81.22.45.146 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Germany

Internet Service Provider: Infolink LLC

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Unauthorized connection attempt from IP address 81.22.45.146 on Port 3389(RDP)	2020-02-01 09:09:08
attack	Scanning random ports - tries to find possible vulnerable services	2020-01-04 09:07:11
attackbotsspam	firewall-block, port(s): 3389/tcp	2019-12-28 02:10:23
attack	3389/tcp 3389/tcp 3389/tcp... [2019-10-25/12-22]108pkt,1pt.(tcp)	2019-12-24 04:25:19
attackspambots	TCP 3389 (RDP)	2019-12-16 23:26:28
attackspambots	Unauthorized connection attempt from IP address 81.22.45.146 on Port 3389(RDP)	2019-12-16 07:57:17
attack	SNORT TCP Port: 3389 Classtype misc-attack - ET DROP Dshield Block Listed Source group 1 - - Destination xx.xx.4.1 Port: 3389 - - Source 81.22.45.146 Port: 55635 _ (Listed on zen-spamhaus) _ _ (307)	2019-12-11 15:43:38
attack	Portscan or hack attempt detected by psad/fwsnort	2019-11-07 04:14:30
attack	SNORT TCP Port: 3389 Classtype misc-attack - ET DROP Dshield Block Listed Source group 1 - - Destination xx.xx.4.1 Port: 3389 - - Source 81.22.45.146 Port: 54019 _ (Listed on zen-spamhaus) _ _ (797)	2019-10-28 08:26:32
attackbots	SNORT TCP Port: 3389 Classtype misc-attack - ET CINS Active Threat Intelligence Poor Reputation IP group 78 - - Destination xx.xx.4.1 Port: 3389 - - Source 81.22.45.146 Port: 53831 _ (Listed on zen-spamhaus) _ _ (775)	2019-10-18 07:06:35
attackspam	Unauthorised access (Sep 16) SRC=81.22.45.146 LEN=40 TTL=247 ID=64730 TCP DPT=3389 WINDOW=1024 SYN Unauthorised access (Sep 15) SRC=81.22.45.146 LEN=40 TTL=248 ID=40762 TCP DPT=3389 WINDOW=1024 SYN	2019-09-16 13:50:40
attackbots	3389/tcp 3389/tcp 3389/tcp... [2019-08-02/09-07]94pkt,1pt.(tcp)	2019-09-08 13:43:17
attackbotsspam	proto=tcp . spt=58697 . dpt=3389 . src=81.22.45.146 . dst=xx.xx.4.1 . (listed on CINS badguys Aug 21) (71)	2019-08-22 09:49:41
attackspam	2x TCP 3389 (RDP) since 2019-08-09 05:51	2019-08-11 06:36:32
attack	Aug 7 02:22:30 lumpi kernel: INPUT:DROP:SPAMHAUS_EDROP:IN=eth0 OUT= MAC=52:54:a2:01:a5:04:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.146 DST=172.31.1.100 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=21409 PROTO=TCP SPT=56288 DPT=3389 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-08-07 09:05:49
attackbots	Port Scan detected from 81.22.45.146 (RU/Russia/-). 4 hits in the last 166 seconds	2019-08-02 09:09:58

Comments on same subnet:

IP	Type	Details	Datetime
81.22.45.71	attackspam	suspicious action Sat, 29 Feb 2020 11:28:01 -0300	2020-02-29 22:46:31
81.22.45.133	attack	2020-02-19T00:19:18.463055+01:00 lumpi kernel: [7357790.238387] INPUT:DROP:SPAMHAUS_EDROP:IN=eth0 OUT= MAC=52:54:a2:01:a5:04:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.133 DST=78.46.199.189 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=60679 PROTO=TCP SPT=50449 DPT=7000 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2020-02-19 07:37:59
81.22.45.133	attack	2020-02-18T20:40:14.685548+01:00 lumpi kernel: [7344646.660249] INPUT:DROP:SPAMHAUS_EDROP:IN=eth0 OUT= MAC=52:54:a2:01:a5:04:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.133 DST=78.46.199.189 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=12495 PROTO=TCP SPT=50449 DPT=7777 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2020-02-19 03:45:04
81.22.45.106	attackspam	02/17/2020-20:00:28.393431 81.22.45.106 Protocol: 6 ET CINS Active Threat Intelligence Poor Reputation IP group 83	2020-02-18 09:54:53
81.22.45.100	attackbotsspam	ET CINS Active Threat Intelligence Poor Reputation IP group 69 - port: 5322 proto: TCP cat: Misc Attack	2020-02-18 01:32:12
81.22.45.106	attackspam	Fail2Ban Ban Triggered	2020-02-17 05:29:15
81.22.45.100	attackbots	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-11 01:03:51
81.22.45.182	attack	Feb 8 10:02:23 mail kernel: [562000.917378] [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=81.22.45.182 DST=77.73.69.240 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=56258 PROTO=TCP SPT=42357 DPT=16115 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2020-02-08 17:07:08
81.22.45.71	attack	ET CINS Active Threat Intelligence Poor Reputation IP group 77 - port: 3389 proto: TCP cat: Misc Attack	2020-02-08 08:03:25
81.22.45.80	attack	3388/tcp 3377/tcp 3385/tcp... [2019-12-09/2020-02-07]121pkt,33pt.(tcp)	2020-02-08 08:02:22
81.22.45.83	attack	Unauthorized connection attempt from IP address 81.22.45.83 on Port 3389(RDP)	2020-02-07 22:43:48
81.22.45.182	attackspam	Feb 6 17:32:05 mail kernel: [416183.709828] [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=81.22.45.182 DST=77.73.69.240 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=30608 PROTO=TCP SPT=50336 DPT=10904 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2020-02-07 00:32:25
81.22.45.182	attackspambots	Feb 6 08:44:36 mail kernel: [384534.949997] [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=81.22.45.182 DST=77.73.69.240 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=55760 PROTO=TCP SPT=50336 DPT=10994 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2020-02-06 15:48:06
81.22.45.104	attackbotsspam	Unauthorised access (Feb 6) SRC=81.22.45.104 LEN=40 TTL=249 ID=41689 TCP DPT=3389 WINDOW=1024 SYN Unauthorised access (Feb 4) SRC=81.22.45.104 LEN=40 TTL=249 ID=63055 TCP DPT=3389 WINDOW=1024 SYN Unauthorised access (Feb 2) SRC=81.22.45.104 LEN=40 TTL=248 ID=40974 TCP DPT=3389 WINDOW=1024 SYN	2020-02-06 08:35:53
81.22.45.182	attackspambots	Feb 6 01:19:32 mail kernel: [357831.266667] [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=81.22.45.182 DST=77.73.69.240 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=40878 PROTO=TCP SPT=50336 DPT=10137 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2020-02-06 08:29:58

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 81.22.45.146
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 58314
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;81.22.45.146.			IN	A

;; AUTHORITY SECTION:
.			3050	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019080101 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Aug 02 09:09:52 CST 2019
;; MSG SIZE  rcvd: 116

Host info

Host 146.45.22.81.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 146.45.22.81.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
119.65.195.190	attack	Apr 15 14:06:52 vps sshd[707802]: Failed password for invalid user ubuntu from 119.65.195.190 port 51202 ssh2 Apr 15 14:10:03 vps sshd[726477]: Invalid user karaf from 119.65.195.190 port 41596 Apr 15 14:10:03 vps sshd[726477]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.65.195.190 Apr 15 14:10:05 vps sshd[726477]: Failed password for invalid user karaf from 119.65.195.190 port 41596 ssh2 Apr 15 14:13:20 vps sshd[745270]: Invalid user testing from 119.65.195.190 port 60224 ...	2020-04-15 20:31:49
46.26.198.32	attackbotsspam	Honeypot attack, port: 81, PTR: static-32-198-26-46.ipcom.comunitel.net.	2020-04-15 20:47:50
200.89.175.97	attackbots	Apr 15 14:13:27 ArkNodeAT sshd\[27611\]: Invalid user ubuntu from 200.89.175.97 Apr 15 14:13:27 ArkNodeAT sshd\[27611\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.89.175.97 Apr 15 14:13:28 ArkNodeAT sshd\[27611\]: Failed password for invalid user ubuntu from 200.89.175.97 port 36352 ssh2	2020-04-15 20:21:21
189.8.108.161	attackbots	Apr 15 14:03:56 vserver sshd\[17324\]: Failed password for proxy from 189.8.108.161 port 50490 ssh2Apr 15 14:08:32 vserver sshd\[17354\]: Invalid user admin from 189.8.108.161Apr 15 14:08:33 vserver sshd\[17354\]: Failed password for invalid user admin from 189.8.108.161 port 59162 ssh2Apr 15 14:12:57 vserver sshd\[17438\]: Invalid user operator from 189.8.108.161 ...	2020-04-15 20:54:41
122.51.150.134	attackbotsspam	Apr 15 14:13:24 [host] sshd[4610]: Invalid user us Apr 15 14:13:24 [host] sshd[4610]: pam_unix(sshd:a Apr 15 14:13:26 [host] sshd[4610]: Failed password	2020-04-15 20:23:52
189.208.239.127	attack	Automatic report - Port Scan Attack	2020-04-15 20:45:50
81.82.247.71	attackbots	[ 🇳🇱 ] REQUEST: /cgi-bin/mainfunction.cgi	2020-04-15 20:47:07
193.252.189.177	attack	Apr 15 14:07:16 sip sshd[9020]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.252.189.177 Apr 15 14:07:18 sip sshd[9020]: Failed password for invalid user easter from 193.252.189.177 port 55192 ssh2 Apr 15 14:13:31 sip sshd[11358]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.252.189.177	2020-04-15 20:19:34
5.89.35.84	attack	Apr 15 14:09:39 srv01 sshd[24309]: Invalid user deploy from 5.89.35.84 port 55046 Apr 15 14:09:39 srv01 sshd[24309]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.89.35.84 Apr 15 14:09:39 srv01 sshd[24309]: Invalid user deploy from 5.89.35.84 port 55046 Apr 15 14:09:41 srv01 sshd[24309]: Failed password for invalid user deploy from 5.89.35.84 port 55046 ssh2 Apr 15 14:13:23 srv01 sshd[24492]: Invalid user httpfs from 5.89.35.84 port 32854 ...	2020-04-15 20:28:56
185.50.149.3	attack	2020-04-15T13:18:13.261692l03.customhost.org.uk postfix/smtps/smtpd[11091]: warning: unknown[185.50.149.3]: SASL LOGIN authentication failed: authentication failure 2020-04-15T13:18:22.814740l03.customhost.org.uk postfix/smtps/smtpd[11091]: warning: unknown[185.50.149.3]: SASL LOGIN authentication failed: authentication failure 2020-04-15T13:20:57.433954l03.customhost.org.uk postfix/smtps/smtpd[12004]: warning: unknown[185.50.149.3]: SASL LOGIN authentication failed: authentication failure 2020-04-15T13:21:07.993798l03.customhost.org.uk postfix/smtps/smtpd[12004]: warning: unknown[185.50.149.3]: SASL LOGIN authentication failed: authentication failure ...	2020-04-15 20:24:18
218.102.85.248	attackbots	Honeypot attack, port: 5555, PTR: pcd553248.netvigator.com.	2020-04-15 20:22:23
104.248.170.186	attackspam	2020-04-15T12:09:25.255425shield sshd\[5375\]: Invalid user test from 104.248.170.186 port 33982 2020-04-15T12:09:25.259095shield sshd\[5375\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.170.186 2020-04-15T12:09:27.003102shield sshd\[5375\]: Failed password for invalid user test from 104.248.170.186 port 33982 ssh2 2020-04-15T12:13:25.110719shield sshd\[6272\]: Invalid user apd from 104.248.170.186 port 38592 2020-04-15T12:13:25.114562shield sshd\[6272\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.170.186	2020-04-15 20:26:05
82.200.226.226	attack	Apr 15 14:12:22 rotator sshd\[8038\]: Invalid user vagrant from 82.200.226.226Apr 15 14:12:24 rotator sshd\[8038\]: Failed password for invalid user vagrant from 82.200.226.226 port 55826 ssh2Apr 15 14:16:06 rotator sshd\[8815\]: Invalid user test from 82.200.226.226Apr 15 14:16:09 rotator sshd\[8815\]: Failed password for invalid user test from 82.200.226.226 port 60930 ssh2Apr 15 14:19:56 rotator sshd\[8852\]: Invalid user admin from 82.200.226.226Apr 15 14:19:57 rotator sshd\[8852\]: Failed password for invalid user admin from 82.200.226.226 port 37796 ssh2 ...	2020-04-15 20:29:57
46.188.123.144	attackspambots	Icarus honeypot on github	2020-04-15 20:41:46
51.75.24.200	attack	Apr 15 14:24:14 h2779839 sshd[23715]: Invalid user guest from 51.75.24.200 port 51356 Apr 15 14:24:14 h2779839 sshd[23715]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.24.200 Apr 15 14:24:14 h2779839 sshd[23715]: Invalid user guest from 51.75.24.200 port 51356 Apr 15 14:24:16 h2779839 sshd[23715]: Failed password for invalid user guest from 51.75.24.200 port 51356 ssh2 Apr 15 14:27:58 h2779839 sshd[23768]: Invalid user user from 51.75.24.200 port 59946 Apr 15 14:27:58 h2779839 sshd[23768]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.24.200 Apr 15 14:27:58 h2779839 sshd[23768]: Invalid user user from 51.75.24.200 port 59946 Apr 15 14:28:00 h2779839 sshd[23768]: Failed password for invalid user user from 51.75.24.200 port 59946 ssh2 Apr 15 14:31:38 h2779839 sshd[23817]: Invalid user deploy from 51.75.24.200 port 40314 ...	2020-04-15 20:39:51

Recently Reported IPs

162.74.3.195	184.252.178.203	10.237.50.142	181.63.71.84
217.96.167.12	101.89.216.223	200.196.138.224	121.204.185.106
77.40.3.121	103.9.77.220	58.10.246.26	177.185.125.219
193.124.184.45	37.34.234.156	112.237.191.249	119.147.213.219
167.71.40.125	37.230.116.111	165.22.49.28	148.202.5.143