102.45.149.12 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Egypt

Internet Service Provider: TE Data

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	SSH bruteforce more then 50 syn to 22 port per 10 seconds.	2020-05-15 22:22:31

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 102.45.149.12
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 26387
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;102.45.149.12.			IN	A

;; AUTHORITY SECTION:
.			271	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020051500 1800 900 604800 86400

;; Query time: 145 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri May 15 22:22:24 CST 2020
;; MSG SIZE  rcvd: 117

Host info

12.149.45.102.in-addr.arpa domain name pointer host-102.45.149.12.tedata.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
12.149.45.102.in-addr.arpa	name = host-102.45.149.12.tedata.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
118.25.176.15	attack	...	2020-07-05 15:08:31
106.12.70.99	attackbots	Jul 5 05:53:13 mout sshd[9430]: Invalid user netadmin from 106.12.70.99 port 57878	2020-07-05 15:21:38
132.232.19.28	attackspambots	Jul 5 05:53:31 sshd\[4939\]: Invalid user local from 132.232.19.28Jul 5 05:53:33 sshd\[4939\]: Failed password for invalid user local from 132.232.19.28 port 55062 ssh2 ...	2020-07-05 15:04:58
106.52.50.225	attackspambots	Invalid user roberta from 106.52.50.225 port 45048	2020-07-05 15:07:44
194.26.29.25	attack	Port scan on 3 port(s): 3000 4418 43233	2020-07-05 15:04:02
139.155.79.7	attack	Jul 5 08:46:08 vpn01 sshd[13851]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.79.7 Jul 5 08:46:10 vpn01 sshd[13851]: Failed password for invalid user eti from 139.155.79.7 port 45918 ssh2 ...	2020-07-05 14:59:30
185.143.72.25	attack	Jul 5 08:59:54 relay postfix/smtpd\[8339\]: warning: unknown\[185.143.72.25\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 5 09:00:33 relay postfix/smtpd\[8340\]: warning: unknown\[185.143.72.25\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 5 09:01:10 relay postfix/smtpd\[12146\]: warning: unknown\[185.143.72.25\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 5 09:01:53 relay postfix/smtpd\[12086\]: warning: unknown\[185.143.72.25\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 5 09:02:28 relay postfix/smtpd\[12139\]: warning: unknown\[185.143.72.25\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-07-05 15:04:31
103.23.102.3	attackspam	Jul 5 06:44:46 web8 sshd\[29144\]: Invalid user user from 103.23.102.3 Jul 5 06:44:46 web8 sshd\[29144\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.23.102.3 Jul 5 06:44:47 web8 sshd\[29144\]: Failed password for invalid user user from 103.23.102.3 port 57277 ssh2 Jul 5 06:48:28 web8 sshd\[30976\]: Invalid user admin from 103.23.102.3 Jul 5 06:48:28 web8 sshd\[30976\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.23.102.3	2020-07-05 15:16:55
95.31.5.29	attack	VNC brute force attack detected by fail2ban	2020-07-05 14:51:40
157.245.37.160	attackbotsspam	2020-07-05T05:46:02+0000 Failed SSH Authentication/Brute Force Attack. (Server 6)	2020-07-05 15:14:59
124.42.83.34	attackbots	Jul 4 18:19:15 php1 sshd\[11228\]: Invalid user teste1 from 124.42.83.34 Jul 4 18:19:15 php1 sshd\[11228\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.42.83.34 Jul 4 18:19:17 php1 sshd\[11228\]: Failed password for invalid user teste1 from 124.42.83.34 port 35384 ssh2 Jul 4 18:22:25 php1 sshd\[11452\]: Invalid user vada from 124.42.83.34 Jul 4 18:22:25 php1 sshd\[11452\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.42.83.34	2020-07-05 14:53:21
36.155.113.40	attackspambots	Jul 5 10:53:12 webhost01 sshd[14650]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.155.113.40 Jul 5 10:53:14 webhost01 sshd[14650]: Failed password for invalid user lokesh from 36.155.113.40 port 50871 ssh2 ...	2020-07-05 15:20:53
139.186.84.46	attackbots	Jul 5 08:34:04 serwer sshd\[12551\]: Invalid user postgres from 139.186.84.46 port 37632 Jul 5 08:34:04 serwer sshd\[12551\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.186.84.46 Jul 5 08:34:06 serwer sshd\[12551\]: Failed password for invalid user postgres from 139.186.84.46 port 37632 ssh2 ...	2020-07-05 14:56:07
157.230.225.35	attackspam	Jul 5 06:46:22 vps sshd[512184]: Failed password for invalid user gbm from 157.230.225.35 port 42480 ssh2 Jul 5 06:50:32 vps sshd[533965]: Invalid user hmn from 157.230.225.35 port 40308 Jul 5 06:50:32 vps sshd[533965]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.225.35 Jul 5 06:50:34 vps sshd[533965]: Failed password for invalid user hmn from 157.230.225.35 port 40308 ssh2 Jul 5 06:54:52 vps sshd[552782]: Invalid user file from 157.230.225.35 port 38136 ...	2020-07-05 15:28:00
110.50.85.90	attackbots	VNC brute force attack detected by fail2ban	2020-07-05 15:23:12

Recently Reported IPs

168.70.125.217	200.195.170.210	186.185.1.200	129.28.175.65
34.69.43.245	156.215.138.247	82.60.41.17	103.77.45.93
189.114.67.19	95.141.193.7	144.91.118.145	166.28.119.183
247.185.79.151	177.220.177.209	183.213.23.118	14.252.203.143
211.28.164.96	105.212.94.49	159.195.33.145	139.162.148.195