81.22.45.18 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Russian Federation

Internet Service Provider: Infolink LLC

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	01/05/2020-17:36:34.294881 81.22.45.18 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2020-01-06 07:11:35
attackspambots	01/04/2020-11:57:58.245932 81.22.45.18 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2020-01-05 01:08:09
attackbots	IP was detected trying to Brute-Force SSH, FTP, Web Apps, Port-Scan or Hacking.	2019-12-22 15:44:49
attackspambots	2019-11-06T20:12:10.510184+01:00 lumpi kernel: [2889914.279815] INPUT:DROP:SPAMHAUS_EDROP:IN=eth0 OUT= MAC=52:54:a2:01:a5:04:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.18 DST=172.31.1.100 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=13053 PROTO=TCP SPT=46618 DPT=13389 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-11-07 04:11:04
attackspam	Sep 25 17:38:41 lumpi kernel: INPUT:DROP:SPAMHAUS_EDROP:IN=eth0 OUT= MAC=52:54:a2:01:a5:04:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.18 DST=172.31.1.100 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=23222 PROTO=TCP SPT=46403 DPT=13389 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-09-26 00:08:00

Comments on same subnet:

IP	Type	Details	Datetime
81.22.45.71	attackspam	suspicious action Sat, 29 Feb 2020 11:28:01 -0300	2020-02-29 22:46:31
81.22.45.133	attack	2020-02-19T00:19:18.463055+01:00 lumpi kernel: [7357790.238387] INPUT:DROP:SPAMHAUS_EDROP:IN=eth0 OUT= MAC=52:54:a2:01:a5:04:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.133 DST=78.46.199.189 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=60679 PROTO=TCP SPT=50449 DPT=7000 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2020-02-19 07:37:59
81.22.45.133	attack	2020-02-18T20:40:14.685548+01:00 lumpi kernel: [7344646.660249] INPUT:DROP:SPAMHAUS_EDROP:IN=eth0 OUT= MAC=52:54:a2:01:a5:04:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.133 DST=78.46.199.189 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=12495 PROTO=TCP SPT=50449 DPT=7777 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2020-02-19 03:45:04
81.22.45.106	attackspam	02/17/2020-20:00:28.393431 81.22.45.106 Protocol: 6 ET CINS Active Threat Intelligence Poor Reputation IP group 83	2020-02-18 09:54:53
81.22.45.100	attackbotsspam	ET CINS Active Threat Intelligence Poor Reputation IP group 69 - port: 5322 proto: TCP cat: Misc Attack	2020-02-18 01:32:12
81.22.45.106	attackspam	Fail2Ban Ban Triggered	2020-02-17 05:29:15
81.22.45.100	attackbots	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-11 01:03:51
81.22.45.182	attack	Feb 8 10:02:23 mail kernel: [562000.917378] [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=81.22.45.182 DST=77.73.69.240 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=56258 PROTO=TCP SPT=42357 DPT=16115 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2020-02-08 17:07:08
81.22.45.71	attack	ET CINS Active Threat Intelligence Poor Reputation IP group 77 - port: 3389 proto: TCP cat: Misc Attack	2020-02-08 08:03:25
81.22.45.80	attack	3388/tcp 3377/tcp 3385/tcp... [2019-12-09/2020-02-07]121pkt,33pt.(tcp)	2020-02-08 08:02:22
81.22.45.83	attack	Unauthorized connection attempt from IP address 81.22.45.83 on Port 3389(RDP)	2020-02-07 22:43:48
81.22.45.182	attackspam	Feb 6 17:32:05 mail kernel: [416183.709828] [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=81.22.45.182 DST=77.73.69.240 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=30608 PROTO=TCP SPT=50336 DPT=10904 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2020-02-07 00:32:25
81.22.45.182	attackspambots	Feb 6 08:44:36 mail kernel: [384534.949997] [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=81.22.45.182 DST=77.73.69.240 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=55760 PROTO=TCP SPT=50336 DPT=10994 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2020-02-06 15:48:06
81.22.45.104	attackbotsspam	Unauthorised access (Feb 6) SRC=81.22.45.104 LEN=40 TTL=249 ID=41689 TCP DPT=3389 WINDOW=1024 SYN Unauthorised access (Feb 4) SRC=81.22.45.104 LEN=40 TTL=249 ID=63055 TCP DPT=3389 WINDOW=1024 SYN Unauthorised access (Feb 2) SRC=81.22.45.104 LEN=40 TTL=248 ID=40974 TCP DPT=3389 WINDOW=1024 SYN	2020-02-06 08:35:53
81.22.45.182	attackspambots	Feb 6 01:19:32 mail kernel: [357831.266667] [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=81.22.45.182 DST=77.73.69.240 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=40878 PROTO=TCP SPT=50336 DPT=10137 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2020-02-06 08:29:58

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 81.22.45.18
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 61408
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;81.22.45.18.			IN	A

;; AUTHORITY SECTION:
.			2860	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019090201 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Sep 03 06:33:53 CST 2019
;; MSG SIZE  rcvd: 115

Host info

Host 18.45.22.81.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 18.45.22.81.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
45.129.33.8	attackspam	[H1.VM1] Blocked by UFW	2020-10-13 12:16:30
190.137.230.166	attackbotsspam	(sshd) Failed SSH login from 190.137.230.166 (AR/Argentina/host166.190-137-230.telecom.net.ar): 5 in the last 3600 secs	2020-10-13 12:46:35
156.54.169.159	attackspam	2020-10-12T23:33:44.9494951495-001 sshd[53300]: Invalid user bobby from 156.54.169.159 port 36098 2020-10-12T23:33:44.9528411495-001 sshd[53300]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=156.54.169.159 2020-10-12T23:33:44.9494951495-001 sshd[53300]: Invalid user bobby from 156.54.169.159 port 36098 2020-10-12T23:33:47.3230701495-001 sshd[53300]: Failed password for invalid user bobby from 156.54.169.159 port 36098 ssh2 2020-10-12T23:34:24.3400211495-001 sshd[53322]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=156.54.169.159 user=root 2020-10-12T23:34:26.1989261495-001 sshd[53322]: Failed password for root from 156.54.169.159 port 45162 ssh2 ...	2020-10-13 12:35:59
134.209.41.198	attackbots	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-10-13T01:15:06Z and 2020-10-13T01:21:20Z	2020-10-13 12:51:22
191.232.236.96	attack	SSH login attempts.	2020-10-13 12:33:18
191.237.250.125	attack	(sshd) Failed SSH login from 191.237.250.125 (BR/Brazil/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 12 16:40:28 server4 sshd[23524]: Invalid user angelika from 191.237.250.125 Oct 12 16:40:28 server4 sshd[23524]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.237.250.125 Oct 12 16:40:30 server4 sshd[23524]: Failed password for invalid user angelika from 191.237.250.125 port 43184 ssh2 Oct 12 16:50:00 server4 sshd[31789]: Invalid user gelu from 191.237.250.125 Oct 12 16:50:00 server4 sshd[31789]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.237.250.125	2020-10-13 12:32:57
36.133.112.61	attackbotsspam	Oct 13 02:38:14 scw-6657dc sshd[12764]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.133.112.61 Oct 13 02:38:14 scw-6657dc sshd[12764]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.133.112.61 Oct 13 02:38:16 scw-6657dc sshd[12764]: Failed password for invalid user majordom from 36.133.112.61 port 35776 ssh2 ...	2020-10-13 12:57:30
45.129.33.49	attackspambots	[MK-VM5] Blocked by UFW	2020-10-13 12:29:34
45.148.10.186	attackspam	Oct 13 05:33:03 ns308116 sshd[11001]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.10.186 user=root Oct 13 05:33:05 ns308116 sshd[11001]: Failed password for root from 45.148.10.186 port 41866 ssh2 Oct 13 05:33:38 ns308116 sshd[11016]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.10.186 user=root Oct 13 05:33:40 ns308116 sshd[11016]: Failed password for root from 45.148.10.186 port 39380 ssh2 Oct 13 05:34:15 ns308116 sshd[11027]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.10.186 user=root ...	2020-10-13 12:50:57
94.102.51.17	attackspambots	Fail2Ban Ban Triggered	2020-10-13 12:24:11
104.248.130.10	attackspam	$f2bV_matches	2020-10-13 12:48:46
60.248.219.185	attackbots	[Mon Oct 12 22:49:18 2020] IN=enp34s0 OUT= MAC=SERVERMAC SRC=60.248.219.185 DST=MYSERVERIP LEN=52 TOS=0x00 PREC=0x00 TTL=117 ID=9034 DF PROTO=TCP SPT=62428 DPT=445 WINDOW=8192 RES=0x00 SYN URGP=0 Ports: 445	2020-10-13 12:46:12
185.83.181.102	attackspambots	Oct 12 22:47:59 xeon postfix/smtpd[53005]: warning: unknown[185.83.181.102]: SASL PLAIN authentication failed: authentication failure	2020-10-13 12:19:34
103.200.20.222	attackspam	SSH Invalid Login	2020-10-13 12:58:03
115.135.139.131	attackspam	Oct 12 23:24:06 [host] sshd[24508]: pam_unix(sshd: Oct 12 23:24:08 [host] sshd[24508]: Failed passwor Oct 12 23:30:56 [host] sshd[24785]: Invalid user s	2020-10-13 12:52:07

Recently Reported IPs

109.209.237.180	10.204.85.135	169.201.226.184	51.68.93.65
35.205.38.10	59.120.75.168	41.145.138.88	177.72.142.65
94.237.72.235	178.17.131.228	49.230.56.229	112.197.2.11
200.57.224.43	186.26.83.49	79.119.207.111	120.84.121.253
193.112.219.176	32.194.164.241	153.226.237.200	190.58.198.46