City: unknown
Region: unknown
Country: Russian Federation
Internet Service Provider: Intercom LLC
Hostname: unknown
Organization: unknown
Usage Type: Fixed Line ISP
| Type | Details | Datetime |
|---|---|---|
| attackbotsspam | [MK-VM1] Blocked by UFW |
2020-07-21 01:51:34 |
| attackspam | Jul 16 14:34:08 debian-2gb-nbg1-2 kernel: \[17161408.342717\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.145.66.103 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=8160 PROTO=TCP SPT=49968 DPT=4410 WINDOW=1024 RES=0x00 SYN URGP=0 |
2020-07-16 20:35:21 |
| attackbots | Port scan on 9 port(s): 3503 3703 3803 3910 4407 4410 4601 4707 4909 |
2020-07-16 12:25:05 |
| attack | 07/14/2020-09:57:28.663190 45.145.66.103 Protocol: 6 ET SCAN NMAP -sS window 1024 |
2020-07-15 00:02:24 |
| attack | 07/12/2020-23:51:30.190055 45.145.66.103 Protocol: 6 ET SCAN NMAP -sS window 1024 |
2020-07-13 16:16:04 |
| IP | Type | Details | Datetime |
|---|---|---|---|
| 45.145.66.104 | attackbots | Excessive Port-Scanning |
2020-10-04 02:34:03 |
| 45.145.66.104 | attackbotsspam | [HOST2] Port Scan detected |
2020-10-03 18:21:49 |
| 45.145.66.159 | attackbotsspam | RDPBruteGam24 |
2020-09-29 02:25:57 |
| 45.145.66.159 | attack | RDPBruteGam24 |
2020-09-28 18:33:33 |
| 45.145.66.67 | attack | scans once in preceeding hours on the ports (in chronological order) 20425 resulting in total of 13 scans from 45.145.66.0/23 block. |
2020-09-13 22:45:10 |
| 45.145.66.67 | attackspambots | Fail2Ban Ban Triggered |
2020-09-13 14:40:51 |
| 45.145.66.67 | attackbots | Fail2Ban Ban Triggered |
2020-09-13 06:23:54 |
| 45.145.66.104 | attackbots | Unauthorized connection attempt from IP address 45.145.66.104 on Port 3389(RDP) |
2020-09-09 17:11:10 |
| 45.145.66.96 | attack | ET CINS Active Threat Intelligence Poor Reputation IP group 23 - port: 13947 proto: tcp cat: Misc Attackbytes: 60 |
2020-09-08 04:18:28 |
| 45.145.66.96 | attackbots | SmallBizIT.US 20 packets to tcp(13911,13959,13990,14001,14015,14016,14022,14028,14036,14052,14068,14069,14075,14076,14120,14132,14146,14170,14186,14194) |
2020-09-07 19:54:56 |
| 45.145.66.96 | attackspambots | Port scan: Attack repeated for 24 hours |
2020-09-06 04:08:16 |
| 45.145.66.96 | attackspam | ET CINS Active Threat Intelligence Poor Reputation IP group 23 - port: 14029 proto: tcp cat: Misc Attackbytes: 60 |
2020-09-05 19:53:35 |
| 45.145.66.90 | attackbots | 9922/tcp 4899/tcp 1022/tcp... [2020-06-27/08-27]230pkt,86pt.(tcp) |
2020-08-29 15:27:53 |
| 45.145.66.120 | attackbots | [H1.VM8] Blocked by UFW |
2020-08-27 07:37:28 |
| 45.145.66.21 | attackbots | ET CINS Active Threat Intelligence Poor Reputation IP group 23 - port: 29939 proto: tcp cat: Misc Attackbytes: 60 |
2020-08-27 02:41:52 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.145.66.103
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 191
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.145.66.103. IN A
;; AUTHORITY SECTION:
. 422 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2020071300 1800 900 604800 86400
;; Query time: 96 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jul 13 16:15:58 CST 2020
;; MSG SIZE rcvd: 117Host 103.66.145.45.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 103.66.145.45.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 185.176.27.246 | attackspambots | 09/17/2019-07:24:48.962822 185.176.27.246 Protocol: 6 ET SCAN NMAP -sS window 1024 |
2019-09-17 20:25:58 |
| 218.92.0.154 | attack | SSH Bruteforce |
2019-09-17 20:27:47 |
| 60.174.92.50 | attack | Automatic report - Banned IP Access |
2019-09-17 20:09:08 |
| 112.4.154.134 | attackbots | $f2bV_matches |
2019-09-17 20:21:02 |
| 64.32.4.14 | attackspambots | Unauthorized connection attempt from IP address 64.32.4.14 on Port 445(SMB) |
2019-09-17 20:11:07 |
| 192.186.175.180 | attackbots | (From lsbcklnd@gmail.com) Hi there! I'm a digital marketing specialist, and I ran some SEO reporting tools on your website. The results showed that there's a lot of additional web traffic we can get you by making sure that you're ranking higher in search engines like Google. You're not ranking very well at the moment, but you could be. I can help you increase your website ranking by fixing a few issues found on the back-end of your website and optimizing it for search engine algorithms. This leads to increased rankings, which then leads to getting additional traffic/sales. If you're interested, kindly write back because I'd really like to speak with you. If you want to know more about what I can accomplish for your site, we can set up a time for a free consultation. I'd like to share some insights and suggestions, and if all goes well then hopefully we can work together. I hope to speak with you soon! Kind regards, Landon Buckland |
2019-09-17 20:23:50 |
| 61.94.92.115 | attack | Unauthorized connection attempt from IP address 61.94.92.115 on Port 445(SMB) |
2019-09-17 20:46:16 |
| 36.84.42.82 | attackbots | Unauthorized connection attempt from IP address 36.84.42.82 on Port 445(SMB) |
2019-09-17 20:44:53 |
| 167.71.203.148 | attackbots | Repeated brute force against a port |
2019-09-17 19:57:20 |
| 128.199.185.42 | attackbotsspam | Sep 17 14:57:02 server sshd\[17714\]: Invalid user hx from 128.199.185.42 port 39270 Sep 17 14:57:02 server sshd\[17714\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.185.42 Sep 17 14:57:03 server sshd\[17714\]: Failed password for invalid user hx from 128.199.185.42 port 39270 ssh2 Sep 17 15:01:20 server sshd\[4759\]: Invalid user attack from 128.199.185.42 port 59297 Sep 17 15:01:20 server sshd\[4759\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.185.42 |
2019-09-17 20:13:34 |
| 85.106.48.173 | attackspam | Unauthorized connection attempt from IP address 85.106.48.173 on Port 445(SMB) |
2019-09-17 20:10:09 |
| 123.162.97.252 | attackspam | Unauthorized connection attempt from IP address 123.162.97.252 on Port 445(SMB) |
2019-09-17 19:59:32 |
| 117.6.87.115 | attack | Unauthorized connection attempt from IP address 117.6.87.115 on Port 445(SMB) |
2019-09-17 20:41:47 |
| 106.12.125.27 | attackbotsspam | Invalid user radiusd from 106.12.125.27 port 45266 |
2019-09-17 20:06:01 |
| 36.90.135.161 | attack | Unauthorized connection attempt from IP address 36.90.135.161 on Port 445(SMB) |
2019-09-17 20:23:24 |