45.70.134.249 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Brazil

Internet Service Provider: Super Net Comunicacao Ltda - ME

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Jul 18 14:29:32 eventyay sshd[22833]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.70.134.249 Jul 18 14:29:35 eventyay sshd[22833]: Failed password for invalid user jacky from 45.70.134.249 port 57526 ssh2 Jul 18 14:36:22 eventyay sshd[24360]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.70.134.249 ...	2019-07-18 20:38:22
attack	2019-07-16T06:02:25.617202hub.schaetter.us sshd\[14995\]: Invalid user scanner from 45.70.134.249 2019-07-16T06:02:25.653089hub.schaetter.us sshd\[14995\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.70.134.249 2019-07-16T06:02:27.471398hub.schaetter.us sshd\[14995\]: Failed password for invalid user scanner from 45.70.134.249 port 38505 ssh2 2019-07-16T06:08:45.845431hub.schaetter.us sshd\[15020\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.70.134.249 user=root 2019-07-16T06:08:48.165517hub.schaetter.us sshd\[15020\]: Failed password for root from 45.70.134.249 port 37917 ssh2 ...	2019-07-16 15:12:53
attackspambots	ssh failed login	2019-07-11 10:47:36
attackspam	Jun 30 20:15:18 unicornsoft sshd\[22605\]: Invalid user sysbackup from 45.70.134.249 Jun 30 20:15:18 unicornsoft sshd\[22605\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.70.134.249 Jun 30 20:15:20 unicornsoft sshd\[22605\]: Failed password for invalid user sysbackup from 45.70.134.249 port 59178 ssh2	2019-07-01 04:25:07

Comments on same subnet:

IP	Type	Details	Datetime
45.70.134.221	attack	Jul 19 15:41:10 lnxmail61 sshd[30114]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.70.134.221	2019-07-20 00:12:34
45.70.134.221	attackbots	Jul 19 01:47:57 eventyay sshd[31285]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.70.134.221 Jul 19 01:47:59 eventyay sshd[31285]: Failed password for invalid user ftptest from 45.70.134.221 port 47391 ssh2 Jul 19 01:54:53 eventyay sshd[587]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.70.134.221 ...	2019-07-19 08:11:32

Type

Details

Datetime

45.70.134.221

attack

Jul 19 15:41:10 lnxmail61 sshd[30114]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.70.134.221

2019-07-20 00:12:34

45.70.134.221

attackbots

Jul 19 01:47:57 eventyay sshd[31285]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.70.134.221
Jul 19 01:47:59 eventyay sshd[31285]: Failed password for invalid user ftptest from 45.70.134.221 port 47391 ssh2
Jul 19 01:54:53 eventyay sshd[587]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.70.134.221
...

2019-07-19 08:11:32

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.70.134.249
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 47838
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.70.134.249.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019062801 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Jun 29 11:44:21 CST 2019
;; MSG SIZE  rcvd: 117

Host info

Host 249.134.70.45.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 249.134.70.45.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
202.188.101.106	attackbotsspam	2020-07-30T06:11:43+0000 Failed SSH Authentication/Brute Force Attack. (Server 6)	2020-07-30 18:45:51
218.92.0.165	attackspam	2020-07-30T12:37:48.066851vps751288.ovh.net sshd\[25369\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.165 user=root 2020-07-30T12:37:50.646443vps751288.ovh.net sshd\[25369\]: Failed password for root from 218.92.0.165 port 50967 ssh2 2020-07-30T12:37:55.823248vps751288.ovh.net sshd\[25369\]: Failed password for root from 218.92.0.165 port 50967 ssh2 2020-07-30T12:37:59.746952vps751288.ovh.net sshd\[25369\]: Failed password for root from 218.92.0.165 port 50967 ssh2 2020-07-30T12:38:03.554533vps751288.ovh.net sshd\[25369\]: Failed password for root from 218.92.0.165 port 50967 ssh2	2020-07-30 18:38:45
54.37.136.87	attackspambots	(sshd) Failed SSH login from 54.37.136.87 (FR/France/87.ip-54-37-136.eu): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jul 30 10:36:08 amsweb01 sshd[10790]: Invalid user logstash from 54.37.136.87 port 42646 Jul 30 10:36:10 amsweb01 sshd[10790]: Failed password for invalid user logstash from 54.37.136.87 port 42646 ssh2 Jul 30 10:43:26 amsweb01 sshd[11916]: Invalid user guozhourui from 54.37.136.87 port 33170 Jul 30 10:43:28 amsweb01 sshd[11916]: Failed password for invalid user guozhourui from 54.37.136.87 port 33170 ssh2 Jul 30 10:47:15 amsweb01 sshd[12471]: Invalid user mikami from 54.37.136.87 port 42936	2020-07-30 18:30:40
219.159.239.66	attackbots	ET SCAN Suspicious inbound to MSSQL port 1433 - port: 1433 proto: tcp cat: Potentially Bad Trafficbytes: 62	2020-07-30 18:38:16
164.52.24.164	attack	Unauthorized SSH connection attempt	2020-07-30 19:04:36
40.121.163.198	attackbots	Jul 30 12:30:44 [host] sshd[24464]: Invalid user w Jul 30 12:30:44 [host] sshd[24464]: pam_unix(sshd: Jul 30 12:30:46 [host] sshd[24464]: Failed passwor	2020-07-30 18:40:58
54.71.115.235	attackbotsspam	54.71.115.235 - - [30/Jul/2020:10:50:18 +0200] "GET /wp-login.php HTTP/1.1" 200 6060 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 54.71.115.235 - - [30/Jul/2020:10:50:20 +0200] "POST /wp-login.php HTTP/1.1" 200 6311 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 54.71.115.235 - - [30/Jul/2020:10:50:21 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-07-30 18:46:06
87.251.74.30	attack	TCP (SYN) 87.251.74.30:62016 -> port 22, len 60	2020-07-30 19:02:20
121.128.135.73	attack	121.128.135.73 - - [30/Jul/2020:06:38:00 +0100] "POST /wp-login.php HTTP/1.1" 200 5864 "http://iwantzone.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" 121.128.135.73 - - [30/Jul/2020:06:38:01 +0100] "POST /wp-login.php HTTP/1.1" 200 5864 "http://iwantzone.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" 121.128.135.73 - - [30/Jul/2020:06:38:03 +0100] "POST /wp-login.php HTTP/1.1" 200 5864 "http://iwantzone.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" ...	2020-07-30 18:42:03
51.83.70.93	attackbotsspam	<6 unauthorized SSH connections	2020-07-30 18:50:49
51.178.28.196	attack	Invalid user jqliu from 51.178.28.196 port 41520	2020-07-30 18:58:12
194.26.25.105	attack	07/30/2020-06:21:57.047718 194.26.25.105 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-07-30 18:52:00
203.251.73.188	attack	ET SCAN Suspicious inbound to MSSQL port 1433 - port: 1433 proto: tcp cat: Potentially Bad Trafficbytes: 62	2020-07-30 19:06:04
34.67.85.82	attackbotsspam	$f2bV_matches	2020-07-30 18:59:19
159.65.86.239	attack	Jul 30 09:41:34 rocket sshd[31376]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.86.239 Jul 30 09:41:36 rocket sshd[31376]: Failed password for invalid user Bio306Stu from 159.65.86.239 port 55186 ssh2 ...	2020-07-30 18:30:08

Recently Reported IPs

109.203.107.97	94.156.133.92	103.54.28.212	88.121.72.24
90.43.176.156	2403:6200:8822:28bd:385c:6e60:2ea7:4c32	198.147.29.234	193.56.29.105
210.211.117.57	189.90.209.145	187.109.53.120	40.68.214.156
166.82.119.226	189.51.100.182	199.168.100.100	220.180.89.90
58.187.187.15	182.61.17.36	95.9.113.12	91.209.51.22