45.161.12.22 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Brazil

Internet Service Provider: Claudenir dos Santos ME

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Unauthorized connection attempt from IP address 45.161.12.22 on Port 445(SMB)	2020-06-16 01:59:28
attackspam	Unauthorized connection attempt from IP address 45.161.12.22 on Port 445(SMB)	2020-03-07 08:56:14

Comments on same subnet:

IP	Type	Details	Datetime
45.161.123.66	attackbotsspam	445/tcp [2020-04-06]1pkt	2020-04-06 23:48:10

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.161.12.22
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 51594
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.161.12.22.			IN	A

;; AUTHORITY SECTION:
.			357	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020030601 1800 900 604800 86400

;; Query time: 89 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Mar 07 08:56:11 CST 2020
;; MSG SIZE  rcvd: 116

Host info

22.12.161.45.in-addr.arpa domain name pointer reverso-45-161-12-22.uniservnet.com.br.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
22.12.161.45.in-addr.arpa	name = reverso-45-161-12-22.uniservnet.com.br.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
154.204.30.164	attackspam	Aug 20 23:58:45 HOST sshd[22333]: Failed password for invalid user aiz from 154.204.30.164 port 52824 ssh2 Aug 20 23:58:45 HOST sshd[22333]: Received disconnect from 154.204.30.164: 11: Bye Bye [preauth] Aug 21 00:06:56 HOST sshd[22558]: Failed password for invalid user wq from 154.204.30.164 port 48583 ssh2 Aug 21 00:06:57 HOST sshd[22558]: Received disconnect from 154.204.30.164: 11: Bye Bye [preauth] Aug 21 00:09:17 HOST sshd[22674]: Failed password for invalid user cent from 154.204.30.164 port 42253 ssh2 Aug 21 00:09:18 HOST sshd[22674]: Received disconnect from 154.204.30.164: 11: Bye Bye [preauth] Aug 21 00:11:41 HOST sshd[22768]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.204.30.164 user=r.r Aug 21 00:11:43 HOST sshd[22768]: Failed password for r.r from 154.204.30.164 port 35924 ssh2 Aug 21 00:11:43 HOST sshd[22768]: Received disconnect from 154.204.30.164: 11: Bye Bye [preauth] Aug 21 00:14:09 HOST sshd[22780]: ........ -------------------------------	2020-08-23 20:44:13
103.87.46.145	attackspam	"SMTP brute force auth login attempt."	2020-08-23 21:09:40
51.77.230.49	attack	Port Scan detected from 51.77.230.49 (FR/France/Grand Est/Strasbourg/49.ip-51-77-230.eu). 4 hits in the last 195 seconds	2020-08-23 20:46:39
154.221.16.218	attack	Aug 23 14:25:15 ns381471 sshd[17391]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.221.16.218 Aug 23 14:25:16 ns381471 sshd[17391]: Failed password for invalid user zxg from 154.221.16.218 port 53760 ssh2	2020-08-23 20:48:33
14.21.42.158	attackspambots	Aug 23 06:25:20 Host-KLAX-C sshd[23579]: Disconnected from invalid user guest 14.21.42.158 port 53002 [preauth] ...	2020-08-23 20:45:17
62.210.149.30	attackbots	[2020-08-23 09:10:00] NOTICE[1185][C-000055b8] chan_sip.c: Call from '' (62.210.149.30:62841) to extension '900+441301715509' rejected because extension not found in context 'public'. [2020-08-23 09:10:00] SECURITY[1203] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-08-23T09:10:00.951-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="900+441301715509",SessionID="0x7f10c4245bd8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/62.210.149.30/62841",ACLName="no_extension_match" [2020-08-23 09:11:00] NOTICE[1185][C-000055bb] chan_sip.c: Call from '' (62.210.149.30:62917) to extension '011+441301715509' rejected because extension not found in context 'public'. [2020-08-23 09:11:00] SECURITY[1203] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-08-23T09:11:00.735-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="011+441301715509",SessionID="0x7f10c43e3a48",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/ ...	2020-08-23 21:22:55
51.255.197.164	attack	2020-08-23T12:36:05.398872abusebot.cloudsearch.cf sshd[12436]: Invalid user ts3 from 51.255.197.164 port 36852 2020-08-23T12:36:05.407331abusebot.cloudsearch.cf sshd[12436]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.ip-51-255-197.eu 2020-08-23T12:36:05.398872abusebot.cloudsearch.cf sshd[12436]: Invalid user ts3 from 51.255.197.164 port 36852 2020-08-23T12:36:06.919924abusebot.cloudsearch.cf sshd[12436]: Failed password for invalid user ts3 from 51.255.197.164 port 36852 ssh2 2020-08-23T12:43:29.992106abusebot.cloudsearch.cf sshd[12678]: Invalid user boy from 51.255.197.164 port 41115 2020-08-23T12:43:29.997273abusebot.cloudsearch.cf sshd[12678]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.ip-51-255-197.eu 2020-08-23T12:43:29.992106abusebot.cloudsearch.cf sshd[12678]: Invalid user boy from 51.255.197.164 port 41115 2020-08-23T12:43:31.992319abusebot.cloudsearch.cf sshd[12678]: Failed passwo ...	2020-08-23 21:24:04
54.37.66.7	attackspambots	Aug 23 14:36:23 h2779839 sshd[29760]: Invalid user test from 54.37.66.7 port 48874 Aug 23 14:36:23 h2779839 sshd[29760]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.66.7 Aug 23 14:36:23 h2779839 sshd[29760]: Invalid user test from 54.37.66.7 port 48874 Aug 23 14:36:25 h2779839 sshd[29760]: Failed password for invalid user test from 54.37.66.7 port 48874 ssh2 Aug 23 14:38:25 h2779839 sshd[29814]: Invalid user passfeel from 54.37.66.7 port 54002 Aug 23 14:38:25 h2779839 sshd[29814]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.66.7 Aug 23 14:38:25 h2779839 sshd[29814]: Invalid user passfeel from 54.37.66.7 port 54002 Aug 23 14:38:27 h2779839 sshd[29814]: Failed password for invalid user passfeel from 54.37.66.7 port 54002 ssh2 Aug 23 14:40:27 h2779839 sshd[29866]: Invalid user inma from 54.37.66.7 port 59134 ...	2020-08-23 21:20:49
104.223.143.118	attack	Aug 21 19:08:25 lvpxxxxxxx88-92-201-20 sshd[17166]: Address 104.223.143.118 maps to amazone.sendgridspot.live, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Aug 21 19:08:26 lvpxxxxxxx88-92-201-20 sshd[17166]: Failed password for invalid user jsk from 104.223.143.118 port 49298 ssh2 Aug 21 19:08:27 lvpxxxxxxx88-92-201-20 sshd[17166]: Received disconnect from 104.223.143.118: 11: Bye Bye [preauth] Aug 21 19:10:10 lvpxxxxxxx88-92-201-20 sshd[17242]: Address 104.223.143.118 maps to amazone.sendgridspot.live, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Aug 21 19:10:10 lvpxxxxxxx88-92-201-20 sshd[17242]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.223.143.118 user=r.r Aug 21 19:10:12 lvpxxxxxxx88-92-201-20 sshd[17242]: Failed password for r.r from 104.223.143.118 port 47296 ssh2 Aug 21 19:10:13 lvpxxxxxxx88-92-201-20 sshd[17242]: Received disconnect from 104.223.143.118: 11: B........ -------------------------------	2020-08-23 21:17:47
189.39.102.67	attackspam	Automatic Fail2ban report - Trying login SSH	2020-08-23 21:22:29
35.195.98.218	attackbotsspam	2020-08-23T14:21:14.987305vps751288.ovh.net sshd\[4782\]: Invalid user globalflash from 35.195.98.218 port 49072 2020-08-23T14:21:14.993854vps751288.ovh.net sshd\[4782\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.98.195.35.bc.googleusercontent.com 2020-08-23T14:21:16.383808vps751288.ovh.net sshd\[4782\]: Failed password for invalid user globalflash from 35.195.98.218 port 49072 ssh2 2020-08-23T14:24:53.426508vps751288.ovh.net sshd\[4796\]: Invalid user app from 35.195.98.218 port 56328 2020-08-23T14:24:53.433263vps751288.ovh.net sshd\[4796\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.98.195.35.bc.googleusercontent.com	2020-08-23 21:18:31
186.190.163.65	attack	"SMTP brute force auth login attempt."	2020-08-23 21:08:00
118.25.144.133	attackbotsspam	SSH Brute-Force. Ports scanning.	2020-08-23 21:08:16
150.95.177.195	attackbotsspam	Port Scan detected from 150.95.177.195 (JP/Japan/Tokyo/Chiyoda/v150-95-177-195.a0db.g.tyo1.static.cnode.io). 4 hits in the last 85 seconds	2020-08-23 21:01:40
222.186.175.182	attackbotsspam	[ssh] SSH attack	2020-08-23 20:50:34

Recently Reported IPs

96.9.245.184	79.166.19.130	36.71.232.21	182.109.77.189
183.120.206.231	213.230.86.214	176.194.108.40	39.155.212.90
183.88.0.204	114.105.156.65	61.223.119.15	186.227.236.234
54.36.135.150	250.104.50.140	45.232.20.65	187.136.196.78
5.101.51.66	201.68.199.59	159.65.155.35	216.170.114.117