45.80.104.25 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Israel

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
45.80.104.195	attackbots	Chat Spam	2020-08-18 08:30:32
45.80.104.119	attackbots	9.260.741,85-03/02 [bc18/m74] PostRequest-Spammer scoring: Lusaka01	2019-11-20 07:30:46
45.80.104.152	attack	Name: 'gekllokjwer' Street: 'DXJXKCusGwzJU' City: 'chOjdNXZYEVOMtMwe' Zip: 'DeRgRoRKaO' Message: 'Ñåìåé Ïÿòèãîðñê Àòûðàó, Êàçàõñòàí êóïèòü Ýêñòàçè (Mdma) Äçåðæèíñê Äåðáåíò Àõàíãàìà, Øðè-Ëàíêà êóïèòü Ñêîðîñòü ÑÊ êðèñòàëëû (ñîëü-Àëüôà-ÏÂÏ) Îáíèíñê Ìàãíèòîãîðñê	2019-10-22 05:11:19
45.80.104.101	attackbots	45.80.104.101 - - [20/Oct/2019:07:59:55 -0400] "GET /?page=..%2f..%2f..%2fetc%2fpasswd&action=view&manufacturerID=12&productID=973&linkID=15902 HTTP/1.1" 200 16395 "https://newportbrassfaucets.com/?page=..%2f..%2f..%2fetc%2fpasswd&action=view&manufacturerID=12&productID=973&linkID=15902" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.132 Safari/537.36" ...	2019-10-21 01:15:22
45.80.104.109	attackspambots	45.80.104.109 - - [20/Oct/2019:08:03:33 -0400] "GET /?page=products&action=..%2f..%2fetc%2fpasswd%00&manufacturerID=12&productID=973&linkID=15902 HTTP/1.1" 200 17152 "https://newportbrassfaucets.com/?page=products&action=..%2f..%2fetc%2fpasswd%00&manufacturerID=12&productID=973&linkID=15902" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.132 Safari/537.36" ...	2019-10-20 21:57:02

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.80.104.25
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 33219
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;45.80.104.25.			IN	A

;; AUTHORITY SECTION:
.			523	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022091400 1800 900 604800 86400

;; Query time: 66 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Sep 14 18:43:54 CST 2022
;; MSG SIZE  rcvd: 105

Host info

Host 25.104.80.45.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 25.104.80.45.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
129.28.195.191	attackspambots	2020-09-28T17:31:09.512645hostname sshd[49772]: Failed password for root from 129.28.195.191 port 57574 ssh2 ...	2020-09-29 02:41:31
46.101.19.133	attack	Sep 28 18:40:45 h2779839 sshd[1939]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.19.133 user=root Sep 28 18:40:47 h2779839 sshd[1939]: Failed password for root from 46.101.19.133 port 56032 ssh2 Sep 28 18:44:40 h2779839 sshd[2061]: Invalid user copy from 46.101.19.133 port 53901 Sep 28 18:44:40 h2779839 sshd[2061]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.19.133 Sep 28 18:44:40 h2779839 sshd[2061]: Invalid user copy from 46.101.19.133 port 53901 Sep 28 18:44:43 h2779839 sshd[2061]: Failed password for invalid user copy from 46.101.19.133 port 53901 ssh2 Sep 28 18:48:45 h2779839 sshd[2213]: Invalid user ubuntu from 46.101.19.133 port 51769 Sep 28 18:48:45 h2779839 sshd[2213]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.19.133 Sep 28 18:48:45 h2779839 sshd[2213]: Invalid user ubuntu from 46.101.19.133 port 51769 Sep 28 18:48:47 h2779 ...	2020-09-29 02:31:52
158.69.210.168	attackspambots	Invalid user bot from 158.69.210.168 port 58166	2020-09-29 02:36:32
36.57.89.12	attackbots	Sep 28 00:55:58 srv01 postfix/smtpd\[24098\]: warning: unknown\[36.57.89.12\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 28 00:56:09 srv01 postfix/smtpd\[24098\]: warning: unknown\[36.57.89.12\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 28 00:56:25 srv01 postfix/smtpd\[24098\]: warning: unknown\[36.57.89.12\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 28 00:56:43 srv01 postfix/smtpd\[24098\]: warning: unknown\[36.57.89.12\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 28 00:56:55 srv01 postfix/smtpd\[24098\]: warning: unknown\[36.57.89.12\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-09-29 02:45:02
139.155.9.86	attackbotsspam	2020-09-28T18:22:28.876590ionos.janbro.de sshd[178583]: Invalid user bob from 139.155.9.86 port 37100 2020-09-28T18:22:31.183614ionos.janbro.de sshd[178583]: Failed password for invalid user bob from 139.155.9.86 port 37100 ssh2 2020-09-28T18:28:21.158549ionos.janbro.de sshd[178617]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.9.86 user=root 2020-09-28T18:28:23.214765ionos.janbro.de sshd[178617]: Failed password for root from 139.155.9.86 port 41360 ssh2 2020-09-28T18:33:58.244559ionos.janbro.de sshd[178647]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.9.86 user=root 2020-09-28T18:34:00.569220ionos.janbro.de sshd[178647]: Failed password for root from 139.155.9.86 port 45622 ssh2 2020-09-28T18:39:29.130267ionos.janbro.de sshd[178677]: Invalid user ian from 139.155.9.86 port 49880 2020-09-28T18:39:29.838831ionos.janbro.de sshd[178677]: pam_unix(sshd:auth): authentication failure; lo ...	2020-09-29 02:46:58
113.65.210.180	attackspam	vps:sshd-InvalidUser	2020-09-29 02:33:11
197.38.63.198	attack	(cxs) cxs mod_security triggered by 197.38.63.198 (EG/Egypt/host-197.38.63.198.tedata.net): 1 in the last 3600 secs (CF_ENABLE); Ports: *; Direction: inout; Trigger: LF_CXS; Logs: [Sun Sep 27 22:34:42.507711 2020] [:error] [pid 3136447:tid 47466709919488] [client 197.38.63.198:63163] [client 197.38.63.198] ModSecurity: Access denied with code 403 (phase 2). File "/tmp/20200927-223440-X3D3YNeKpoihDXXrruVHggAAAAs-file-gGNR9R" rejected by the approver script "/etc/cxs/cxscgi.sh": 0 [file "/etc/apache2/conf.d/modsec_vendor_configs/configserver/00_configserver.conf"] [line "7"] [id "1010101"] [msg "ConfigServer Exploit Scanner (cxs) triggered"] [severity "CRITICAL"] [hostname "gratitudemania.com"] [uri "/wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php"] [unique_id "X3D3YNeKpoihDXXrruVHggAAAAs"], referer: http://gratitudemania.com/wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php	2020-09-29 02:58:38
95.169.25.38	attackbots	(sshd) Failed SSH login from 95.169.25.38 (US/United States/95.169.25.38.16clouds.com): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 28 09:54:51 optimus sshd[32204]: Invalid user olga from 95.169.25.38 Sep 28 09:54:53 optimus sshd[32204]: Failed password for invalid user olga from 95.169.25.38 port 46530 ssh2 Sep 28 10:40:28 optimus sshd[20343]: Invalid user git from 95.169.25.38 Sep 28 10:40:30 optimus sshd[20343]: Failed password for invalid user git from 95.169.25.38 port 59220 ssh2 Sep 28 10:53:31 optimus sshd[24725]: Invalid user felipe from 95.169.25.38	2020-09-29 02:46:06
82.223.104.73	attackbotsspam	82.223.104.73 - - [28/Sep/2020:17:37:55 +0100] "POST /wp/wp-login.php HTTP/1.1" 200 2441 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 82.223.104.73 - - [28/Sep/2020:17:37:56 +0100] "POST /wp/wp-login.php HTTP/1.1" 200 2429 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 82.223.104.73 - - [28/Sep/2020:17:37:57 +0100] "POST /wp/xmlrpc.php HTTP/1.1" 200 247 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-29 02:46:20
118.25.182.118	attackspambots	Brute-force attempt banned	2020-09-29 02:35:01
132.232.230.220	attackbots	SSH invalid-user multiple login try	2020-09-29 02:57:18
112.85.42.120	attack	Sep 28 04:40:47 localhost sshd[69460]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.120 user=root Sep 28 04:40:48 localhost sshd[69460]: Failed password for root from 112.85.42.120 port 3834 ssh2 Sep 28 04:40:54 localhost sshd[69460]: Failed password for root from 112.85.42.120 port 3834 ssh2 Sep 28 04:40:47 localhost sshd[69460]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.120 user=root Sep 28 04:40:48 localhost sshd[69460]: Failed password for root from 112.85.42.120 port 3834 ssh2 Sep 28 04:40:54 localhost sshd[69460]: Failed password for root from 112.85.42.120 port 3834 ssh2 Sep 28 04:40:47 localhost sshd[69460]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.120 user=root Sep 28 04:40:48 localhost sshd[69460]: Failed password for root from 112.85.42.120 port 3834 ssh2 Sep 28 04:40:54 localhost sshd[69460]: Failed password ...	2020-09-29 02:52:26
42.194.158.24	attackbotsspam	Invalid user git from 42.194.158.24 port 36622	2020-09-29 02:23:27
45.185.164.132	attackbots	DATE:2020-09-28 03:26:31, IP:45.185.164.132, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2020-09-29 02:50:58
88.214.26.93	attackbotsspam	SSH Bruteforce Attempt on Honeypot	2020-09-29 02:58:04

Recently Reported IPs

38.242.151.122	147.78.183.208	62.14.110.19	49.37.144.203
45.158.185.174	117.186.248.32	185.14.192.59	49.249.44.126
83.142.54.207	49.254.148.150	179.61.190.121	77.243.88.26
192.210.169.184	83.171.224.29	193.202.81.27	83.142.52.198
254.117.1.92	101.51.81.42	13.208.174.245	45.148.127.245