197.45.68.53 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Egypt

Internet Service Provider: TE Data

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt detected from IP address 197.45.68.53 to port 445	2019-12-11 13:58:24

Comments on same subnet:

IP	Type	Details	Datetime
197.45.68.167	attackspam	Unauthorized connection attempt from IP address 197.45.68.167 on Port 445(SMB)	2020-04-08 04:14:30
197.45.68.167	attackspambots	Unauthorized connection attempt from IP address 197.45.68.167 on Port 445(SMB)	2020-03-30 21:57:12
197.45.68.231	attackspam	Jun 5 17:30:35 ms-srv sshd[28702]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.45.68.231 Jun 5 17:30:37 ms-srv sshd[28702]: Failed password for invalid user admin from 197.45.68.231 port 60168 ssh2	2020-03-10 08:05:16
197.45.68.180	attackbots	1579179617 - 01/16/2020 14:00:17 Host: 197.45.68.180/197.45.68.180 Port: 445 TCP Blocked	2020-01-17 01:38:33
197.45.68.231	attackspambots	Automatic report - Web App Attack	2019-07-05 10:36:27

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 197.45.68.53
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 42513
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;197.45.68.53.			IN	A

;; AUTHORITY SECTION:
.			594	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121100 1800 900 604800 86400

;; Query time: 104 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Dec 11 13:58:21 CST 2019
;; MSG SIZE  rcvd: 116

Host info

53.68.45.197.in-addr.arpa domain name pointer host-197.45.68.53.tedata.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
53.68.45.197.in-addr.arpa	name = host-197.45.68.53.tedata.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
5.152.159.31	attack	Nov 5 17:18:03 server sshd\[3961\]: Invalid user ubnt from 5.152.159.31 Nov 5 17:18:03 server sshd\[3961\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.152.159.31 Nov 5 17:18:04 server sshd\[3961\]: Failed password for invalid user ubnt from 5.152.159.31 port 54146 ssh2 Nov 5 17:39:31 server sshd\[8981\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.152.159.31 user=root Nov 5 17:39:32 server sshd\[8981\]: Failed password for root from 5.152.159.31 port 36642 ssh2 ...	2019-11-06 00:39:27
221.226.28.244	attack	Nov 5 16:15:16 hcbbdb sshd\[13024\]: Invalid user webmaster from 221.226.28.244 Nov 5 16:15:16 hcbbdb sshd\[13024\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.226.28.244 Nov 5 16:15:18 hcbbdb sshd\[13024\]: Failed password for invalid user webmaster from 221.226.28.244 port 6689 ssh2 Nov 5 16:20:05 hcbbdb sshd\[13544\]: Invalid user zw from 221.226.28.244 Nov 5 16:20:05 hcbbdb sshd\[13544\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.226.28.244	2019-11-06 00:56:13
213.61.218.122	attackspam	Nov 5 14:38:30 thevastnessof sshd[1458]: Failed password for nobody from 213.61.218.122 port 53475 ssh2 ...	2019-11-06 01:13:18
177.189.141.154	attackspam	Automatic report - Port Scan Attack	2019-11-06 00:38:17
221.226.58.102	attackbotsspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/221.226.58.102/ CN - 1H : (632) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : CN NAME ASN : ASN4134 IP : 221.226.58.102 CIDR : 221.226.0.0/17 PREFIX COUNT : 5430 UNIQUE IP COUNT : 106919680 ATTACKS DETECTED ASN4134 : 1H - 14 3H - 40 6H - 73 12H - 138 24H - 284 DateTime : 2019-11-05 16:36:33 INFO : Port SSH 22 Scan Detected and Blocked by ADMIN - data recovery	2019-11-06 01:03:50
218.92.0.202	attackspambots	2019-11-05T17:02:13.176070abusebot-8.cloudsearch.cf sshd\[24978\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.202 user=root	2019-11-06 01:21:58
49.234.46.125	attackspambots	Nov 5 14:39:10 *** sshd[14253]: User root from 49.234.46.125 not allowed because not listed in AllowUsers	2019-11-06 00:50:18
117.50.38.246	attack	Nov 5 17:49:13 vmanager6029 sshd\[8919\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.38.246 user=root Nov 5 17:49:15 vmanager6029 sshd\[8919\]: Failed password for root from 117.50.38.246 port 34932 ssh2 Nov 5 17:53:46 vmanager6029 sshd\[8984\]: Invalid user testtest from 117.50.38.246 port 41274 Nov 5 17:53:46 vmanager6029 sshd\[8984\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.38.246	2019-11-06 01:16:09
213.206.46.170	attack	Automatic report - Port Scan Attack	2019-11-06 01:08:13
219.93.20.155	attackspambots	[Aegis] @ 2019-11-05 14:39:12 0000 -> Multiple authentication failures.	2019-11-06 00:47:01
209.210.24.130	attackspam	X-Virus-Scanned: by amavisd-new at Received: from literate.magnumseoul.com (literate.onvacationnow.com [209.210.24.130])	2019-11-06 01:15:25
82.50.91.8	attack	C1,WP GET /wp-login.php	2019-11-06 00:57:02
66.183.127.247	attackbotsspam	Nov 5 15:23:23 server sshd[13667]: Failed password for root from 66.183.127.247 port 54126 ssh2 Nov 5 15:34:55 server sshd[14233]: Failed password for root from 66.183.127.247 port 47988 ssh2 Nov 5 15:38:35 server sshd[14458]: Failed password for invalid user tery from 66.183.127.247 port 57690 ssh2	2019-11-06 01:10:59
179.178.161.42	attack	Unauthorised access (Nov 5) SRC=179.178.161.42 LEN=52 TOS=0x10 PREC=0x40 TTL=115 ID=13986 DF TCP DPT=445 WINDOW=8192 SYN	2019-11-06 01:06:25
132.232.228.86	attackbotsspam	Nov 5 05:24:36 eddieflores sshd\[8367\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.228.86 user=root Nov 5 05:24:38 eddieflores sshd\[8367\]: Failed password for root from 132.232.228.86 port 43500 ssh2 Nov 5 05:30:58 eddieflores sshd\[9216\]: Invalid user fi from 132.232.228.86 Nov 5 05:30:58 eddieflores sshd\[9216\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.228.86 Nov 5 05:31:00 eddieflores sshd\[9216\]: Failed password for invalid user fi from 132.232.228.86 port 53664 ssh2	2019-11-06 00:47:22

Recently Reported IPs

6.115.142.126	212.237.53.42	124.253.223.22	222.47.60.43
123.16.59.154	103.106.154.178	221.0.16.63	59.144.124.247
36.72.215.194	14.175.204.20	200.196.35.138	171.106.200.94
125.70.118.202	115.73.99.80	92.222.224.108	43.77.56.67
221.133.0.1	169.196.54.247	203.189.253.243	188.19.190.208