45.221.8.225 - IPInfo

Basic Info

City: Kampala

Region: Central Region

Country: Uganda

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
45.221.87.151	attack	Brute forcing RDP port 3389	2019-12-10 04:15:21
45.221.88.146	attackspam	Automatic report - Port Scan Attack	2019-09-16 04:53:42
45.221.80.249	attackspam	Sep 11 20:51:53 lenivpn01 kernel: \[460715.063399\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:2f:6c:1b:d2:74:7f:6e:37:e3:08:00 SRC=45.221.80.249 DST=195.201.121.15 LEN=60 TOS=0x00 PREC=0x00 TTL=47 ID=16853 DF PROTO=TCP SPT=36883 DPT=23 WINDOW=5808 RES=0x00 SYN URGP=0 Sep 11 20:51:56 lenivpn01 kernel: \[460718.060026\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:2f:6c:1b:d2:74:7f:6e:37:e3:08:00 SRC=45.221.80.249 DST=195.201.121.15 LEN=60 TOS=0x00 PREC=0x00 TTL=47 ID=16854 DF PROTO=TCP SPT=36883 DPT=23 WINDOW=5808 RES=0x00 SYN URGP=0 Sep 11 20:52:02 lenivpn01 kernel: \[460724.059537\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:2f:6c:1b:d2:74:7f:6e:37:e3:08:00 SRC=45.221.80.249 DST=195.201.121.15 LEN=60 TOS=0x00 PREC=0x00 TTL=47 ID=16855 DF PROTO=TCP SPT=36883 DPT=23 WINDOW=5808 RES=0x00 SYN URGP=0 ...	2019-09-12 09:12:06

Type

Details

Datetime

45.221.87.151

attack

Brute forcing RDP port 3389

2019-12-10 04:15:21

45.221.88.146

attackspam

Automatic report - Port Scan Attack

2019-09-16 04:53:42

45.221.80.249

attackspam

Sep 11 20:51:53 lenivpn01 kernel: \[460715.063399\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:2f:6c:1b:d2:74:7f:6e:37:e3:08:00 SRC=45.221.80.249 DST=195.201.121.15 LEN=60 TOS=0x00 PREC=0x00 TTL=47 ID=16853 DF PROTO=TCP SPT=36883 DPT=23 WINDOW=5808 RES=0x00 SYN URGP=0 
Sep 11 20:51:56 lenivpn01 kernel: \[460718.060026\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:2f:6c:1b:d2:74:7f:6e:37:e3:08:00 SRC=45.221.80.249 DST=195.201.121.15 LEN=60 TOS=0x00 PREC=0x00 TTL=47 ID=16854 DF PROTO=TCP SPT=36883 DPT=23 WINDOW=5808 RES=0x00 SYN URGP=0 
Sep 11 20:52:02 lenivpn01 kernel: \[460724.059537\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:2f:6c:1b:d2:74:7f:6e:37:e3:08:00 SRC=45.221.80.249 DST=195.201.121.15 LEN=60 TOS=0x00 PREC=0x00 TTL=47 ID=16855 DF PROTO=TCP SPT=36883 DPT=23 WINDOW=5808 RES=0x00 SYN URGP=0 
...

2019-09-12 09:12:06

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.221.8.225
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 62447
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;45.221.8.225.			IN	A

;; AUTHORITY SECTION:
.			535	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022062400 1800 900 604800 86400

;; Query time: 21 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jun 24 13:39:52 CST 2022
;; MSG SIZE  rcvd: 105

Host info

Host 225.8.221.45.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 225.8.221.45.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
106.12.3.170	attackbotsspam	Dec 13 09:53:58 sticky sshd\[29722\]: Invalid user ftp from 106.12.3.170 port 49546 Dec 13 09:53:58 sticky sshd\[29722\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.3.170 Dec 13 09:54:00 sticky sshd\[29722\]: Failed password for invalid user ftp from 106.12.3.170 port 49546 ssh2 Dec 13 10:00:31 sticky sshd\[29800\]: Invalid user gvallejo from 106.12.3.170 port 47008 Dec 13 10:00:31 sticky sshd\[29800\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.3.170 ...	2019-12-13 20:05:01
185.37.213.76	attack	Autoban 185.37.213.76 AUTH/CONNECT	2019-12-13 20:22:08
124.156.211.137	attackspambots	1576223076 - 12/13/2019 08:44:36 Host: 124.156.211.137/124.156.211.137 Port: 32777 UDP Blocked	2019-12-13 20:21:15
24.4.128.213	attack	2019-12-13T08:12:27.332251homeassistant sshd[29559]: Invalid user yoyo from 24.4.128.213 port 60608 2019-12-13T08:12:27.339031homeassistant sshd[29559]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=24.4.128.213 ...	2019-12-13 20:26:31
80.211.189.181	attackbots	Dec 13 09:55:06 sd-53420 sshd\[30764\]: User root from 80.211.189.181 not allowed because none of user's groups are listed in AllowGroups Dec 13 09:55:06 sd-53420 sshd\[30764\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.189.181 user=root Dec 13 09:55:08 sd-53420 sshd\[30764\]: Failed password for invalid user root from 80.211.189.181 port 59044 ssh2 Dec 13 09:59:56 sd-53420 sshd\[31070\]: Invalid user telecop from 80.211.189.181 Dec 13 09:59:56 sd-53420 sshd\[31070\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.189.181 ...	2019-12-13 20:14:09
141.237.48.152	attack	Telnet Server BruteForce Attack	2019-12-13 20:42:57
27.79.177.181	attackbotsspam	1576223089 - 12/13/2019 08:44:49 Host: 27.79.177.181/27.79.177.181 Port: 445 TCP Blocked	2019-12-13 20:07:16
5.30.23.118	attackspam	Dec 12 21:53:29 hanapaa sshd\[16987\]: Invalid user henrioud from 5.30.23.118 Dec 12 21:53:29 hanapaa sshd\[16987\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.30.23.118 Dec 12 21:53:31 hanapaa sshd\[16987\]: Failed password for invalid user henrioud from 5.30.23.118 port 44486 ssh2 Dec 12 22:01:57 hanapaa sshd\[17745\]: Invalid user creation from 5.30.23.118 Dec 12 22:01:57 hanapaa sshd\[17745\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.30.23.118	2019-12-13 20:14:32
187.154.198.177	attack	Unauthorized connection attempt from IP address 187.154.198.177 on Port 445(SMB)	2019-12-13 20:04:44
128.134.187.155	attack	Dec 13 12:47:06 meumeu sshd[31499]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.134.187.155 Dec 13 12:47:08 meumeu sshd[31499]: Failed password for invalid user fbm from 128.134.187.155 port 37792 ssh2 Dec 13 12:53:34 meumeu sshd[32713]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.134.187.155 ...	2019-12-13 20:32:28
106.12.137.55	attack	Dec 13 13:25:14 nextcloud sshd\[4910\]: Invalid user cmpir from 106.12.137.55 Dec 13 13:25:14 nextcloud sshd\[4910\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.137.55 Dec 13 13:25:17 nextcloud sshd\[4910\]: Failed password for invalid user cmpir from 106.12.137.55 port 55380 ssh2 ...	2019-12-13 20:30:55
78.11.53.59	attack	Dec 13 11:37:13 server sshd\[15886\]: Invalid user lisa from 78.11.53.59 Dec 13 11:37:13 server sshd\[15886\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=78-11-53-59.static.ip.netia.com.pl Dec 13 11:37:15 server sshd\[15886\]: Failed password for invalid user lisa from 78.11.53.59 port 33826 ssh2 Dec 13 11:37:57 server sshd\[16039\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=78-11-53-59.static.ip.netia.com.pl user=root Dec 13 11:37:58 server sshd\[16039\]: Failed password for root from 78.11.53.59 port 60950 ssh2 ...	2019-12-13 20:31:46
200.195.171.74	attack	$f2bV_matches	2019-12-13 20:04:12
59.42.181.102	attack	SSH/22 MH Probe, BF, Hack -	2019-12-13 20:32:57
185.176.27.14	attackbotsspam	ET DROP Dshield Block Listed Source group 1 - port: 8595 proto: TCP cat: Misc Attack	2019-12-13 20:37:31

Recently Reported IPs

14.33.80.229	181.236.224.58	43.156.248.141	43.156.248.250
195.39.233.18	192.241.219.239	137.226.6.10	180.76.54.120
5.167.69.68	221.214.211.122	137.226.7.71	5.167.69.179
137.226.8.8	5.167.70.108	119.15.86.130	137.226.8.20
123.138.161.171	137.226.8.27	137.226.60.193	137.226.8.42