45.143.138.50 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Russian Federation

Internet Service Provider: Garant-Park-Internet LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Tried sshing with brute force.	2020-06-08 05:11:27
attackspam	TCP (SYN) 45.143.138.50:43016 -> port 22, len 44	2020-06-07 17:43:19

Comments on same subnet:

IP	Type	Details	Datetime
45.143.138.159	attackspambots	Email rejected due to spam filtering	2020-08-18 02:54:03
45.143.138.253	attack	Email rejected due to spam filtering	2020-08-16 00:16:57
45.143.138.179	attack	2 Attack(s) Detected [DoS Attack: SYN/ACK Scan] from source: 45.143.138.179, port 22, Tuesday, August 11, 2020 03:06:58 [DoS Attack: SYN/ACK Scan] from source: 45.143.138.179, port 22, Tuesday, August 11, 2020 02:26:56	2020-08-13 15:14:36
45.143.138.157	attackbots	Aug 11 21:10:35 our-server-hostname postfix/smtpd[4648]: connect from unknown[45.143.138.157] Aug 11 21:10:55 our-server-hostname postfix/smtpd[4648]: lost connection after CONNECT from unknown[45.143.138.157] Aug 11 21:10:55 our-server-hostname postfix/smtpd[4648]: disconnect from unknown[45.143.138.157] Aug 11 21:14:03 our-server-hostname postfix/smtpd[4644]: connect from unknown[45.143.138.157] Aug x@x Aug 11 21:14:04 our-server-hostname postfix/smtpd[4644]: disconnect from unknown[45.143.138.157] Aug 11 21:18:29 our-server-hostname postfix/smtpd[7726]: connect from unknown[45.143.138.157] Aug x@x Aug 11 21:18:30 our-server-hostname postfix/smtpd[7726]: disconnect from unknown[45.143.138.157] Aug 11 21:18:47 our-server-hostname postfix/smtpd[7509]: connect from unknown[45.143.138.157] Aug x@x Aug 11 21:18:48 our-server-hostname postfix/smtpd[7509]: disconnect from unknown[45.143.138.157] Aug 11 21:23:13 our-server-hostname postfix/smtpd[7509]: connect from unknown[45........ -------------------------------	2020-08-12 20:58:10
45.143.138.128	attackspam	Email rejected due to spam filtering	2020-07-29 23:45:57
45.143.138.118	attackbots	Spamassassin_45.143.138.118	2020-07-04 15:22:29
45.143.138.185	attackbots	Email rejected due to spam filtering	2020-06-07 17:29:35
45.143.138.16	attackspambots	SSH Invalid Login	2020-03-23 06:46:13
45.143.138.16	attackbots	Invalid user mc from 45.143.138.16 port 51936	2020-03-21 14:18:20

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.143.138.50
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 11335
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.143.138.50.			IN	A

;; AUTHORITY SECTION:
.			490	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020060700 1800 900 604800 86400

;; Query time: 54 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jun 07 17:43:11 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 50.138.143.45.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 50.138.143.45.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
112.85.42.229	attackbotsspam	Jul 30 06:04:13 abendstille sshd\[21962\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.229 user=root Jul 30 06:04:16 abendstille sshd\[21962\]: Failed password for root from 112.85.42.229 port 49874 ssh2 Jul 30 06:05:04 abendstille sshd\[22839\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.229 user=root Jul 30 06:05:06 abendstille sshd\[22839\]: Failed password for root from 112.85.42.229 port 17620 ssh2 Jul 30 06:05:07 abendstille sshd\[22852\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.229 user=root ...	2020-07-30 12:06:12
34.73.144.77	attackbotsspam	Jul 30 06:17:59 itv-usvr-01 sshd[9240]: Invalid user plex from 34.73.144.77	2020-07-30 08:09:33
222.186.42.137	attack	30.07.2020 00:05:13 SSH access blocked by firewall	2020-07-30 08:10:43
38.78.210.125	attackbots	SSH bruteforce	2020-07-30 08:27:11
87.251.74.6	attackspambots	2020-07-30T06:08:48.631360vps751288.ovh.net sshd\[23157\]: Invalid user from 87.251.74.6 port 59174 2020-07-30T06:08:48.654795vps751288.ovh.net sshd\[23156\]: Invalid user admin from 87.251.74.6 port 61882 2020-07-30T06:08:49.086737vps751288.ovh.net sshd\[23157\]: Failed none for invalid user from 87.251.74.6 port 59174 ssh2 2020-07-30T06:08:49.088269vps751288.ovh.net sshd\[23156\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=87.251.74.6 2020-07-30T06:08:51.294402vps751288.ovh.net sshd\[23156\]: Failed password for invalid user admin from 87.251.74.6 port 61882 ssh2	2020-07-30 12:09:15
49.233.182.23	attack	Cowrie Honeypot: 10 unauthorised SSH/Telnet login attempts between 2020-07-29T22:52:12Z and 2020-07-29T23:49:05Z	2020-07-30 08:20:30
89.116.232.151	attackbots	Jul 28 18:51:09 Serveur sshd[6052]: Bad protocol version identification '' from 89.116.232.151 port 55184 Jul 28 18:51:11 Serveur sshd[6064]: Invalid user support from 89.116.232.151 port 55758 Jul 28 18:51:11 Serveur sshd[6064]: Failed password for invalid user support from 89.116.232.151 port 55758 ssh2 Jul 28 18:51:11 Serveur sshd[6064]: Connection closed by invalid user support 89.116.232.151 port 55758 [preauth] Jul 28 18:51:19 Serveur sshd[6120]: Invalid user NetLinx from 89.116.232.151 port 56576 Jul 28 18:51:19 Serveur sshd[6120]: Failed password for invalid user NetLinx from 89.116.232.151 port 56576 ssh2 Jul 28 18:51:19 Serveur sshd[6120]: Connection closed by invalid user NetLinx 89.116.232.151 port 56576 [preauth] Jul 28 18:51:31 Serveur sshd[6225]: Invalid user nexthink from 89.116.232.151 port 36116 Jul 28 18:51:31 Serveur sshd[6225]: Failed password for invalid user nexthink from 89.116.232.151 port 36116 ssh2 Jul 28 18:51:31 Serveur sshd[6225]: Connectio........ -------------------------------	2020-07-30 08:15:09
118.27.11.168	attackspam	Scanned 3 times in the last 24 hours on port 22	2020-07-30 08:28:58
104.248.16.41	attack	Multiport scan 37 ports : 1098 1692 2786 2981 3422 4175 4957 6439 8868 9367 9568 9846 10666 13545 14029 14330 14655 15207 15422 15901 16130 17278 20034 20683 21605 24053 24811 25975 26932 26951 27055 28946 30143 30211 31796 32348 32385	2020-07-30 08:22:22
95.142.160.6	attackbots	Cowrie Honeypot: 10 unauthorised SSH/Telnet login attempts between 2020-07-29T23:21:29Z and 2020-07-29T23:21:41Z	2020-07-30 08:16:32
194.182.76.185	attackspam	Jul 29 02:09:15 XXX sshd[40219]: Invalid user jcj from 194.182.76.185 port 56580	2020-07-30 08:04:06
49.233.173.136	attackspam	2020-07-29T22:24:51.946482ks3355764 sshd[4621]: Invalid user laouwayi from 49.233.173.136 port 42920 2020-07-29T22:24:54.162776ks3355764 sshd[4621]: Failed password for invalid user laouwayi from 49.233.173.136 port 42920 ssh2 ...	2020-07-30 08:09:15
47.17.58.198	attack	Jul 29 23:03:49 rush sshd[25969]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=47.17.58.198 Jul 29 23:03:51 rush sshd[25969]: Failed password for invalid user sivamani from 47.17.58.198 port 37372 ssh2 Jul 29 23:10:29 rush sshd[26134]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=47.17.58.198 ...	2020-07-30 08:05:00
218.92.0.223	attack	Jul 30 02:10:51 eventyay sshd[16527]: Failed password for root from 218.92.0.223 port 58167 ssh2 Jul 30 02:10:54 eventyay sshd[16527]: Failed password for root from 218.92.0.223 port 58167 ssh2 Jul 30 02:10:58 eventyay sshd[16527]: Failed password for root from 218.92.0.223 port 58167 ssh2 Jul 30 02:11:01 eventyay sshd[16527]: Failed password for root from 218.92.0.223 port 58167 ssh2 ...	2020-07-30 08:21:04
148.240.232.45	attackspam	Automatic report - Port Scan Attack	2020-07-30 07:59:22

Recently Reported IPs

50.62.169.100	92.101.156.203	2a01:4f8:192:31f7::2	139.196.199.151
215.120.42.132	134.73.141.195	121.123.99.132	86.156.81.238
59.127.239.122	24.46.55.148	185.39.10.66	85.93.12.254
154.117.154.86	5.113.72.155	1.20.224.177	89.236.219.102
88.127.243.203	46.105.95.84	74.132.33.100	73.232.33.168