45.145.66.12 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Russian Federation

Internet Service Provider: Intercom LLC

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	TCP (SYN) 45.145.66.12:47059 -> port 56659, len 44	2020-07-15 14:07:03
attackbotsspam	TCP (SYN) 45.145.66.12:49178 -> port 23983, len 44	2020-07-11 21:51:44
attackspam	TCP (SYN) 45.145.66.12:44939 -> port 23680, len 44	2020-07-06 23:39:21
attackbotsspam	TCP (SYN) 45.145.66.12:49111 -> port 23496, len 44	2020-07-05 23:11:41
attack	[MK-VM2] Blocked by UFW	2020-07-04 12:57:19
attack	SmallBizIT.US 3 packets to tcp(12777,13999,16555)	2020-06-26 12:09:45
attackbots	TCP (SYN) 45.145.66.12:54405 -> port 5444, len 44	2020-06-21 08:07:37
attackbotsspam	Scanned 333 unique addresses for 20 unique TCP ports in 24 hours	2020-06-19 23:30:42

Comments on same subnet:

IP	Type	Details	Datetime
45.145.66.104	attackbots	Excessive Port-Scanning	2020-10-04 02:34:03
45.145.66.104	attackbotsspam	[HOST2] Port Scan detected	2020-10-03 18:21:49
45.145.66.159	attackbotsspam	RDPBruteGam24	2020-09-29 02:25:57
45.145.66.159	attack	RDPBruteGam24	2020-09-28 18:33:33
45.145.66.67	attack	scans once in preceeding hours on the ports (in chronological order) 20425 resulting in total of 13 scans from 45.145.66.0/23 block.	2020-09-13 22:45:10
45.145.66.67	attackspambots	Fail2Ban Ban Triggered	2020-09-13 14:40:51
45.145.66.67	attackbots	Fail2Ban Ban Triggered	2020-09-13 06:23:54
45.145.66.104	attackbots	Unauthorized connection attempt from IP address 45.145.66.104 on Port 3389(RDP)	2020-09-09 17:11:10
45.145.66.96	attack	ET CINS Active Threat Intelligence Poor Reputation IP group 23 - port: 13947 proto: tcp cat: Misc Attackbytes: 60	2020-09-08 04:18:28
45.145.66.96	attackbots	SmallBizIT.US 20 packets to tcp(13911,13959,13990,14001,14015,14016,14022,14028,14036,14052,14068,14069,14075,14076,14120,14132,14146,14170,14186,14194)	2020-09-07 19:54:56
45.145.66.96	attackspambots	Port scan: Attack repeated for 24 hours	2020-09-06 04:08:16
45.145.66.96	attackspam	ET CINS Active Threat Intelligence Poor Reputation IP group 23 - port: 14029 proto: tcp cat: Misc Attackbytes: 60	2020-09-05 19:53:35
45.145.66.90	attackbots	9922/tcp 4899/tcp 1022/tcp... [2020-06-27/08-27]230pkt,86pt.(tcp)	2020-08-29 15:27:53
45.145.66.120	attackbots	[H1.VM8] Blocked by UFW	2020-08-27 07:37:28
45.145.66.21	attackbots	ET CINS Active Threat Intelligence Poor Reputation IP group 23 - port: 29939 proto: tcp cat: Misc Attackbytes: 60	2020-08-27 02:41:52

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.145.66.12
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 12152
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.145.66.12.			IN	A

;; AUTHORITY SECTION:
.			200	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020061900 1800 900 604800 86400

;; Query time: 116 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jun 19 23:30:36 CST 2020
;; MSG SIZE  rcvd: 116

Host info

Host 12.66.145.45.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 12.66.145.45.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
74.221.20.41	attackbots	(imapd) Failed IMAP login from 74.221.20.41 (CA/Canada/ip041.20-221-74.sogetel.net): 10 in the last 3600 secs	2020-08-16 22:06:11
161.35.193.16	attackspam	Aug 16 12:11:25 XXX sshd[3003]: Invalid user diz from 161.35.193.16 port 49938	2020-08-16 22:02:01
123.24.234.1	attackbotsspam	Unauthorised access (Aug 16) SRC=123.24.234.1 LEN=52 TTL=110 ID=3368 DF TCP DPT=445 WINDOW=8192 SYN	2020-08-16 22:28:37
111.40.50.116	attackbots	$f2bV_matches	2020-08-16 22:31:00
198.100.149.77	attack	198.100.149.77 - - [16/Aug/2020:13:24:51 +0100] "POST /wp-login.php HTTP/1.1" 200 2345 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 198.100.149.77 - - [16/Aug/2020:13:24:52 +0100] "POST /wp-login.php HTTP/1.1" 200 2350 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 198.100.149.77 - - [16/Aug/2020:13:24:53 +0100] "POST /xmlrpc.php HTTP/1.1" 200 247 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-16 22:18:33
117.86.124.36	attackspam	Fail2Ban Ban Triggered	2020-08-16 22:26:21
111.72.197.16	attackspambots	Aug 16 15:12:52 srv01 postfix/smtpd\[7264\]: warning: unknown\[111.72.197.16\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 16 15:13:04 srv01 postfix/smtpd\[7264\]: warning: unknown\[111.72.197.16\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 16 15:13:22 srv01 postfix/smtpd\[7264\]: warning: unknown\[111.72.197.16\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 16 15:13:41 srv01 postfix/smtpd\[7264\]: warning: unknown\[111.72.197.16\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 16 15:20:09 srv01 postfix/smtpd\[7264\]: warning: unknown\[111.72.197.16\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-08-16 22:12:57
81.192.8.14	attackbotsspam	Aug 16 13:53:31 onepixel sshd[2436417]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.192.8.14 Aug 16 13:53:31 onepixel sshd[2436417]: Invalid user his from 81.192.8.14 port 37598 Aug 16 13:53:33 onepixel sshd[2436417]: Failed password for invalid user his from 81.192.8.14 port 37598 ssh2 Aug 16 13:58:45 onepixel sshd[2439447]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.192.8.14 user=root Aug 16 13:58:47 onepixel sshd[2439447]: Failed password for root from 81.192.8.14 port 47782 ssh2	2020-08-16 22:19:19
119.45.137.244	attackspam	Aug 16 16:12:58 abendstille sshd\[30760\]: Invalid user viki from 119.45.137.244 Aug 16 16:12:58 abendstille sshd\[30760\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.137.244 Aug 16 16:13:00 abendstille sshd\[30760\]: Failed password for invalid user viki from 119.45.137.244 port 40200 ssh2 Aug 16 16:16:32 abendstille sshd\[2931\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.137.244 user=root Aug 16 16:16:35 abendstille sshd\[2931\]: Failed password for root from 119.45.137.244 port 45574 ssh2 ...	2020-08-16 22:27:21
211.193.60.137	attack	Aug 16 03:09:11 web9 sshd\[20690\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.193.60.137 user=root Aug 16 03:09:13 web9 sshd\[20690\]: Failed password for root from 211.193.60.137 port 37478 ssh2 Aug 16 03:12:23 web9 sshd\[21138\]: Invalid user ym from 211.193.60.137 Aug 16 03:12:23 web9 sshd\[21138\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.193.60.137 Aug 16 03:12:26 web9 sshd\[21138\]: Failed password for invalid user ym from 211.193.60.137 port 56828 ssh2	2020-08-16 21:58:47
213.141.157.220	attackbots	Aug 16 14:10:26 ns392434 sshd[4438]: Invalid user zcy from 213.141.157.220 port 32838 Aug 16 14:10:26 ns392434 sshd[4438]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.141.157.220 Aug 16 14:10:26 ns392434 sshd[4438]: Invalid user zcy from 213.141.157.220 port 32838 Aug 16 14:10:28 ns392434 sshd[4438]: Failed password for invalid user zcy from 213.141.157.220 port 32838 ssh2 Aug 16 14:21:17 ns392434 sshd[4929]: Invalid user zxc from 213.141.157.220 port 59264 Aug 16 14:21:17 ns392434 sshd[4929]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.141.157.220 Aug 16 14:21:17 ns392434 sshd[4929]: Invalid user zxc from 213.141.157.220 port 59264 Aug 16 14:21:19 ns392434 sshd[4929]: Failed password for invalid user zxc from 213.141.157.220 port 59264 ssh2 Aug 16 14:25:04 ns392434 sshd[5113]: Invalid user ad from 213.141.157.220 port 40672	2020-08-16 22:00:42
46.166.88.89	attack	1597580691 - 08/16/2020 14:24:51 Host: 46.166.88.89/46.166.88.89 Port: 445 TCP Blocked	2020-08-16 22:22:06
220.149.242.9	attackspam	$f2bV_matches	2020-08-16 22:29:41
180.71.47.198	attackbotsspam	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-08-16T12:19:12Z and 2020-08-16T12:24:42Z	2020-08-16 22:32:08
124.160.83.138	attackbotsspam	SSH Brute Force	2020-08-16 22:05:38

Recently Reported IPs

196.220.171.7	192.35.168.215	156.216.36.119	125.162.57.245
193.47.61.195	49.146.34.1	2.93.140.44	118.25.106.244
200.52.139.25	79.187.16.142	111.241.104.183	1.186.79.204
176.194.57.111	15.27.82.235	174.234.19.36	177.132.241.131
41.184.35.122	189.7.33.167	174.35.25.129	190.193.135.172