45.83.66.242 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Germany

Internet Service Provider: Alpha Strike Labs GmbH

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Unauthorized connection attempt detected from IP address 45.83.66.242 to port 102	2020-07-09 07:57:57

Comments on same subnet:

IP	Type	Details	Datetime
45.83.66.85	proxy	VPN fraud	2023-05-25 12:40:34
45.83.66.88	attack	" "	2020-08-10 06:53:28
45.83.66.234	attackbots	Unauthorized connection attempt detected from IP address 45.83.66.234 to port 110	2020-07-25 22:19:16
45.83.66.150	attackspambots	Unauthorized connection attempt detected from IP address 45.83.66.150 to port 443	2020-07-23 06:44:11
45.83.66.248	attack	Unauthorized connection attempt detected from IP address 45.83.66.248 to port 102	2020-07-09 07:57:32
45.83.66.71	attackspambots	Unauthorized connection attempt detected from IP address 45.83.66.71 to port 102	2020-07-09 06:53:39
45.83.66.171	attackspam	Unauthorized connection attempt detected from IP address 45.83.66.171 to port 102	2020-07-09 06:53:16
45.83.66.161	attackspam	Unauthorized connection attempt detected from IP address 45.83.66.161 to port 102	2020-07-09 05:07:07
45.83.66.36	attackbots	Unauthorized connection attempt detected from IP address 45.83.66.36 to port 53	2020-07-07 04:59:16
45.83.66.79	attack	Unauthorized connection attempt detected from IP address 45.83.66.79 to port 22	2020-07-07 04:58:54
45.83.66.116	attack	Unauthorized connection attempt detected from IP address 45.83.66.116 to port 110	2020-05-31 04:29:30
45.83.66.185	attackbotsspam	Unauthorized connection attempt detected from IP address 45.83.66.185 to port 110	2020-05-31 02:41:14
45.83.66.17	attackbotsspam	Scanning	2020-05-11 21:31:22
45.83.66.150	attackbots	Hits on port : 2012	2020-04-14 17:06:02
45.83.66.225	attackbots	" "	2020-04-01 15:56:44

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.83.66.242
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 25360
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.83.66.242.			IN	A

;; AUTHORITY SECTION:
.			470	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020070801 1800 900 604800 86400

;; Query time: 50 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jul 09 07:57:54 CST 2020
;; MSG SIZE  rcvd: 116

Host info

Host 242.66.83.45.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 242.66.83.45.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
116.109.181.210	attackbotsspam	20/9/8@12:51:29: FAIL: Alarm-Network address from=116.109.181.210 ...	2020-09-09 17:46:09
46.243.71.157	attack	" "	2020-09-09 17:34:58
107.179.13.141	attack	Port scan denied	2020-09-09 17:25:50
167.248.133.49	attack	[Wed Sep 09 15:04:27.846786 2020] [:error] [pid 3687:tid 140413889410816] [client 167.248.133.49:54684] [client 167.248.133.49] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197:80"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "X1iMixY@wYKpP8eltPSKqgAAAF8"] ...	2020-09-09 17:44:13
120.203.160.18	attackspam	Sep 9 02:19:03 dhoomketu sshd[2963082]: Failed password for invalid user tortoisesvn from 120.203.160.18 port 45357 ssh2 Sep 9 02:23:08 dhoomketu sshd[2963142]: Invalid user sysadm from 120.203.160.18 port 17544 Sep 9 02:23:08 dhoomketu sshd[2963142]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.203.160.18 Sep 9 02:23:08 dhoomketu sshd[2963142]: Invalid user sysadm from 120.203.160.18 port 17544 Sep 9 02:23:11 dhoomketu sshd[2963142]: Failed password for invalid user sysadm from 120.203.160.18 port 17544 ssh2 ...	2020-09-09 17:25:31
138.68.236.50	attack	Sep 9 11:38:51 fhem-rasp sshd[8413]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.236.50 user=root Sep 9 11:38:53 fhem-rasp sshd[8413]: Failed password for root from 138.68.236.50 port 55734 ssh2 ...	2020-09-09 17:46:57
61.177.172.142	attack	Sep 9 09:44:32 localhost sshd[75504]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.177.172.142 user=root Sep 9 09:44:35 localhost sshd[75504]: Failed password for root from 61.177.172.142 port 30619 ssh2 Sep 9 09:44:38 localhost sshd[75504]: Failed password for root from 61.177.172.142 port 30619 ssh2 Sep 9 09:44:32 localhost sshd[75504]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.177.172.142 user=root Sep 9 09:44:35 localhost sshd[75504]: Failed password for root from 61.177.172.142 port 30619 ssh2 Sep 9 09:44:38 localhost sshd[75504]: Failed password for root from 61.177.172.142 port 30619 ssh2 Sep 9 09:44:32 localhost sshd[75504]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.177.172.142 user=root Sep 9 09:44:35 localhost sshd[75504]: Failed password for root from 61.177.172.142 port 30619 ssh2 Sep 9 09:44:38 localhost sshd[75504]: Fa ...	2020-09-09 17:51:22
138.68.226.175	attackbotsspam	...	2020-09-09 17:29:17
217.170.206.138	attack	$f2bV_matches	2020-09-09 17:52:09
10.25.144.246	attackbotsspam	port scan and connect, tcp 443 (https)	2020-09-09 17:28:08
2.57.122.204	attack	Sep 9 09:51:53 internal-server-tf sshd\[5745\]: Invalid user tomcat from 2.57.122.204Sep 9 09:52:43 internal-server-tf sshd\[5759\]: Invalid user ansible from 2.57.122.204 ...	2020-09-09 17:57:53
192.241.246.167	attackbots	firewall-block, port(s): 7701/tcp	2020-09-09 17:31:56
49.233.17.42	attackbotsspam	Sep 9 00:11:22 vps-51d81928 sshd[314894]: Invalid user custserv from 49.233.17.42 port 50100 Sep 9 00:11:23 vps-51d81928 sshd[314894]: Failed password for invalid user custserv from 49.233.17.42 port 50100 ssh2 Sep 9 00:13:10 vps-51d81928 sshd[314917]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.17.42 user=root Sep 9 00:13:12 vps-51d81928 sshd[314917]: Failed password for root from 49.233.17.42 port 49268 ssh2 Sep 9 00:15:01 vps-51d81928 sshd[314932]: Invalid user super from 49.233.17.42 port 48434 ...	2020-09-09 17:33:15
68.183.126.143	attack	Invalid user jennie from 68.183.126.143 port 44594	2020-09-09 17:39:18
54.37.17.21	attackbotsspam	54.37.17.21 - - [09/Sep/2020:10:53:34 +0200] "GET /wp-login.php HTTP/1.1" 200 8558 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 54.37.17.21 - - [09/Sep/2020:10:53:35 +0200] "POST /wp-login.php HTTP/1.1" 200 8809 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 54.37.17.21 - - [09/Sep/2020:10:53:35 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-09-09 17:53:01

Recently Reported IPs

14.115.88.243	179.172.115.58	5.10.189.173	5.236.130.42
64.175.188.195	176.203.92.3	171.88.173.130	100.247.254.103
134.91.200.120	1.164.203.22	95.50.51.138	216.98.95.58
77.215.128.205	202.109.239.173	83.48.34.40	92.55.39.73
175.55.200.170	82.17.218.141	181.81.76.105	108.105.11.11