City: unknown
Region: unknown
Country: Brazil
Internet Service Provider: Leonardo Pereira Costa
Hostname: unknown
Organization: unknown
Usage Type: Commercial
| Type | Details | Datetime |
|---|---|---|
| attackbots | Invalid user student6 from 45.6.72.17 port 38218 |
2020-09-22 22:04:21 |
| attackbotsspam | SSH Brute-Force reported by Fail2Ban |
2020-09-22 14:09:55 |
| attackbotsspam | 2020-09-21T21:54:44.668928shield sshd\[24418\]: Invalid user home from 45.6.72.17 port 56006 2020-09-21T21:54:44.675807shield sshd\[24418\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.6.72.17.leonetprovedor.com.br 2020-09-21T21:54:46.205952shield sshd\[24418\]: Failed password for invalid user home from 45.6.72.17 port 56006 ssh2 2020-09-21T21:58:54.071429shield sshd\[24782\]: Invalid user applmgr from 45.6.72.17 port 38510 2020-09-21T21:58:54.080884shield sshd\[24782\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.6.72.17.leonetprovedor.com.br |
2020-09-22 06:12:15 |
| attack | Sep 3 17:09:26 xeon sshd[13232]: Failed password for invalid user yxu from 45.6.72.17 port 51438 ssh2 |
2020-09-04 00:54:56 |
| attackspambots | Ssh brute force |
2020-09-03 16:19:02 |
| attackspambots | Ssh brute force |
2020-09-03 08:27:23 |
| attackbotsspam | Invalid user ftptest from 45.6.72.17 port 38936 |
2020-08-27 06:02:16 |
| attack | $f2bV_matches |
2020-08-24 14:38:03 |
| attackspambots | Invalid user smile from 45.6.72.17 port 52708 |
2020-08-24 08:20:06 |
| attackspam | 2020-08-21T19:51:40.802403ks3355764 sshd[547]: Invalid user khalid from 45.6.72.17 port 59872 2020-08-21T19:51:42.538901ks3355764 sshd[547]: Failed password for invalid user khalid from 45.6.72.17 port 59872 ssh2 ... |
2020-08-22 01:58:48 |
| attackbotsspam | $f2bV_matches |
2020-08-12 20:42:19 |
| attackspam | Aug 5 12:20:27 scw-6657dc sshd[7778]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.6.72.17 user=root Aug 5 12:20:27 scw-6657dc sshd[7778]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.6.72.17 user=root Aug 5 12:20:29 scw-6657dc sshd[7778]: Failed password for root from 45.6.72.17 port 35604 ssh2 ... |
2020-08-05 20:23:26 |
| attack | Jul 24 05:49:44 home sshd[414303]: Failed password for git from 45.6.72.17 port 34036 ssh2 Jul 24 05:54:36 home sshd[414859]: Invalid user fabien from 45.6.72.17 port 47170 Jul 24 05:54:36 home sshd[414859]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.6.72.17 Jul 24 05:54:36 home sshd[414859]: Invalid user fabien from 45.6.72.17 port 47170 Jul 24 05:54:38 home sshd[414859]: Failed password for invalid user fabien from 45.6.72.17 port 47170 ssh2 ... |
2020-07-24 13:16:31 |
| attackspambots | Invalid user alice from 45.6.72.17 port 60046 |
2020-07-22 19:07:13 |
| attackspambots | Jul 21 02:09:30 NPSTNNYC01T sshd[2710]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.6.72.17 Jul 21 02:09:32 NPSTNNYC01T sshd[2710]: Failed password for invalid user raza from 45.6.72.17 port 48350 ssh2 Jul 21 02:14:18 NPSTNNYC01T sshd[3408]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.6.72.17 ... |
2020-07-21 17:40:24 |
| attackbots | Automatic report - Banned IP Access |
2020-07-14 00:10:10 |
| attackbotsspam | Jul 12 16:11:09 db sshd[17519]: Invalid user sundapeng from 45.6.72.17 port 49772 ... |
2020-07-12 22:23:20 |
| attackbotsspam | Jul 9 17:15:11 mout sshd[18404]: Invalid user nagios from 45.6.72.17 port 59172 Jul 9 17:15:13 mout sshd[18404]: Failed password for invalid user nagios from 45.6.72.17 port 59172 ssh2 Jul 9 17:15:13 mout sshd[18404]: Disconnected from invalid user nagios 45.6.72.17 port 59172 [preauth] |
2020-07-10 02:30:46 |
| attackspambots | 2020-06-24T12:04:17.277638shield sshd\[28161\]: Invalid user elastic from 45.6.72.17 port 51092 2020-06-24T12:04:17.282556shield sshd\[28161\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.6.72.17.leonetprovedor.com.br 2020-06-24T12:04:18.814671shield sshd\[28161\]: Failed password for invalid user elastic from 45.6.72.17 port 51092 ssh2 2020-06-24T12:08:00.810231shield sshd\[28375\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.6.72.17.leonetprovedor.com.br user=root 2020-06-24T12:08:02.624016shield sshd\[28375\]: Failed password for root from 45.6.72.17 port 49830 ssh2 |
2020-06-24 22:15:25 |
| attackspam | Invalid user ab from 45.6.72.17 port 34340 |
2020-06-16 13:26:28 |
| attackbots | Jun 9 14:00:19 ns381471 sshd[24585]: Failed password for root from 45.6.72.17 port 52278 ssh2 Jun 9 14:02:48 ns381471 sshd[24688]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.6.72.17 |
2020-06-10 02:29:17 |
| attackbots | Invalid user oml from 45.6.72.17 port 56890 |
2020-05-21 06:22:07 |
| attackspambots | 2020-05-10T19:32:10.551475sd-86998 sshd[37456]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.6.72.17.leonetprovedor.com.br user=root 2020-05-10T19:32:12.154291sd-86998 sshd[37456]: Failed password for root from 45.6.72.17 port 44636 ssh2 2020-05-10T19:34:21.730336sd-86998 sshd[37715]: Invalid user dspace from 45.6.72.17 port 48864 2020-05-10T19:34:21.735456sd-86998 sshd[37715]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.6.72.17.leonetprovedor.com.br 2020-05-10T19:34:21.730336sd-86998 sshd[37715]: Invalid user dspace from 45.6.72.17 port 48864 2020-05-10T19:34:23.654499sd-86998 sshd[37715]: Failed password for invalid user dspace from 45.6.72.17 port 48864 ssh2 ... |
2020-05-11 02:10:05 |
| attack | $f2bV_matches |
2020-05-04 22:46:46 |
| attackbotsspam | $f2bV_matches | Triggered by Fail2Ban at Vostok web server |
2020-04-25 16:47:18 |
| attackspam | Apr 23 20:52:03 rotator sshd\[13673\]: Invalid user hadoop from 45.6.72.17Apr 23 20:52:05 rotator sshd\[13673\]: Failed password for invalid user hadoop from 45.6.72.17 port 34280 ssh2Apr 23 20:55:21 rotator sshd\[14471\]: Invalid user uc from 45.6.72.17Apr 23 20:55:23 rotator sshd\[14471\]: Failed password for invalid user uc from 45.6.72.17 port 56718 ssh2Apr 23 20:58:39 rotator sshd\[14533\]: Failed password for root from 45.6.72.17 port 50932 ssh2Apr 23 21:01:51 rotator sshd\[15330\]: Invalid user ftpuser from 45.6.72.17 ... |
2020-04-24 03:35:52 |
| attack | Invalid user vyatta from 45.6.72.17 port 58876 |
2020-04-21 06:26:01 |
| attackspambots | (sshd) Failed SSH login from 45.6.72.17 (BR/Brazil/45.6.72.17.leonetprovedor.com.br): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Apr 10 03:25:43 amsweb01 sshd[18973]: Invalid user earl from 45.6.72.17 port 55952 Apr 10 03:25:45 amsweb01 sshd[18973]: Failed password for invalid user earl from 45.6.72.17 port 55952 ssh2 Apr 10 03:40:25 amsweb01 sshd[20952]: Invalid user git from 45.6.72.17 port 38262 Apr 10 03:40:27 amsweb01 sshd[20952]: Failed password for invalid user git from 45.6.72.17 port 38262 ssh2 Apr 10 03:44:40 amsweb01 sshd[21539]: Invalid user losts from 45.6.72.17 port 46152 |
2020-04-10 09:50:42 |
| attackspam | SSH auth scanning - multiple failed logins |
2020-04-09 06:47:16 |
| attackbotsspam | 21 attempts against mh-ssh on echoip |
2020-04-07 13:48:02 |
| IP | Type | Details | Datetime |
|---|---|---|---|
| 45.6.72.14 | attackbotsspam | Aug 19 12:52:34 mail sshd\[23319\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.6.72.14 Aug 19 12:52:35 mail sshd\[23319\]: Failed password for invalid user arma1 from 45.6.72.14 port 52688 ssh2 Aug 19 12:57:29 mail sshd\[24306\]: Invalid user iraf from 45.6.72.14 port 40370 Aug 19 12:57:29 mail sshd\[24306\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.6.72.14 Aug 19 12:57:31 mail sshd\[24306\]: Failed password for invalid user iraf from 45.6.72.14 port 40370 ssh2 |
2019-08-19 19:20:00 |
| 45.6.72.14 | attackbots | Aug 17 06:40:16 plusreed sshd[17437]: Invalid user tester from 45.6.72.14 ... |
2019-08-17 20:14:33 |
| 45.6.72.14 | attack | Aug 15 16:54:02 aiointranet sshd\[1772\]: Invalid user test_user from 45.6.72.14 Aug 15 16:54:02 aiointranet sshd\[1772\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.6.72.14.leonetprovedor.com.br Aug 15 16:54:03 aiointranet sshd\[1772\]: Failed password for invalid user test_user from 45.6.72.14 port 44872 ssh2 Aug 15 16:59:33 aiointranet sshd\[2270\]: Invalid user iptv@123 from 45.6.72.14 Aug 15 16:59:33 aiointranet sshd\[2270\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.6.72.14.leonetprovedor.com.br |
2019-08-16 13:22:34 |
| 45.6.72.14 | attackbotsspam | Jul 16 13:43:35 localhost sshd\[10056\]: Invalid user tuan from 45.6.72.14 Jul 16 13:43:35 localhost sshd\[10056\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.6.72.14 Jul 16 13:43:37 localhost sshd\[10056\]: Failed password for invalid user tuan from 45.6.72.14 port 56274 ssh2 Jul 16 13:49:16 localhost sshd\[10360\]: Invalid user jordan from 45.6.72.14 Jul 16 13:49:17 localhost sshd\[10360\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.6.72.14 ... |
2019-07-16 20:12:46 |
| 45.6.72.14 | attackspambots | Jul 7 16:23:10 mail sshd[18744]: Invalid user manager from 45.6.72.14 Jul 7 16:23:10 mail sshd[18744]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.6.72.14 Jul 7 16:23:10 mail sshd[18744]: Invalid user manager from 45.6.72.14 Jul 7 16:23:12 mail sshd[18744]: Failed password for invalid user manager from 45.6.72.14 port 39590 ssh2 Jul 7 16:26:06 mail sshd[21307]: Invalid user mario from 45.6.72.14 ... |
2019-07-08 02:13:18 |
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.6.72.17
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 3382
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.6.72.17. IN A
;; AUTHORITY SECTION:
. 3600 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2019082101 1800 900 604800 86400
;; Query time: 86 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Aug 22 09:03:41 CST 2019
;; MSG SIZE rcvd: 114
17.72.6.45.in-addr.arpa domain name pointer 45.6.72.17.leonetprovedor.com.br.
Server: 67.207.67.2
Address: 67.207.67.2#53
Non-authoritative answer:
17.72.6.45.in-addr.arpa name = 45.6.72.17.leonetprovedor.com.br.
Authoritative answers can be found from:
| IP | Type | Details | Datetime |
|---|---|---|---|
| 194.26.29.146 | attackspambots | scans 43 times in preceeding hours on the ports (in chronological order) 11021 11691 11135 11814 11392 11512 11044 11482 11783 11860 11170 11818 11135 11393 11819 11512 11598 11576 11752 11681 11931 11155 11840 11731 11149 11800 11729 11841 11189 11518 11293 11631 11235 11126 11247 11959 11109 11557 11995 11660 11639 11541 11287 resulting in total of 612 scans from 194.26.29.0/24 block. |
2020-06-07 02:19:02 |
| 117.50.21.168 | attackspambots | scans once in preceeding hours on the ports (in chronological order) 32733 resulting in total of 1 scans from 117.50.0.0/16 block. |
2020-06-07 02:49:24 |
| 185.156.73.45 | attack | Jun 6 21:23:45 debian kernel: [370385.621220] [UFW BLOCK] IN=eth0 OUT= MAC=52:54:00:be:e4:65:08:e8:4f:6e:48:0c:08:00 SRC=185.156.73.45 DST=89.252.131.35 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=6832 PROTO=TCP SPT=54105 DPT=21001 WINDOW=1024 RES=0x00 SYN URGP=0 |
2020-06-07 02:38:38 |
| 58.188.221.13 | attackbotsspam | scans 2 times in preceeding hours on the ports (in chronological order) 17621 17621 |
2020-06-07 02:22:49 |
| 172.105.89.161 | attack | Unauthorized connection attempt detected from IP address 172.105.89.161 to port 7070 |
2020-06-07 02:44:15 |
| 172.104.65.226 | attackspam | scans once in preceeding hours on the ports (in chronological order) 3128 resulting in total of 3 scans from 172.104.0.0/15 block. |
2020-06-07 02:44:35 |
| 195.54.166.98 | attackbots |
|
2020-06-07 02:28:43 |
| 185.176.27.162 | attackspam | " " |
2020-06-07 02:34:01 |
| 96.127.158.235 | attackbotsspam | scans 2 times in preceeding hours on the ports (in chronological order) 1200 6443 |
2020-06-07 02:15:31 |
| 185.175.93.104 | attackbotsspam |
|
2020-06-07 02:36:35 |
| 195.54.166.138 | attack | 06/06/2020-14:23:12.741159 195.54.166.138 Protocol: 6 ET SCAN NMAP -sS window 1024 |
2020-06-07 02:28:14 |
| 117.141.112.155 | attackspambots | scans 2 times in preceeding hours on the ports (in chronological order) 3622 22228 |
2020-06-07 02:13:39 |
| 222.186.61.116 | attack |
|
2020-06-07 02:24:42 |
| 27.155.88.103 | attackspam | scans 2 times in preceeding hours on the ports (in chronological order) 39267 24393 |
2020-06-07 02:24:22 |
| 206.189.134.48 | attackspambots | scans once in preceeding hours on the ports (in chronological order) 18950 resulting in total of 4 scans from 206.189.0.0/16 block. |
2020-06-07 02:26:23 |