74.82.47.45 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: Hurricane Electric LLC

Hostname: unknown

Organization: Hurricane Electric LLC

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
proxy	Fraud VPN	2023-03-03 13:59:32
attackbotsspam	TCP (SYN) 74.82.47.45:46122 -> port 389, len 44	2020-07-15 07:33:50
attackspambots	Jun 30 18:01:59 debian-2gb-nbg1-2 kernel: \[15791556.801837\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=74.82.47.45 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=54321 PROTO=TCP SPT=38674 DPT=631 WINDOW=65535 RES=0x00 SYN URGP=0	2020-07-01 21:14:23
attackbots	1586952381 - 04/15/2020 14:06:21 Host: scan-12i.shadowserver.org/74.82.47.45 Port: 17 UDP Blocked	2020-04-16 04:12:44
attackspambots	" "	2020-03-10 05:02:35
attackbotsspam	firewall-block, port(s): 11211/tcp	2019-12-07 05:03:55
attackbots	8080/tcp 50075/tcp 21/tcp... [2019-09-29/11-29]40pkt,16pt.(tcp),1pt.(udp)	2019-11-30 04:54:02
attackbotsspam	1572523029 - 10/31/2019 12:57:09 Host: scan-12i.shadowserver.org/74.82.47.45 Port: 17 UDP Blocked	2019-11-01 04:17:17
attackbotsspam	3389BruteforceFW21	2019-07-25 08:12:56

Comments on same subnet:

IP	Type	Details	Datetime
74.82.47.49	attack	Vulnerability Scanner	2024-04-13 11:54:50
74.82.47.5	attack	Vulnerability Scanner	2024-04-13 11:50:35
74.82.47.46	attack	intensive testing of the conectatre	2024-03-18 14:45:26
74.82.47.15	attack	hacking	2024-02-21 13:59:46
74.82.47.20	proxy	VPN fraud	2023-06-06 12:51:18
74.82.47.16	proxy	VPN fraud	2023-05-26 13:02:16
74.82.47.6	proxy	VPN fraud	2023-04-03 13:05:55
74.82.47.1	proxy	VPN fraud	2023-03-30 12:51:00
74.82.47.41	proxy	Fraud VPN	2023-02-07 19:50:45
74.82.47.48	proxy	VPN	2023-01-19 19:48:09
74.82.47.19	proxy	VPN attack	2023-01-02 14:10:32
74.82.47.39	proxy	VPN	2022-12-20 22:34:31
74.82.47.28	proxy	Attack VPN	2022-12-15 13:56:46
74.82.47.47	attack	Unexpected packet received from 74.82.47.47:50889	2022-12-01 02:49:01
74.82.47.14	attack	deleterious host	2022-11-21 22:16:44

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 74.82.47.45
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 40402
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;74.82.47.45.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019041700 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Wed Apr 17 17:50:31 +08 2019
;; MSG SIZE  rcvd: 115

Host info

45.47.82.74.in-addr.arpa is an alias for 45.0-26.47.82.74.in-addr.arpa.
45.0-26.47.82.74.in-addr.arpa domain name pointer scan-12i.shadowserver.org.

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
45.47.82.74.in-addr.arpa	canonical name = 45.0-26.47.82.74.in-addr.arpa.
45.0-26.47.82.74.in-addr.arpa	name = scan-12i.shadowserver.org.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
81.169.171.57	attack	Aug 19 20:20:30 php1 sshd\[16101\]: Invalid user support12 from 81.169.171.57 Aug 19 20:20:30 php1 sshd\[16101\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.169.171.57 Aug 19 20:20:31 php1 sshd\[16101\]: Failed password for invalid user support12 from 81.169.171.57 port 47374 ssh2 Aug 19 20:24:22 php1 sshd\[16453\]: Invalid user 123456 from 81.169.171.57 Aug 19 20:24:22 php1 sshd\[16453\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.169.171.57	2019-08-20 14:40:09
194.226.222.166	attack	Aug 19 18:38:29 wbs sshd\[9359\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.226.222.166 user=root Aug 19 18:38:31 wbs sshd\[9359\]: Failed password for root from 194.226.222.166 port 55008 ssh2 Aug 19 18:44:38 wbs sshd\[10053\]: Invalid user tftp from 194.226.222.166 Aug 19 18:44:38 wbs sshd\[10053\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.226.222.166 Aug 19 18:44:40 wbs sshd\[10053\]: Failed password for invalid user tftp from 194.226.222.166 port 50045 ssh2	2019-08-20 14:46:04
212.156.136.114	attack	Aug 20 08:16:39 ubuntu-2gb-nbg1-dc3-1 sshd[32406]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.156.136.114 Aug 20 08:16:40 ubuntu-2gb-nbg1-dc3-1 sshd[32406]: Failed password for invalid user ts2 from 212.156.136.114 port 41645 ssh2 ...	2019-08-20 15:14:00
51.75.122.16	attackspam	Aug 19 20:42:38 wbs sshd\[21515\]: Invalid user ftpuser2 from 51.75.122.16 Aug 19 20:42:38 wbs sshd\[21515\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=siid.ovh Aug 19 20:42:41 wbs sshd\[21515\]: Failed password for invalid user ftpuser2 from 51.75.122.16 port 42122 ssh2 Aug 19 20:47:28 wbs sshd\[21995\]: Invalid user ts3admin from 51.75.122.16 Aug 19 20:47:28 wbs sshd\[21995\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=siid.ovh	2019-08-20 14:59:21
79.187.150.54	attackbotsspam	CloudCIX Reconnaissance Scan Detected, PTR: hfu54.internetdsl.tpnet.pl.	2019-08-20 14:51:53
106.12.213.162	attackspambots	Aug 20 08:09:10 dev0-dcde-rnet sshd[8556]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.213.162 Aug 20 08:09:12 dev0-dcde-rnet sshd[8556]: Failed password for invalid user contabilidad from 106.12.213.162 port 53654 ssh2 Aug 20 08:13:48 dev0-dcde-rnet sshd[8609]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.213.162	2019-08-20 15:27:19
62.234.103.7	attackspam	Aug 20 07:44:06 rpi sshd[22469]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.103.7 Aug 20 07:44:07 rpi sshd[22469]: Failed password for invalid user rabbitmq from 62.234.103.7 port 47930 ssh2	2019-08-20 15:11:22
218.95.167.16	attackspambots	Aug 19 21:10:02 tdfoods sshd\[29880\]: Invalid user contact from 218.95.167.16 Aug 19 21:10:02 tdfoods sshd\[29880\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.95.167.16 Aug 19 21:10:04 tdfoods sshd\[29880\]: Failed password for invalid user contact from 218.95.167.16 port 23029 ssh2 Aug 19 21:15:50 tdfoods sshd\[30419\]: Invalid user mysquel from 218.95.167.16 Aug 19 21:15:50 tdfoods sshd\[30419\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.95.167.16	2019-08-20 15:26:53
79.134.235.73	attackbotsspam	Aug 20 02:25:23 xtremcommunity sshd\[7044\]: Invalid user ramesh from 79.134.235.73 port 55626 Aug 20 02:25:23 xtremcommunity sshd\[7044\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=79.134.235.73 Aug 20 02:25:25 xtremcommunity sshd\[7044\]: Failed password for invalid user ramesh from 79.134.235.73 port 55626 ssh2 Aug 20 02:29:55 xtremcommunity sshd\[7252\]: Invalid user rwp from 79.134.235.73 port 45582 Aug 20 02:29:55 xtremcommunity sshd\[7252\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=79.134.235.73 ...	2019-08-20 14:30:00
5.55.14.168	attack	Aug 20 06:08:33 server1 postfix/smtpd\[7549\]: warning: ppp005055014168.access.hol.gr\[5.55.14.168\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Aug 20 06:08:40 server1 postfix/smtpd\[7549\]: warning: ppp005055014168.access.hol.gr\[5.55.14.168\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Aug 20 06:08:56 server1 postfix/smtpd\[7549\]: warning: ppp005055014168.access.hol.gr\[5.55.14.168\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\	2019-08-20 15:08:22
182.253.14.6	attackbots	Chat Spam	2019-08-20 14:53:36
196.188.28.217	attack	Aug 20 08:46:23 localhost sshd\[16001\]: Invalid user luna from 196.188.28.217 port 59292 Aug 20 08:46:23 localhost sshd\[16001\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.188.28.217 Aug 20 08:46:25 localhost sshd\[16001\]: Failed password for invalid user luna from 196.188.28.217 port 59292 ssh2	2019-08-20 14:50:22
202.131.237.182	attack	Aug 20 08:57:55 dedicated sshd[9589]: Failed password for root from 202.131.237.182 port 60868 ssh2 Aug 20 08:57:58 dedicated sshd[9596]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.131.237.182 user=root Aug 20 08:58:00 dedicated sshd[9596]: Failed password for root from 202.131.237.182 port 55341 ssh2 Aug 20 08:58:02 dedicated sshd[9613]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.131.237.182 user=root Aug 20 08:58:03 dedicated sshd[9613]: Failed password for root from 202.131.237.182 port 50155 ssh2	2019-08-20 15:07:37
142.234.39.36	attack	08/20/2019-02:30:02.174280 142.234.39.36 Protocol: 6 ET SCAN Potential SSH Scan	2019-08-20 14:58:00
46.166.171.186	attack	445/tcp [2019-08-20]1pkt	2019-08-20 14:34:05

Recently Reported IPs

212.47.238.207	77.107.41.216	137.74.42.235	184.105.139.110
79.124.56.245	82.102.18.154	121.15.2.178	54.37.181.192
58.71.193.65	185.222.209.225	123.16.13.116	187.101.61.123
103.43.17.242	159.16.80.4	49.128.160.21	171.35.174.92
183.110.150.10	114.67.237.122	213.230.100.213	104.155.164.121