45.74.18.11 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Netherlands

Internet Service Provider: Secure Internet LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt from IP address 45.74.18.11 on Port 445(SMB)	2020-05-31 04:51:15

Comments on same subnet:

IP	Type	Details	Datetime
45.74.18.12	attackbots	Attempt to attack host OS, exploiting network vulnerabilities, on 02-04-2020 22:50:18.	2020-04-03 08:01:00
45.74.189.77	attackbots	Unauthorized connection attempt detected from IP address 45.74.189.77 to port 5555 [J]	2020-01-28 08:38:44

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.74.18.11
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 62599
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.74.18.11.			IN	A

;; AUTHORITY SECTION:
.			517	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020053000 1800 900 604800 86400

;; Query time: 93 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun May 31 04:51:12 CST 2020
;; MSG SIZE  rcvd: 115

Host info

Host 11.18.74.45.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 11.18.74.45.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
45.80.65.35	attack	Nov 7 05:50:33 hanapaa sshd\[19224\]: Invalid user server from 45.80.65.35 Nov 7 05:50:33 hanapaa sshd\[19224\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.80.65.35 Nov 7 05:50:35 hanapaa sshd\[19224\]: Failed password for invalid user server from 45.80.65.35 port 55176 ssh2 Nov 7 05:54:32 hanapaa sshd\[19507\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.80.65.35 user=root Nov 7 05:54:34 hanapaa sshd\[19507\]: Failed password for root from 45.80.65.35 port 35606 ssh2	2019-11-08 01:22:58
121.101.186.242	attackbotsspam	SPAM Delivery Attempt	2019-11-08 01:15:46
222.253.203.144	attack	Unauthorized connection attempt from IP address 222.253.203.144 on Port 445(SMB)	2019-11-08 01:39:23
111.230.19.43	attack	Nov 7 18:51:03 site3 sshd\[53905\]: Invalid user ubnt from 111.230.19.43 Nov 7 18:51:03 site3 sshd\[53905\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.230.19.43 Nov 7 18:51:05 site3 sshd\[53905\]: Failed password for invalid user ubnt from 111.230.19.43 port 59424 ssh2 Nov 7 18:57:58 site3 sshd\[53983\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.230.19.43 user=root Nov 7 18:58:00 site3 sshd\[53983\]: Failed password for root from 111.230.19.43 port 38982 ssh2 ...	2019-11-08 01:03:28
218.92.0.191	attack	$f2bV_matches	2019-11-08 01:08:54
61.163.78.132	attackbotsspam	Nov 7 06:41:56 hanapaa sshd\[24750\]: Invalid user both from 61.163.78.132 Nov 7 06:41:56 hanapaa sshd\[24750\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.163.78.132 Nov 7 06:41:58 hanapaa sshd\[24750\]: Failed password for invalid user both from 61.163.78.132 port 51540 ssh2 Nov 7 06:48:33 hanapaa sshd\[25275\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.163.78.132 user=root Nov 7 06:48:36 hanapaa sshd\[25275\]: Failed password for root from 61.163.78.132 port 33022 ssh2	2019-11-08 01:08:19
188.165.87.71	attack	Nov 7 07:17:51 mxgate1 postfix/postscreen[13848]: CONNECT from [188.165.87.71]:39706 to [176.31.12.44]:25 Nov 7 07:17:57 mxgate1 postfix/postscreen[13848]: PASS NEW [188.165.87.71]:39706 Nov 7 07:17:58 mxgate1 postfix/smtpd[13854]: connect from samson.ens004.ectrensys.info[188.165.87.71] Nov x@x Nov 7 07:17:58 mxgate1 postfix/smtpd[13854]: disconnect from samson.ens004.ectrensys.info[188.165.87.71] ehlo=2 starttls=1 mail=1 rcpt=0/1 quhostname=1 commands=5/6 Nov 7 07:27:59 mxgate1 postfix/postscreen[13848]: CONNECT from [188.165.87.71]:44450 to [176.31.12.44]:25 Nov 7 07:27:59 mxgate1 postfix/postscreen[13848]: PASS OLD [188.165.87.71]:44450 Nov 7 07:27:59 mxgate1 postfix/smtpd[14029]: connect from samson.ens004.ectrensys.info[188.165.87.71] Nov x@x Nov 7 07:27:59 mxgate1 postfix/smtpd[14029]: disconnect from samson.ens004.ectrensys.info[188.165.87.71] ehlo=2 starttls=1 mail=1 rcpt=0/1 quhostname=1 commands=5/6 Nov 7 07:37:58 mxgate1 postfix/postscreen[14546]: C........ -------------------------------	2019-11-08 01:41:32
203.135.23.210	attackbots	Unauthorized connection attempt from IP address 203.135.23.210 on Port 445(SMB)	2019-11-08 01:32:54
52.66.241.9	attack	Nov 7 11:49:42 TORMINT sshd\[24268\]: Invalid user womaho from 52.66.241.9 Nov 7 11:49:42 TORMINT sshd\[24268\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.66.241.9 Nov 7 11:49:44 TORMINT sshd\[24268\]: Failed password for invalid user womaho from 52.66.241.9 port 37712 ssh2 ...	2019-11-08 01:11:25
220.92.16.94	attack	Nov 7 17:00:07 localhost sshd\[28826\]: Invalid user magento from 220.92.16.94 port 53074 Nov 7 17:00:07 localhost sshd\[28826\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.92.16.94 Nov 7 17:00:09 localhost sshd\[28826\]: Failed password for invalid user magento from 220.92.16.94 port 53074 ssh2	2019-11-08 01:01:56
193.48.18.241	attackbots	Nov 7 08:03:08 h2034429 sshd[9747]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.48.18.241 user=r.r Nov 7 08:03:10 h2034429 sshd[9747]: Failed password for r.r from 193.48.18.241 port 52776 ssh2 Nov 7 08:03:10 h2034429 sshd[9747]: Received disconnect from 193.48.18.241 port 52776:11: Bye Bye [preauth] Nov 7 08:03:10 h2034429 sshd[9747]: Disconnected from 193.48.18.241 port 52776 [preauth] Nov 7 08:16:34 h2034429 sshd[9984]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.48.18.241 user=r.r Nov 7 08:16:36 h2034429 sshd[9984]: Failed password for r.r from 193.48.18.241 port 40194 ssh2 Nov 7 08:16:36 h2034429 sshd[9984]: Received disconnect from 193.48.18.241 port 40194:11: Bye Bye [preauth] Nov 7 08:16:36 h2034429 sshd[9984]: Disconnected from 193.48.18.241 port 40194 [preauth] Nov 7 08:20:15 h2034429 sshd[10072]: pam_unix(sshd:auth): authentication failure; logname= uid=........ -------------------------------	2019-11-08 01:33:27
192.3.144.156	attackspam	(From eric@talkwithcustomer.com) Hi, My name is Eric and I was looking at a few different sites online and came across your site drpaulturek.com. I must say - your website is very impressive. I am seeing your website on the first page of the Search Engine. Have you noticed that 70 percent of visitors who leave your website will never return? In most cases, this means that 95 percent to 98 percent of your marketing efforts are going to waste, not to mention that you are losing more money in customer acquisition costs than you need to. As a business person, the time and money you put into your marketing efforts is extremely valuable. So why let it go to waste? Our users have seen staggering improvements in conversions with insane growths of 150 percent going upwards of 785 percent. Are you ready to unlock the highest conversion revenue from each of your website visitors? TalkWithCustomer is a widget which captures a website visitor’s Name, Email address and Phone Number and then calls you i	2019-11-08 01:38:50
194.102.35.244	attack	Nov 7 06:23:32 web1 sshd\[30087\]: Invalid user P@ss@2019 from 194.102.35.244 Nov 7 06:23:32 web1 sshd\[30087\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.102.35.244 Nov 7 06:23:33 web1 sshd\[30087\]: Failed password for invalid user P@ss@2019 from 194.102.35.244 port 40296 ssh2 Nov 7 06:27:51 web1 sshd\[30845\]: Invalid user test321 from 194.102.35.244 Nov 7 06:27:51 web1 sshd\[30845\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.102.35.244	2019-11-08 01:12:18
81.22.45.65	attackbots	Nov 7 17:31:11 mc1 kernel: \[4430566.866123\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.65 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=45339 PROTO=TCP SPT=43345 DPT=52257 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 7 17:33:29 mc1 kernel: \[4430704.644959\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.65 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=8940 PROTO=TCP SPT=43345 DPT=52388 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 7 17:36:59 mc1 kernel: \[4430914.571390\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.65 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=51681 PROTO=TCP SPT=43345 DPT=51664 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-11-08 00:59:38
200.35.109.132	attackspambots	Unauthorized connection attempt from IP address 200.35.109.132 on Port 445(SMB)	2019-11-08 01:00:27

Recently Reported IPs

206.189.44.204	189.155.181.94	135.136.2.173	10.197.33.205
118.232.64.179	93.47.206.122	113.102.137.6	189.59.147.232
89.252.191.174	59.115.58.112	46.158.140.73	223.152.202.36
54.255.38.62	95.218.200.31	95.217.20.144	162.243.93.52
111.254.11.18	43.254.160.30	67.205.144.65	177.41.6.176