45.83.64.148 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Germany

Internet Service Provider: Alpha Strike Labs GmbH

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Honeypot hit.	2020-08-17 06:37:32

Comments on same subnet:

IP	Type	Details	Datetime
45.83.64.255	proxy	45.83.64.255	2023-06-08 13:14:10
45.83.64.235	attackbotsspam	port scan and connect, tcp 80 (http)	2020-09-29 02:48:45
45.83.64.235	attackspambots	port scan and connect, tcp 80 (http)	2020-09-28 18:55:56
45.83.64.178	attackspambots	Port Scan detected! ...	2020-08-30 04:30:20
45.83.64.26	attack	port scan and connect, tcp 143 (imap)	2020-08-23 07:44:39
45.83.64.18	attackbots	Unauthorised access (Aug 11) SRC=45.83.64.18 LEN=40 TOS=0x10 PREC=0x40 TTL=57 ID=1337 DF TCP DPT=21 WINDOW=0 SYN	2020-08-12 03:56:16
45.83.64.174	attack	Unauthorized connection attempt detected from IP address 45.83.64.174 to port 110	2020-07-25 21:58:00
45.83.64.190	attack	Unauthorized connection attempt detected from IP address 45.83.64.190 to port 110	2020-07-25 21:11:17
45.83.64.22	attackbots	Hit honeypot r.	2020-07-18 03:28:54
45.83.64.138	attackbots	Port scan denied	2020-07-13 23:06:08
45.83.64.229	attack	Unauthorized connection attempt detected from IP address 45.83.64.229 to port 102	2020-07-09 07:37:55
45.83.64.177	attack	Unauthorized connection attempt detected from IP address 45.83.64.177 to port 102	2020-07-09 06:09:37
45.83.64.232	attack	Unauthorized connection attempt detected from IP address 45.83.64.232 to port 102	2020-07-09 05:48:12
45.83.64.101	attackspambots	Unauthorized connection attempt detected from IP address 45.83.64.101 to port 102	2020-07-09 05:28:19
45.83.64.244	attackspam	Unauthorized connection attempt detected from IP address 45.83.64.244 to port 102	2020-07-09 05:27:52

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.83.64.148
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 19048
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.83.64.148.			IN	A

;; AUTHORITY SECTION:
.			136	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020081601 1800 900 604800 86400

;; Query time: 22 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Aug 17 06:37:29 CST 2020
;; MSG SIZE  rcvd: 116

Host info

Host 148.64.83.45.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 148.64.83.45.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
5.62.63.107	attackbots	Scanned 9 times in the last 24 hours on port 22	2020-09-25 11:23:50
106.12.89.206	attack	Port scan: Attack repeated for 24 hours	2020-09-25 11:30:34
168.62.50.138	attackspambots	2020-09-25T04:28:58.708549vps773228.ovh.net sshd[6833]: Failed password for root from 168.62.50.138 port 22564 ssh2 2020-09-25T05:12:23.703280vps773228.ovh.net sshd[7195]: Invalid user globalcompliance from 168.62.50.138 port 9294 2020-09-25T05:12:23.720941vps773228.ovh.net sshd[7195]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.62.50.138 2020-09-25T05:12:23.703280vps773228.ovh.net sshd[7195]: Invalid user globalcompliance from 168.62.50.138 port 9294 2020-09-25T05:12:25.022496vps773228.ovh.net sshd[7195]: Failed password for invalid user globalcompliance from 168.62.50.138 port 9294 ssh2 ...	2020-09-25 11:15:28
119.45.105.184	attack	20 attempts against mh-ssh on star	2020-09-25 11:15:45
66.117.12.196	attack	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-09-25 11:34:32
195.54.160.183	attack	Sep 25 04:31:55 cdc sshd[27692]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.54.160.183 Sep 25 04:31:57 cdc sshd[27692]: Failed password for invalid user unlock from 195.54.160.183 port 56288 ssh2	2020-09-25 11:33:50
61.239.114.12	attackspambots	61.239.114.12 - - [24/Sep/2020:22:51:35 +0100] "POST /wp-login.php HTTP/1.1" 200 2172 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 61.239.114.12 - - [24/Sep/2020:22:51:38 +0100] "POST /wp-login.php HTTP/1.1" 200 2220 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 61.239.114.12 - - [24/Sep/2020:22:51:40 +0100] "POST /xmlrpc.php HTTP/1.1" 200 247 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-25 11:35:04
128.199.168.172	attackbotsspam	(sshd) Failed SSH login from 128.199.168.172 (SG/Singapore/-): 5 in the last 3600 secs	2020-09-25 11:36:16
123.57.72.45	attack	123.57.72.45 (CN/China/-), 6 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 24 15:50:37 server2 sshd[698]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.136.185 user=root Sep 24 15:48:59 server2 sshd[30422]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.57.72.45 user=root Sep 24 15:46:37 server2 sshd[27945]: Failed password for root from 211.26.187.128 port 39766 ssh2 Sep 24 15:49:06 server2 sshd[30730]: Failed password for root from 121.131.232.156 port 37150 ssh2 Sep 24 15:49:01 server2 sshd[30422]: Failed password for root from 123.57.72.45 port 35986 ssh2 Sep 24 15:49:04 server2 sshd[30730]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.131.232.156 user=root IP Addresses Blocked: 206.189.136.185 (IN/India/-)	2020-09-25 10:54:59
64.225.126.137	attackbotsspam	(sshd) Failed SSH login from 64.225.126.137 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 24 22:20:48 server sshd[24416]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=64.225.126.137 user=root Sep 24 22:20:50 server sshd[24416]: Failed password for root from 64.225.126.137 port 43246 ssh2 Sep 24 22:24:06 server sshd[25232]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=64.225.126.137 user=root Sep 24 22:24:07 server sshd[25232]: Failed password for root from 64.225.126.137 port 57842 ssh2 Sep 24 22:25:29 server sshd[25643]: Invalid user user2 from 64.225.126.137 port 51716	2020-09-25 11:02:35
45.113.71.209	attackbots	Found on CINS badguys / proto=6 . srcport=57142 . dstport=8000 . (3303)	2020-09-25 11:12:26
206.189.171.239	attackspam	[f2b] sshd bruteforce, retries: 1	2020-09-25 11:33:23
37.228.227.113	attack	Email rejected due to spam filtering	2020-09-25 10:55:33
194.180.224.130	attackbotsspam	Sep 25 05:16:28 santamaria sshd\[3541\]: Invalid user admin from 194.180.224.130 Sep 25 05:16:28 santamaria sshd\[3544\]: Invalid user admin from 194.180.224.130 Sep 25 05:16:32 santamaria sshd\[3541\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.180.224.130 Sep 25 05:16:32 santamaria sshd\[3544\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.180.224.130 ...	2020-09-25 11:16:55
13.68.147.197	attackbotsspam	Sep 25 02:35:08 localhost sshd\[6595\]: Invalid user ght from 13.68.147.197 port 26828 Sep 25 02:35:08 localhost sshd\[6595\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.68.147.197 Sep 25 02:35:10 localhost sshd\[6595\]: Failed password for invalid user ght from 13.68.147.197 port 26828 ssh2 ...	2020-09-25 10:53:50

Recently Reported IPs

167.86.110.169	58.87.99.222	179.219.54.213	86.241.226.65
2001:470:1f06:488::2	45.240.63.82	91.78.24.59	200.68.15.210
236.214.248.81	209.141.36.236	173.230.142.224	121.224.253.244
167.99.88.37	153.188.110.16	211.255.27.172	23.185.142.45
76.44.242.94	226.254.32.5	218.18.152.90	98.38.158.238