5.45.109.61 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Germany

Internet Service Provider: netcup GmbH

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Apr 27 19:54:26 sshd\[6249\]: Invalid user deploy from 5.45.109.61Apr 27 19:54:28 sshd\[6249\]: Failed password for invalid user deploy from 5.45.109.61 port 37594 ssh2 ...	2020-04-28 02:10:15

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 5.45.109.61
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 40305
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;5.45.109.61.			IN	A

;; AUTHORITY SECTION:
.			355	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020042701 1800 900 604800 86400

;; Query time: 149 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Apr 28 02:10:11 CST 2020
;; MSG SIZE  rcvd: 115

Host info

61.109.45.5.in-addr.arpa domain name pointer blauerwahl.megasrv.de.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
61.109.45.5.in-addr.arpa	name = blauerwahl.megasrv.de.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
212.70.149.52	attackspam	Oct 4 23:20:36 cho postfix/smtpd[9850]: warning: unknown[212.70.149.52]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 4 23:21:01 cho postfix/smtpd[9850]: warning: unknown[212.70.149.52]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 4 23:21:27 cho postfix/smtpd[9897]: warning: unknown[212.70.149.52]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 4 23:21:53 cho postfix/smtpd[9897]: warning: unknown[212.70.149.52]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 4 23:22:18 cho postfix/smtpd[9850]: warning: unknown[212.70.149.52]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-10-05 05:25:24
62.99.90.10	attack	IP blocked	2020-10-05 05:00:28
112.85.42.120	attackspambots	2020-10-04T21:25:02.378975abusebot-8.cloudsearch.cf sshd[21172]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.120 user=root 2020-10-04T21:25:04.059214abusebot-8.cloudsearch.cf sshd[21172]: Failed password for root from 112.85.42.120 port 53800 ssh2 2020-10-04T21:25:07.290441abusebot-8.cloudsearch.cf sshd[21172]: Failed password for root from 112.85.42.120 port 53800 ssh2 2020-10-04T21:25:02.378975abusebot-8.cloudsearch.cf sshd[21172]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.120 user=root 2020-10-04T21:25:04.059214abusebot-8.cloudsearch.cf sshd[21172]: Failed password for root from 112.85.42.120 port 53800 ssh2 2020-10-04T21:25:07.290441abusebot-8.cloudsearch.cf sshd[21172]: Failed password for root from 112.85.42.120 port 53800 ssh2 2020-10-04T21:25:02.378975abusebot-8.cloudsearch.cf sshd[21172]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruse ...	2020-10-05 05:33:12
45.160.136.66	attackbotsspam	Oct 4 17:18:44 mail.srvfarm.net postfix/smtps/smtpd[1046363]: warning: unknown[45.160.136.66]: SASL PLAIN authentication failed: Oct 4 17:18:44 mail.srvfarm.net postfix/smtps/smtpd[1046363]: lost connection after AUTH from unknown[45.160.136.66] Oct 4 17:20:24 mail.srvfarm.net postfix/smtpd[1047066]: warning: unknown[45.160.136.66]: SASL PLAIN authentication failed: Oct 4 17:20:24 mail.srvfarm.net postfix/smtpd[1047066]: lost connection after AUTH from unknown[45.160.136.66] Oct 4 17:26:44 mail.srvfarm.net postfix/smtps/smtpd[1047334]: warning: unknown[45.160.136.66]: SASL PLAIN authentication failed:	2020-10-05 05:23:03
189.126.173.27	attackspambots	Oct 4 15:27:28 mail.srvfarm.net postfix/smtps/smtpd[1019621]: warning: unknown[189.126.173.27]: SASL PLAIN authentication failed: Oct 4 15:27:29 mail.srvfarm.net postfix/smtps/smtpd[1019621]: lost connection after AUTH from unknown[189.126.173.27] Oct 4 15:29:53 mail.srvfarm.net postfix/smtpd[1006937]: warning: unknown[189.126.173.27]: SASL PLAIN authentication failed: Oct 4 15:29:53 mail.srvfarm.net postfix/smtpd[1006937]: lost connection after AUTH from unknown[189.126.173.27] Oct 4 15:33:01 mail.srvfarm.net postfix/smtpd[1022610]: warning: unknown[189.126.173.27]: SASL PLAIN authentication failed:	2020-10-05 05:18:35
5.149.95.25	attackbotsspam	Oct 4 09:46:32 mail.srvfarm.net postfix/smtps/smtpd[766717]: warning: unknown[5.149.95.25]: SASL PLAIN authentication failed: Oct 4 09:46:32 mail.srvfarm.net postfix/smtps/smtpd[766717]: lost connection after AUTH from unknown[5.149.95.25] Oct 4 09:47:20 mail.srvfarm.net postfix/smtps/smtpd[766717]: warning: unknown[5.149.95.25]: SASL PLAIN authentication failed: Oct 4 09:47:20 mail.srvfarm.net postfix/smtps/smtpd[766717]: lost connection after AUTH from unknown[5.149.95.25] Oct 4 09:54:40 mail.srvfarm.net postfix/smtps/smtpd[764940]: warning: unknown[5.149.95.25]: SASL PLAIN authentication failed:	2020-10-05 05:24:42
218.92.0.173	attack	Oct 4 23:00:36 sso sshd[17012]: Failed password for root from 218.92.0.173 port 41853 ssh2 Oct 4 23:00:39 sso sshd[17012]: Failed password for root from 218.92.0.173 port 41853 ssh2 ...	2020-10-05 05:01:07
177.130.163.38	attackspam	Brute force attempt	2020-10-05 05:29:30
139.59.211.245	attackspam	SSH brutforce	2020-10-05 04:59:23
101.251.222.158	attackbots	Cowrie Honeypot: Unauthorised SSH/Telnet login attempt with user "root" at 2020-10-04T19:31:54Z	2020-10-05 05:13:28
114.5.194.58	attackspambots	Oct 3 22:03:58 mail.srvfarm.net postfix/smtpd[656144]: warning: unknown[114.5.194.58]: SASL PLAIN authentication failed: Oct 3 22:03:58 mail.srvfarm.net postfix/smtpd[656144]: lost connection after AUTH from unknown[114.5.194.58] Oct 3 22:12:04 mail.srvfarm.net postfix/smtpd[660369]: warning: unknown[114.5.194.58]: SASL PLAIN authentication failed: Oct 3 22:12:04 mail.srvfarm.net postfix/smtpd[660372]: warning: unknown[114.5.194.58]: SASL PLAIN authentication failed: Oct 3 22:12:04 mail.srvfarm.net postfix/smtpd[660372]: lost connection after AUTH from unknown[114.5.194.58]	2020-10-05 05:32:56
129.226.138.179	attackbotsspam	Oct 4 18:53:42 journals sshd\[65975\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.226.138.179 user=root Oct 4 18:53:44 journals sshd\[65975\]: Failed password for root from 129.226.138.179 port 43974 ssh2 Oct 4 18:57:39 journals sshd\[66336\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.226.138.179 user=root Oct 4 18:57:41 journals sshd\[66336\]: Failed password for root from 129.226.138.179 port 49140 ssh2 Oct 4 19:01:31 journals sshd\[66674\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.226.138.179 user=root ...	2020-10-05 05:11:38
123.149.211.140	attackbotsspam	Lines containing failures of 123.149.211.140 (max 1000) Oct 3 19:22:20 UTC__SANYALnet-Labs__cac1 sshd[22204]: Connection from 123.149.211.140 port 5243 on 64.137.179.160 port 22 Oct 3 19:22:21 UTC__SANYALnet-Labs__cac1 sshd[22204]: Invalid user admin from 123.149.211.140 port 5243 Oct 3 19:22:21 UTC__SANYALnet-Labs__cac1 sshd[22204]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.149.211.140 Oct 3 19:22:23 UTC__SANYALnet-Labs__cac1 sshd[22204]: Failed password for invalid user admin from 123.149.211.140 port 5243 ssh2 Oct 3 19:22:23 UTC__SANYALnet-Labs__cac1 sshd[22204]: Received disconnect from 123.149.211.140 port 5243:11: Bye Bye [preauth] Oct 3 19:22:23 UTC__SANYALnet-Labs__cac1 sshd[22204]: Disconnected from 123.149.211.140 port 5243 [preauth] Oct 3 19:25:38 UTC__SANYALnet-Labs__cac1 sshd[22319]: Connection from 123.149.211.140 port 5360 on 64.137.179.160 port 22 Oct 3 19:25:40 UTC__SANYALnet-Labs__cac1 sshd[22319........ ------------------------------	2020-10-05 05:15:58
218.104.225.140	attackspambots	Invalid user oracle from 218.104.225.140 port 17064	2020-10-05 05:07:29
129.211.17.22	attack	SSH Brute-Force attacks	2020-10-05 05:32:25

Recently Reported IPs

117.97.137.240	174.221.129.240	45.148.10.74	183.89.214.61
220.235.54.72	79.176.30.62	170.239.83.143	112.165.87.164
156.96.155.248	118.89.154.68	218.141.161.215	200.169.6.204
186.235.188.93	247.23.55.55	177.107.197.146	138.19.167.75
77.88.5.176	178.158.231.4	91.64.135.207	199.126.178.170