112.78.45.142 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Indonesia

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
112.78.45.40	attackspambots	Mar 28 00:08:51 [HOSTNAME] sshd[10063]: Invalid user deploy from 112.78.45.40 port 39758 Mar 28 00:08:51 [HOSTNAME] sshd[10063]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.78.45.40 Mar 28 00:08:52 [HOSTNAME] sshd[10063]: Failed password for invalid user deploy from 112.78.45.40 port 39758 ssh2 ...	2020-03-28 07:33:33
112.78.45.40	attackspam	(sshd) Failed SSH login from 112.78.45.40 (ID/Indonesia/ip45-40.des.net.id): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Mar 17 02:35:41 amsweb01 sshd[25956]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.78.45.40 user=root Mar 17 02:35:42 amsweb01 sshd[25956]: Failed password for root from 112.78.45.40 port 46142 ssh2 Mar 17 02:50:36 amsweb01 sshd[27523]: Invalid user demo from 112.78.45.40 port 53620 Mar 17 02:50:38 amsweb01 sshd[27523]: Failed password for invalid user demo from 112.78.45.40 port 53620 ssh2 Mar 17 02:57:09 amsweb01 sshd[28841]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.78.45.40 user=root	2020-03-17 12:42:28
112.78.45.40	attackbotsspam	Mar 10 11:50:09 wbs sshd\[2118\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.78.45.40 user=root Mar 10 11:50:10 wbs sshd\[2118\]: Failed password for root from 112.78.45.40 port 60318 ssh2 Mar 10 11:56:11 wbs sshd\[2680\]: Invalid user zhouheng from 112.78.45.40 Mar 10 11:56:11 wbs sshd\[2680\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.78.45.40 Mar 10 11:56:13 wbs sshd\[2680\]: Failed password for invalid user zhouheng from 112.78.45.40 port 36246 ssh2	2020-03-11 06:10:29
112.78.45.40	attackspambots	$f2bV_matches	2020-03-08 13:04:55
112.78.45.40	attackspambots	Mar 4 12:26:58 localhost sshd\[13248\]: Invalid user test from 112.78.45.40 port 41376 Mar 4 12:26:58 localhost sshd\[13248\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.78.45.40 Mar 4 12:27:00 localhost sshd\[13248\]: Failed password for invalid user test from 112.78.45.40 port 41376 ssh2	2020-03-04 19:40:19
112.78.45.40	attackbotsspam	Sep 24 07:18:30 OPSO sshd\[19985\]: Invalid user kf@123 from 112.78.45.40 port 54712 Sep 24 07:18:30 OPSO sshd\[19985\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.78.45.40 Sep 24 07:18:33 OPSO sshd\[19985\]: Failed password for invalid user kf@123 from 112.78.45.40 port 54712 ssh2 Sep 24 07:23:38 OPSO sshd\[20996\]: Invalid user apache@123 from 112.78.45.40 port 38930 Sep 24 07:23:38 OPSO sshd\[20996\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.78.45.40	2019-09-24 13:25:09
112.78.45.40	attackspam	Sep 19 22:40:11 dev0-dcfr-rnet sshd[2450]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.78.45.40 Sep 19 22:40:13 dev0-dcfr-rnet sshd[2450]: Failed password for invalid user bftp from 112.78.45.40 port 36430 ssh2 Sep 19 22:45:09 dev0-dcfr-rnet sshd[2480]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.78.45.40	2019-09-20 04:46:21
112.78.45.40	attack	Sep 16 06:36:43 www2 sshd\[3503\]: Invalid user harvey from 112.78.45.40Sep 16 06:36:46 www2 sshd\[3503\]: Failed password for invalid user harvey from 112.78.45.40 port 57412 ssh2Sep 16 06:41:23 www2 sshd\[4104\]: Invalid user demos from 112.78.45.40 ...	2019-09-16 11:42:13
112.78.45.40	attackspam	Sep 8 19:58:49 aat-srv002 sshd[3074]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.78.45.40 Sep 8 19:58:51 aat-srv002 sshd[3074]: Failed password for invalid user ftpuser from 112.78.45.40 port 34742 ssh2 Sep 8 20:03:32 aat-srv002 sshd[3185]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.78.45.40 Sep 8 20:03:34 aat-srv002 sshd[3185]: Failed password for invalid user minecraft from 112.78.45.40 port 48602 ssh2 ...	2019-09-09 11:15:04
112.78.45.40	attack	Sep 1 22:36:55 nextcloud sshd\[28824\]: Invalid user 123surusa from 112.78.45.40 Sep 1 22:36:55 nextcloud sshd\[28824\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.78.45.40 Sep 1 22:36:57 nextcloud sshd\[28824\]: Failed password for invalid user 123surusa from 112.78.45.40 port 35130 ssh2 ...	2019-09-02 04:59:24
112.78.45.40	attack	Invalid user firma from 112.78.45.40 port 40040	2019-09-01 12:19:04
112.78.45.40	attack	Aug 31 15:34:23 yabzik sshd[889]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.78.45.40 Aug 31 15:34:25 yabzik sshd[889]: Failed password for invalid user administrador from 112.78.45.40 port 53254 ssh2 Aug 31 15:39:27 yabzik sshd[3106]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.78.45.40	2019-08-31 20:57:54
112.78.45.40	attackspam	Aug 27 04:30:51 hcbb sshd\[19243\]: Invalid user P@ssword from 112.78.45.40 Aug 27 04:30:51 hcbb sshd\[19243\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.78.45.40 Aug 27 04:30:54 hcbb sshd\[19243\]: Failed password for invalid user P@ssword from 112.78.45.40 port 60592 ssh2 Aug 27 04:35:39 hcbb sshd\[19593\]: Invalid user deployer1 from 112.78.45.40 Aug 27 04:35:39 hcbb sshd\[19593\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.78.45.40	2019-08-28 02:46:38
112.78.45.40	attack	2019-08-20T09:12:57.296443stark.klein-stark.info sshd\[28733\]: Invalid user py from 112.78.45.40 port 40074 2019-08-20T09:12:57.305296stark.klein-stark.info sshd\[28733\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.78.45.40 2019-08-20T09:12:58.968273stark.klein-stark.info sshd\[28733\]: Failed password for invalid user py from 112.78.45.40 port 40074 ssh2 ...	2019-08-20 21:11:54

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 112.78.45.142
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 51938
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;112.78.45.142.			IN	A

;; AUTHORITY SECTION:
.			395	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022030102 1800 900 604800 86400

;; Query time: 168 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Mar 02 12:20:36 CST 2022
;; MSG SIZE  rcvd: 106

Host info

142.45.78.112.in-addr.arpa domain name pointer ip45-142.des.net.id.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
142.45.78.112.in-addr.arpa	name = ip45-142.des.net.id.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
182.151.205.83	attack	May 27 20:20:51 debian-2gb-nbg1-2 kernel: \[12862444.526810\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=182.151.205.83 DST=195.201.40.59 LEN=52 TOS=0x00 PREC=0x00 TTL=114 ID=2808 DF PROTO=TCP SPT=59475 DPT=1433 WINDOW=8192 RES=0x00 SYN URGP=0	2020-05-28 03:57:11
159.203.40.97	attack	Automatic report - XMLRPC Attack	2020-05-28 04:21:10
145.239.196.14	attackbotsspam	May 28 00:47:47 dhoomketu sshd[249417]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.196.14 May 28 00:47:47 dhoomketu sshd[249417]: Invalid user superman from 145.239.196.14 port 45666 May 28 00:47:49 dhoomketu sshd[249417]: Failed password for invalid user superman from 145.239.196.14 port 45666 ssh2 May 28 00:50:57 dhoomketu sshd[249453]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.196.14 user=root May 28 00:50:58 dhoomketu sshd[249453]: Failed password for root from 145.239.196.14 port 50024 ssh2 ...	2020-05-28 03:43:01
1.192.94.61	attackspambots	May 27 21:26:38 ns381471 sshd[28908]: Failed password for root from 1.192.94.61 port 48576 ssh2 May 27 21:29:22 ns381471 sshd[29106]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.192.94.61	2020-05-28 04:19:18
104.140.188.38	attack	firewall-block, port(s): 5060/tcp	2020-05-28 04:15:32
79.124.62.250	attackbotsspam	May 27 22:02:36 debian-2gb-nbg1-2 kernel: \[12868549.602602\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=79.124.62.250 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=56911 PROTO=TCP SPT=44795 DPT=12375 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-28 04:07:36
13.59.181.71	attackbotsspam	May 27 19:50:39 mail1 sshd[19996]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.59.181.71 user=r.r May 27 19:50:42 mail1 sshd[19996]: Failed password for r.r from 13.59.181.71 port 38030 ssh2 May 27 19:50:42 mail1 sshd[19996]: Received disconnect from 13.59.181.71 port 38030:11: Bye Bye [preauth] May 27 19:50:42 mail1 sshd[19996]: Disconnected from 13.59.181.71 port 38030 [preauth] May 27 20:10:09 mail1 sshd[21214]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.59.181.71 user=r.r ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=13.59.181.71	2020-05-28 03:51:59
89.32.41.119	attackbots	[Wed May 27 18:14:05 2020 GMT] strongbridgeconsults@gmail.com [], Subject: Covid19 Relief Business Loan support	2020-05-28 04:01:17
103.205.64.74	attackspambots	Probably a compromised email account sending viruses. Source IP: zimbra129-ind.megavelocity.net[103.205.64.74] Time: 2020-05-27 00:56:43 Action: Blocked Reason: Virus (*BN.ZeroHour) Filename: Request.pdf.z	2020-05-28 03:45:08
51.77.94.226	attackbots	Tor exit node	2020-05-28 03:52:35
182.61.173.121	attack	Automatic report - Port Scan	2020-05-28 04:20:41
202.104.112.217	attack	May 27 20:36:26 pi sshd[27935]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.104.112.217 May 27 20:36:27 pi sshd[27935]: Failed password for invalid user cent from 202.104.112.217 port 45484 ssh2	2020-05-28 04:06:27
14.174.119.173	attackspam	failed_logins	2020-05-28 04:23:18
222.186.30.57	attack	Unauthorized connection attempt detected from IP address 222.186.30.57 to port 22	2020-05-28 04:22:35
13.234.244.211	attackbots	Lines containing failures of 13.234.244.211 May 25 14:35:11 shared10 postfix/smtpd[16648]: connect from em3-13-234-244-211.ap-south-1.compute.amazonaws.com[13.234.244.211] May x@x May 25 14:35:13 shared10 postfix/smtpd[16648]: disconnect from em3-13-234-244-211.ap-south-1.compute.amazonaws.com[13.234.244.211] ehlo=2 starttls=1 mail=1 rcpt=0/1 data=0/1 eclipset=1 quhostname=1 commands=6/8 May 25 14:45:16 shared10 postfix/smtpd[16648]: connect from e .... truncated .... em3-13-234-244-211.ap-south-1.compute.amazonaws.com[13.234.244.211] May x@x May 27 06:07:36 shared10 postfix/smtpd[26675]: disconnect from em3-13-234-244-211.ap-south-1.compute.amazonaws.com[13.234.244.211] ehlo=2 starttls=1 mail=1 rcpt=0/1 data=0/1 eclipset=1 quhostname=1 commands=6/8 May 27 06:25:52 shared10 postfix/smtpd[26675]: connect from em3-13-234-244-211.ap-south-1.compute.amazonaws.com[13.234.244.211] May x@x May 27 06:30:16 shared10 postfix/smtpd[26675]: disconnect from em3-13-234-244-211.ap-so........ ------------------------------	2020-05-28 04:10:04

Recently Reported IPs

112.78.44.233	112.78.45.186	112.78.45.242	112.78.45.4
112.78.46.19	112.78.46.35	112.78.46.61	112.78.46.65
112.78.47.130	112.78.47.138	112.78.47.154	112.78.47.187
112.78.47.188	112.78.47.210	112.78.5.152	112.78.5.154
112.78.5.189	112.78.66.101	112.78.67.153	112.79.107.65