45.114.158.142

Basic Info

City: unknown

Region: unknown

Country: India

Internet Service Provider: Gigabytes Broadband Pvt Ltd

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Honeypot attack, port: 23, PTR: PTR record not found	2019-12-28 16:43:08
attack	Unauthorised access (Dec 7) SRC=45.114.158.142 LEN=40 TTL=47 ID=24301 TCP DPT=23 WINDOW=17777 SYN Unauthorised access (Dec 7) SRC=45.114.158.142 LEN=40 TTL=49 ID=64052 TCP DPT=23 WINDOW=29235 SYN	2019-12-07 18:09:08

Type

Details

Datetime

attackspambots

Honeypot attack, port: 23, PTR: PTR record not found

2019-12-28 16:43:08

attack

Unauthorised access (Dec  7) SRC=45.114.158.142 LEN=40 TTL=47 ID=24301 TCP DPT=23 WINDOW=17777 SYN 
Unauthorised access (Dec  7) SRC=45.114.158.142 LEN=40 TTL=49 ID=64052 TCP DPT=23 WINDOW=29235 SYN

2019-12-07 18:09:08

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.114.158.142
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 35423
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.114.158.142.			IN	A

;; AUTHORITY SECTION:
.			392	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019120700 1800 900 604800 86400

;; Query time: 89 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Dec 07 18:09:04 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 142.158.114.45.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 142.158.114.45.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
185.40.15.58	attack	slow and persistent scanner	2019-10-20 14:39:28
76.80.241.66	attackbotsspam	/editBlackAndWhiteList	2019-10-20 14:36:06
178.128.13.87	attackbots	Oct 20 08:34:54 vps647732 sshd[7005]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.13.87 Oct 20 08:34:56 vps647732 sshd[7005]: Failed password for invalid user beginner from 178.128.13.87 port 35412 ssh2 ...	2019-10-20 15:02:20
138.197.33.113	attackspam	Oct 20 09:45:25 server sshd\[8800\]: Invalid user ming from 138.197.33.113 Oct 20 09:45:25 server sshd\[8800\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.33.113 Oct 20 09:45:27 server sshd\[8800\]: Failed password for invalid user ming from 138.197.33.113 port 37894 ssh2 Oct 20 09:53:20 server sshd\[10429\]: Invalid user amdsa from 138.197.33.113 Oct 20 09:53:20 server sshd\[10429\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.33.113 ...	2019-10-20 14:56:40
222.186.3.249	attackspam	Oct 20 08:13:08 minden010 sshd[18291]: Failed password for root from 222.186.3.249 port 34496 ssh2 Oct 20 08:14:38 minden010 sshd[19096]: Failed password for root from 222.186.3.249 port 44632 ssh2 ...	2019-10-20 14:25:52
91.236.239.56	attack	Oct 20 06:32:33 server sshd\[19478\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=srv208.firstheberg.net user=root Oct 20 06:32:36 server sshd\[19478\]: Failed password for root from 91.236.239.56 port 33976 ssh2 Oct 20 06:54:24 server sshd\[24679\]: Invalid user cl from 91.236.239.56 Oct 20 06:54:24 server sshd\[24679\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=srv208.firstheberg.net Oct 20 06:54:26 server sshd\[24679\]: Failed password for invalid user cl from 91.236.239.56 port 58226 ssh2 ...	2019-10-20 14:47:33
185.216.132.15	attackbots	k+ssh-bruteforce	2019-10-20 14:44:13
60.250.23.233	attackbots	Oct 20 09:46:19 server sshd\[20206\]: User root from 60.250.23.233 not allowed because listed in DenyUsers Oct 20 09:46:19 server sshd\[20206\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.250.23.233 user=root Oct 20 09:46:21 server sshd\[20206\]: Failed password for invalid user root from 60.250.23.233 port 60144 ssh2 Oct 20 09:50:56 server sshd\[9753\]: User root from 60.250.23.233 not allowed because listed in DenyUsers Oct 20 09:50:56 server sshd\[9753\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.250.23.233 user=root	2019-10-20 15:03:29
159.65.174.81	attackbotsspam	Oct 20 06:31:01 localhost sshd\[67717\]: Invalid user zaq1@wsx from 159.65.174.81 port 53852 Oct 20 06:31:01 localhost sshd\[67717\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.174.81 Oct 20 06:31:03 localhost sshd\[67717\]: Failed password for invalid user zaq1@wsx from 159.65.174.81 port 53852 ssh2 Oct 20 06:34:59 localhost sshd\[67844\]: Invalid user 12345 from 159.65.174.81 port 35502 Oct 20 06:34:59 localhost sshd\[67844\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.174.81 ...	2019-10-20 15:00:01
176.107.208.54	attackspam	[portscan] Port scan	2019-10-20 14:32:54
190.151.105.182	attackbots	Oct 20 08:00:27 MK-Soft-VM5 sshd[14871]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.151.105.182 Oct 20 08:00:29 MK-Soft-VM5 sshd[14871]: Failed password for invalid user qwerty from 190.151.105.182 port 51390 ssh2 ...	2019-10-20 14:50:30
94.152.156.111	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/94.152.156.111/ PL - 1H : (83) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : PL NAME ASN : ASN29522 IP : 94.152.156.111 CIDR : 94.152.128.0/18 PREFIX COUNT : 14 UNIQUE IP COUNT : 69376 ATTACKS DETECTED ASN29522 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 1 DateTime : 2019-10-20 05:54:46 INFO : HACK ! - Looking for resource vulnerabilities Scan Detected and Blocked by ADMIN - data recovery	2019-10-20 14:35:36
164.132.53.185	attack	Invalid user php from 164.132.53.185 port 44684	2019-10-20 14:43:18
23.129.64.183	attackbotsspam	Oct 20 07:57:53 rotator sshd\[5837\]: Failed password for root from 23.129.64.183 port 50898 ssh2Oct 20 07:57:56 rotator sshd\[5837\]: Failed password for root from 23.129.64.183 port 50898 ssh2Oct 20 07:57:59 rotator sshd\[5837\]: Failed password for root from 23.129.64.183 port 50898 ssh2Oct 20 07:58:02 rotator sshd\[5837\]: Failed password for root from 23.129.64.183 port 50898 ssh2Oct 20 07:58:05 rotator sshd\[5837\]: Failed password for root from 23.129.64.183 port 50898 ssh2Oct 20 07:58:08 rotator sshd\[5837\]: Failed password for root from 23.129.64.183 port 50898 ssh2 ...	2019-10-20 14:42:27
222.120.192.98	attack	Oct 20 12:57:11 webhost01 sshd[7540]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.120.192.98 Oct 20 12:57:12 webhost01 sshd[7540]: Failed password for invalid user support from 222.120.192.98 port 34600 ssh2 ...	2019-10-20 14:46:24

Recently Reported IPs

187.19.10.209	185.143.223.126	216.180.107.11	181.159.150.79
90.105.198.100	55.158.121.92	217.136.29.129	219.75.219.209
45.173.24.28	55.173.0.194	84.28.10.23	54.70.83.88
176.252.146.229	80.66.77.0	153.26.24.67	68.81.222.236
206.160.79.122	80.66.77.98	165.154.96.92	71.28.185.90