45.141.85.66 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Russia

Internet Service Provider: Media Land LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Triggered: repeated knocking on closed ports.	2020-08-16 08:16:25

Comments on same subnet:

IP	Type	Details	Datetime
45.141.85.200	attack	TCP ports : 3389 / 3883 / 3965 / 5031 / 5043 / 33636 / 33994	2020-08-06 18:43:29
45.141.85.200	attackbotsspam	SmallBizIT.US 3 packets to tcp(3320,33588,33721)	2020-08-06 01:10:23
45.141.85.110	attack	ET CINS Active Threat Intelligence Poor Reputation IP group 23 - port: 5900 proto: TCP cat: Misc Attack	2020-05-03 07:29:45
45.141.85.110	attackspam	[portscan] tcp/3389 [MS RDP] *(RWIN=65535)(04301449)	2020-05-01 00:27:42
45.141.85.106	attack	firewall-block, port(s): 3633/tcp, 3649/tcp	2020-04-25 22:59:45
45.141.85.106	attackspambots	ET CINS Active Threat Intelligence Poor Reputation IP group 23 - port: 3713 proto: TCP cat: Misc Attack	2020-04-23 19:34:15
45.141.85.106	attackspam	Port 4169 scan denied	2020-04-17 06:47:12
45.141.85.106	attackspambots	Port scan: Attack repeated for 24 hours	2020-04-14 16:24:33
45.141.85.106	attackspambots	IP was detected trying to Brute-Force SSH, FTP, Web Apps, Port-Scan or Hacking.	2020-04-12 12:17:29
45.141.85.106	attackbotsspam	ET CINS Active Threat Intelligence Poor Reputation IP group 26 - port: 4073 proto: TCP cat: Misc Attack	2020-04-11 23:54:43
45.141.85.103	attackbots	" "	2020-04-03 21:10:58
45.141.85.101	attackspam	ET CINS Active Threat Intelligence Poor Reputation IP group 26 - port: 51572 proto: TCP cat: Misc Attack	2020-03-13 09:14:21
45.141.85.101	attackspambots	Portscan or hack attempt detected by psad/fwsnort	2020-02-28 21:40:56
45.141.85.101	attack	02/27/2020-17:46:43.521053 45.141.85.101 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-02-28 08:02:14
45.141.85.101	attackspambots	08.01.2020 14:27:19 Connection to port 5900 blocked by firewall	2020-01-08 22:38:31

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.141.85.66
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 48373
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.141.85.66.			IN	A

;; AUTHORITY SECTION:
.			545	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020081501 1800 900 604800 86400

;; Query time: 77 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Aug 16 08:16:21 CST 2020
;; MSG SIZE  rcvd: 116

Host info

Host 66.85.141.45.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 66.85.141.45.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
115.78.4.219	attackbots	Apr 13 02:32:55 server1 sshd\[22597\]: Failed password for root from 115.78.4.219 port 59100 ssh2 Apr 13 02:38:04 server1 sshd\[26026\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.78.4.219 user=root Apr 13 02:38:06 server1 sshd\[26026\]: Failed password for root from 115.78.4.219 port 53761 ssh2 Apr 13 02:40:34 server1 sshd\[27795\]: Invalid user admin from 115.78.4.219 Apr 13 02:40:34 server1 sshd\[27795\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.78.4.219 ...	2020-04-13 23:44:03
171.97.221.186	attack	Honeypot attack, port: 5555, PTR: ppp-171-97-221-186.revip8.asianet.co.th.	2020-04-13 23:14:52
151.80.144.39	attackbots	Apr 13 16:41:10 host01 sshd[5020]: Failed password for root from 151.80.144.39 port 42430 ssh2 Apr 13 16:45:04 host01 sshd[5771]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=151.80.144.39 Apr 13 16:45:06 host01 sshd[5771]: Failed password for invalid user linux from 151.80.144.39 port 49268 ssh2 ...	2020-04-13 22:58:47
222.186.175.216	attack	Apr 13 15:56:55 combo sshd[6779]: Failed password for root from 222.186.175.216 port 31700 ssh2 Apr 13 15:56:58 combo sshd[6779]: Failed password for root from 222.186.175.216 port 31700 ssh2 Apr 13 15:57:01 combo sshd[6779]: Failed password for root from 222.186.175.216 port 31700 ssh2 ...	2020-04-13 23:21:52
1.11.201.18	attack	Apr 13 20:32:10 gw1 sshd[15583]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.11.201.18 Apr 13 20:32:12 gw1 sshd[15583]: Failed password for invalid user madan from 1.11.201.18 port 50508 ssh2 ...	2020-04-13 23:46:12
96.78.175.36	attackspam	$f2bV_matches	2020-04-13 23:03:13
119.252.143.102	attackbots	$f2bV_matches	2020-04-13 23:11:16
113.30.248.56	attackbots	" "	2020-04-13 23:35:23
61.220.204.216	attackspambots	1433/tcp 1433/tcp [2020-04-06/13]2pkt	2020-04-13 23:17:00
27.155.87.180	attackspam	Report Port Scan: Events[2] countPorts[5]: 1433 1434 2433 3433 4433 ..	2020-04-13 23:13:26
208.187.167.85	attackspambots	Apr 13 10:27:49 mail.srvfarm.net postfix/smtpd[794361]: NOQUEUE: reject: RCPT from unknown[208.187.167.85]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Apr 13 10:29:00 mail.srvfarm.net postfix/smtpd[794365]: NOQUEUE: reject: RCPT from unknown[208.187.167.85]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Apr 13 10:36:06 mail.srvfarm.net postfix/smtpd[794365]: NOQUEUE: reject: RCPT from unknown[208.187.167.85]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Apr 13 10:36:08 mail.srvfarm.net postfix/smtpd[797902]: NOQUEUE: reject: RCPT from unknown[208.187.167.85]: 450 4.1.8	2020-04-13 23:20:43
3.88.15.77	attackspambots	90/tcp 5001/tcp 998/tcp... [2020-04-11/12]6pkt,4pt.(tcp),1pt.(udp)	2020-04-13 23:16:05
58.241.46.14	attackspambots	Apr 13 10:33:54 legacy sshd[5393]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.241.46.14 Apr 13 10:33:56 legacy sshd[5393]: Failed password for invalid user dbus from 58.241.46.14 port 62805 ssh2 Apr 13 10:40:58 legacy sshd[5630]: Failed password for backup from 58.241.46.14 port 32694 ssh2 ...	2020-04-13 23:12:55
110.137.100.110	attackspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-04-13 23:02:41
58.33.31.82	attack	Apr 13 17:41:06 vpn01 sshd[6151]: Failed password for root from 58.33.31.82 port 47317 ssh2 ...	2020-04-13 23:45:53

Recently Reported IPs

251.31.122.188	67.33.196.148	213.229.35.213	174.17.39.62
13.0.64.15	172.221.20.27	223.40.159.45	172.221.19.27
74.102.28.162	136.191.4.97	249.96.223.97	245.72.186.255
91.201.231.230	65.95.243.84	136.222.55.179	224.9.226.181
85.173.124.172	104.152.58.98	76.175.45.151	95.66.218.241