45.141.85.66 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Russia

Internet Service Provider: Media Land LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Triggered: repeated knocking on closed ports.	2020-08-16 08:16:25

Comments on same subnet:

IP	Type	Details	Datetime
45.141.85.200	attack	TCP ports : 3389 / 3883 / 3965 / 5031 / 5043 / 33636 / 33994	2020-08-06 18:43:29
45.141.85.200	attackbotsspam	SmallBizIT.US 3 packets to tcp(3320,33588,33721)	2020-08-06 01:10:23
45.141.85.110	attack	ET CINS Active Threat Intelligence Poor Reputation IP group 23 - port: 5900 proto: TCP cat: Misc Attack	2020-05-03 07:29:45
45.141.85.110	attackspam	[portscan] tcp/3389 [MS RDP] *(RWIN=65535)(04301449)	2020-05-01 00:27:42
45.141.85.106	attack	firewall-block, port(s): 3633/tcp, 3649/tcp	2020-04-25 22:59:45
45.141.85.106	attackspambots	ET CINS Active Threat Intelligence Poor Reputation IP group 23 - port: 3713 proto: TCP cat: Misc Attack	2020-04-23 19:34:15
45.141.85.106	attackspam	Port 4169 scan denied	2020-04-17 06:47:12
45.141.85.106	attackspambots	Port scan: Attack repeated for 24 hours	2020-04-14 16:24:33
45.141.85.106	attackspambots	IP was detected trying to Brute-Force SSH, FTP, Web Apps, Port-Scan or Hacking.	2020-04-12 12:17:29
45.141.85.106	attackbotsspam	ET CINS Active Threat Intelligence Poor Reputation IP group 26 - port: 4073 proto: TCP cat: Misc Attack	2020-04-11 23:54:43
45.141.85.103	attackbots	" "	2020-04-03 21:10:58
45.141.85.101	attackspam	ET CINS Active Threat Intelligence Poor Reputation IP group 26 - port: 51572 proto: TCP cat: Misc Attack	2020-03-13 09:14:21
45.141.85.101	attackspambots	Portscan or hack attempt detected by psad/fwsnort	2020-02-28 21:40:56
45.141.85.101	attack	02/27/2020-17:46:43.521053 45.141.85.101 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-02-28 08:02:14
45.141.85.101	attackspambots	08.01.2020 14:27:19 Connection to port 5900 blocked by firewall	2020-01-08 22:38:31

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.141.85.66
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 48373
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.141.85.66.			IN	A

;; AUTHORITY SECTION:
.			545	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020081501 1800 900 604800 86400

;; Query time: 77 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Aug 16 08:16:21 CST 2020
;; MSG SIZE  rcvd: 116

Host info

Host 66.85.141.45.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 66.85.141.45.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
78.84.12.76	attack	[Sat Sep 07 03:39:21.089807 2019] [:error] [pid 206218] [client 78.84.12.76:45393] [client 78.84.12.76] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "91"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 18)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "127.0.0.1"] [uri "/cgi-bin/ViewLog.asp"] [unique_id "XXNQmXD1zuld8o4xRLE-IQAAAAM"] ...	2019-09-07 14:47:24
159.65.137.23	attackspambots	Sep 6 17:37:57 sachi sshd\[30954\]: Invalid user devops from 159.65.137.23 Sep 6 17:37:57 sachi sshd\[30954\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.137.23 Sep 6 17:37:59 sachi sshd\[30954\]: Failed password for invalid user devops from 159.65.137.23 port 51944 ssh2 Sep 6 17:42:42 sachi sshd\[31395\]: Invalid user ftpuser from 159.65.137.23 Sep 6 17:42:42 sachi sshd\[31395\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.137.23	2019-09-07 15:06:09
103.214.41.29	attack	Helo	2019-09-07 15:15:24
173.45.164.2	attackspambots	Sep 7 06:55:55 intra sshd\[55508\]: Invalid user q1w2e3r4t5y6 from 173.45.164.2Sep 7 06:55:57 intra sshd\[55508\]: Failed password for invalid user q1w2e3r4t5y6 from 173.45.164.2 port 59992 ssh2Sep 7 06:59:30 intra sshd\[55580\]: Invalid user 321123 from 173.45.164.2Sep 7 06:59:32 intra sshd\[55580\]: Failed password for invalid user 321123 from 173.45.164.2 port 43268 ssh2Sep 7 07:03:08 intra sshd\[55622\]: Invalid user temp@123 from 173.45.164.2Sep 7 07:03:09 intra sshd\[55622\]: Failed password for invalid user temp@123 from 173.45.164.2 port 54832 ssh2 ...	2019-09-07 15:14:57
173.242.96.51	attack	Chat Spam	2019-09-07 14:57:17
2001:19f0:ac01:845:5400:1ff:fe4d:f54	attackspam	WordPress login Brute force / Web App Attack on client site.	2019-09-07 15:17:13
167.114.209.61	attack	Detected by my Anti Virus	2019-09-07 15:02:00
51.255.171.51	attackbots	Sep 6 21:00:32 sachi sshd\[16369\]: Invalid user test from 51.255.171.51 Sep 6 21:00:32 sachi sshd\[16369\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.ip-51-255-171.eu Sep 6 21:00:34 sachi sshd\[16369\]: Failed password for invalid user test from 51.255.171.51 port 40703 ssh2 Sep 6 21:05:09 sachi sshd\[16794\]: Invalid user sysadmin from 51.255.171.51 Sep 6 21:05:09 sachi sshd\[16794\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.ip-51-255-171.eu	2019-09-07 15:08:18
49.88.112.78	attack	Sep 6 20:50:16 hiderm sshd\[18445\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.78 user=root Sep 6 20:50:18 hiderm sshd\[18445\]: Failed password for root from 49.88.112.78 port 33685 ssh2 Sep 6 20:50:23 hiderm sshd\[18456\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.78 user=root Sep 6 20:50:25 hiderm sshd\[18456\]: Failed password for root from 49.88.112.78 port 27184 ssh2 Sep 6 20:50:33 hiderm sshd\[18458\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.78 user=root	2019-09-07 14:55:12
177.152.55.161	attack	Automatic report - Port Scan Attack	2019-09-07 15:12:44
112.85.42.89	attackspambots	Sep 7 08:53:25 ubuntu-2gb-nbg1-dc3-1 sshd[6415]: Failed password for root from 112.85.42.89 port 52621 ssh2 Sep 7 08:53:27 ubuntu-2gb-nbg1-dc3-1 sshd[6415]: Failed password for root from 112.85.42.89 port 52621 ssh2 ...	2019-09-07 14:54:33
101.89.145.133	attackbotsspam	Automatic report - Banned IP Access	2019-09-07 15:34:59
176.79.135.185	attackbots	Sep 7 07:13:09 game-panel sshd[30621]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=176.79.135.185 Sep 7 07:13:11 game-panel sshd[30621]: Failed password for invalid user test from 176.79.135.185 port 59597 ssh2 Sep 7 07:18:44 game-panel sshd[30833]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=176.79.135.185	2019-09-07 15:21:40
104.244.72.115	attack	Automatic report - Banned IP Access	2019-09-07 15:28:00
114.34.55.169	attack	Honeypot attack, port: 23, PTR: 114-34-55-169.HINET-IP.hinet.net.	2019-09-07 15:09:49

Recently Reported IPs

251.31.122.188	67.33.196.148	213.229.35.213	174.17.39.62
13.0.64.15	172.221.20.27	223.40.159.45	172.221.19.27
74.102.28.162	136.191.4.97	249.96.223.97	245.72.186.255
91.201.231.230	65.95.243.84	136.222.55.179	224.9.226.181
85.173.124.172	104.152.58.98	76.175.45.151	95.66.218.241