45.145.66.109 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Russian Federation

Internet Service Provider: Intercom LLC

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	[MK-Root1] Blocked by UFW	2020-07-20 14:49:40
attackbotsspam	Jul 16 13:19:30 debian-2gb-nbg1-2 kernel: \[17156930.202683\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.145.66.109 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=59852 PROTO=TCP SPT=49995 DPT=62009 WINDOW=1024 RES=0x00 SYN URGP=0	2020-07-16 19:56:37

Type

Details

Datetime

attack

[MK-Root1] Blocked by UFW

2020-07-20 14:49:40

attackbotsspam

Jul 16 13:19:30 debian-2gb-nbg1-2 kernel: \[17156930.202683\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.145.66.109 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=59852 PROTO=TCP SPT=49995 DPT=62009 WINDOW=1024 RES=0x00 SYN URGP=0

2020-07-16 19:56:37

Comments on same subnet:

IP	Type	Details	Datetime
45.145.66.104	attackbots	Excessive Port-Scanning	2020-10-04 02:34:03
45.145.66.104	attackbotsspam	[HOST2] Port Scan detected	2020-10-03 18:21:49
45.145.66.159	attackbotsspam	RDPBruteGam24	2020-09-29 02:25:57
45.145.66.159	attack	RDPBruteGam24	2020-09-28 18:33:33
45.145.66.67	attack	scans once in preceeding hours on the ports (in chronological order) 20425 resulting in total of 13 scans from 45.145.66.0/23 block.	2020-09-13 22:45:10
45.145.66.67	attackspambots	Fail2Ban Ban Triggered	2020-09-13 14:40:51
45.145.66.67	attackbots	Fail2Ban Ban Triggered	2020-09-13 06:23:54
45.145.66.104	attackbots	Unauthorized connection attempt from IP address 45.145.66.104 on Port 3389(RDP)	2020-09-09 17:11:10
45.145.66.96	attack	ET CINS Active Threat Intelligence Poor Reputation IP group 23 - port: 13947 proto: tcp cat: Misc Attackbytes: 60	2020-09-08 04:18:28
45.145.66.96	attackbots	SmallBizIT.US 20 packets to tcp(13911,13959,13990,14001,14015,14016,14022,14028,14036,14052,14068,14069,14075,14076,14120,14132,14146,14170,14186,14194)	2020-09-07 19:54:56
45.145.66.96	attackspambots	Port scan: Attack repeated for 24 hours	2020-09-06 04:08:16
45.145.66.96	attackspam	ET CINS Active Threat Intelligence Poor Reputation IP group 23 - port: 14029 proto: tcp cat: Misc Attackbytes: 60	2020-09-05 19:53:35
45.145.66.90	attackbots	9922/tcp 4899/tcp 1022/tcp... [2020-06-27/08-27]230pkt,86pt.(tcp)	2020-08-29 15:27:53
45.145.66.120	attackbots	[H1.VM8] Blocked by UFW	2020-08-27 07:37:28
45.145.66.21	attackbots	ET CINS Active Threat Intelligence Poor Reputation IP group 23 - port: 29939 proto: tcp cat: Misc Attackbytes: 60	2020-08-27 02:41:52

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.145.66.109
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 9959
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.145.66.109.			IN	A

;; AUTHORITY SECTION:
.			576	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020071601 1800 900 604800 86400

;; Query time: 107 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jul 16 19:56:33 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 109.66.145.45.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 109.66.145.45.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
1.198.7.61	attack	Feb 12 19:35:19 debian-2gb-nbg1-2 kernel: \[3791749.487278\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=1.198.7.61 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=238 ID=23036 PROTO=TCP SPT=50724 DPT=6378 WINDOW=1024 RES=0x00 SYN URGP=0	2020-02-13 06:02:49
176.197.234.82	attackbots	23/tcp [2020-02-12]1pkt	2020-02-13 05:42:42
185.220.102.8	attackspam	Feb 12 08:27:45 web1 sshd\[24625\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.220.102.8 user=root Feb 12 08:27:47 web1 sshd\[24625\]: Failed password for root from 185.220.102.8 port 36037 ssh2 Feb 12 08:29:37 web1 sshd\[24820\]: Invalid user pi from 185.220.102.8 Feb 12 08:29:38 web1 sshd\[24820\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.220.102.8 Feb 12 08:29:39 web1 sshd\[24820\]: Failed password for invalid user pi from 185.220.102.8 port 44893 ssh2	2020-02-13 05:56:18
104.248.112.205	attackbotsspam	Feb 12 10:38:59 ws19vmsma01 sshd[89596]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.112.205 Feb 12 10:39:01 ws19vmsma01 sshd[89596]: Failed password for invalid user star69 from 104.248.112.205 port 44084 ssh2 ...	2020-02-13 06:01:38
193.112.19.70	attackspam	Feb 12 16:38:07 MK-Soft-VM5 sshd[27220]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.19.70 Feb 12 16:38:09 MK-Soft-VM5 sshd[27220]: Failed password for invalid user raf from 193.112.19.70 port 41514 ssh2 ...	2020-02-13 06:07:34
104.248.154.62	attackbotsspam	Telnet/23 MH Probe, BF, Hack -	2020-02-13 05:59:17
121.178.70.115	attackbotsspam	23/tcp [2020-02-12]1pkt	2020-02-13 06:03:03
35.224.199.230	attackspam	Feb 12 17:40:31 server sshd\[27737\]: Invalid user donrepara from 35.224.199.230 Feb 12 17:40:31 server sshd\[27737\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=230.199.224.35.bc.googleusercontent.com Feb 12 17:40:32 server sshd\[27737\]: Failed password for invalid user donrepara from 35.224.199.230 port 41188 ssh2 Feb 12 17:44:08 server sshd\[28123\]: Invalid user cinstall from 35.224.199.230 Feb 12 17:44:08 server sshd\[28123\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=230.199.224.35.bc.googleusercontent.com ...	2020-02-13 05:56:37
114.36.184.121	attackspam	Unauthorized connection attempt detected from IP address 114.36.184.121 to port 80	2020-02-13 05:47:07
61.250.146.33	attackbots	Feb 12 14:39:12 dedicated sshd[13970]: Invalid user ftpuser from 61.250.146.33 port 60244	2020-02-13 05:53:22
122.117.129.143	attack	20/2/12@10:37:09: FAIL: Alarm-Network address from=122.117.129.143 20/2/12@10:37:09: FAIL: Alarm-Network address from=122.117.129.143 ...	2020-02-13 05:59:02
114.35.93.61	attackbots	Unauthorised access (Feb 12) SRC=114.35.93.61 LEN=40 TTL=45 ID=5553 TCP DPT=23 WINDOW=42699 SYN	2020-02-13 05:48:33
66.230.230.230	attackbotsspam	Feb 12 10:38:46 ws24vmsma01 sshd[192389]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.230.230.230 Feb 12 10:38:48 ws24vmsma01 sshd[192389]: Failed password for invalid user admin from 66.230.230.230 port 40762 ssh2 ...	2020-02-13 06:15:27
23.95.242.76	attack	Feb 12 11:41:57 auw2 sshd\[8476\]: Invalid user aman from 23.95.242.76 Feb 12 11:41:57 auw2 sshd\[8476\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=23.95.242.76 Feb 12 11:42:00 auw2 sshd\[8476\]: Failed password for invalid user aman from 23.95.242.76 port 59417 ssh2 Feb 12 11:45:34 auw2 sshd\[8799\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=23.95.242.76 user=root Feb 12 11:45:36 auw2 sshd\[8799\]: Failed password for root from 23.95.242.76 port 40970 ssh2	2020-02-13 05:49:15
180.76.238.128	attackbots	Feb 12 16:16:42 plusreed sshd[12387]: Invalid user 123123 from 180.76.238.128 ...	2020-02-13 05:58:46

Recently Reported IPs

9.172.93.188	39.65.223.61	73.44.11.59	172.104.237.189
120.149.127.167	8.45.151.223	240f:64:6939:1:e90d:fbe0:2c0a:8d38	93.43.222.130
94.165.164.82	45.148.234.164	117.248.185.204	34.70.109.186
86.220.37.33	5.155.176.33	189.142.46.205	45.95.168.208
51.178.52.84	36.57.88.241	186.219.187.1	185.141.107.122