45.145.66.103 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Russian Federation

Internet Service Provider: Intercom LLC

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	[MK-VM1] Blocked by UFW	2020-07-21 01:51:34
attackspam	Jul 16 14:34:08 debian-2gb-nbg1-2 kernel: \[17161408.342717\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.145.66.103 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=8160 PROTO=TCP SPT=49968 DPT=4410 WINDOW=1024 RES=0x00 SYN URGP=0	2020-07-16 20:35:21
attackbots	Port scan on 9 port(s): 3503 3703 3803 3910 4407 4410 4601 4707 4909	2020-07-16 12:25:05
attack	07/14/2020-09:57:28.663190 45.145.66.103 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-07-15 00:02:24
attack	07/12/2020-23:51:30.190055 45.145.66.103 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-07-13 16:16:04

Comments on same subnet:

IP	Type	Details	Datetime
45.145.66.104	attackbots	Excessive Port-Scanning	2020-10-04 02:34:03
45.145.66.104	attackbotsspam	[HOST2] Port Scan detected	2020-10-03 18:21:49
45.145.66.159	attackbotsspam	RDPBruteGam24	2020-09-29 02:25:57
45.145.66.159	attack	RDPBruteGam24	2020-09-28 18:33:33
45.145.66.67	attack	scans once in preceeding hours on the ports (in chronological order) 20425 resulting in total of 13 scans from 45.145.66.0/23 block.	2020-09-13 22:45:10
45.145.66.67	attackspambots	Fail2Ban Ban Triggered	2020-09-13 14:40:51
45.145.66.67	attackbots	Fail2Ban Ban Triggered	2020-09-13 06:23:54
45.145.66.104	attackbots	Unauthorized connection attempt from IP address 45.145.66.104 on Port 3389(RDP)	2020-09-09 17:11:10
45.145.66.96	attack	ET CINS Active Threat Intelligence Poor Reputation IP group 23 - port: 13947 proto: tcp cat: Misc Attackbytes: 60	2020-09-08 04:18:28
45.145.66.96	attackbots	SmallBizIT.US 20 packets to tcp(13911,13959,13990,14001,14015,14016,14022,14028,14036,14052,14068,14069,14075,14076,14120,14132,14146,14170,14186,14194)	2020-09-07 19:54:56
45.145.66.96	attackspambots	Port scan: Attack repeated for 24 hours	2020-09-06 04:08:16
45.145.66.96	attackspam	ET CINS Active Threat Intelligence Poor Reputation IP group 23 - port: 14029 proto: tcp cat: Misc Attackbytes: 60	2020-09-05 19:53:35
45.145.66.90	attackbots	9922/tcp 4899/tcp 1022/tcp... [2020-06-27/08-27]230pkt,86pt.(tcp)	2020-08-29 15:27:53
45.145.66.120	attackbots	[H1.VM8] Blocked by UFW	2020-08-27 07:37:28
45.145.66.21	attackbots	ET CINS Active Threat Intelligence Poor Reputation IP group 23 - port: 29939 proto: tcp cat: Misc Attackbytes: 60	2020-08-27 02:41:52

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.145.66.103
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 191
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.145.66.103.			IN	A

;; AUTHORITY SECTION:
.			422	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020071300 1800 900 604800 86400

;; Query time: 96 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jul 13 16:15:58 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 103.66.145.45.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 103.66.145.45.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
123.13.181.114	attackspam	23/tcp [2019-09-23]1pkt	2019-09-24 07:43:10
1.173.139.138	attack	2323/tcp [2019-09-23]1pkt	2019-09-24 07:40:23
104.168.246.59	attackbotsspam	Sep 24 01:51:26 jane sshd[30736]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.168.246.59 Sep 24 01:51:28 jane sshd[30736]: Failed password for invalid user carrera from 104.168.246.59 port 48802 ssh2 ...	2019-09-24 08:01:43
14.185.151.135	attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-09-24 07:55:59
167.99.248.163	attack	Sep 23 13:45:54 php1 sshd\[11151\]: Invalid user wright from 167.99.248.163 Sep 23 13:45:54 php1 sshd\[11151\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.248.163 Sep 23 13:45:56 php1 sshd\[11151\]: Failed password for invalid user wright from 167.99.248.163 port 39886 ssh2 Sep 23 13:50:02 php1 sshd\[11556\]: Invalid user rachel from 167.99.248.163 Sep 23 13:50:02 php1 sshd\[11556\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.248.163	2019-09-24 08:03:19
95.91.225.194	attackspam	2019-09-23 18:45:40 H=ip5f5be1m3.dynamic.kabel-deutschland.de [95.91.225.194]:25143 I=[10.100.18.25]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=95.91.225.194) 2019-09-23 18:45:40 unexpected disconnection while reading SMTP command from ip5f5be1m3.dynamic.kabel-deutschland.de [95.91.225.194]:25143 I=[10.100.18.25]:25 (error: Connection reset by peer) 2019-09-23 19:01:58 H=ip5f5be1m3.dynamic.kabel-deutschland.de [95.91.225.194]:25214 I=[10.100.18.25]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=95.91.225.194) ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=95.91.225.194	2019-09-24 08:10:58
113.6.52.103	attack	Unauthorised access (Sep 24) SRC=113.6.52.103 LEN=40 TTL=49 ID=9991 TCP DPT=8080 WINDOW=29734 SYN	2019-09-24 08:07:33
132.232.169.64	attackbotsspam	Sep 24 00:29:16 lnxweb61 sshd[4159]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.169.64	2019-09-24 08:04:10
211.193.13.111	attackbotsspam	Sep 24 00:49:29 pkdns2 sshd\[7856\]: Invalid user charles from 211.193.13.111Sep 24 00:49:31 pkdns2 sshd\[7856\]: Failed password for invalid user charles from 211.193.13.111 port 58653 ssh2Sep 24 00:53:43 pkdns2 sshd\[8021\]: Invalid user user1 from 211.193.13.111Sep 24 00:53:45 pkdns2 sshd\[8021\]: Failed password for invalid user user1 from 211.193.13.111 port 42822 ssh2Sep 24 00:57:50 pkdns2 sshd\[8204\]: Invalid user ubuntu from 211.193.13.111Sep 24 00:57:51 pkdns2 sshd\[8204\]: Failed password for invalid user ubuntu from 211.193.13.111 port 26895 ssh2 ...	2019-09-24 07:50:25
46.38.144.179	attackbots	Sep 24 01:19:23 mail postfix/smtpd\[6759\]: warning: unknown\[46.38.144.179\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Sep 24 01:21:55 mail postfix/smtpd\[6350\]: warning: unknown\[46.38.144.179\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Sep 24 01:53:26 mail postfix/smtpd\[6741\]: warning: unknown\[46.38.144.179\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Sep 24 01:55:50 mail postfix/smtpd\[6741\]: warning: unknown\[46.38.144.179\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\	2019-09-24 08:00:36
218.92.0.167	attackbots	SSH-BruteForce	2019-09-24 08:02:39
51.38.126.92	attackbots	Invalid user bip from 51.38.126.92 port 52796	2019-09-24 07:46:36
14.50.226.23	attack	Honeypot attack, port: 5555, PTR: PTR record not found	2019-09-24 08:07:50
111.194.38.149	attackspambots	Honeypot attack, port: 23, PTR: PTR record not found	2019-09-24 07:56:23
45.33.80.76	attackspam	port scan and connect, tcp 443 (https)	2019-09-24 07:38:49

Recently Reported IPs

85.228.149.183	90.142.39.128	137.27.236.44	240e:94c:0:62e:3170:9801:7cba:2dbb
116.227.113.187	92.34.254.247	154.72.63.255	89.221.250.3
41.232.148.50	70.49.56.195	189.152.77.110	120.133.136.75
78.96.17.2	118.174.185.37	111.207.155.50	36.74.115.141
184.185.236.81	14.232.177.231	84.54.120.96	154.70.98.49