45.159.74.53 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Armenia

Internet Service Provider: LIR LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	1585744327 - 04/01/2020 14:32:07 Host: 45.159.74.53/45.159.74.53 Port: 445 TCP Blocked	2020-04-02 00:30:17

Comments on same subnet:

IP	Type	Details	Datetime
45.159.74.55	attack	Unauthorized connection attempt from IP address 45.159.74.55 on Port 445(SMB)	2020-10-13 01:54:24
45.159.74.55	attack	Unauthorized connection attempt from IP address 45.159.74.55 on Port 445(SMB)	2020-10-12 17:17:52
45.159.74.81	attack	Apr 22 14:43:49 server5 sshd[15322]: Did not receive identification string from 45.159.74.81 Apr 22 14:43:53 server5 sshd[15323]: Invalid user supervisor from 45.159.74.81 Apr 22 14:43:53 server5 sshd[15323]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.159.74.81 Apr 22 14:43:55 server5 sshd[15323]: Failed password for invalid user supervisor from 45.159.74.81 port 62739 ssh2 Apr 22 14:43:55 server5 sshd[15323]: Connection closed by 45.159.74.81 port 62739 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=45.159.74.81	2020-04-22 21:19:06
45.159.74.63	attackspambots	Port 1433 Scan	2020-01-24 06:31:33

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.159.74.53
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 33099
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.159.74.53.			IN	A

;; AUTHORITY SECTION:
.			373	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020040100 1800 900 604800 86400

;; Query time: 85 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Apr 02 00:30:08 CST 2020
;; MSG SIZE  rcvd: 116

Host info

53.74.159.45.in-addr.arpa domain name pointer host-45.159.74.53.vnet.am.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
53.74.159.45.in-addr.arpa	name = host-45.159.74.53.vnet.am.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
168.195.128.190	attack	May 1 22:15:54 * sshd[11864]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.195.128.190 May 1 22:15:57 * sshd[11864]: Failed password for invalid user ubuntu from 168.195.128.190 port 39054 ssh2	2020-05-02 04:22:25
104.248.238.253	attackspambots	Invalid user boot from 104.248.238.253 port 50146	2020-05-02 04:09:47
222.93.105.18	attack	2020-05-01T20:29:07.047386shield sshd\[27602\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.93.105.18 user=root 2020-05-01T20:29:09.240724shield sshd\[27602\]: Failed password for root from 222.93.105.18 port 48063 ssh2 2020-05-01T20:33:34.503452shield sshd\[28308\]: Invalid user administrador from 222.93.105.18 port 50148 2020-05-01T20:33:34.507109shield sshd\[28308\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.93.105.18 2020-05-01T20:33:36.690012shield sshd\[28308\]: Failed password for invalid user administrador from 222.93.105.18 port 50148 ssh2	2020-05-02 04:40:35
51.91.212.81	attackbots	ET CINS Active Threat Intelligence Poor Reputation IP group 35 - port: 6004 proto: TCP cat: Misc Attack	2020-05-02 04:42:21
183.88.244.148	attackbots	[Aegis] @ 2019-07-28 13:07:13 0100 -> Attempted Administrator Privilege Gain: ET SCAN LibSSH Based Frequent SSH Connections Likely BruteForce Attack	2020-05-02 04:25:35
198.37.117.33	attackspambots	Lines containing failures of 198.37.117.33 May 1 12:54:41 neweola sshd[31888]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.37.117.33 user=r.r May 1 12:54:43 neweola sshd[31888]: Failed password for r.r from 198.37.117.33 port 51286 ssh2 May 1 12:54:45 neweola sshd[31888]: Received disconnect from 198.37.117.33 port 51286:11: Bye Bye [preauth] May 1 12:54:45 neweola sshd[31888]: Disconnected from authenticating user r.r 198.37.117.33 port 51286 [preauth] May 1 13:06:02 neweola sshd[32187]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.37.117.33 user=r.r May 1 13:06:04 neweola sshd[32187]: Failed password for r.r from 198.37.117.33 port 34256 ssh2 May 1 13:06:06 neweola sshd[32187]: Received disconnect from 198.37.117.33 port 34256:11: Bye Bye [preauth] May 1 13:06:06 neweola sshd[32187]: Disconnected from authenticating user r.r 198.37.117.33 port 34256 [preauth] May 1........ ------------------------------	2020-05-02 04:33:53
157.230.239.99	attackspam	2020-05-01T20:26:21.782778shield sshd\[27201\]: Invalid user test from 157.230.239.99 port 42930 2020-05-01T20:26:21.787003shield sshd\[27201\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.239.99 2020-05-01T20:26:23.523726shield sshd\[27201\]: Failed password for invalid user test from 157.230.239.99 port 42930 ssh2 2020-05-01T20:29:59.889839shield sshd\[27793\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.239.99 user=root 2020-05-01T20:30:02.223381shield sshd\[27793\]: Failed password for root from 157.230.239.99 port 55218 ssh2	2020-05-02 04:36:24
222.186.190.14	attackbots	May 1 16:30:30 NPSTNNYC01T sshd[13113]: Failed password for root from 222.186.190.14 port 20154 ssh2 May 1 16:30:39 NPSTNNYC01T sshd[13116]: Failed password for root from 222.186.190.14 port 59979 ssh2 ...	2020-05-02 04:32:14
165.227.88.167	attack	May 1 16:27:11 ny01 sshd[21117]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.88.167 May 1 16:27:13 ny01 sshd[21117]: Failed password for invalid user zxy from 165.227.88.167 port 53850 ssh2 May 1 16:31:03 ny01 sshd[21711]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.88.167	2020-05-02 04:38:40
218.3.139.85	attackbots	[Aegis] @ 2019-07-28 12:19:20 0100 -> Attempted Administrator Privilege Gain: ET SCAN LibSSH Based Frequent SSH Connections Likely BruteForce Attack	2020-05-02 04:32:44
185.143.74.49	attack	May 1 22:06:13 v22019058497090703 postfix/smtpd[12022]: warning: unknown[185.143.74.49]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 1 22:07:25 v22019058497090703 postfix/smtpd[12022]: warning: unknown[185.143.74.49]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 1 22:08:31 v22019058497090703 postfix/smtpd[12022]: warning: unknown[185.143.74.49]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-05-02 04:19:30
218.92.0.171	attackbotsspam	SSH invalid-user multiple login attempts	2020-05-02 04:43:33
103.215.27.254	attackbotsspam	Unauthorized connection attempt from IP address 103.215.27.254 on Port 445(SMB)	2020-05-02 04:07:59
94.25.228.85	attackbots	445/tcp [2020-05-01]1pkt	2020-05-02 04:10:21
90.90.165.117	attackbots	May 1 22:27:08 meumeu sshd[18960]: Failed password for root from 90.90.165.117 port 40310 ssh2 May 1 22:32:57 meumeu sshd[19916]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=90.90.165.117 May 1 22:32:58 meumeu sshd[19916]: Failed password for invalid user as from 90.90.165.117 port 51892 ssh2 ...	2020-05-02 04:41:15

Recently Reported IPs

189.110.32.253	91.143.20.235	112.104.175.149	190.113.161.123
37.146.236.101	61.135.147.120	80.235.206.89	146.71.237.58
46.166.247.109	154.58.188.218	190.136.140.196	131.121.174.71
47.41.111.131	40.240.116.59	42.58.225.204	3.5.129.135
109.61.10.58	69.200.155.211	140.4.12.124	39.15.212.166