95.215.45.49 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Sweden

Internet Service Provider: SIA Nano IT

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	ET SCAN Potential SSH Scan - port: 22 proto: TCP cat: Attempted Information Leak	2019-11-04 03:01:09

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 95.215.45.49
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 51270
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;95.215.45.49.			IN	A

;; AUTHORITY SECTION:
.			325	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019110301 1800 900 604800 86400

;; Query time: 92 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Nov 04 03:01:05 CST 2019
;; MSG SIZE  rcvd: 116

Host info

49.45.215.95.in-addr.arpa domain name pointer hosted-by.yourserver.se.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
49.45.215.95.in-addr.arpa	name = hosted-by.yourserver.se.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
185.153.196.64	attack	Jun 3 16:09:29 debian-2gb-nbg1-2 kernel: \[13452131.417711\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=185.153.196.64 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=20613 PROTO=TCP SPT=44847 DPT=19411 WINDOW=1024 RES=0x00 SYN URGP=0	2020-06-03 23:04:50
70.45.228.33	attackbotsspam	Automatic report - Port Scan Attack	2020-06-03 23:05:49
88.227.90.8	attack	1591185228 - 06/03/2020 13:53:48 Host: 88.227.90.8/88.227.90.8 Port: 445 TCP Blocked	2020-06-03 23:09:18
85.209.0.100	attackbots	Jun 3 16:11:32 cdc sshd[12658]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.209.0.100 user=root	2020-06-03 23:16:02
106.52.19.71	attack	Jun 3 17:03:45 lukav-desktop sshd\[20259\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.19.71 user=root Jun 3 17:03:47 lukav-desktop sshd\[20259\]: Failed password for root from 106.52.19.71 port 56607 ssh2 Jun 3 17:06:58 lukav-desktop sshd\[965\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.19.71 user=root Jun 3 17:07:00 lukav-desktop sshd\[965\]: Failed password for root from 106.52.19.71 port 45306 ssh2 Jun 3 17:10:12 lukav-desktop sshd\[4313\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.19.71 user=root	2020-06-03 23:19:25
5.188.86.174	attackspam	Cowrie Honeypot: 10 unauthorised SSH/Telnet login attempts between 2020-06-03T13:49:16Z and 2020-06-03T14:20:32Z	2020-06-03 22:53:40
179.234.100.33	attack	Fail2Ban Ban Triggered	2020-06-03 23:24:35
165.22.213.142	attackspam	Jun 1 06:32:44 debian-4gb-nbg1-mysql sshd[28315]: Failed password for r.r from 165.22.213.142 port 57002 ssh2 Jun 1 06:36:42 debian-4gb-nbg1-mysql sshd[28735]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.213.142 user=r.r Jun 1 06:36:45 debian-4gb-nbg1-mysql sshd[28735]: Failed password for r.r from 165.22.213.142 port 59370 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=165.22.213.142	2020-06-03 23:20:01
117.251.64.122	attack	Unauthorised access (Jun 3) SRC=117.251.64.122 LEN=40 TTL=47 ID=43025 TCP DPT=23 WINDOW=56087 SYN	2020-06-03 22:50:10
51.77.148.77	attackbots	Jun 3 13:12:11 web8 sshd\[27730\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.148.77 user=root Jun 3 13:12:13 web8 sshd\[27730\]: Failed password for root from 51.77.148.77 port 35498 ssh2 Jun 3 13:15:34 web8 sshd\[29558\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.148.77 user=root Jun 3 13:15:37 web8 sshd\[29558\]: Failed password for root from 51.77.148.77 port 39086 ssh2 Jun 3 13:19:03 web8 sshd\[31277\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.148.77 user=root	2020-06-03 23:15:30
173.201.196.4	attack	Automatic report - XMLRPC Attack	2020-06-03 23:06:46
222.186.175.202	attackspam	Jun 3 17:18:00 pve1 sshd[24830]: Failed password for root from 222.186.175.202 port 55318 ssh2 Jun 3 17:18:03 pve1 sshd[24830]: Failed password for root from 222.186.175.202 port 55318 ssh2 ...	2020-06-03 23:19:49
151.80.45.136	attack	Jun 3 16:50:03 [host] sshd[4698]: pam_unix(sshd:a Jun 3 16:50:05 [host] sshd[4698]: Failed password Jun 3 16:53:33 [host] sshd[4811]: pam_unix(sshd:a	2020-06-03 23:12:20
106.54.236.226	attack	Jun 3 13:53:46 srv sshd[17573]: Failed password for root from 106.54.236.226 port 46460 ssh2	2020-06-03 23:11:19
198.100.158.173	attackbots	Jun 3 13:48:09 sso sshd[24657]: Failed password for root from 198.100.158.173 port 57380 ssh2 ...	2020-06-03 23:14:39

Recently Reported IPs

105.154.7.241	197.55.6.252	104.151.194.168	42.126.212.2
208.200.82.182	220.30.35.185	143.204.192.45	24.67.119.245
85.113.141.171	204.52.213.92	116.203.203.73	44.139.206.205
156.210.199.54	2.248.101.78	45.2.69.50	93.20.25.231
185.80.55.205	122.158.160.8	223.12.7.51	56.127.212.192