45.125.66.68 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Hong Kong

Internet Service Provider: Tele Asia Limited

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Rude login attack (4 tries in 1d)	2020-02-16 08:01:43
attackbots	Dec 24 10:29:31 web1 postfix/smtpd[7807]: warning: unknown[45.125.66.68]: SASL LOGIN authentication failed: authentication failure ...	2019-12-25 05:10:40
attack	Rude login attack (5 tries in 1d)	2019-12-07 02:10:26
attackbots	2019-11-15 dovecot_login authenticator failed for $User$ \[45.125.66.68\]: 535 Incorrect authentication data $set_id=aileen$ 2019-11-15 dovecot_login authenticator failed for $User$ \[45.125.66.68\]: 535 Incorrect authentication data $set_id=aimee$ 2019-11-15 dovecot_login authenticator failed for $User$ \[45.125.66.68\]: 535 Incorrect authentication data $set_id=aisha$	2019-11-15 13:59:17

Comments on same subnet:

IP	Type	Details	Datetime
45.125.66.22	attackbots	(ftpd) Failed FTP login from 45.125.66.22 (LT/Republic of Lithuania/-): 5 in the last 3600 secs; Ports: 20,21; Direction: in; Trigger: LF_FTPD; Logs: Oct 14 01:10:24 hostingremote proftpd[702140]: 0.0.0.0 (45.125.66.22[45.125.66.22]) - USER akttrading (Login failed): Incorrect password Oct 14 01:10:25 hostingremote proftpd[702141]: 0.0.0.0 (45.125.66.22[45.125.66.22]) - USER akttrading.com: no such user found from 45.125.66.22 [45.125.66.22] to 88.99.147.18:21 Oct 14 01:10:25 hostingremote proftpd[702142]: 0.0.0.0 (45.125.66.22[45.125.66.22]) - USER admin@akttrading.com: no such user found from 45.125.66.22 [45.125.66.22] to 88.99.147.18:21 Oct 14 01:10:25 hostingremote proftpd[702144]: 0.0.0.0 (45.125.66.22[45.125.66.22]) - USER akttrading@akttrading.com: no such user found from 45.125.66.22 [45.125.66.22] to 88.99.147.18:21 Oct 14 01:10:25 hostingremote proftpd[702145]: 0.0.0.0 (45.125.66.22[45.125.66.22]) - USER akttradi: no such user found from 45.125.66.22 [45.125.66.22] to 88.99.147.18:21	2020-10-14 03:56:58
45.125.66.22	attackspambots	proto=tcp . spt=61669 . dpt=110 . src=45.125.66.22 . dst=xx.xx.4.1 . Found on Github Combined on 3 lists (58)	2020-10-13 19:17:53
45.125.66.21	attackspambots	Tried our host z.	2020-09-28 02:06:03
45.125.66.21	attackbots	Tried our host z.	2020-09-27 18:10:29
45.125.66.137	attackspambots	lfd: (smtpauth) Failed SMTP AUTH login from 45.125.66.137 (mex.creativityconsultation.com): 5 in the last 3600 secs - Wed Aug 29 11:51:07 2018	2020-09-26 08:00:09
45.125.66.137	attackbots	lfd: (smtpauth) Failed SMTP AUTH login from 45.125.66.137 (mex.creativityconsultation.com): 5 in the last 3600 secs - Wed Aug 29 11:51:07 2018	2020-09-26 01:15:10
45.125.66.137	attackspambots	lfd: (smtpauth) Failed SMTP AUTH login from 45.125.66.137 (mex.creativityconsultation.com): 5 in the last 3600 secs - Wed Aug 29 11:51:07 2018	2020-09-25 16:52:35
45.125.66.26	attackbotsspam	Firewall Dropped Connection	2020-08-26 02:29:25
45.125.66.22	attackbots	(ftpd) Failed FTP login from 45.125.66.22 (LT/Republic of Lithuania/-): 10 in the last 3600 secs	2020-08-13 19:49:57
45.125.66.205	attackspam	[2020-06-17 08:05:13] NOTICE[1273][C-00001dce] chan_sip.c: Call from '' (45.125.66.205:5070) to extension '442037697412' rejected because extension not found in context 'public'. [2020-06-17 08:05:13] SECURITY[1288] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-06-17T08:05:13.562-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="442037697412",SessionID="0x7f31c02f97a8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/45.125.66.205/5070",ACLName="no_extension_match" [2020-06-17 08:05:13] NOTICE[1273][C-00001dcf] chan_sip.c: Call from '' (45.125.66.205:5070) to extension '00442037697412' rejected because extension not found in context 'public'. [2020-06-17 08:05:13] SECURITY[1288] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-06-17T08:05:13.905-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="00442037697412",SessionID="0x7f31c02f97a8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/45.125.66.2 ...	2020-06-17 20:44:21
45.125.66.204	attackbotsspam	[portscan] tcp/81 [alter-web/web-proxy] *(RWIN=1024)(04301449)	2020-05-01 01:46:02
45.125.66.168	attack	Rude login attack (7 tries in 1d)	2020-02-16 08:11:35
45.125.66.212	attack	Rude login attack (6 tries in 1d)	2020-02-16 08:07:45
45.125.66.231	attackbots	Rude login attack (4 tries in 1d)	2020-02-16 07:59:20
45.125.66.18	attackspambots	Rude login attack (4 tries in 1d)	2020-02-16 07:57:08

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.125.66.68
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 26344
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.125.66.68.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019042601 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Sat Apr 27 06:40:00 +08 2019
;; MSG SIZE  rcvd: 116

Host info

Host 68.66.125.45.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 67.207.67.3, trying next server
Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 68.66.125.45.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
114.67.76.166	attackspambots	Mar 31 10:10:59 gw1 sshd[8235]: Failed password for root from 114.67.76.166 port 37652 ssh2 Mar 31 10:13:15 gw1 sshd[8310]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.67.76.166 ...	2020-03-31 13:16:35
203.190.9.138	attackbots	C1,WP GET /wp-login.php	2020-03-31 13:42:29
186.185.231.18	attackbots	IP address logged by my Netflix account after the individual hacked into and locked me out of my account. Individual also changed my account settings to the most expensive plan, which allows multiple people (profiles) to watch, and several profiles were added. The name on my account was changed to "Juan". I contacted Netflix to have my account restored, so I was able to see the various IP addresses used. I will report all of them as well.	2020-03-31 13:51:29
106.12.14.130	attack	Mar 31 05:43:35 vserver sshd\[21716\]: Invalid user xgues from 106.12.14.130Mar 31 05:43:37 vserver sshd\[21716\]: Failed password for invalid user xgues from 106.12.14.130 port 35050 ssh2Mar 31 05:48:33 vserver sshd\[21760\]: Failed password for root from 106.12.14.130 port 39064 ssh2Mar 31 05:53:30 vserver sshd\[21779\]: Failed password for root from 106.12.14.130 port 43078 ssh2 ...	2020-03-31 14:01:53
2.61.249.208	attackbotsspam	" "	2020-03-31 13:43:24
106.75.244.62	attack	Mar 31 09:59:13 gw1 sshd[7596]: Failed password for root from 106.75.244.62 port 44548 ssh2 ...	2020-03-31 13:20:32
37.187.226.97	attackbots	2020-03-28 06:30:26 server sshd[49918]: Failed password for invalid user quin from 37.187.226.97 port 52500 ssh2	2020-03-31 13:34:07
123.18.101.126	attackspambots	1585626831 - 03/31/2020 05:53:51 Host: 123.18.101.126/123.18.101.126 Port: 445 TCP Blocked	2020-03-31 13:47:18
1.52.154.199	attackbots	Tried to sign in on my account	2020-03-31 13:32:23
111.186.57.170	attackbots	$f2bV_matches	2020-03-31 13:22:37
61.77.48.138	attack	2020-03-31T04:24:36.313928shield sshd\[4471\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.77.48.138 user=root 2020-03-31T04:24:37.823154shield sshd\[4471\]: Failed password for root from 61.77.48.138 port 45462 ssh2 2020-03-31T04:28:59.170586shield sshd\[5218\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.77.48.138 user=root 2020-03-31T04:29:01.453073shield sshd\[5218\]: Failed password for root from 61.77.48.138 port 57428 ssh2 2020-03-31T04:33:19.666046shield sshd\[6254\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.77.48.138 user=root	2020-03-31 13:33:45
213.82.88.180	attack	fail2ban	2020-03-31 13:54:41
172.217.10.14	attack	https://awsamazone.page.link/5D2A	2020-03-31 13:49:19
37.187.114.179	attack	Mar 31 04:07:28 game-panel sshd[6232]: Failed password for root from 37.187.114.179 port 55898 ssh2 Mar 31 04:13:46 game-panel sshd[6505]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.187.114.179 Mar 31 04:13:48 game-panel sshd[6505]: Failed password for invalid user nr from 37.187.114.179 port 37972 ssh2	2020-03-31 13:19:54
138.197.71.200	attackspambots	port	2020-03-31 13:55:53

Recently Reported IPs

118.68.18.61	71.35.184.76	0.20.116.77	176.189.49.21
1.232.77.181	73.154.238.238	187.190.166.214	120.198.217.44
180.190.170.160	179.152.147.157	100.234.201.191	51.38.113.64
51.218.250.118	226.107.58.47	26.233.154.28	218.22.26.31
109.98.109.101	118.24.50.205	80.82.64.105	185.156.177.144