81.22.45.18 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Russian Federation

Internet Service Provider: Infolink LLC

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	01/05/2020-17:36:34.294881 81.22.45.18 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2020-01-06 07:11:35
attackspambots	01/04/2020-11:57:58.245932 81.22.45.18 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2020-01-05 01:08:09
attackbots	IP was detected trying to Brute-Force SSH, FTP, Web Apps, Port-Scan or Hacking.	2019-12-22 15:44:49
attackspambots	2019-11-06T20:12:10.510184+01:00 lumpi kernel: [2889914.279815] INPUT:DROP:SPAMHAUS_EDROP:IN=eth0 OUT= MAC=52:54:a2:01:a5:04:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.18 DST=172.31.1.100 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=13053 PROTO=TCP SPT=46618 DPT=13389 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-11-07 04:11:04
attackspam	Sep 25 17:38:41 lumpi kernel: INPUT:DROP:SPAMHAUS_EDROP:IN=eth0 OUT= MAC=52:54:a2:01:a5:04:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.18 DST=172.31.1.100 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=23222 PROTO=TCP SPT=46403 DPT=13389 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-09-26 00:08:00

Comments on same subnet:

IP	Type	Details	Datetime
81.22.45.71	attackspam	suspicious action Sat, 29 Feb 2020 11:28:01 -0300	2020-02-29 22:46:31
81.22.45.133	attack	2020-02-19T00:19:18.463055+01:00 lumpi kernel: [7357790.238387] INPUT:DROP:SPAMHAUS_EDROP:IN=eth0 OUT= MAC=52:54:a2:01:a5:04:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.133 DST=78.46.199.189 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=60679 PROTO=TCP SPT=50449 DPT=7000 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2020-02-19 07:37:59
81.22.45.133	attack	2020-02-18T20:40:14.685548+01:00 lumpi kernel: [7344646.660249] INPUT:DROP:SPAMHAUS_EDROP:IN=eth0 OUT= MAC=52:54:a2:01:a5:04:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.133 DST=78.46.199.189 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=12495 PROTO=TCP SPT=50449 DPT=7777 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2020-02-19 03:45:04
81.22.45.106	attackspam	02/17/2020-20:00:28.393431 81.22.45.106 Protocol: 6 ET CINS Active Threat Intelligence Poor Reputation IP group 83	2020-02-18 09:54:53
81.22.45.100	attackbotsspam	ET CINS Active Threat Intelligence Poor Reputation IP group 69 - port: 5322 proto: TCP cat: Misc Attack	2020-02-18 01:32:12
81.22.45.106	attackspam	Fail2Ban Ban Triggered	2020-02-17 05:29:15
81.22.45.100	attackbots	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-11 01:03:51
81.22.45.182	attack	Feb 8 10:02:23 mail kernel: [562000.917378] [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=81.22.45.182 DST=77.73.69.240 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=56258 PROTO=TCP SPT=42357 DPT=16115 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2020-02-08 17:07:08
81.22.45.71	attack	ET CINS Active Threat Intelligence Poor Reputation IP group 77 - port: 3389 proto: TCP cat: Misc Attack	2020-02-08 08:03:25
81.22.45.80	attack	3388/tcp 3377/tcp 3385/tcp... [2019-12-09/2020-02-07]121pkt,33pt.(tcp)	2020-02-08 08:02:22
81.22.45.83	attack	Unauthorized connection attempt from IP address 81.22.45.83 on Port 3389(RDP)	2020-02-07 22:43:48
81.22.45.182	attackspam	Feb 6 17:32:05 mail kernel: [416183.709828] [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=81.22.45.182 DST=77.73.69.240 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=30608 PROTO=TCP SPT=50336 DPT=10904 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2020-02-07 00:32:25
81.22.45.182	attackspambots	Feb 6 08:44:36 mail kernel: [384534.949997] [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=81.22.45.182 DST=77.73.69.240 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=55760 PROTO=TCP SPT=50336 DPT=10994 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2020-02-06 15:48:06
81.22.45.104	attackbotsspam	Unauthorised access (Feb 6) SRC=81.22.45.104 LEN=40 TTL=249 ID=41689 TCP DPT=3389 WINDOW=1024 SYN Unauthorised access (Feb 4) SRC=81.22.45.104 LEN=40 TTL=249 ID=63055 TCP DPT=3389 WINDOW=1024 SYN Unauthorised access (Feb 2) SRC=81.22.45.104 LEN=40 TTL=248 ID=40974 TCP DPT=3389 WINDOW=1024 SYN	2020-02-06 08:35:53
81.22.45.182	attackspambots	Feb 6 01:19:32 mail kernel: [357831.266667] [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=81.22.45.182 DST=77.73.69.240 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=40878 PROTO=TCP SPT=50336 DPT=10137 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2020-02-06 08:29:58

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 81.22.45.18
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 61408
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;81.22.45.18.			IN	A

;; AUTHORITY SECTION:
.			2860	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019090201 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Sep 03 06:33:53 CST 2019
;; MSG SIZE  rcvd: 115

Host info

Host 18.45.22.81.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 18.45.22.81.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
2001:41d0:1:8268::1	attackspambots	SS5,WP GET /wp-login.php	2020-06-04 20:32:35
106.12.220.19	attack	leo_www	2020-06-04 20:51:23
187.75.126.249	attackbots	Jun 4 15:09:52 hosting sshd[11614]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.75.126.249 user=root Jun 4 15:09:54 hosting sshd[11614]: Failed password for root from 187.75.126.249 port 53502 ssh2 ...	2020-06-04 20:25:45
118.25.133.121	attackbotsspam	Jun 4 14:04:32 abendstille sshd\[28224\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.133.121 user=root Jun 4 14:04:34 abendstille sshd\[28224\]: Failed password for root from 118.25.133.121 port 47878 ssh2 Jun 4 14:07:03 abendstille sshd\[30749\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.133.121 user=root Jun 4 14:07:04 abendstille sshd\[30749\]: Failed password for root from 118.25.133.121 port 47710 ssh2 Jun 4 14:09:40 abendstille sshd\[711\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.133.121 user=root ...	2020-06-04 20:38:29
51.144.73.114	attackspambots	51.144.73.114 - - [04/Jun/2020:14:09:28 +0200] "GET /wp-login.php HTTP/1.1" 200 1689 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 51.144.73.114 - - [04/Jun/2020:14:09:28 +0200] "POST /wp-login.php HTTP/1.1" 200 1811 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 51.144.73.114 - - [04/Jun/2020:14:09:28 +0200] "GET /wp-login.php HTTP/1.1" 200 1689 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 51.144.73.114 - - [04/Jun/2020:14:09:28 +0200] "POST /wp-login.php HTTP/1.1" 200 1799 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 51.144.73.114 - - [04/Jun/2020:14:09:28 +0200] "GET /wp-login.php HTTP/1.1" 200 1689 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 51.144.73.114 - - [04/Jun/2020:14:09:28 +0200] "POST /wp-login.php HTTP/1.1" 200 1798 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Fir ...	2020-06-04 20:49:19
209.97.175.191	attackbotsspam	209.97.175.191 - - [04/Jun/2020:14:22:14 +0200] "GET /wp-login.php HTTP/1.1" 200 6702 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 209.97.175.191 - - [04/Jun/2020:14:22:16 +0200] "POST /wp-login.php HTTP/1.1" 200 7007 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 209.97.175.191 - - [04/Jun/2020:14:22:18 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-06-04 20:40:30
60.173.179.69	attackbots	firewall-block, port(s): 23/tcp	2020-06-04 20:17:32
189.134.60.198	attackspambots	Jun 4 14:29:55 cp sshd[9932]: Failed password for root from 189.134.60.198 port 47056 ssh2 Jun 4 14:29:55 cp sshd[9932]: Failed password for root from 189.134.60.198 port 47056 ssh2	2020-06-04 20:45:29
122.51.243.143	attackspambots	(sshd) Failed SSH login from 122.51.243.143 (CN/China/-): 5 in the last 3600 secs	2020-06-04 20:32:48
112.85.42.172	attackbotsspam	Jun 4 14:14:39 santamaria sshd\[7911\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.172 user=root Jun 4 14:14:41 santamaria sshd\[7911\]: Failed password for root from 112.85.42.172 port 38603 ssh2 Jun 4 14:14:59 santamaria sshd\[7913\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.172 user=root ...	2020-06-04 20:21:34
35.193.206.197	attackbots	2020-06-04T14:33:06.058074rocketchat.forhosting.nl sshd[21142]: Failed password for root from 35.193.206.197 port 56434 ssh2 2020-06-04T14:33:12.146738rocketchat.forhosting.nl sshd[21144]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.193.206.197 user=root 2020-06-04T14:33:13.551920rocketchat.forhosting.nl sshd[21144]: Failed password for root from 35.193.206.197 port 39714 ssh2 ...	2020-06-04 20:33:24
167.172.198.117	attack	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-06-04 20:46:18
185.244.39.166	attack	Lines containing failures of 185.244.39.166 Jun 1 15:36:26 shared06 sshd[19177]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.244.39.166 user=r.r Jun 1 15:36:28 shared06 sshd[19177]: Failed password for r.r from 185.244.39.166 port 48714 ssh2 Jun 1 15:36:28 shared06 sshd[19177]: Received disconnect from 185.244.39.166 port 48714:11: Bye Bye [preauth] Jun 1 15:36:28 shared06 sshd[19177]: Disconnected from authenticating user r.r 185.244.39.166 port 48714 [preauth] Jun 1 15:40:44 shared06 sshd[20391]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.244.39.166 user=r.r Jun 1 15:40:46 shared06 sshd[20391]: Failed password for r.r from 185.244.39.166 port 35426 ssh2 Jun 1 15:40:46 shared06 sshd[20391]: Received disconnect from 185.244.39.166 port 35426:11: Bye Bye [preauth] Jun 1 15:40:46 shared06 sshd[20391]: Disconnected from authenticating user r.r 185.244.39.166 port 35426........ ------------------------------	2020-06-04 20:27:57
40.76.40.117	attackspam	40.76.40.117 - - \[04/Jun/2020:14:09:59 +0200\] "POST //wp-login.php HTTP/1.0" 200 6848 "https://die-netzialisten.de//wp-login.php" "Mozilla/5.0 \(Windows NT 10.0\; Win64\; x64\) AppleWebKit/537.36 \(KHTML, like Gecko\) Chrome/78.0.3904.108 Safari/537.36" 40.76.40.117 - - \[04/Jun/2020:14:10:00 +0200\] "POST //wp-login.php HTTP/1.0" 200 6848 "https://die-netzialisten.de//wp-login.php" "Mozilla/5.0 \(Windows NT 10.0\; Win64\; x64\) AppleWebKit/537.36 \(KHTML, like Gecko\) Chrome/78.0.3904.108 Safari/537.36" 40.76.40.117 - - \[04/Jun/2020:14:10:01 +0200\] "POST //wp-login.php HTTP/1.0" 200 6848 "https://die-netzialisten.de//wp-login.php" "Mozilla/5.0 \(Windows NT 10.0\; Win64\; x64\) AppleWebKit/537.36 \(KHTML, like Gecko\) Chrome/78.0.3904.108 Safari/537.36"	2020-06-04 20:12:41
185.153.197.251	attackspambots	scan r	2020-06-04 20:33:41

Recently Reported IPs

109.209.237.180	10.204.85.135	169.201.226.184	51.68.93.65
35.205.38.10	59.120.75.168	41.145.138.88	177.72.142.65
94.237.72.235	178.17.131.228	49.230.56.229	112.197.2.11
200.57.224.43	186.26.83.49	79.119.207.111	120.84.121.253
193.112.219.176	32.194.164.241	153.226.237.200	190.58.198.46