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.64.141.18 Sep 17 11:30:30 microserver sshd[35097]: Failed password for invalid user public from 190.64.141.18 port 60842 ssh2 Sep 17 11:35:43 microserver sshd[36074]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.64.141.18 user=root Sep 17 11:35:45 microserver sshd[36074]: Failed password for root from 190.64.141.18 port 54376 ssh2 Sep 17 11:46:02 microserver sshd[37460]: Invalid user admin from 190.64.141.18 port 41467 Sep 17 11:46:02 microserver sshd[37460]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.64.141.18 Sep 17 11:46:04 microserver sshd[37460]: Failed password for invalid user admin from 190.64.141.18 port 41467 ssh2 Sep 17 11:51:16 microserver sshd[38163]: Invalid user Damin from 190.64	2019-09-17 18:06:53
162.251.23.177	attack	Port Scan: TCP/80	2019-09-17 17:03:38
72.2.6.128	attack	Sep 17 07:03:21 vps691689 sshd[19371]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=72.2.6.128 Sep 17 07:03:23 vps691689 sshd[19371]: Failed password for invalid user user1 from 72.2.6.128 port 47364 ssh2 Sep 17 07:07:37 vps691689 sshd[19450]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=72.2.6.128 ...	2019-09-17 17:47:51
58.250.161.97	attackspam	Sep 16 23:07:50 tdfoods sshd\[14608\]: Invalid user amp from 58.250.161.97 Sep 16 23:07:50 tdfoods sshd\[14608\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.250.161.97 Sep 16 23:07:52 tdfoods sshd\[14608\]: Failed password for invalid user amp from 58.250.161.97 port 53260 ssh2 Sep 16 23:13:01 tdfoods sshd\[15086\]: Invalid user user1 from 58.250.161.97 Sep 16 23:13:01 tdfoods sshd\[15086\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.250.161.97	2019-09-17 17:20:46
149.129.244.23	attackbots	Sep 17 08:47:28 web8 sshd\[3863\]: Invalid user xbian from 149.129.244.23 Sep 17 08:47:28 web8 sshd\[3863\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.129.244.23 Sep 17 08:47:30 web8 sshd\[3863\]: Failed password for invalid user xbian from 149.129.244.23 port 49650 ssh2 Sep 17 08:52:29 web8 sshd\[6289\]: Invalid user debian from 149.129.244.23 Sep 17 08:52:29 web8 sshd\[6289\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.129.244.23	2019-09-17 17:14:21
178.65.108.96	attackbots	Unauthorized connection attempt from IP address 178.65.108.96 on Port 445(SMB)	2019-09-17 17:41:05
144.217.166.59	attack	Automatic report - Banned IP Access	2019-09-17 17:17:53
148.235.82.68	attackbotsspam	Sep 17 11:03:53 meumeu sshd[2868]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.235.82.68 Sep 17 11:03:55 meumeu sshd[2868]: Failed password for invalid user csgoserver from 148.235.82.68 port 55762 ssh2 Sep 17 11:12:10 meumeu sshd[4200]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.235.82.68 ...	2019-09-17 17:27:51
46.242.4.57	attackspambots	Sep 17 03:34:07 *** sshd[19467]: User root from 46.242.4.57 not allowed because not listed in AllowUsers	2019-09-17 17:48:41
103.203.145.133	attackbotsspam	Automatic report - Port Scan Attack	2019-09-17 17:10:33
120.76.26.231	attackbotsspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/120.76.26.231/ CN - 1H : (305) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : CN NAME ASN : ASN37963 IP : 120.76.26.231 CIDR : 120.76.0.0/17 PREFIX COUNT : 303 UNIQUE IP COUNT : 6062848 WYKRYTE ATAKI Z ASN37963 : 1H - 1 3H - 2 6H - 4 12H - 4 24H - 16 INFO : SYN Flood DDoS Attack Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN - data recovery	2019-09-17 17:35:34
167.71.92.238	attackspam	Port scan on 1 port(s): 3380	2019-09-17 17:20:07
129.211.77.44	attackspambots	2019-09-17 08:42:55,386 fail2ban.actions: WARNING [ssh] Ban 129.211.77.44	2019-09-17 18:13:43

Recently Reported IPs

105.230.166.168	50.233.17.35	197.200.62.22	66.229.142.13
5.83.19.59	118.56.195.84	112.22.1.71	37.203.71.41
14.218.203.7	113.60.142.230	91.172.105.158	65.145.228.137
5.205.47.55	196.143.18.112	182.149.224.162	108.76.234.16
2.68.35.143	41.254.54.132	183.100.47.62	65.31.182.107