109.75.45.34 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Armenia

Internet Service Provider: Ucom LLC

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Invalid user akr from 109.75.45.34 port 55740	2020-04-03 20:34:07
attackspambots	Mar 4 01:02:45 areeb-Workstation sshd[21568]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.75.45.34 Mar 4 01:02:47 areeb-Workstation sshd[21568]: Failed password for invalid user sinusbot from 109.75.45.34 port 55766 ssh2 ...	2020-03-04 03:59:04

Type

Details

Datetime

attackspam

Invalid user akr from 109.75.45.34 port 55740

2020-04-03 20:34:07

attackspambots

Mar  4 01:02:45 areeb-Workstation sshd[21568]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.75.45.34 
Mar  4 01:02:47 areeb-Workstation sshd[21568]: Failed password for invalid user sinusbot from 109.75.45.34 port 55766 ssh2
...

2020-03-04 03:59:04

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 109.75.45.34
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 22234
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;109.75.45.34.			IN	A

;; AUTHORITY SECTION:
.			425	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020030300 1800 900 604800 86400

;; Query time: 50 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Mar 04 03:59:01 CST 2020
;; MSG SIZE  rcvd: 116

Host info

34.45.75.109.in-addr.arpa domain name pointer host-34.45.75.109.ucom.am.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
34.45.75.109.in-addr.arpa	name = host-34.45.75.109.ucom.am.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
77.247.110.186	attackspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-11 18:19:16,892 INFO [shellcode_manager] (77.247.110.186) no match, writing hexdump (3324f38f9f387a71c4a489ff58e89150 :165) - SMB (Unknown) Vulnerability	2019-07-12 04:34:14
188.166.105.138	attack	Jul 11 16:31:23 novum-srv2 sshd[16499]: Invalid user admin from 188.166.105.138 port 51116 Jul 11 16:31:23 novum-srv2 sshd[16502]: Invalid user user from 188.166.105.138 port 51120 Jul 11 16:31:23 novum-srv2 sshd[16501]: Invalid user admin from 188.166.105.138 port 51114 ...	2019-07-12 04:27:44
185.176.27.102	attack	11.07.2019 20:13:53 Connection to port 19084 blocked by firewall	2019-07-12 04:53:12
142.93.117.249	attackbotsspam	Jul 11 19:38:08 ip-172-31-1-72 sshd\[26774\]: Invalid user abdel from 142.93.117.249 Jul 11 19:38:08 ip-172-31-1-72 sshd\[26774\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.117.249 Jul 11 19:38:10 ip-172-31-1-72 sshd\[26774\]: Failed password for invalid user abdel from 142.93.117.249 port 42438 ssh2 Jul 11 19:41:16 ip-172-31-1-72 sshd\[26925\]: Invalid user us from 142.93.117.249 Jul 11 19:41:16 ip-172-31-1-72 sshd\[26925\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.117.249	2019-07-12 05:09:03
129.144.156.96	attackspambots	Jul 11 22:13:35 server sshd[23173]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.144.156.96 ...	2019-07-12 04:38:10
142.93.73.51	attackbots	Jun 27 02:28:46 server sshd\[4873\]: Invalid user avis from 142.93.73.51 Jun 27 02:28:46 server sshd\[4873\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.73.51 Jun 27 02:28:47 server sshd\[4873\]: Failed password for invalid user avis from 142.93.73.51 port 53132 ssh2 ...	2019-07-12 04:33:57
144.21.105.112	attack	Jul 5 02:44:50 server sshd\[161510\]: Invalid user 7dtd from 144.21.105.112 Jul 5 02:44:50 server sshd\[161510\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.21.105.112 Jul 5 02:44:52 server sshd\[161510\]: Failed password for invalid user 7dtd from 144.21.105.112 port 53662 ssh2 ...	2019-07-12 04:26:22
50.252.166.69	attack	Jul 11 20:06:28 xeon cyrus/imaps[19060]: badlogin: 50-252-166-69-static.hfc.comcastbusiness.net [50.252.166.69] plain [SASL(-13): authentication failure: Password verification failed]	2019-07-12 04:37:53
207.154.209.159	attack	Jul 11 21:27:02 amit sshd\[15864\]: Invalid user a from 207.154.209.159 Jul 11 21:27:02 amit sshd\[15864\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.154.209.159 Jul 11 21:27:04 amit sshd\[15864\]: Failed password for invalid user a from 207.154.209.159 port 47304 ssh2 ...	2019-07-12 05:04:05
165.22.21.33	attackbots	DATE:2019-07-11_16:09:16, IP:165.22.21.33, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2019-07-12 04:50:33
142.93.58.151	attackbots	Jul 5 10:20:37 server sshd\[179250\]: Invalid user admin from 142.93.58.151 Jul 5 10:20:37 server sshd\[179250\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.58.151 Jul 5 10:20:39 server sshd\[179250\]: Failed password for invalid user admin from 142.93.58.151 port 44306 ssh2 ...	2019-07-12 04:37:22
142.93.15.1	attackspambots	Jun 26 06:39:54 server sshd\[214853\]: Invalid user wuchunpeng from 142.93.15.1 Jun 26 06:39:54 server sshd\[214853\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.15.1 Jun 26 06:39:55 server sshd\[214853\]: Failed password for invalid user wuchunpeng from 142.93.15.1 port 38912 ssh2 ...	2019-07-12 05:08:06
71.237.171.150	attack	Jul 11 17:49:30 thevastnessof sshd[11731]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=71.237.171.150 ...	2019-07-12 04:46:24
80.250.11.105	attackspambots	Jul 11 16:01:41 rigel postfix/smtpd[18540]: connect from unknown[80.250.11.105] Jul 11 16:01:41 rigel postfix/smtpd[18540]: warning: unknown[80.250.11.105]: SASL CRAM-MD5 authentication failed: authentication failure Jul 11 16:01:41 rigel postfix/smtpd[18540]: warning: unknown[80.250.11.105]: SASL PLAIN authentication failed: authentication failure Jul 11 16:01:41 rigel postfix/smtpd[18540]: warning: unknown[80.250.11.105]: SASL LOGIN authentication failed: authentication failure Jul 11 16:01:41 rigel postfix/smtpd[18540]: disconnect from unknown[80.250.11.105] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=80.250.11.105	2019-07-12 04:29:57
144.21.80.96	attackbotsspam	Jun 4 12:03:23 server sshd\[132375\]: Invalid user school from 144.21.80.96 Jun 4 12:03:23 server sshd\[132375\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.21.80.96 Jun 4 12:03:25 server sshd\[132375\]: Failed password for invalid user school from 144.21.80.96 port 37097 ssh2 ...	2019-07-12 04:24:33

Recently Reported IPs

192.241.230.80	93.220.240.174	81.21.94.192	104.149.33.173
68.166.185.52	108.193.214.136	108.133.34.124	107.181.167.123
84.82.38.203	4.114.209.62	103.152.136.212	200.255.111.184
27.254.141.86	34.128.136.51	184.168.22.232	181.144.176.107
188.94.182.254	65.62.104.71	66.120.150.29	185.222.198.45