172.245.245.14

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: Hudson Valley Host

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	445/tcp 445/tcp 445/tcp... [2019-07-15/09-08]6pkt,1pt.(tcp)	2019-09-09 08:46:27
attackspambots	445/tcp 445/tcp 445/tcp... [2019-05-17/07-15]12pkt,1pt.(tcp)	2019-07-16 05:12:38

Comments on same subnet:

IP	Type	Details	Datetime
172.245.245.46	attackbots	Attempted connection to port 445.	2020-07-17 02:20:41
172.245.245.46	attackspam	Unauthorised access (Sep 14) SRC=172.245.245.46 LEN=40 TTL=239 ID=47876 TCP DPT=445 WINDOW=1024 SYN Unauthorised access (Sep 11) SRC=172.245.245.46 LEN=40 TTL=239 ID=1533 TCP DPT=445 WINDOW=1024 SYN	2019-09-15 04:33:12
172.245.245.46	attack	Unauthorized connection attempt from IP address 172.245.245.46 on Port 445(SMB)	2019-09-03 22:00:56
172.245.245.46	attack	Jul 23 16:13:35 localhost kernel: [15157008.850363] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=172.245.245.46 DST=[mungedIP2] LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=103 PROTO=TCP SPT=51462 DPT=445 WINDOW=1024 RES=0x00 SYN URGP=0 Jul 23 16:13:35 localhost kernel: [15157008.850394] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=172.245.245.46 DST=[mungedIP2] LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=103 PROTO=TCP SPT=51462 DPT=445 SEQ=1309630884 ACK=0 WINDOW=1024 RES=0x00 SYN URGP=0	2019-07-24 09:38:43

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 172.245.245.14
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 19162
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;172.245.245.14.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019071501 1800 900 604800 86400

;; Query time: 4 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Jul 16 05:12:33 CST 2019
;; MSG SIZE  rcvd: 118

Host info

14.245.245.172.in-addr.arpa domain name pointer 172-245-245-14-host.colocrossing.com.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
14.245.245.172.in-addr.arpa	name = 172-245-245-14-host.colocrossing.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
59.45.99.99	attack	Aug 27 22:30:28 hcbb sshd\[12760\]: Invalid user zr from 59.45.99.99 Aug 27 22:30:28 hcbb sshd\[12760\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.45.99.99 Aug 27 22:30:30 hcbb sshd\[12760\]: Failed password for invalid user zr from 59.45.99.99 port 37874 ssh2 Aug 27 22:36:50 hcbb sshd\[13278\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.45.99.99 user=root Aug 27 22:36:52 hcbb sshd\[13278\]: Failed password for root from 59.45.99.99 port 60450 ssh2	2019-08-28 16:45:10
206.189.137.113	attackspambots	$f2bV_matches	2019-08-28 17:27:20
185.220.102.6	attackbotsspam	Automated report - ssh fail2ban: Aug 28 10:41:22 wrong password, user=root, port=37939, ssh2 Aug 28 10:41:24 wrong password, user=root, port=37939, ssh2 Aug 28 10:41:27 wrong password, user=root, port=37939, ssh2 Aug 28 10:41:30 wrong password, user=root, port=37939, ssh2	2019-08-28 16:51:11
80.211.133.124	attack	Aug 28 06:24:56 h2177944 sshd\[5144\]: Failed password for invalid user kristin from 80.211.133.124 port 43936 ssh2 Aug 28 07:25:13 h2177944 sshd\[7397\]: Invalid user multimedia from 80.211.133.124 port 56444 Aug 28 07:25:13 h2177944 sshd\[7397\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.133.124 Aug 28 07:25:15 h2177944 sshd\[7397\]: Failed password for invalid user multimedia from 80.211.133.124 port 56444 ssh2 ...	2019-08-28 16:47:11
35.195.238.142	attackbots	Aug 27 19:24:07 lcdev sshd\[18692\]: Invalid user minecraft from 35.195.238.142 Aug 27 19:24:07 lcdev sshd\[18692\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.238.195.35.bc.googleusercontent.com Aug 27 19:24:09 lcdev sshd\[18692\]: Failed password for invalid user minecraft from 35.195.238.142 port 41352 ssh2 Aug 27 19:28:08 lcdev sshd\[19064\]: Invalid user lili from 35.195.238.142 Aug 27 19:28:08 lcdev sshd\[19064\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.238.195.35.bc.googleusercontent.com	2019-08-28 16:53:33
207.46.13.142	attackspambots	Automatic report - Banned IP Access	2019-08-28 17:04:20
190.111.249.177	attackspam	Aug 27 22:19:59 hiderm sshd\[17060\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.111.249.177 user=root Aug 27 22:20:01 hiderm sshd\[17060\]: Failed password for root from 190.111.249.177 port 39561 ssh2 Aug 27 22:25:53 hiderm sshd\[17628\]: Invalid user lin from 190.111.249.177 Aug 27 22:25:53 hiderm sshd\[17628\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.111.249.177 Aug 27 22:25:56 hiderm sshd\[17628\]: Failed password for invalid user lin from 190.111.249.177 port 33628 ssh2	2019-08-28 16:37:04
98.4.160.39	attack	Aug 28 10:32:42 lnxweb61 sshd[11550]: Failed password for root from 98.4.160.39 port 58200 ssh2 Aug 28 10:38:08 lnxweb61 sshd[16153]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=98.4.160.39 Aug 28 10:38:09 lnxweb61 sshd[16153]: Failed password for invalid user freddie from 98.4.160.39 port 57216 ssh2	2019-08-28 16:46:40
68.48.240.245	attackspambots	Aug 28 09:07:20 hb sshd\[31683\]: Invalid user davidru from 68.48.240.245 Aug 28 09:07:20 hb sshd\[31683\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=c-68-48-240-245.hsd1.mi.comcast.net Aug 28 09:07:22 hb sshd\[31683\]: Failed password for invalid user davidru from 68.48.240.245 port 44482 ssh2 Aug 28 09:11:24 hb sshd\[32000\]: Invalid user charlotte from 68.48.240.245 Aug 28 09:11:24 hb sshd\[32000\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=c-68-48-240-245.hsd1.mi.comcast.net	2019-08-28 17:26:50
200.100.176.92	attack	Lines containing failures of 200.100.176.92 Aug 28 05:07:56 mellenthin sshd[11636]: Invalid user control from 200.100.176.92 port 54185 Aug 28 05:07:56 mellenthin sshd[11636]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.100.176.92 Aug 28 05:07:59 mellenthin sshd[11636]: Failed password for invalid user control from 200.100.176.92 port 54185 ssh2 Aug 28 05:07:59 mellenthin sshd[11636]: Received disconnect from 200.100.176.92 port 54185:11: Bye Bye [preauth] Aug 28 05:07:59 mellenthin sshd[11636]: Disconnected from invalid user control 200.100.176.92 port 54185 [preauth] Aug 28 05:23:34 mellenthin sshd[11917]: Invalid user fee from 200.100.176.92 port 34730 Aug 28 05:23:34 mellenthin sshd[11917]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.100.176.92 Aug 28 05:23:36 mellenthin sshd[11917]: Failed password for invalid user fee from 200.100.176.92 port 34730 ssh2 Aug 28 05:23:36 m........ ------------------------------	2019-08-28 17:24:03
41.246.29.230	attackspam	LGS,WP GET /wp-login.php	2019-08-28 16:56:06
193.32.160.135	attackbots	$f2bV_matches	2019-08-28 17:13:03
222.73.205.94	attack	SSH Bruteforce	2019-08-28 17:18:57
31.27.38.242	attackspam	SSH bruteforce (Triggered fail2ban)	2019-08-28 16:45:43
187.33.248.242	attackbotsspam	SSH Bruteforce	2019-08-28 17:22:40

Recently Reported IPs

49.88.112.67	200.114.108.8	141.255.32.27	50.40.138.248
203.246.181.81	52.178.132.62	99.174.241.173	171.57.108.25
186.119.119.236	1.109.21.13	102.132.151.33	178.120.221.60
191.53.193.249	213.212.237.100	72.175.43.5	188.216.72.228
177.32.87.117	112.117.112.19	179.154.92.107	92.21.26.84