5.145.49.18 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Switzerland

Internet Service Provider: Valaiscom AG

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Nov 17 23:39:25 srv206 sshd[19546]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=18-49-145-5.dyn.cable.fcom.ch user=root Nov 17 23:39:28 srv206 sshd[19546]: Failed password for root from 5.145.49.18 port 52757 ssh2 Nov 17 23:39:29 srv206 sshd[19546]: Failed password for root from 5.145.49.18 port 52757 ssh2 Nov 17 23:39:25 srv206 sshd[19546]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=18-49-145-5.dyn.cable.fcom.ch user=root Nov 17 23:39:28 srv206 sshd[19546]: Failed password for root from 5.145.49.18 port 52757 ssh2 Nov 17 23:39:29 srv206 sshd[19546]: Failed password for root from 5.145.49.18 port 52757 ssh2 ...	2019-11-18 09:13:26
attackspambots	Oct 12 08:02:13 MK-Soft-Root1 sshd[21815]: Failed password for root from 5.145.49.18 port 58792 ssh2 Oct 12 08:02:16 MK-Soft-Root1 sshd[21815]: Failed password for root from 5.145.49.18 port 58792 ssh2 ...	2019-10-12 15:51:13

Type

Details

Datetime

attack

Nov 17 23:39:25 srv206 sshd[19546]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=18-49-145-5.dyn.cable.fcom.ch  user=root
Nov 17 23:39:28 srv206 sshd[19546]: Failed password for root from 5.145.49.18 port 52757 ssh2
Nov 17 23:39:29 srv206 sshd[19546]: Failed password for root from 5.145.49.18 port 52757 ssh2
Nov 17 23:39:25 srv206 sshd[19546]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=18-49-145-5.dyn.cable.fcom.ch  user=root
Nov 17 23:39:28 srv206 sshd[19546]: Failed password for root from 5.145.49.18 port 52757 ssh2
Nov 17 23:39:29 srv206 sshd[19546]: Failed password for root from 5.145.49.18 port 52757 ssh2
...

2019-11-18 09:13:26

attackspambots

Oct 12 08:02:13 MK-Soft-Root1 sshd[21815]: Failed password for root from 5.145.49.18 port 58792 ssh2
Oct 12 08:02:16 MK-Soft-Root1 sshd[21815]: Failed password for root from 5.145.49.18 port 58792 ssh2
...

2019-10-12 15:51:13

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 5.145.49.18
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 22468
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;5.145.49.18.			IN	A

;; AUTHORITY SECTION:
.			545	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019101200 1800 900 604800 86400

;; Query time: 221 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Oct 12 15:51:08 CST 2019
;; MSG SIZE  rcvd: 115

Host info

18.49.145.5.in-addr.arpa domain name pointer 18-49-145-5.dyn.cable.fcom.ch.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
18.49.145.5.in-addr.arpa	name = 18-49-145-5.dyn.cable.fcom.ch.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
104.197.185.83	attackspambots	Sep 19 13:50:11 intra sshd\[13298\]: Failed password for root from 104.197.185.83 port 38786 ssh2Sep 19 13:50:12 intra sshd\[13303\]: Invalid user admin from 104.197.185.83Sep 19 13:50:14 intra sshd\[13303\]: Failed password for invalid user admin from 104.197.185.83 port 55244 ssh2Sep 19 13:50:16 intra sshd\[13305\]: Invalid user admin from 104.197.185.83Sep 19 13:50:17 intra sshd\[13305\]: Failed password for invalid user admin from 104.197.185.83 port 43774 ssh2Sep 19 13:50:21 intra sshd\[13307\]: Invalid user user from 104.197.185.83 ...	2019-09-19 18:54:59
82.196.14.222	attack	ssh failed login	2019-09-19 19:12:11
176.59.206.243	attack	Unauthorised access (Sep 19) SRC=176.59.206.243 LEN=52 TTL=113 ID=21346 DF TCP DPT=445 WINDOW=8192 SYN	2019-09-19 19:05:49
23.129.64.181	attack	Sep 19 10:58:09 thevastnessof sshd[6525]: Failed password for root from 23.129.64.181 port 49479 ssh2 ...	2019-09-19 19:29:35
178.238.79.153	attack	Unauthorized connection attempt from IP address 178.238.79.153 on Port 445(SMB)	2019-09-19 19:34:20
43.224.180.206	attack	Chat Spam	2019-09-19 19:16:03
37.59.6.106	attack	Sep 19 10:50:25 ip-172-31-62-245 sshd\[2974\]: Invalid user eugen from 37.59.6.106\ Sep 19 10:50:27 ip-172-31-62-245 sshd\[2974\]: Failed password for invalid user eugen from 37.59.6.106 port 48450 ssh2\ Sep 19 10:54:26 ip-172-31-62-245 sshd\[2992\]: Invalid user tomcat from 37.59.6.106\ Sep 19 10:54:28 ip-172-31-62-245 sshd\[2992\]: Failed password for invalid user tomcat from 37.59.6.106 port 37392 ssh2\ Sep 19 10:58:27 ip-172-31-62-245 sshd\[3013\]: Invalid user bb from 37.59.6.106\	2019-09-19 19:28:30
91.98.100.138	attackbots	Attempt to attack host OS, exploiting network vulnerabilities, on 19-09-2019 10:57:42.	2019-09-19 18:52:00
59.13.139.54	attackspam	Sep 19 12:57:50 ns3367391 sshd\[741\]: Invalid user admin from 59.13.139.54 port 53894 Sep 19 12:57:50 ns3367391 sshd\[741\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.13.139.54 ...	2019-09-19 19:37:55
178.43.90.195	attackspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/178.43.90.195/ PL - 1H : (17) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : PL NAME ASN : ASN5617 IP : 178.43.90.195 CIDR : 178.42.0.0/15 PREFIX COUNT : 183 UNIQUE IP COUNT : 5363456 WYKRYTE ATAKI Z ASN5617 : 1H - 1 3H - 1 6H - 1 12H - 3 24H - 9 INFO : SYN Flood DDoS Attack Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN - data recovery	2019-09-19 19:04:39
189.244.183.172	attack	" "	2019-09-19 19:42:39
41.33.119.67	attackspam	2019-09-19T11:54:08.966077 sshd[19621]: Invalid user minecraft from 41.33.119.67 port 26239 2019-09-19T11:54:08.978526 sshd[19621]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.33.119.67 2019-09-19T11:54:08.966077 sshd[19621]: Invalid user minecraft from 41.33.119.67 port 26239 2019-09-19T11:54:11.426372 sshd[19621]: Failed password for invalid user minecraft from 41.33.119.67 port 26239 ssh2 2019-09-19T11:58:34.991579 sshd[19658]: Invalid user cis from 41.33.119.67 port 9006 ...	2019-09-19 18:46:36
45.136.109.95	attack	09/19/2019-06:08:33.620186 45.136.109.95 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-09-19 18:57:41
192.3.209.173	attack	Sep 19 01:09:08 web9 sshd\[22788\]: Invalid user antonio from 192.3.209.173 Sep 19 01:09:08 web9 sshd\[22788\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.3.209.173 Sep 19 01:09:11 web9 sshd\[22788\]: Failed password for invalid user antonio from 192.3.209.173 port 48158 ssh2 Sep 19 01:13:01 web9 sshd\[23452\]: Invalid user beng from 192.3.209.173 Sep 19 01:13:01 web9 sshd\[23452\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.3.209.173	2019-09-19 19:33:35
106.12.114.26	attackspambots	2019-09-19T11:31:26.993588abusebot-5.cloudsearch.cf sshd\[10572\]: Invalid user minho from 106.12.114.26 port 33798	2019-09-19 19:37:04

Recently Reported IPs

203.128.84.60	176.122.87.102	117.213.228.204	89.252.147.44
64.202.190.59	182.139.40.61	117.221.193.51	5.235.252.156
89.199.49.65	118.174.64.7	202.112.57.41	183.192.249.160
136.232.29.142	115.206.145.163	222.67.21.23	183.91.4.104
171.7.70.208	14.176.231.250	171.8.76.2	200.57.193.5