45.80.70.67 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Russian Federation

Internet Service Provider: Beget LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Nov 23 18:53:21 ny01 sshd[6686]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.80.70.67 Nov 23 18:53:23 ny01 sshd[6686]: Failed password for invalid user server from 45.80.70.67 port 51810 ssh2 Nov 23 18:59:47 ny01 sshd[7794]: Failed password for games from 45.80.70.67 port 59706 ssh2	2019-11-24 08:15:46
attackspam	Nov 22 21:12:13 eddieflores sshd\[7715\]: Invalid user luehman from 45.80.70.67 Nov 22 21:12:13 eddieflores sshd\[7715\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.80.70.67 Nov 22 21:12:15 eddieflores sshd\[7715\]: Failed password for invalid user luehman from 45.80.70.67 port 42418 ssh2 Nov 22 21:16:05 eddieflores sshd\[8018\]: Invalid user liuyongyishengpingan from 45.80.70.67 Nov 22 21:16:05 eddieflores sshd\[8018\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.80.70.67	2019-11-23 15:30:43
attack	Nov 22 14:23:07 sachi sshd\[27590\]: Invalid user 123Admin from 45.80.70.67 Nov 22 14:23:07 sachi sshd\[27590\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.80.70.67 Nov 22 14:23:10 sachi sshd\[27590\]: Failed password for invalid user 123Admin from 45.80.70.67 port 42254 ssh2 Nov 22 14:26:56 sachi sshd\[27878\]: Invalid user petern from 45.80.70.67 Nov 22 14:26:56 sachi sshd\[27878\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.80.70.67	2019-11-23 08:37:40

Type

Details

Datetime

attackbots

Nov 23 18:53:21 ny01 sshd[6686]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.80.70.67
Nov 23 18:53:23 ny01 sshd[6686]: Failed password for invalid user server from 45.80.70.67 port 51810 ssh2
Nov 23 18:59:47 ny01 sshd[7794]: Failed password for games from 45.80.70.67 port 59706 ssh2

2019-11-24 08:15:46

attackspam

Nov 22 21:12:13 eddieflores sshd\[7715\]: Invalid user luehman from 45.80.70.67
Nov 22 21:12:13 eddieflores sshd\[7715\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.80.70.67
Nov 22 21:12:15 eddieflores sshd\[7715\]: Failed password for invalid user luehman from 45.80.70.67 port 42418 ssh2
Nov 22 21:16:05 eddieflores sshd\[8018\]: Invalid user liuyongyishengpingan from 45.80.70.67
Nov 22 21:16:05 eddieflores sshd\[8018\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.80.70.67

2019-11-23 15:30:43

attack

Nov 22 14:23:07 sachi sshd\[27590\]: Invalid user 123Admin from 45.80.70.67
Nov 22 14:23:07 sachi sshd\[27590\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.80.70.67
Nov 22 14:23:10 sachi sshd\[27590\]: Failed password for invalid user 123Admin from 45.80.70.67 port 42254 ssh2
Nov 22 14:26:56 sachi sshd\[27878\]: Invalid user petern from 45.80.70.67
Nov 22 14:26:56 sachi sshd\[27878\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.80.70.67

2019-11-23 08:37:40

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.80.70.67
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 40267
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.80.70.67.			IN	A

;; AUTHORITY SECTION:
.			557	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019112201 1800 900 604800 86400

;; Query time: 103 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Nov 23 08:37:35 CST 2019
;; MSG SIZE  rcvd: 115

Host info

Host 67.70.80.45.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 67.70.80.45.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
190.82.109.194	attack	Aug 20 10:46:33 localhost kernel: [50208.540275] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=190.82.109.194 DST=[mungedIP2] LEN=52 TOS=0x00 PREC=0x00 TTL=111 ID=2901 DF PROTO=TCP SPT=55249 DPT=445 WINDOW=8192 RES=0x00 SYN URGP=0 Aug 20 10:46:33 localhost kernel: [50208.540323] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=190.82.109.194 DST=[mungedIP2] LEN=52 TOS=0x00 PREC=0x00 TTL=111 ID=2901 DF PROTO=TCP SPT=55249 DPT=445 SEQ=1922261739 ACK=0 WINDOW=8192 RES=0x00 SYN URGP=0 OPT (020405780103030801010402) Aug 20 10:46:34 localhost kernel: [50209.537457] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=190.82.109.194 DST=[mungedIP2] LEN=52 TOS=0x00 PREC=0x00 TTL=111 ID=3316 DF PROTO=TCP SPT=55448 DPT=1433 WINDOW=8192 RES=0x00 SYN URGP=0 Aug 20 10:46:34 localhost kernel: [50209.537490] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=190.82.109.194 DST=[	2019-08-21 06:46:06
106.13.52.74	attack	Aug 20 21:51:50 eventyay sshd[4979]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.52.74 Aug 20 21:51:52 eventyay sshd[4979]: Failed password for invalid user git from 106.13.52.74 port 49198 ssh2 Aug 20 21:56:37 eventyay sshd[6025]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.52.74 ...	2019-08-21 07:12:54
37.139.4.138	attack	Aug 20 18:50:48 web8 sshd\[27907\]: Invalid user qhsupport from 37.139.4.138 Aug 20 18:50:48 web8 sshd\[27907\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.4.138 Aug 20 18:50:50 web8 sshd\[27907\]: Failed password for invalid user qhsupport from 37.139.4.138 port 36189 ssh2 Aug 20 18:55:14 web8 sshd\[30031\]: Invalid user mine from 37.139.4.138 Aug 20 18:55:14 web8 sshd\[30031\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.4.138	2019-08-21 07:06:12
102.65.158.35	attack	Aug 20 11:09:32 indra sshd[880603]: Invalid user ase from 102.65.158.35 Aug 20 11:09:32 indra sshd[880603]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=102-65-158-35.dsl.web.africa Aug 20 11:09:34 indra sshd[880603]: Failed password for invalid user ase from 102.65.158.35 port 48084 ssh2 Aug 20 11:09:34 indra sshd[880603]: Received disconnect from 102.65.158.35: 11: Bye Bye [preauth] Aug 20 11:23:05 indra sshd[884266]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=102-65-158-35.dsl.web.africa user=r.r Aug 20 11:23:07 indra sshd[884266]: Failed password for r.r from 102.65.158.35 port 47380 ssh2 Aug 20 11:23:07 indra sshd[884266]: Received disconnect from 102.65.158.35: 11: Bye Bye [preauth] Aug 20 11:28:27 indra sshd[885186]: Invalid user kass from 102.65.158.35 Aug 20 11:28:27 indra sshd[885186]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost........ -------------------------------	2019-08-21 07:10:51
187.6.249.142	attack	Aug 20 17:48:38 legacy sshd[10730]: Failed password for root from 187.6.249.142 port 51722 ssh2 Aug 20 17:54:15 legacy sshd[10900]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.6.249.142 Aug 20 17:54:17 legacy sshd[10900]: Failed password for invalid user es from 187.6.249.142 port 41374 ssh2 ...	2019-08-21 06:45:12
190.96.91.28	attack	firewall-block, port(s): 23/tcp	2019-08-21 07:09:35
5.39.67.154	attackbotsspam	Aug 20 16:46:48 icinga sshd[24002]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.39.67.154 Aug 20 16:46:50 icinga sshd[24002]: Failed password for invalid user deploy from 5.39.67.154 port 48981 ssh2 ...	2019-08-21 06:38:45
51.38.230.62	attackbots	Aug 20 20:25:02 web8 sshd\[10275\]: Invalid user laura from 51.38.230.62 Aug 20 20:25:02 web8 sshd\[10275\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.230.62 Aug 20 20:25:04 web8 sshd\[10275\]: Failed password for invalid user laura from 51.38.230.62 port 41040 ssh2 Aug 20 20:28:56 web8 sshd\[12121\]: Invalid user admin from 51.38.230.62 Aug 20 20:28:56 web8 sshd\[12121\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.230.62	2019-08-21 06:48:40
173.239.37.152	attackspam	Aug 20 23:59:00 [snip] sshd[29031]: Invalid user nvidia from 173.239.37.152 port 59492 Aug 20 23:59:00 [snip] sshd[29031]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=173.239.37.152 Aug 20 23:59:02 [snip] sshd[29031]: Failed password for invalid user nvidia from 173.239.37.152 port 59492 ssh2[...]	2019-08-21 07:00:50
111.230.228.113	attackspam	Aug 20 16:46:30 lnxded64 sshd[24510]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.230.228.113	2019-08-21 06:47:47
58.182.81.193	attack	/wp-login.php	2019-08-21 07:05:50
51.38.237.214	attack	Aug 20 21:26:54 SilenceServices sshd[6134]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.237.214 Aug 20 21:26:55 SilenceServices sshd[6134]: Failed password for invalid user asd from 51.38.237.214 port 45622 ssh2 Aug 20 21:30:58 SilenceServices sshd[9614]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.237.214	2019-08-21 07:01:47
61.244.186.37	attackspam	Aug 20 16:28:17 ny01 sshd[11745]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.244.186.37 Aug 20 16:28:19 ny01 sshd[11745]: Failed password for invalid user Administrator from 61.244.186.37 port 54535 ssh2 Aug 20 16:34:04 ny01 sshd[12301]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.244.186.37	2019-08-21 06:34:36
94.102.49.190	attackspambots	9002/tcp 129/udp 9160/tcp... [2019-06-19/08-20]228pkt,139pt.(tcp),24pt.(udp)	2019-08-21 06:46:34
185.176.27.114	attackspam	08/20/2019-17:59:24.345252 185.176.27.114 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-08-21 06:41:19

Recently Reported IPs

126.109.242.249	208.142.152.26	31.1.116.127	127.88.26.46
199.69.131.163	4.125.85.210	206.72.192.170	184.233.253.93
16.183.221.37	237.194.138.156	165.149.106.223	117.1.116.57
113.162.150.241	37.49.230.11	129.211.123.242	68.183.46.134
111.2.184.12	42.117.62.146	183.214.161.25	60.172.85.171