45.80.64.216 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Russian Federation

Internet Service Provider: Data Centre Solutions Limited Liability Company

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	SSH Brute-Force reported by Fail2Ban	2019-10-05 15:43:50
attack	Sep 28 13:50:59 lcdev sshd\[20716\]: Invalid user pr from 45.80.64.216 Sep 28 13:50:59 lcdev sshd\[20716\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.80.64.216 Sep 28 13:51:00 lcdev sshd\[20716\]: Failed password for invalid user pr from 45.80.64.216 port 43908 ssh2 Sep 28 13:55:14 lcdev sshd\[21108\]: Invalid user randall from 45.80.64.216 Sep 28 13:55:14 lcdev sshd\[21108\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.80.64.216	2019-09-29 08:02:50
attackspambots	Sep 27 07:06:31 server sshd\[18288\]: Invalid user dbtest from 45.80.64.216 port 50436 Sep 27 07:06:31 server sshd\[18288\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.80.64.216 Sep 27 07:06:33 server sshd\[18288\]: Failed password for invalid user dbtest from 45.80.64.216 port 50436 ssh2 Sep 27 07:10:47 server sshd\[1090\]: Invalid user patrol from 45.80.64.216 port 33242 Sep 27 07:10:47 server sshd\[1090\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.80.64.216	2019-09-27 15:25:38
attackspam	Sep 23 21:33:38 vtv3 sshd\[22285\]: Invalid user test from 45.80.64.216 port 39910 Sep 23 21:33:38 vtv3 sshd\[22285\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.80.64.216 Sep 23 21:33:41 vtv3 sshd\[22285\]: Failed password for invalid user test from 45.80.64.216 port 39910 ssh2 Sep 23 21:37:50 vtv3 sshd\[24645\]: Invalid user rust from 45.80.64.216 port 52130 Sep 23 21:37:50 vtv3 sshd\[24645\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.80.64.216 Sep 23 21:50:17 vtv3 sshd\[31419\]: Invalid user gaya from 45.80.64.216 port 60562 Sep 23 21:50:17 vtv3 sshd\[31419\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.80.64.216 Sep 23 21:50:18 vtv3 sshd\[31419\]: Failed password for invalid user gaya from 45.80.64.216 port 60562 ssh2 Sep 23 21:54:36 vtv3 sshd\[749\]: Invalid user joe from 45.80.64.216 port 44556 Sep 23 21:54:36 vtv3 sshd\[749\]: pam_unix$sshd:auth$: au	2019-09-24 08:27:11
attackspambots	SSH Bruteforce attempt	2019-09-23 03:21:40
attack	Invalid user user from 45.80.64.216 port 48774	2019-09-13 13:03:36
attackbots	Invalid user awsjava from 45.80.64.216 port 37854	2019-08-30 20:21:29
attackbotsspam	Aug 25 23:53:34 lnxweb61 sshd[5661]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.80.64.216	2019-08-26 08:52:07

Comments on same subnet:

IP	Type	Details	Datetime
45.80.64.230	attackspambots	2020-10-13T10:20:01.200032abusebot.cloudsearch.cf sshd[14448]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.80.64.230 user=root 2020-10-13T10:20:03.104678abusebot.cloudsearch.cf sshd[14448]: Failed password for root from 45.80.64.230 port 42440 ssh2 2020-10-13T10:23:40.882648abusebot.cloudsearch.cf sshd[14494]: Invalid user lr from 45.80.64.230 port 45290 2020-10-13T10:23:40.888202abusebot.cloudsearch.cf sshd[14494]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.80.64.230 2020-10-13T10:23:40.882648abusebot.cloudsearch.cf sshd[14494]: Invalid user lr from 45.80.64.230 port 45290 2020-10-13T10:23:42.859128abusebot.cloudsearch.cf sshd[14494]: Failed password for invalid user lr from 45.80.64.230 port 45290 ssh2 2020-10-13T10:27:03.341034abusebot.cloudsearch.cf sshd[14728]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.80.64.230 user=root 2020-10-13T10:2 ...	2020-10-14 00:13:21
45.80.64.230	attackbots	Oct 13 07:08:53 pornomens sshd\[28884\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.80.64.230 user=root Oct 13 07:08:54 pornomens sshd\[28884\]: Failed password for root from 45.80.64.230 port 43550 ssh2 Oct 13 07:12:49 pornomens sshd\[29018\]: Invalid user dle from 45.80.64.230 port 48430 Oct 13 07:12:49 pornomens sshd\[29018\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.80.64.230 ...	2020-10-13 15:25:49
45.80.64.230	attack	SSH brute force	2020-10-13 08:01:43
45.80.64.230	attackspam	Oct 12 11:47:11 ns3164893 sshd[6838]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.80.64.230 Oct 12 11:47:13 ns3164893 sshd[6838]: Failed password for invalid user demo from 45.80.64.230 port 45686 ssh2 ...	2020-10-12 21:57:58
45.80.64.230	attackspam	2020-10-12T03:52:46.550454abusebot-7.cloudsearch.cf sshd[19772]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.80.64.230 user=root 2020-10-12T03:52:48.815574abusebot-7.cloudsearch.cf sshd[19772]: Failed password for root from 45.80.64.230 port 57886 ssh2 2020-10-12T03:58:15.521108abusebot-7.cloudsearch.cf sshd[19785]: Invalid user barbara from 45.80.64.230 port 51206 2020-10-12T03:58:15.527133abusebot-7.cloudsearch.cf sshd[19785]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.80.64.230 2020-10-12T03:58:15.521108abusebot-7.cloudsearch.cf sshd[19785]: Invalid user barbara from 45.80.64.230 port 51206 2020-10-12T03:58:17.622102abusebot-7.cloudsearch.cf sshd[19785]: Failed password for invalid user barbara from 45.80.64.230 port 51206 ssh2 2020-10-12T04:01:44.833555abusebot-7.cloudsearch.cf sshd[19855]: Invalid user roberta from 45.80.64.230 port 54380 ...	2020-10-12 13:26:03
45.80.64.230	attackbotsspam	Sep 28 13:23:49 ws24vmsma01 sshd[101451]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.80.64.230 Sep 28 13:23:50 ws24vmsma01 sshd[101451]: Failed password for invalid user production from 45.80.64.230 port 43450 ssh2 ...	2020-09-29 00:45:08
45.80.64.230	attackbots	2020-09-28 01:41:20.041947-0500 localhost sshd[41809]: Failed password for invalid user matheus from 45.80.64.230 port 40754 ssh2	2020-09-28 16:48:25
45.80.64.230	attackspam	Invalid user lfs from 45.80.64.230 port 46094	2020-09-24 22:14:47
45.80.64.230	attackbots	Time: Thu Sep 24 05:25:04 2020 +0000 IP: 45.80.64.230 (RU/Russia/-) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Sep 24 05:13:49 3 sshd[15181]: Invalid user train1 from 45.80.64.230 port 38700 Sep 24 05:13:51 3 sshd[15181]: Failed password for invalid user train1 from 45.80.64.230 port 38700 ssh2 Sep 24 05:23:24 3 sshd[7811]: Invalid user admin from 45.80.64.230 port 45374 Sep 24 05:23:27 3 sshd[7811]: Failed password for invalid user admin from 45.80.64.230 port 45374 ssh2 Sep 24 05:25:00 3 sshd[12750]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.80.64.230 user=root	2020-09-24 14:07:06
45.80.64.230	attackbots	Sep 23 17:04:23 IngegnereFirenze sshd[27731]: Failed password for invalid user tmp from 45.80.64.230 port 55926 ssh2 ...	2020-09-24 05:35:31
45.80.64.246	attack	Sep 18 08:54:35 *** sshd[5294]: User root from 45.80.64.246 not allowed because not listed in AllowUsers	2020-09-18 23:44:39
45.80.64.246	attackspambots	Sep 17 07:16:23 XXX sshd[27956]: Invalid user superman from 45.80.64.246 port 42314	2020-09-18 15:52:41
45.80.64.246	attackbotsspam	Sep 17 18:59:37 vm0 sshd[29024]: Failed password for root from 45.80.64.246 port 33224 ssh2 Sep 17 23:02:46 vm0 sshd[32614]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.80.64.246 ...	2020-09-18 06:08:59
45.80.64.230	attackspam	Sep 16 18:54:28 ip106 sshd[19223]: Failed password for root from 45.80.64.230 port 43774 ssh2 ...	2020-09-17 18:10:24
45.80.64.230	attackspam	Sep 16 18:54:28 ip106 sshd[19223]: Failed password for root from 45.80.64.230 port 43774 ssh2 ...	2020-09-17 09:22:54

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.80.64.216
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 9207
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.80.64.216.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019082501 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Aug 26 08:52:02 CST 2019
;; MSG SIZE  rcvd: 116

Host info

Host 216.64.80.45.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 216.64.80.45.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
216.201.128.3	attackspam	www.fahrschule-mihm.de 216.201.128.3 \[19/Jul/2019:18:44:51 +0200\] "POST /wp-login.php HTTP/1.1" 200 5757 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" www.fahrschule-mihm.de 216.201.128.3 \[19/Jul/2019:18:44:51 +0200\] "POST /xmlrpc.php HTTP/1.1" 200 4106 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2019-07-20 02:46:46
137.74.158.99	attack	Auto reported by IDS	2019-07-20 02:42:58
69.248.75.60	attackbotsspam	2019-07-19T22:15:21.064160ns1.unifynetsol.net webmin\[3742\]: Invalid login as root from 69.248.75.60 2019-07-19T22:15:27.791342ns1.unifynetsol.net webmin\[3748\]: Invalid login as root from 69.248.75.60 2019-07-19T22:15:35.515939ns1.unifynetsol.net webmin\[3755\]: Invalid login as root from 69.248.75.60 2019-07-19T22:15:43.237673ns1.unifynetsol.net webmin\[3807\]: Invalid login as root from 69.248.75.60 2019-07-19T22:15:49.960775ns1.unifynetsol.net webmin\[3892\]: Invalid login as root from 69.248.75.60	2019-07-20 02:08:11
182.84.124.96	attack	Jul 18 03:28:15 euve59663 sshd[2251]: Invalid user pi from 182.84.124.9= 6 Jul 18 03:28:15 euve59663 sshd[2251]: pam_unix(sshd:auth): authenticati= on failure; logname=3D uid=3D0 euid=3D0 tty=3Dssh ruser=3D rhost=3D182.= 84.124.96=20 Jul 18 03:28:16 euve59663 sshd[2253]: Invalid user pi from 182.84.124.9= 6 Jul 18 03:28:17 euve59663 sshd[2253]: pam_unix(sshd:auth): authenticati= on failure; logname=3D uid=3D0 euid=3D0 tty=3Dssh ruser=3D rhost=3D182.= 84.124.96=20 Jul 18 03:28:17 euve59663 sshd[2251]: Failed password for invalid user = pi from 182.84.124.96 port 36417 ssh2 Jul 18 03:28:18 euve59663 sshd[2251]: Connection closed by 182.84.124.9= 6 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=182.84.124.96	2019-07-20 02:49:54
51.38.40.12	attack	Jul 19 18:44:53 andromeda postfix/smtpd\[15618\]: warning: ns3117215.ip-51-38-40.eu\[51.38.40.12\]: SASL LOGIN authentication failed: authentication failure Jul 19 18:44:53 andromeda postfix/smtpd\[15618\]: warning: ns3117215.ip-51-38-40.eu\[51.38.40.12\]: SASL LOGIN authentication failed: authentication failure Jul 19 18:44:54 andromeda postfix/smtpd\[15618\]: warning: ns3117215.ip-51-38-40.eu\[51.38.40.12\]: SASL LOGIN authentication failed: authentication failure Jul 19 18:44:54 andromeda postfix/smtpd\[15618\]: warning: ns3117215.ip-51-38-40.eu\[51.38.40.12\]: SASL LOGIN authentication failed: authentication failure Jul 19 18:44:54 andromeda postfix/smtpd\[15618\]: warning: ns3117215.ip-51-38-40.eu\[51.38.40.12\]: SASL LOGIN authentication failed: authentication failure	2019-07-20 02:42:02
61.153.184.12	attackspambots	445/tcp 445/tcp 445/tcp [2019-07-14/19]3pkt	2019-07-20 02:06:49
138.122.97.119	attack	445/tcp 445/tcp 445/tcp... [2019-05-22/07-19]17pkt,1pt.(tcp)	2019-07-20 02:12:39
86.3.164.248	attackspambots	2019-07-19T22:15:11.509181ns1.unifynetsol.net webmin\[3735\]: Invalid login as root from 86.3.164.248 2019-07-19T22:15:17.978485ns1.unifynetsol.net webmin\[3737\]: Invalid login as root from 86.3.164.248 2019-07-19T22:15:24.480189ns1.unifynetsol.net webmin\[3747\]: Invalid login as root from 86.3.164.248 2019-07-19T22:15:31.957792ns1.unifynetsol.net webmin\[3754\]: Invalid login as root from 86.3.164.248 2019-07-19T22:15:39.464105ns1.unifynetsol.net webmin\[3757\]: Invalid login as root from 86.3.164.248	2019-07-20 02:16:02
138.122.38.59	attack	$f2bV_matches	2019-07-20 02:30:42
46.161.27.42	attack	firewall-block, port(s): 1723/tcp	2019-07-20 02:28:56
91.90.232.101	attack	Autoban 91.90.232.101 AUTH/CONNECT	2019-07-20 02:17:31
104.248.181.166	attackbots	Jul 19 19:50:34 v22019058497090703 sshd[29502]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.181.166 Jul 19 19:50:36 v22019058497090703 sshd[29502]: Failed password for invalid user info from 104.248.181.166 port 42656 ssh2 Jul 19 19:57:06 v22019058497090703 sshd[29872]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.181.166 ...	2019-07-20 02:12:05
118.163.83.16	attackbotsspam	445/tcp 445/tcp 445/tcp... [2019-06-17/07-19]13pkt,1pt.(tcp)	2019-07-20 02:34:20
165.22.206.167	attackbots	19.07.2019 16:45:24 Connection to port 5500 blocked by firewall	2019-07-20 02:25:55
138.68.146.186	attackspambots	Jul 19 17:49:01 work-partkepr sshd\[16854\]: Invalid user unna from 138.68.146.186 port 35330 Jul 19 17:49:01 work-partkepr sshd\[16854\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.146.186 ...	2019-07-20 02:21:25

Recently Reported IPs

250.86.58.212	35.141.179.193	143.68.0.148	131.20.197.113
141.39.179.8	35.238.85.12	104.244.74.11	189.102.215.90
79.158.104.65	104.40.6.167	0.99.97.57	207.163.112.140
103.72.84.77	88.250.39.35	251.191.188.79	11.3.96.249
148.77.136.123	237.144.67.245	95.56.40.246	171.59.252.1