45.148.122.19 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Netherlands

Internet Service Provider: Sijmen Klaas Bakker

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Sep 24 13:30:38 XXX sshd[13947]: Invalid user fake from 45.148.122.19 Sep 24 13:30:38 XXX sshd[13947]: Received disconnect from 45.148.122.19: 11: Bye Bye [preauth] Sep 24 13:30:38 XXX sshd[13949]: Invalid user admin from 45.148.122.19 Sep 24 13:30:39 XXX sshd[13949]: Received disconnect from 45.148.122.19: 11: Bye Bye [preauth] Sep 24 13:30:39 XXX sshd[13951]: User r.r from 45.148.122.19 not allowed because none of user's groups are listed in AllowGroups Sep 24 13:30:39 XXX sshd[13951]: Received disconnect from 45.148.122.19: 11: Bye Bye [preauth] Sep 24 13:30:39 XXX sshd[13953]: Invalid user ubnt from 45.148.122.19 Sep 24 13:30:39 XXX sshd[13953]: Received disconnect from 45.148.122.19: 11: Bye Bye [preauth] Sep 24 13:30:40 XXX sshd[13955]: Invalid user guest from 45.148.122.19 Sep 24 13:30:40 XXX sshd[13955]: Received disconnect from 45.148.122.19: 11: Bye Bye [preauth] Sep 24 13:30:40 XXX sshd[13957]: Invalid user support from 45.148.122.19 Sep 24 13:30:40 XXX sshd[........ -------------------------------	2020-09-27 02:47:32
attack	TCP (SYN) 45.148.122.19:36228 -> port 22, len 44	2020-09-26 18:44:15

Type

Details

Datetime

attack

Sep 24 13:30:38 XXX sshd[13947]: Invalid user fake from 45.148.122.19
Sep 24 13:30:38 XXX sshd[13947]: Received disconnect from 45.148.122.19: 11: Bye Bye [preauth]
Sep 24 13:30:38 XXX sshd[13949]: Invalid user admin from 45.148.122.19
Sep 24 13:30:39 XXX sshd[13949]: Received disconnect from 45.148.122.19: 11: Bye Bye [preauth]
Sep 24 13:30:39 XXX sshd[13951]: User r.r from 45.148.122.19 not allowed because none of user's groups are listed in AllowGroups
Sep 24 13:30:39 XXX sshd[13951]: Received disconnect from 45.148.122.19: 11: Bye Bye [preauth]
Sep 24 13:30:39 XXX sshd[13953]: Invalid user ubnt from 45.148.122.19
Sep 24 13:30:39 XXX sshd[13953]: Received disconnect from 45.148.122.19: 11: Bye Bye [preauth]
Sep 24 13:30:40 XXX sshd[13955]: Invalid user guest from 45.148.122.19
Sep 24 13:30:40 XXX sshd[13955]: Received disconnect from 45.148.122.19: 11: Bye Bye [preauth]
Sep 24 13:30:40 XXX sshd[13957]: Invalid user support from 45.148.122.19
Sep 24 13:30:40 XXX sshd[........
-------------------------------

2020-09-27 02:47:32

attack

 TCP (SYN) 45.148.122.19:36228 -> port 22, len 44

2020-09-26 18:44:15

Comments on same subnet:

IP	Type	Details	Datetime
45.148.122.173	attack	Found on Github Combined on 5 lists / proto=6 . srcport=38085 . dstport=22 SSH . (1783)	2020-10-10 22:13:00
45.148.122.173	attackspambots	TCP (SYN) 45.148.122.173:55294 -> port 22, len 44	2020-10-10 14:06:14
45.148.122.198	attackbots	45.148.122.198 (NL/Netherlands/-), 7 distributed sshd attacks on account [admin] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Oct 9 15:36:00 server2 sshd[588]: Invalid user admin from 141.98.10.211 port 38043 Oct 9 15:36:02 server2 sshd[588]: Failed password for invalid user admin from 141.98.10.211 port 38043 ssh2 Oct 9 15:53:29 server2 sshd[3928]: Invalid user admin from 45.148.122.198 port 38950 Oct 9 15:36:18 server2 sshd[711]: Invalid user admin from 141.98.10.214 port 42111 Oct 9 15:44:57 server2 sshd[2289]: Invalid user admin from 59.124.6.166 port 40431 Oct 9 15:44:59 server2 sshd[2289]: Failed password for invalid user admin from 59.124.6.166 port 40431 ssh2 Oct 9 15:36:20 server2 sshd[711]: Failed password for invalid user admin from 141.98.10.214 port 42111 ssh2 IP Addresses Blocked: 141.98.10.211 (LT/Republic of Lithuania/-)	2020-10-10 03:28:32
45.148.122.20	attack	Invalid user fake from 45.148.122.20 port 39788	2020-10-10 02:28:00
45.148.122.198	attackbots	Oct 9 12:33:03 hosting sshd[8474]: Invalid user fake from 45.148.122.198 port 59070 Oct 9 12:33:03 hosting sshd[8474]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.122.198 Oct 9 12:33:03 hosting sshd[8474]: Invalid user fake from 45.148.122.198 port 59070 Oct 9 12:33:05 hosting sshd[8474]: Failed password for invalid user fake from 45.148.122.198 port 59070 ssh2 Oct 9 12:33:05 hosting sshd[8478]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.122.198 user=admin Oct 9 12:33:08 hosting sshd[8478]: Failed password for admin from 45.148.122.198 port 34242 ssh2 ...	2020-10-09 19:22:02
45.148.122.20	attackbotsspam	Port scan denied	2020-10-09 18:13:26
45.148.122.20	attack	SmallBizIT.US 1 packets to tcp(22)	2020-10-08 06:30:10
45.148.122.197	attackspam	SSH break in attempt ...	2020-10-08 06:01:36
45.148.122.20	attackspambots	2020-10-07T14:00:17.447179abusebot-4.cloudsearch.cf sshd[25041]: Invalid user fake from 45.148.122.20 port 52020 2020-10-07T14:00:17.454999abusebot-4.cloudsearch.cf sshd[25041]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.122.20 2020-10-07T14:00:17.447179abusebot-4.cloudsearch.cf sshd[25041]: Invalid user fake from 45.148.122.20 port 52020 2020-10-07T14:00:19.062648abusebot-4.cloudsearch.cf sshd[25041]: Failed password for invalid user fake from 45.148.122.20 port 52020 ssh2 2020-10-07T14:00:19.672038abusebot-4.cloudsearch.cf sshd[25045]: Invalid user admin from 45.148.122.20 port 55756 2020-10-07T14:00:19.678447abusebot-4.cloudsearch.cf sshd[25045]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.122.20 2020-10-07T14:00:19.672038abusebot-4.cloudsearch.cf sshd[25045]: Invalid user admin from 45.148.122.20 port 55756 2020-10-07T14:00:21.560864abusebot-4.cloudsearch.cf sshd[25045]: Failed pa ...	2020-10-07 22:49:52
45.148.122.192	attackspambots	[portscan] tcp/22 [SSH] in blocklist.de:'listed [ssh]' *(RWIN=65535)(10061547)	2020-10-07 20:36:02
45.148.122.20	attackspambots	Oct 7 16:37:58 localhost sshd[2402005]: Disconnected from 45.148.122.20 port 49726 [preauth] ...	2020-10-07 14:53:59
45.148.122.197	attackspambots	Oct 7 08:36:41 server2 sshd\[17529\]: Invalid user fake from 45.148.122.197 Oct 7 08:36:42 server2 sshd\[17531\]: Invalid user admin from 45.148.122.197 Oct 7 08:36:42 server2 sshd\[17534\]: User root from 45.148.122.197 not allowed because not listed in AllowUsers Oct 7 08:36:42 server2 sshd\[17536\]: Invalid user ubnt from 45.148.122.197 Oct 7 08:36:42 server2 sshd\[17538\]: Invalid user guest from 45.148.122.197 Oct 7 08:36:42 server2 sshd\[17540\]: Invalid user support from 45.148.122.197	2020-10-07 14:20:21
45.148.122.192	attack	(sshd) Failed SSH login from 45.148.122.192 (NL/Netherlands/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 7 00:19:34 optimus sshd[6496]: Invalid user fake from 45.148.122.192 Oct 7 00:19:34 optimus sshd[6496]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.122.192 Oct 7 00:19:36 optimus sshd[6496]: Failed password for invalid user fake from 45.148.122.192 port 43392 ssh2 Oct 7 00:19:37 optimus sshd[6511]: Invalid user admin from 45.148.122.192 Oct 7 00:19:37 optimus sshd[6511]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.122.192	2020-10-07 12:21:05
45.148.122.192	attack	Triggered by Fail2Ban at Ares web server	2020-10-07 07:45:12
45.148.122.155	attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-10-07 05:14:58

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.148.122.19
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 46121
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.148.122.19.			IN	A

;; AUTHORITY SECTION:
.			172	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020092600 1800 900 604800 86400

;; Query time: 63 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Sep 26 18:44:09 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 19.122.148.45.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 19.122.148.45.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
121.162.235.44	attack	May 13 23:58:40 pi sshd[14746]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.162.235.44 May 13 23:58:42 pi sshd[14746]: Failed password for invalid user cue from 121.162.235.44 port 33614 ssh2	2020-06-27 07:06:58
23.95.96.84	attackbotsspam	Jun 26 22:06:04 rush sshd[20191]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=23.95.96.84 Jun 26 22:06:06 rush sshd[20191]: Failed password for invalid user test from 23.95.96.84 port 60124 ssh2 Jun 26 22:10:37 rush sshd[20253]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=23.95.96.84 ...	2020-06-27 07:39:50
27.154.33.210	attack	Jun 26 15:52:57 mx sshd[18063]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.154.33.210 Jun 26 15:52:59 mx sshd[18063]: Failed password for invalid user jenkins from 27.154.33.210 port 44453 ssh2	2020-06-27 07:26:32
128.72.31.28	attack	Invalid user mp3 from 128.72.31.28 port 57420	2020-06-27 07:06:40
103.39.235.126	attackspambots	Port probing on unauthorized port 445	2020-06-27 07:31:13
79.232.172.18	attackspambots	Jun 26 21:56:47 rush sshd[19988]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=79.232.172.18 Jun 26 21:56:49 rush sshd[19988]: Failed password for invalid user faris from 79.232.172.18 port 35994 ssh2 Jun 26 21:59:59 rush sshd[20059]: Failed password for root from 79.232.172.18 port 35840 ssh2 ...	2020-06-27 07:33:16
83.110.212.85	attackspambots	Jun 26 22:19:12 ajax sshd[32550]: Failed password for root from 83.110.212.85 port 40336 ssh2	2020-06-27 07:14:13
185.176.27.34	attackbots	06/26/2020-18:54:14.232333 185.176.27.34 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2020-06-27 07:08:51
49.233.189.161	attackspambots	Invalid user veronique from 49.233.189.161 port 46712	2020-06-27 07:31:28
46.38.145.5	attackspambots	2020-06-26T17:16:56.206553linuxbox-skyline auth[251802]: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=navigator rhost=46.38.145.5 ...	2020-06-27 07:31:42
182.61.39.254	attack	Jun 26 05:45:11 : SSH login attempts with invalid user	2020-06-27 07:32:52
87.251.74.48	attack	Failed password for invalid user from 87.251.74.48 port 51492 ssh2	2020-06-27 07:28:30
115.134.128.90	attackspambots	Jun 26 23:35:25 piServer sshd[3089]: Failed password for root from 115.134.128.90 port 49490 ssh2 Jun 26 23:37:04 piServer sshd[3219]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.134.128.90 Jun 26 23:37:06 piServer sshd[3219]: Failed password for invalid user info from 115.134.128.90 port 45470 ssh2 ...	2020-06-27 07:16:41
185.132.53.115	attackbotsspam	Jun 26 14:54:21 : SSH login attempts with invalid user	2020-06-27 07:18:43
218.92.0.185	attackspambots	2020-06-27T01:16:09.984704sd-86998 sshd[43641]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.185 user=root 2020-06-27T01:16:12.075575sd-86998 sshd[43641]: Failed password for root from 218.92.0.185 port 64309 ssh2 2020-06-27T01:16:15.376358sd-86998 sshd[43641]: Failed password for root from 218.92.0.185 port 64309 ssh2 2020-06-27T01:16:09.984704sd-86998 sshd[43641]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.185 user=root 2020-06-27T01:16:12.075575sd-86998 sshd[43641]: Failed password for root from 218.92.0.185 port 64309 ssh2 2020-06-27T01:16:15.376358sd-86998 sshd[43641]: Failed password for root from 218.92.0.185 port 64309 ssh2 2020-06-27T01:16:09.984704sd-86998 sshd[43641]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.185 user=root 2020-06-27T01:16:12.075575sd-86998 sshd[43641]: Failed password for root from 218.92.0.185 p ...	2020-06-27 07:16:23

Recently Reported IPs

27.154.66.175	125.72.106.61	104.237.133.145	109.167.224.54
3.236.64.92	187.58.41.30	78.189.129.186	103.138.37.143
87.212.126.197	5.15.114.149	59.166.23.182	196.219.37.51
170.210.123.24	8.115.201.39	235.171.101.3	178.255.75.62
33.38.41.74	253.207.56.71	92.175.13.10	75.20.133.159