45.145.67.154 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Russian Federation

Internet Service Provider: Intercom LLC

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Port scan on 5 port(s): 21231 21431 21564 21729 21959	2020-08-01 23:46:17
attackbots	scans 63 times in preceeding hours on the ports (in chronological order) 20239 20859 20593 20758 20579 20463 20931 20448 20178 20009 20865 20113 20524 20913 20019 20412 20940 20914 20930 20079 20852 20932 20501 20483 20018 20697 20786 20656 20430 20724 20585 20100 20836 20692 20938 20224 20732 20187 20602 20981 20246 20798 20636 20064 20181 20082 20286 20742 20067 20821 20619 20424 20620 20630 20228 20104 21517 21230 21826 21976 21722 21490 21495 resulting in total of 340 scans from 45.145.66.0/23 block.	2020-07-30 22:53:15

Type

Details

Datetime

attackspambots

Port scan on 5 port(s): 21231 21431 21564 21729 21959

2020-08-01 23:46:17

attackbots

scans 63 times in preceeding hours on the ports (in chronological order) 20239 20859 20593 20758 20579 20463 20931 20448 20178 20009 20865 20113 20524 20913 20019 20412 20940 20914 20930 20079 20852 20932 20501 20483 20018 20697 20786 20656 20430 20724 20585 20100 20836 20692 20938 20224 20732 20187 20602 20981 20246 20798 20636 20064 20181 20082 20286 20742 20067 20821 20619 20424 20620 20630 20228 20104 21517 21230 21826 21976 21722 21490 21495 resulting in total of 340 scans from 45.145.66.0/23 block.

2020-07-30 22:53:15

Comments on same subnet:

IP	Type	Details	Datetime
45.145.67.175	attack	Tried RDP Attack MUltiple times	2020-10-07 15:12:40
45.145.67.200	attack	RDPBruteGam24	2020-10-04 02:47:01
45.145.67.224	attackspambots	RDPBruteCAu	2020-10-04 02:46:33
45.145.67.200	attack	RDPBruteGam24	2020-10-03 18:36:19
45.145.67.224	attack	RDPBruteGam24	2020-10-03 18:35:46
45.145.67.175	attackbots	RDP Bruteforce	2020-10-03 05:30:55
45.145.67.175	attack	Repeated RDP login failures. Last user: Administrator	2020-10-03 00:54:40
45.145.67.175	attackbotsspam	Repeated RDP login failures. Last user: Administrator	2020-10-02 21:24:08
45.145.67.175	attack	Repeated RDP login failures. Last user: user	2020-10-02 17:56:54
45.145.67.175	attackspam	Repeated RDP login failures. Last user: user	2020-10-02 14:25:21
45.145.67.175	attackspam	RDP Brute-Force (honeypot 9)	2020-09-23 03:00:56
45.145.67.175	attack	RDP Brute-Force (honeypot 10)	2020-09-22 19:10:06
45.145.67.175	attack	RDP Bruteforce	2020-09-22 01:14:51
45.145.67.175	attack	Microsoft-Windows-Security-Auditing	2020-09-21 16:56:15
45.145.67.171	attack	2020-09-14 09:26:26.1155\|WARN\|DigitalRuby.IPBanCore.Logger\|Login failure: 45.145.67.171, xl, RDP, 8 2020-09-14 09:26:58.6868\|WARN\|DigitalRuby.IPBanCore.Logger\|Login failure: 45.145.67.171, elton, RDP, 9 2020-09-14 09:27:31.2318\|WARN\|DigitalRuby.IPBanCore.Logger\|Login failure: 45.145.67.171, 205, RDP, 10 2020-09-14 09:28:03.6305\|WARN\|DigitalRuby.IPBanCore.Logger\|Login failure: 45.145.67.171, jc, RDP, 11 2020-09-14 09:28:36.3542\|WARN\|DigitalRuby.IPBanCore.Logger\|Login failure: 45.145.67.171, 209, RDP, 12 2020-09-14 09:29:09.1724\|WARN\|DigitalRuby.IPBanCore.Logger\|Login failure: 45.145.67.171, hr, RDP, 13 2020-09-14 09:29:42.4551\|WARN\|DigitalRuby.IPBanCore.Logger\|Login failure: 45.145.67.171, scottp, RDP, 14 2020-09-14 09:30:15.3678\|WARN\|DigitalRuby.IPBanCore.Logger\|Login failure: 45.145.67.171, EVELIO, RDP, 15	2020-09-15 21:21:54

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.145.67.154
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 18204
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.145.67.154.			IN	A

;; AUTHORITY SECTION:
.			186	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020073000 1800 900 604800 86400

;; Query time: 23 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jul 30 22:53:07 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 154.67.145.45.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 154.67.145.45.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
106.12.22.202	attack	Invalid user brainy from 106.12.22.202 port 44698	2020-09-30 13:23:07
37.139.17.137	attackspambots	DATE:2020-09-30 07:05:48, IP:37.139.17.137, PORT:ssh SSH brute force auth (docker-dc)	2020-09-30 13:45:34
74.120.14.20	attack	Port scanning [4 denied]	2020-09-30 13:34:23
102.165.30.61	attack	" "	2020-09-30 13:27:58
134.209.7.179	attackbotsspam	Sep 29 23:43:00 sso sshd[13977]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.7.179 Sep 29 23:43:02 sso sshd[13977]: Failed password for invalid user project from 134.209.7.179 port 48396 ssh2 ...	2020-09-30 13:10:21
73.139.190.176	attackspambots	Automatic report - Banned IP Access	2020-09-30 13:10:52
85.209.0.100	attackbots	TCP (SYN) 85.209.0.100:24938 -> port 22, len 60	2020-09-30 13:31:51
177.66.164.76	attack	Port probing on unauthorized port 445	2020-09-30 13:43:33
198.98.59.40	attack	port	2020-09-30 13:11:39
66.240.192.138	attackbots	Tried our host z.	2020-09-30 13:39:14
49.205.250.227	attackspam	1601412017 - 09/29/2020 22:40:17 Host: 49.205.250.227/49.205.250.227 Port: 445 TCP Blocked	2020-09-30 13:21:19
89.248.168.112	attack	Port scan denied	2020-09-30 13:29:18
111.231.93.35	attackbotsspam	Sep 30 00:10:17 abendstille sshd\[2302\]: Invalid user ftp from 111.231.93.35 Sep 30 00:10:17 abendstille sshd\[2302\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.93.35 Sep 30 00:10:19 abendstille sshd\[2302\]: Failed password for invalid user ftp from 111.231.93.35 port 56934 ssh2 Sep 30 00:15:35 abendstille sshd\[6873\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.93.35 user=root Sep 30 00:15:37 abendstille sshd\[6873\]: Failed password for root from 111.231.93.35 port 59208 ssh2 ...	2020-09-30 13:17:34
89.249.73.212	attackbots	1 attempts against mh-modsecurity-ban on flow	2020-09-30 13:37:33
167.248.133.64	attackbotsspam	firewall-block, port(s): 49152/tcp	2020-09-30 13:21:00

Recently Reported IPs

194.96.116.16	122.32.174.107	85.185.13.9	66.249.76.140
10.0.0.6	147.139.176.65	117.97.141.199	103.75.125.48
185.115.176.6	212.83.169.24	198.214.217.143	198.180.142.82
95.10.178.211	219.155.6.21	115.79.165.154	49.176.48.45
119.27.160.176	186.24.8.94	61.216.160.92	182.122.41.213