5.45.68.189 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Netherlands

Internet Service Provider: 3NT Solutions LLP

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Dear Sir / Madam, Yesterday, my close friend (Simona Simova) was contacted via fake Facebook profile to be informed that she has a profile on a escort website. While researching via the German phone number used in the advert, we have came across more ads. These profiles are created without her permission and she is now very upset. Here is a list of the profiles we have found: - https://escortsofia.info/de/sia-11/ (5.45.68.189) - https://escortsofia.info/de/eleonora-8/ (5.45.68.189) - https://escortinberlin.info/eleonora-3/ (5.45.68.189) - https://escortinberlin.info/sia-2/ (5.45.68.189) We have already hired a lawyer in Germany who will escalate the issue to the authorities.	2020-04-24 03:31:08

Type

Details

Datetime

attackbotsspam

Dear Sir / Madam, 
Yesterday, my close friend (Simona Simova) was contacted via fake Facebook profile to be informed that she has a profile on a escort website. While researching via the German phone number used in the advert, we have came across more ads. These profiles are created without her permission and she is now very upset. 

Here is a list of the profiles we have found: 

- https://escortsofia.info/de/sia-11/ (5.45.68.189)
- https://escortsofia.info/de/eleonora-8/ (5.45.68.189)
- https://escortinberlin.info/eleonora-3/ (5.45.68.189)
- https://escortinberlin.info/sia-2/ (5.45.68.189)

We have already hired a lawyer in Germany who will escalate the issue to the authorities.

2020-04-24 03:31:08

Comments on same subnet:

IP	Type	Details	Datetime
5.45.68.133	attackbotsspam	ET CINS Active Threat Intelligence Poor Reputation IP group 5 - port: 55611 proto: tcp cat: Misc Attackbytes: 60	2020-10-01 07:26:06
5.45.68.133	attack	ET CINS Active Threat Intelligence Poor Reputation IP group 5 - port: 55608 proto: tcp cat: Misc Attackbytes: 60	2020-09-30 23:53:40
5.45.68.133	attackspambots	(PERMBLOCK) 5.45.68.133 (NL/Netherlands/-) has had more than 4 temp blocks in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_PERMBLOCK_COUNT; Logs:	2020-09-30 16:19:14
5.45.68.15	attackspambots	"Unrouteable address"	2020-03-28 08:32:57
5.45.68.19	attackspam	WP Authentication failure	2019-07-15 18:24:20
5.45.68.19	attackspam	SQL Injection Exploit Attempts	2019-07-01 05:07:03

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 5.45.68.189
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 9764
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;5.45.68.189.			IN	A

;; AUTHORITY SECTION:
.			538	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020042301 1800 900 604800 86400

;; Query time: 98 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Apr 24 03:31:04 CST 2020
;; MSG SIZE  rcvd: 115

Host info

Host 189.68.45.5.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 189.68.45.5.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
183.213.147.121	attackspam	2019-08-31T01:39:23Z - RDP login failed multiple times. (183.213.147.121)	2019-08-31 10:14:29
124.128.158.37	attackspambots	Aug 31 02:04:46 hb sshd\[28677\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.128.158.37 user=postfix Aug 31 02:04:48 hb sshd\[28677\]: Failed password for postfix from 124.128.158.37 port 33740 ssh2 Aug 31 02:08:27 hb sshd\[29001\]: Invalid user applmgr from 124.128.158.37 Aug 31 02:08:27 hb sshd\[29001\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.128.158.37 Aug 31 02:08:28 hb sshd\[29001\]: Failed password for invalid user applmgr from 124.128.158.37 port 33741 ssh2	2019-08-31 10:18:06
106.248.249.26	attack	$f2bV_matches_ltvn	2019-08-31 10:27:40
159.203.122.149	attackspam	Aug 31 01:36:10 localhost sshd\[60918\]: Invalid user testu from 159.203.122.149 port 33796 Aug 31 01:36:10 localhost sshd\[60918\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.122.149 Aug 31 01:36:12 localhost sshd\[60918\]: Failed password for invalid user testu from 159.203.122.149 port 33796 ssh2 Aug 31 01:39:36 localhost sshd\[61064\]: Invalid user cpotter from 159.203.122.149 port 53453 Aug 31 01:39:36 localhost sshd\[61064\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.122.149 ...	2019-08-31 09:55:50
186.5.109.211	attackspam	Aug 31 03:44:24 mail sshd\[8188\]: Failed password for invalid user felix from 186.5.109.211 port 36306 ssh2 Aug 31 03:49:08 mail sshd\[8916\]: Invalid user norm from 186.5.109.211 port 59726 Aug 31 03:49:08 mail sshd\[8916\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.5.109.211 Aug 31 03:49:10 mail sshd\[8916\]: Failed password for invalid user norm from 186.5.109.211 port 59726 ssh2 Aug 31 03:53:54 mail sshd\[9422\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.5.109.211 user=root	2019-08-31 10:00:18
189.206.1.142	attackspambots	Aug 30 16:27:08 web1 sshd\[29688\]: Invalid user adam from 189.206.1.142 Aug 30 16:27:08 web1 sshd\[29688\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.206.1.142 Aug 30 16:27:10 web1 sshd\[29688\]: Failed password for invalid user adam from 189.206.1.142 port 37428 ssh2 Aug 30 16:31:38 web1 sshd\[30123\]: Invalid user qwerty from 189.206.1.142 Aug 30 16:31:38 web1 sshd\[30123\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.206.1.142	2019-08-31 10:41:00
84.16.242.55	attack	SIP brute force	2019-08-31 10:40:20
142.93.251.39	attackbots	Aug 31 03:48:53 mail sshd\[8817\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.251.39 Aug 31 03:48:55 mail sshd\[8817\]: Failed password for invalid user avis from 142.93.251.39 port 43756 ssh2 Aug 31 03:52:49 mail sshd\[9356\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.251.39 user=root Aug 31 03:52:51 mail sshd\[9356\]: Failed password for root from 142.93.251.39 port 60142 ssh2 Aug 31 03:56:31 mail sshd\[9729\]: Invalid user testserver from 142.93.251.39 port 48302	2019-08-31 10:01:54
51.77.82.237	attackbots	2019-08-31T01:59:10.225740abusebot-7.cloudsearch.cf sshd\[1218\]: Invalid user nginx from 51.77.82.237 port 36370	2019-08-31 10:04:21
210.245.8.23	attack	Aug 31 04:02:30 eventyay sshd[20664]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.245.8.23 Aug 31 04:02:31 eventyay sshd[20664]: Failed password for invalid user psybnc from 210.245.8.23 port 39980 ssh2 Aug 31 04:09:20 eventyay sshd[22197]: Failed password for root from 210.245.8.23 port 56200 ssh2 ...	2019-08-31 10:11:44
121.254.26.153	attackspam	Aug 31 03:50:30 mail sshd\[9090\]: Invalid user edward from 121.254.26.153 port 33208 Aug 31 03:50:30 mail sshd\[9090\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.254.26.153 Aug 31 03:50:32 mail sshd\[9090\]: Failed password for invalid user edward from 121.254.26.153 port 33208 ssh2 Aug 31 03:55:16 mail sshd\[9595\]: Invalid user rezvie from 121.254.26.153 port 50230 Aug 31 03:55:16 mail sshd\[9595\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.254.26.153	2019-08-31 10:02:33
222.186.52.89	attack	SSH Brute Force, server-1 sshd[2891]: Failed password for root from 222.186.52.89 port 43524 ssh2	2019-08-31 10:33:28
41.196.0.189	attackspam	Aug 31 03:29:52 legacy sshd[2979]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.196.0.189 Aug 31 03:29:54 legacy sshd[2979]: Failed password for invalid user webaccess from 41.196.0.189 port 59382 ssh2 Aug 31 03:39:35 legacy sshd[3158]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.196.0.189 ...	2019-08-31 09:58:58
97.87.244.154	attack	Aug 31 04:43:41 bouncer sshd\[1903\]: Invalid user maustin from 97.87.244.154 port 34226 Aug 31 04:43:41 bouncer sshd\[1903\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=97.87.244.154 Aug 31 04:43:44 bouncer sshd\[1903\]: Failed password for invalid user maustin from 97.87.244.154 port 34226 ssh2 ...	2019-08-31 10:52:06
159.65.4.64	attackbots	Aug 30 15:52:42 auw2 sshd\[23555\]: Invalid user git from 159.65.4.64 Aug 30 15:52:42 auw2 sshd\[23555\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.4.64 Aug 30 15:52:44 auw2 sshd\[23555\]: Failed password for invalid user git from 159.65.4.64 port 50590 ssh2 Aug 30 15:56:42 auw2 sshd\[23873\]: Invalid user kaysha from 159.65.4.64 Aug 30 15:56:42 auw2 sshd\[23873\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.4.64	2019-08-31 10:09:28

Recently Reported IPs

14.188.20.17	104.215.188.2	102.133.229.185	79.143.31.183
191.193.17.116	147.100.254.24	191.234.189.22	189.254.117.104
13.92.138.88	171.6.164.189	101.91.222.97	13.76.94.26
13.70.139.79	179.225.244.50	65.52.29.109	254.85.216.4
62.210.79.219	110.127.109.13	2.249.176.128	101.199.108.75