81.22.45.252 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Russia

Internet Service Provider: Infolink LLC

Hostname: unknown

Organization: OOO Network of data-centers Selectel

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	09/24/2019-23:55:19.127594 81.22.45.252 Protocol: 6 ET CINS Active Threat Intelligence Poor Reputation IP group 84	2019-09-25 12:17:39
attack	09/24/2019-06:11:02.861711 81.22.45.252 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-09-24 12:23:34
attackspambots	Sep 23 20:56:46 lumpi kernel: INPUT:DROP:SPAMHAUS_EDROP:IN=eth0 OUT= MAC=52:54:a2:01:a5:04:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.252 DST=172.31.1.100 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=52926 PROTO=TCP SPT=57189 DPT=8412 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-09-24 03:04:42
attackspam	09/20/2019-23:54:30.547732 81.22.45.252 Protocol: 6 ET CINS Active Threat Intelligence Poor Reputation IP group 85	2019-09-21 13:46:39
attackspam	09/11/2019-16:39:01.392270 81.22.45.252 Protocol: 6 ET CINS Active Threat Intelligence Poor Reputation IP group 85	2019-09-12 04:40:32
attackbotsspam	Sep 11 09:58:51 lumpi kernel: INPUT:DROP:SPAMHAUS_EDROP:IN=eth0 OUT= MAC=52:54:a2:01:a5:04:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.252 DST=172.31.1.100 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=64535 PROTO=TCP SPT=56366 DPT=555 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-09-11 16:27:50
attack	09/09/2019-22:50:08.900130 81.22.45.252 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-09-10 10:57:21
attackbots	Portscan or hack attempt detected by psad/fwsnort	2019-09-06 09:41:05
attackspambots	09/02/2019-21:55:36.711016 81.22.45.252 Protocol: 6 ET CINS Active Threat Intelligence Poor Reputation IP group 85	2019-09-03 10:47:39
attackspam	Aug 29 22:27:38 lumpi kernel: INPUT:DROP:SPAMHAUS_EDROP:IN=eth0 OUT= MAC=52:54:a2:01:a5:04:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.252 DST=172.31.1.100 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=19486 PROTO=TCP SPT=42798 DPT=8896 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-08-30 06:08:21
attackbotsspam	Aug 25 16:54:52 lumpi kernel: INPUT:DROP:SPAMHAUS_EDROP:IN=eth0 OUT= MAC=52:54:a2:01:a5:04:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.252 DST=172.31.1.100 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=55931 PROTO=TCP SPT=44112 DPT=9513 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-08-26 00:16:11
attackbotsspam	Aug 24 13:48:18 lumpi kernel: INPUT:DROP:SPAMHAUS_EDROP:IN=eth0 OUT= MAC=52:54:a2:01:a5:04:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.252 DST=172.31.1.100 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=31493 PROTO=TCP SPT=44112 DPT=9816 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-08-24 20:40:35
attackbots	08/22/2019-23:14:29.720865 81.22.45.252 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-08-23 12:17:02
attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-08-22 09:29:28
attackbotsspam	08/21/2019-15:29:26.343421 81.22.45.252 Protocol: 6 ET CINS Active Threat Intelligence Poor Reputation IP group 85	2019-08-22 04:29:41
attackbots	08/20/2019-00:26:00.148329 81.22.45.252 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-08-20 12:55:05
attackbotsspam	Port Scan: TCP/9242	2019-08-17 09:16:51
attackspam	08/15/2019-07:36:36.318969 81.22.45.252 Protocol: 6 ET CINS Active Threat Intelligence Poor Reputation IP group 85	2019-08-15 20:44:45
attack	Aug 15 02:06:01 lumpi kernel: INPUT:DROP:SPAMHAUS_EDROP:IN=eth0 OUT= MAC=52:54:a2:01:a5:04:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.252 DST=172.31.1.100 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=27811 PROTO=TCP SPT=44112 DPT=50122 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-08-15 09:26:27
attackbots	Aug 13 21:52:01 lumpi kernel: INPUT:DROP:SPAMHAUS_EDROP:IN=eth0 OUT= MAC=52:54:a2:01:a5:04:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.252 DST=172.31.1.100 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=8514 PROTO=TCP SPT=44112 DPT=9456 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-08-14 05:05:30
attack	Aug 13 09:34:50 lumpi kernel: INPUT:DROP:SPAMHAUS_EDROP:IN=eth0 OUT= MAC=52:54:a2:01:a5:04:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.252 DST=172.31.1.100 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=63503 PROTO=TCP SPT=44112 DPT=49372 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-08-13 16:27:44
attack	Port scan: Attack repeated for 24 hours	2019-08-10 03:36:48
attack	08/08/2019-11:11:27.144901 81.22.45.252 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-08-08 23:16:34
attack	Aug 7 22:17:05 lumpi kernel: INPUT:DROP:SPAMHAUS_EDROP:IN=eth0 OUT= MAC=52:54:a2:01:a5:04:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.252 DST=172.31.1.100 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=5820 PROTO=TCP SPT=46654 DPT=9964 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-08-08 04:26:35
attackbotsspam	08/03/2019-23:46:50.120395 81.22.45.252 Protocol: 6 ET CINS Active Threat Intelligence Poor Reputation IP group 79	2019-08-04 11:57:35
attackbotsspam	08/03/2019-07:43:52.987075 81.22.45.252 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-08-03 20:03:06
attackspambots	08/02/2019-21:52:03.775377 81.22.45.252 Protocol: 6 ET CINS Active Threat Intelligence Poor Reputation IP group 79	2019-08-03 10:17:00
attackspam	Port scan on 5 port(s): 44090 44091 44112 44154 44210	2019-08-02 04:19:51
attackbots	30.07.2019 14:00:06 Connection to port 44111 blocked by firewall	2019-07-30 22:13:54
attackspambots	Jul 29 08:53:16 lumpi kernel: INPUT:DROP:SPAMHAUS_EDROP:IN=eth0 OUT= MAC=52:54:a2:01:a5:04:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.252 DST=172.31.1.100 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=2845 PROTO=TCP SPT=41668 DPT=44215 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-07-29 15:24:07

Comments on same subnet:

IP	Type	Details	Datetime
81.22.45.71	attackspam	suspicious action Sat, 29 Feb 2020 11:28:01 -0300	2020-02-29 22:46:31
81.22.45.133	attack	2020-02-19T00:19:18.463055+01:00 lumpi kernel: [7357790.238387] INPUT:DROP:SPAMHAUS_EDROP:IN=eth0 OUT= MAC=52:54:a2:01:a5:04:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.133 DST=78.46.199.189 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=60679 PROTO=TCP SPT=50449 DPT=7000 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2020-02-19 07:37:59
81.22.45.133	attack	2020-02-18T20:40:14.685548+01:00 lumpi kernel: [7344646.660249] INPUT:DROP:SPAMHAUS_EDROP:IN=eth0 OUT= MAC=52:54:a2:01:a5:04:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.133 DST=78.46.199.189 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=12495 PROTO=TCP SPT=50449 DPT=7777 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2020-02-19 03:45:04
81.22.45.106	attackspam	02/17/2020-20:00:28.393431 81.22.45.106 Protocol: 6 ET CINS Active Threat Intelligence Poor Reputation IP group 83	2020-02-18 09:54:53
81.22.45.100	attackbotsspam	ET CINS Active Threat Intelligence Poor Reputation IP group 69 - port: 5322 proto: TCP cat: Misc Attack	2020-02-18 01:32:12
81.22.45.106	attackspam	Fail2Ban Ban Triggered	2020-02-17 05:29:15
81.22.45.100	attackbots	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-11 01:03:51
81.22.45.182	attack	Feb 8 10:02:23 mail kernel: [562000.917378] [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=81.22.45.182 DST=77.73.69.240 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=56258 PROTO=TCP SPT=42357 DPT=16115 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2020-02-08 17:07:08
81.22.45.71	attack	ET CINS Active Threat Intelligence Poor Reputation IP group 77 - port: 3389 proto: TCP cat: Misc Attack	2020-02-08 08:03:25
81.22.45.80	attack	3388/tcp 3377/tcp 3385/tcp... [2019-12-09/2020-02-07]121pkt,33pt.(tcp)	2020-02-08 08:02:22
81.22.45.83	attack	Unauthorized connection attempt from IP address 81.22.45.83 on Port 3389(RDP)	2020-02-07 22:43:48
81.22.45.182	attackspam	Feb 6 17:32:05 mail kernel: [416183.709828] [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=81.22.45.182 DST=77.73.69.240 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=30608 PROTO=TCP SPT=50336 DPT=10904 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2020-02-07 00:32:25
81.22.45.182	attackspambots	Feb 6 08:44:36 mail kernel: [384534.949997] [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=81.22.45.182 DST=77.73.69.240 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=55760 PROTO=TCP SPT=50336 DPT=10994 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2020-02-06 15:48:06
81.22.45.104	attackbotsspam	Unauthorised access (Feb 6) SRC=81.22.45.104 LEN=40 TTL=249 ID=41689 TCP DPT=3389 WINDOW=1024 SYN Unauthorised access (Feb 4) SRC=81.22.45.104 LEN=40 TTL=249 ID=63055 TCP DPT=3389 WINDOW=1024 SYN Unauthorised access (Feb 2) SRC=81.22.45.104 LEN=40 TTL=248 ID=40974 TCP DPT=3389 WINDOW=1024 SYN	2020-02-06 08:35:53
81.22.45.182	attackspambots	Feb 6 01:19:32 mail kernel: [357831.266667] [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=81.22.45.182 DST=77.73.69.240 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=40878 PROTO=TCP SPT=50336 DPT=10137 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2020-02-06 08:29:58

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 81.22.45.252
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 16267
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;81.22.45.252.			IN	A

;; AUTHORITY SECTION:
.			2330	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019032800 1800 900 604800 86400

;; Query time: 166 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Mar 28 22:48:24 CST 2019
;; MSG SIZE  rcvd: 116

Host info

Host 252.45.22.81.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 252.45.22.81.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
171.25.193.25	attackbotsspam	Automatic report - Banned IP Access	2019-11-09 14:48:38
178.62.0.215	attackbotsspam	2019-11-09T05:57:51.026745abusebot-6.cloudsearch.cf sshd\[6805\]: Invalid user pinebluff from 178.62.0.215 port 53852	2019-11-09 14:14:31
139.162.221.245	attackspambots	Excessive Port-Scanning	2019-11-09 14:03:25
144.172.126.128	attackbotsspam	144.172.126.128 was recorded 32 times by 2 hosts attempting to connect to the following ports: 3389. Incident counter (4h, 24h, all-time): 32, 180, 575	2019-11-09 13:59:21
207.154.239.128	attackbots	2019-11-09T06:30:00.300775abusebot-8.cloudsearch.cf sshd\[11291\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.154.239.128 user=root	2019-11-09 14:44:00
118.174.11.149	attackspam	2019-11-09T04:53:51.794408shield sshd\[3729\]: Invalid user userftp from 118.174.11.149 port 49026 2019-11-09T04:53:51.798751shield sshd\[3729\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=node-ph.118-174.static.totidc.net 2019-11-09T04:53:53.802464shield sshd\[3729\]: Failed password for invalid user userftp from 118.174.11.149 port 49026 ssh2 2019-11-09T04:54:20.019575shield sshd\[3859\]: Invalid user information from 118.174.11.149 port 59050 2019-11-09T04:54:20.025545shield sshd\[3859\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=node-ph.118-174.static.totidc.net	2019-11-09 13:59:47
197.225.166.204	attack	Nov 9 07:29:44 vps01 sshd[24460]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.225.166.204 Nov 9 07:29:46 vps01 sshd[24460]: Failed password for invalid user 1234@asdf from 197.225.166.204 port 42594 ssh2	2019-11-09 14:51:47
134.209.147.198	attackspam	Nov 9 07:29:52 zulu412 sshd\[11546\]: Invalid user chan from 134.209.147.198 port 36960 Nov 9 07:29:52 zulu412 sshd\[11546\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.147.198 Nov 9 07:29:54 zulu412 sshd\[11546\]: Failed password for invalid user chan from 134.209.147.198 port 36960 ssh2 ...	2019-11-09 14:47:02
185.222.211.166	attack	Nov 9 05:12:36 h2177944 kernel: \[6148348.424520\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.222.211.166 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=8322 PROTO=TCP SPT=8080 DPT=3401 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 9 05:16:10 h2177944 kernel: \[6148562.872810\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.222.211.166 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=59928 PROTO=TCP SPT=8080 DPT=444 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 9 05:16:18 h2177944 kernel: \[6148570.882767\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.222.211.166 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=58318 PROTO=TCP SPT=8080 DPT=13389 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 9 05:26:10 h2177944 kernel: \[6149162.385920\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.222.211.166 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=29248 PROTO=TCP SPT=8080 DPT=33398 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 9 05:53:16 h2177944 kernel: \[6150787.990897\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.222.211.166 DST=85.214	2019-11-09 14:27:43
110.38.2.11	attackbots	Unauthorised access (Nov 9) SRC=110.38.2.11 LEN=52 TTL=113 ID=3830 DF TCP DPT=445 WINDOW=8192 SYN	2019-11-09 14:11:22
106.12.179.165	attack	Nov 9 06:48:54 server sshd\[21162\]: Invalid user ilie from 106.12.179.165 port 33418 Nov 9 06:48:54 server sshd\[21162\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.179.165 Nov 9 06:48:56 server sshd\[21162\]: Failed password for invalid user ilie from 106.12.179.165 port 33418 ssh2 Nov 9 06:53:57 server sshd\[10483\]: User root from 106.12.179.165 not allowed because listed in DenyUsers Nov 9 06:53:57 server sshd\[10483\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.179.165 user=root	2019-11-09 14:13:03
1.64.103.196	attack	firewall-block, port(s): 5555/tcp	2019-11-09 14:44:57
125.234.109.236	attack	Unauthorised access (Nov 9) SRC=125.234.109.236 LEN=52 TOS=0x10 PREC=0x20 TTL=110 ID=28036 DF TCP DPT=445 WINDOW=8192 SYN	2019-11-09 14:25:54
14.243.62.156	attackbots	Unauthorized connection attempt from IP address 14.243.62.156 on Port 445(SMB)	2019-11-09 14:42:18
104.244.77.119	attack	2019-11-09T06:03:23.460764abusebot-2.cloudsearch.cf sshd\[11584\]: Invalid user wwwadm from 104.244.77.119 port 53514	2019-11-09 14:08:44

Recently Reported IPs

141.98.80.31	45.55.67.128	121.215.253.87	190.73.138.105
185.120.77.172	185.20.197.116	2408:8214:8000:37b:dc75:ca8d:7d20:7378	35.196.7.6
1.71.136.240	71.227.69.119	45.58.124.45	86.57.147.212
223.111.139.211	142.93.122.185	218.92.0.203	2.67.50.11
94.159.18.194	123.252.248.218	36.156.24.94	31.145.96.94