45.71.219.248 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Brazil

Internet Service Provider: SGV Ti e Telecom Ltda

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Port Scan detected from 45.71.219.248 (BR/Brazil/Mato Grosso/Cuiabá/sgv-248-bgp219.sgvtelecom.com.br). 4 hits in the last 215 seconds	2020-08-09 13:04:33

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.71.219.248
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 13258
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.71.219.248.			IN	A

;; AUTHORITY SECTION:
.			571	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020080801 1800 900 604800 86400

;; Query time: 222 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Aug 09 13:04:29 CST 2020
;; MSG SIZE  rcvd: 117

Host info

248.219.71.45.in-addr.arpa domain name pointer sgv-248-bgp219.sgvtelecom.com.br.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
248.219.71.45.in-addr.arpa	name = sgv-248-bgp219.sgvtelecom.com.br.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
106.12.114.26	attackspam	Aug 21 01:11:26 eddieflores sshd\[5196\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.114.26 user=root Aug 21 01:11:28 eddieflores sshd\[5196\]: Failed password for root from 106.12.114.26 port 46534 ssh2 Aug 21 01:14:28 eddieflores sshd\[5483\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.114.26 user=root Aug 21 01:14:30 eddieflores sshd\[5483\]: Failed password for root from 106.12.114.26 port 45742 ssh2 Aug 21 01:17:28 eddieflores sshd\[5767\]: Invalid user bomb from 106.12.114.26 Aug 21 01:17:28 eddieflores sshd\[5767\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.114.26	2019-08-21 19:20:32
40.113.104.81	attackbotsspam	Aug 6 11:28:19 server sshd\[199492\]: Invalid user xbox from 40.113.104.81 Aug 6 11:28:19 server sshd\[199492\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.113.104.81 Aug 6 11:28:22 server sshd\[199492\]: Failed password for invalid user xbox from 40.113.104.81 port 6144 ssh2 ...	2019-08-21 19:23:53
185.220.101.57	attackbots	Aug 4 19:46:21 server sshd\[104989\]: Invalid user administrator from 185.220.101.57 Aug 4 19:46:21 server sshd\[104989\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.220.101.57 Aug 4 19:46:23 server sshd\[104989\]: Failed password for invalid user administrator from 185.220.101.57 port 40283 ssh2 ...	2019-08-21 19:21:14
68.183.185.221	attack	Automated report - ssh fail2ban: Aug 21 12:48:04 wrong password, user=root, port=38578, ssh2 Aug 21 12:53:13 authentication failure Aug 21 12:53:15 wrong password, user=admin, port=55008, ssh2	2019-08-21 19:07:51
111.40.98.212	attack	23/tcp 23/tcp 23/tcp [2019-06-22/08-20]3pkt	2019-08-21 19:27:11
62.149.107.209	attackbotsspam	445/tcp 445/tcp 445/tcp... [2019-07-06/08-20]4pkt,1pt.(tcp)	2019-08-21 19:06:05
172.126.62.47	attackspam	Aug 21 10:08:54 ip-172-31-1-72 sshd\[8884\]: Invalid user kenneth from 172.126.62.47 Aug 21 10:08:54 ip-172-31-1-72 sshd\[8884\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.126.62.47 Aug 21 10:08:57 ip-172-31-1-72 sshd\[8884\]: Failed password for invalid user kenneth from 172.126.62.47 port 52682 ssh2 Aug 21 10:12:55 ip-172-31-1-72 sshd\[9428\]: Invalid user 123456 from 172.126.62.47 Aug 21 10:12:55 ip-172-31-1-72 sshd\[9428\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.126.62.47	2019-08-21 18:47:41
221.125.165.59	attack	2019-08-21T10:31:24.066021abusebot-6.cloudsearch.cf sshd\[15282\]: Invalid user icinga from 221.125.165.59 port 39012	2019-08-21 18:46:46
62.28.34.125	attackbots	Aug 21 05:56:12 aat-srv002 sshd[10309]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.28.34.125 Aug 21 05:56:14 aat-srv002 sshd[10309]: Failed password for invalid user khalid from 62.28.34.125 port 40223 ssh2 Aug 21 06:01:30 aat-srv002 sshd[10514]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.28.34.125 Aug 21 06:01:32 aat-srv002 sshd[10514]: Failed password for invalid user ubuntu from 62.28.34.125 port 1323 ssh2 ...	2019-08-21 19:06:58
185.220.101.65	attackspam	Jul 29 15:47:58 server sshd\[161794\]: Invalid user c-comatic from 185.220.101.65 Jul 29 15:47:58 server sshd\[161794\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.220.101.65 Jul 29 15:48:00 server sshd\[161794\]: Failed password for invalid user c-comatic from 185.220.101.65 port 46373 ssh2 ...	2019-08-21 18:57:18
51.255.49.92	attackbotsspam	SSH Brute-Force reported by Fail2Ban	2019-08-21 19:17:44
106.13.82.49	attack	Aug 21 06:39:15 dedicated sshd[24033]: Invalid user registry from 106.13.82.49 port 50256	2019-08-21 18:59:16
92.118.37.74	attackbots	Aug 21 12:36:57 h2177944 kernel: \[4707441.802281\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.118.37.74 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=38850 PROTO=TCP SPT=46525 DPT=40299 WINDOW=1024 RES=0x00 SYN URGP=0 Aug 21 12:38:41 h2177944 kernel: \[4707546.389894\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.118.37.74 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=56284 PROTO=TCP SPT=46525 DPT=11905 WINDOW=1024 RES=0x00 SYN URGP=0 Aug 21 12:39:31 h2177944 kernel: \[4707595.551066\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.118.37.74 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=20182 PROTO=TCP SPT=46525 DPT=62677 WINDOW=1024 RES=0x00 SYN URGP=0 Aug 21 12:41:30 h2177944 kernel: \[4707714.991925\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.118.37.74 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=13599 PROTO=TCP SPT=46525 DPT=35552 WINDOW=1024 RES=0x00 SYN URGP=0 Aug 21 12:41:57 h2177944 kernel: \[4707741.759452\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.118.37.74 DST=85.214.117.9	2019-08-21 19:25:03
210.223.246.113	attackbotsspam	Aug 21 10:58:27 MK-Soft-VM7 sshd\[22074\]: Invalid user centos from 210.223.246.113 port 50086 Aug 21 10:58:27 MK-Soft-VM7 sshd\[22074\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.223.246.113 Aug 21 10:58:30 MK-Soft-VM7 sshd\[22074\]: Failed password for invalid user centos from 210.223.246.113 port 50086 ssh2 ...	2019-08-21 19:27:49
154.119.7.3	attackspambots	(sshd) Failed SSH login from 154.119.7.3 (-): 5 in the last 3600 secs	2019-08-21 19:18:58

Recently Reported IPs

243.203.243.15	146.192.70.102	183.16.227.44	168.227.11.212
245.148.168.146	2.87.132.245	132.102.53.173	94.25.181.46
64.225.44.134	34.70.62.204	35.234.152.200	117.2.159.218
52.15.67.216	24.187.234.130	87.59.200.25	193.55.207.190
190.207.87.43	252.149.209.189	124.231.119.205	64.2.138.18