City: Sangrūr
Region: Punjab
Country: India
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
| IP | Type | Details | Datetime |
|---|---|---|---|
| 117.245.139.98 | attackspambots | Unauthorized connection attempt from IP address 117.245.139.98 on Port 445(SMB) |
2020-09-01 02:22:53 |
| 117.245.137.170 | attackbotsspam | Unauthorized connection attempt from IP address 117.245.137.170 on Port 445(SMB) |
2020-05-26 20:24:58 |
| 117.245.145.192 | attackspam | 1589630895 - 05/16/2020 14:08:15 Host: 117.245.145.192/117.245.145.192 Port: 445 TCP Blocked |
2020-05-17 03:50:41 |
| 117.245.145.224 | attack | Unauthorized connection attempt from IP address 117.245.145.224 on Port 445(SMB) |
2020-05-06 21:48:40 |
| 117.245.137.170 | attack | Port scanning |
2020-04-24 17:34:50 |
| 117.245.139.98 | attackbots | Unauthorized connection attempt from IP address 117.245.139.98 on Port 445(SMB) |
2020-02-18 05:58:21 |
| 117.245.141.90 | attack | Unauthorized connection attempt detected from IP address 117.245.141.90 to port 445 [T] |
2020-01-09 04:18:40 |
| 117.245.137.9 | attack | Attempt to attack host OS, exploiting network vulnerabilities, on 28-10-2019 11:50:21. |
2019-10-29 00:32:25 |
| 117.245.145.48 | attackspam | Unauthorized connection attempt from IP address 117.245.145.48 on Port 445(SMB) |
2019-09-24 04:05:15 |
| 117.245.140.42 | attackbotsspam | Unauthorised access (Sep 9) SRC=117.245.140.42 LEN=52 PREC=0x20 TTL=112 ID=5584 DF TCP DPT=445 WINDOW=8192 SYN |
2019-09-10 04:17:31 |
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
% Information related to '117.245.0.0 - 117.245.67.255'
% Abuse contact for '117.245.0.0 - 117.245.67.255' is 'abuse1@bsnl.co.in'
inetnum: 117.245.0.0 - 117.245.67.255
netname: WiMAX-BB
descr: Wimax Project, BSNL New Delhi
country: IN
admin-c: BH155-AP
tech-c: DB374-AP
abuse-c: AB1061-AP
status: ALLOCATED NON-PORTABLE
mnt-by: MAINT-IN-PER-DOT
mnt-irt: IRT-BSNL-IN
last-modified: 2021-07-15T07:17:15Z
source: APNIC
irt: IRT-BSNL-IN
address: Internet Cell
address: Bharat Sanchar Nigam Limited.
address: 8th Floor,148-B Statesman House
address: Barakhamba Road, New Delhi - 110 001
e-mail: abuse1@bsnl.co.in
abuse-mailbox: abuse1@bsnl.co.in
admin-c: NC83-AP
tech-c: CGMD1-AP
auth: # Filtered
remarks: abuse1@bsnl.co.in was validated on 2025-07-02
mnt-by: MAINT-IN-DOT
last-modified: 2025-09-04T01:01:13Z
source: APNIC
role: ABUSE BSNLIN
country: ZZ
address: Internet Cell
address: Bharat Sanchar Nigam Limited.
address: 8th Floor,148-B Statesman House
address: Barakhamba Road, New Delhi - 110 001
phone: +000000000
e-mail: abuse1@bsnl.co.in
admin-c: NC83-AP
tech-c: CGMD1-AP
nic-hdl: AB1061-AP
remarks: Generated from irt object IRT-BSNL-IN
remarks: abuse1@bsnl.co.in was validated on 2025-07-02
abuse-mailbox: abuse1@bsnl.co.in
mnt-by: APNIC-ABUSE
last-modified: 2025-07-02T04:54:12Z
source: APNIC
person: BSNL Hostmaster
nic-hdl: BH155-AP
e-mail: hostmaster@bsnl.co.in
address: Broadband Networks
address: Bharat Sanchar Nigam Limited
address: 2nd Floor, Telephone Exchange, Sector 62
address: Noida
phone: +91-120-2404243
fax-no: +91-120-2404241
country: IN
mnt-by: MAINT-IN-PER-DOT
last-modified: 2021-12-08T10:52:18Z
source: APNIC
person: DGM Broadband
address: BSNL NOC Bangalore
country: IN
phone: +91-080-25805800
fax-no: +91-080-25800022
e-mail: dnwplg@bsnl.in
nic-hdl: DB374-AP
mnt-by: MAINT-IN-PER-DOT
last-modified: 2011-02-19T10:03:44Z
source: APNIC
% Information related to '117.245.0.0/20AS9829'
route: 117.245.0.0/20
descr: BSNL Internet
origin: AS9829
country: IN
mnt-by: MAINT-IN-DOT
last-modified: 2011-01-10T10:35:07Z
source: APNIC
% This query was served by the APNIC Whois Service version 1.88.34 (WHOIS-AU4); <<>> DiG 9.10.3-P4-Ubuntu <<>> 117.245.1.241
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 32023
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;117.245.1.241. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025101500 1800 900 604800 86400
;; Query time: 12 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Oct 15 22:42:00 CST 2025
;; MSG SIZE rcvd: 106b'Host 241.1.245.117.in-addr.arpa. not found: 3(NXDOMAIN)
'server can't find 117.245.1.241.in-addr.arpa: SERVFAIL| IP | Type | Details | Datetime |
|---|---|---|---|
| 181.29.159.121 | attackbotsspam | blogonese.net 181.29.159.121 [31/May/2020:22:25:06 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4263 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.109 Safari/537.36" blogonese.net 181.29.159.121 [31/May/2020:22:25:11 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4263 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.109 Safari/537.36" |
2020-06-01 06:10:33 |
| 171.25.193.20 | attackspambots | xmlrpc attack |
2020-06-01 06:27:27 |
| 193.106.29.75 | attackspambots | 05/31/2020-16:25:13.852605 193.106.29.75 Protocol: 6 ET SCAN NMAP -sS window 1024 |
2020-06-01 06:08:54 |
| 116.3.203.103 | attackspam | May 31 09:13:09 DNS-2 sshd[2202]: User r.r from 116.3.203.103 not allowed because not listed in AllowUsers May 31 09:13:09 DNS-2 sshd[2202]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.3.203.103 user=r.r May 31 09:13:11 DNS-2 sshd[2202]: Failed password for invalid user r.r from 116.3.203.103 port 33132 ssh2 May 31 09:13:13 DNS-2 sshd[2202]: Received disconnect from 116.3.203.103 port 33132:11: Bye Bye [preauth] May 31 09:13:13 DNS-2 sshd[2202]: Disconnected from invalid user r.r 116.3.203.103 port 33132 [preauth] May 31 09:17:49 DNS-2 sshd[4242]: User r.r from 116.3.203.103 not allowed because not listed in AllowUsers May 31 09:17:49 DNS-2 sshd[4242]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.3.203.103 user=r.r May 31 09:17:52 DNS-2 sshd[4242]: Failed password for invalid user r.r from 116.3.203.103 port 56042 ssh2 May 31 09:17:54 DNS-2 sshd[4242]: Received disconnect fr........ ------------------------------- |
2020-06-01 06:43:13 |
| 120.203.29.78 | attackspambots | 225. On May 31 2020 experienced a Brute Force SSH login attempt -> 2 unique times by 120.203.29.78. |
2020-06-01 06:29:06 |
| 193.204.163.219 | attack | May 31 04:11:45 pl3server sshd[17437]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.204.163.219 user=r.r May 31 04:11:48 pl3server sshd[17437]: Failed password for r.r from 193.204.163.219 port 35466 ssh2 May 31 04:11:48 pl3server sshd[17437]: Received disconnect from 193.204.163.219 port 35466:11: Bye Bye [preauth] May 31 04:11:48 pl3server sshd[17437]: Disconnected from 193.204.163.219 port 35466 [preauth] May 31 04:23:47 pl3server sshd[9127]: Invalid user guest from 193.204.163.219 port 50274 May 31 04:23:47 pl3server sshd[9127]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.204.163.219 May 31 04:23:49 pl3server sshd[9127]: Failed password for invalid user guest from 193.204.163.219 port 50274 ssh2 May 31 04:23:49 pl3server sshd[9127]: Received disconnect from 193.204.163.219 port 50274:11: Bye Bye [preauth] May 31 04:23:49 pl3server sshd[9127]: Disconnected from 193.204.163........ ------------------------------- |
2020-06-01 06:26:21 |
| 95.179.153.182 | attackbots | [ssh] SSH attack |
2020-06-01 06:38:29 |
| 124.78.152.241 | attack | May 31 19:07:13 our-server-hostname sshd[5802]: reveeclipse mapping checking getaddrinfo for 241.152.78.124.broad.xw.sh.dynamic.163data.com.cn [124.78.152.241] failed - POSSIBLE BREAK-IN ATTEMPT! May 31 19:07:13 our-server-hostname sshd[5802]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.78.152.241 user=r.r May 31 19:07:15 our-server-hostname sshd[5802]: Failed password for r.r from 124.78.152.241 port 40150 ssh2 May 31 19:12:53 our-server-hostname sshd[6752]: reveeclipse mapping checking getaddrinfo for 241.152.78.124.broad.xw.sh.dynamic.163data.com.cn [124.78.152.241] failed - POSSIBLE BREAK-IN ATTEMPT! May 31 19:12:53 our-server-hostname sshd[6752]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.78.152.241 user=r.r May 31 19:12:55 our-server-hostname sshd[6752]: Failed password for r.r from 124.78.152.241 port 56728 ssh2 May 31 19:18:20 our-server-hostname sshd[7834]: reveec........ ------------------------------- |
2020-06-01 06:45:00 |
| 189.90.114.58 | attack | SSH bruteforce |
2020-06-01 06:05:56 |
| 116.110.146.9 | attackspam | SSH brute-force: detected 10 distinct usernames within a 24-hour window. |
2020-06-01 06:39:47 |
| 51.75.25.12 | attackbotsspam | 2020-05-31T20:45:59.147521shield sshd\[10686\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=mail.hugo-benchetrit.fr user=root 2020-05-31T20:46:00.733894shield sshd\[10686\]: Failed password for root from 51.75.25.12 port 37664 ssh2 2020-05-31T20:49:33.590826shield sshd\[11441\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=mail.hugo-benchetrit.fr user=root 2020-05-31T20:49:36.223892shield sshd\[11441\]: Failed password for root from 51.75.25.12 port 42504 ssh2 2020-05-31T20:53:18.371177shield sshd\[12319\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=mail.hugo-benchetrit.fr user=root |
2020-06-01 06:30:03 |
| 31.5.234.119 | attackspam | Automatic report - Port Scan Attack |
2020-06-01 06:23:51 |
| 88.208.194.117 | attackbotsspam | 1397. On May 31 2020 experienced a Brute Force SSH login attempt -> 2 unique times by 88.208.194.117. |
2020-06-01 06:43:34 |
| 116.196.90.116 | attackspambots | SSH/22 MH Probe, BF, Hack - |
2020-06-01 06:22:53 |
| 222.73.62.184 | attackbots | Jun 1 00:18:42 home sshd[24386]: Failed password for root from 222.73.62.184 port 53273 ssh2 Jun 1 00:22:15 home sshd[24722]: Failed password for root from 222.73.62.184 port 52207 ssh2 ... |
2020-06-01 06:30:27 |