45.115.4.242 - IPInfo

Basic Info

City: Sonipat

Region: Haryana

Country: India

Internet Service Provider: Gigantic Infotel Pvt Ltd

Hostname: unknown

Organization: Gigantic Infotel Pvt Ltd

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Unauthorized connection attempt from IP address 45.115.4.242 on Port 445(SMB)	2019-08-20 01:57:14

Comments on same subnet:

IP	Type	Details	Datetime
45.115.4.210	attackbots	Unauthorized connection attempt from IP address 45.115.4.210 on Port 445(SMB)	2020-08-22 03:56:30
45.115.4.170	attackbots	Honeypot attack, port: 445, PTR: PTR record not found	2020-01-23 12:54:58
45.115.4.170	attackspam	Unauthorised access (Sep 8) SRC=45.115.4.170 LEN=52 TTL=117 ID=26799 DF TCP DPT=445 WINDOW=8192 SYN	2019-09-09 07:04:11

Type

Details

Datetime

45.115.4.210

attackbots

Unauthorized connection attempt from IP address 45.115.4.210 on Port 445(SMB)

2020-08-22 03:56:30

45.115.4.170

attackbots

Honeypot attack, port: 445, PTR: PTR record not found

2020-01-23 12:54:58

45.115.4.170

attackspam

Unauthorised access (Sep  8) SRC=45.115.4.170 LEN=52 TTL=117 ID=26799 DF TCP DPT=445 WINDOW=8192 SYN

2019-09-09 07:04:11

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.115.4.242
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44558
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.115.4.242.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019081901 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Aug 20 01:56:55 CST 2019
;; MSG SIZE  rcvd: 116

Host info

Host 242.4.115.45.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 242.4.115.45.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
125.16.33.1	attackspam	Feb 4 14:50:56 grey postfix/smtpd\[23100\]: NOQUEUE: reject: RCPT from unknown\[125.16.33.1\]: 554 5.7.1 Service unavailable\; Client host \[125.16.33.1\] blocked using cbl.abuseat.org\; Blocked - see http://www.abuseat.org/lookup.cgi\?ip=125.16.33.1\; from=\ to=\ proto=ESMTP helo=\<14.140.192.101.STATIC-Kolkata-vsnl.net.in\> ...	2020-02-05 00:51:01
49.51.242.225	attackbotsspam	Unauthorized connection attempt detected from IP address 49.51.242.225 to port 8480 [J]	2020-02-05 01:34:19
200.61.190.81	attackspambots	Feb 4 06:56:57 hpm sshd\[24230\]: Invalid user vovanich from 200.61.190.81 Feb 4 06:56:57 hpm sshd\[24230\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.61.190.81 Feb 4 06:56:58 hpm sshd\[24230\]: Failed password for invalid user vovanich from 200.61.190.81 port 37978 ssh2 Feb 4 07:01:15 hpm sshd\[24785\]: Invalid user internet from 200.61.190.81 Feb 4 07:01:15 hpm sshd\[24785\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.61.190.81	2020-02-05 01:24:35
139.216.46.96	attackspam	2019-09-16 11:45:33 1i9nZc-0000LR-Qq SMTP connection from 96.46.216.139.sta.dodo.net.au \[139.216.46.96\]:32106 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-09-16 11:46:02 1i9na5-0000Lz-VH SMTP connection from 96.46.216.139.sta.dodo.net.au \[139.216.46.96\]:32326 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-09-16 11:46:14 1i9naH-0000MO-4n SMTP connection from 96.46.216.139.sta.dodo.net.au \[139.216.46.96\]:32412 I=\[193.107.88.166\]:25 closed by DROP in ACL ...	2020-02-05 00:52:15
184.105.247.246	attackbots	firewall-block, port(s): 4786/tcp	2020-02-05 01:36:44
172.105.18.163	attack	firewall-block, port(s): 69/udp	2020-02-05 01:38:38
162.243.121.211	attackspambots	Unauthorized connection attempt detected from IP address 162.243.121.211 to port 2220 [J]	2020-02-05 00:54:55
103.90.32.58	attack	DATE:2020-02-04 14:49:17, IP:103.90.32.58, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-02-05 01:37:06
106.12.25.143	attackspam	Unauthorized connection attempt detected from IP address 106.12.25.143 to port 2220 [J]	2020-02-05 01:01:47
138.68.142.122	attack	2019-05-07 11:08:35 1hNw5T-0007K7-NU SMTP connection from jeans.bridgecoaa.com \(null.technoandy.icu\) \[138.68.142.122\]:41731 I=\[193.107.90.29\]:25 closed by DROP in ACL 2019-05-07 11:09:14 1hNw66-0007Mr-Kd SMTP connection from jeans.bridgecoaa.com \(cats.technoandy.icu\) \[138.68.142.122\]:51735 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-05-07 11:10:28 1hNw7I-0007Py-G4 SMTP connection from jeans.bridgecoaa.com \(shaken.technoandy.icu\) \[138.68.142.122\]:56823 I=\[193.107.88.166\]:25 closed by DROP in ACL ...	2020-02-05 01:13:30
106.13.124.189	attack	Unauthorized connection attempt detected from IP address 106.13.124.189 to port 2220 [J]	2020-02-05 01:11:45
69.245.220.97	attackbotsspam	Feb 4 15:57:22 srv-ubuntu-dev3 sshd[29301]: Invalid user soyinka from 69.245.220.97 Feb 4 15:57:22 srv-ubuntu-dev3 sshd[29301]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=69.245.220.97 Feb 4 15:57:22 srv-ubuntu-dev3 sshd[29301]: Invalid user soyinka from 69.245.220.97 Feb 4 15:57:24 srv-ubuntu-dev3 sshd[29301]: Failed password for invalid user soyinka from 69.245.220.97 port 47982 ssh2 Feb 4 16:00:28 srv-ubuntu-dev3 sshd[29603]: Invalid user testbed from 69.245.220.97 Feb 4 16:00:28 srv-ubuntu-dev3 sshd[29603]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=69.245.220.97 Feb 4 16:00:28 srv-ubuntu-dev3 sshd[29603]: Invalid user testbed from 69.245.220.97 Feb 4 16:00:30 srv-ubuntu-dev3 sshd[29603]: Failed password for invalid user testbed from 69.245.220.97 port 49610 ssh2 Feb 4 16:03:31 srv-ubuntu-dev3 sshd[29867]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruse ...	2020-02-05 01:07:33
222.186.42.75	attackspambots	Unauthorized connection attempt detected from IP address 222.186.42.75 to port 22 [J]	2020-02-05 00:54:02
46.101.124.220	attackspam	Feb 4 14:03:45 firewall sshd[26920]: Invalid user cnau from 46.101.124.220 Feb 4 14:03:46 firewall sshd[26920]: Failed password for invalid user cnau from 46.101.124.220 port 41948 ssh2 Feb 4 14:06:49 firewall sshd[27014]: Invalid user password from 46.101.124.220 ...	2020-02-05 01:30:21
138.68.133.161	attackbots	2019-05-07 14:01:13 1hNymX-0003t1-J3 SMTP connection from wail.bridgecoaa.com \(sombrero.saudecolastrina.icu\) \[138.68.133.161\]:55146 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-05-07 14:01:13 1hNymX-0003t0-J4 SMTP connection from wail.bridgecoaa.com \(ecology.saudecolastrina.icu\) \[138.68.133.161\]:33983 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-05-07 14:03:34 1hNyoo-0003vx-Qj SMTP connection from wail.bridgecoaa.com \(stitch.saudecolastrina.icu\) \[138.68.133.161\]:47804 I=\[193.107.90.29\]:25 closed by DROP in ACL ...	2020-02-05 01:15:36

Recently Reported IPs

175.35.66.82	32.178.144.137	57.248.22.29	118.70.52.188
165.50.20.136	24.167.200.160	204.118.27.25	114.167.158.115
36.104.255.220	214.250.73.129	92.83.104.91	223.183.152.255
184.67.252.10	123.52.92.210	82.55.39.46	73.203.16.241
197.237.123.79	12.20.122.220	96.82.208.61	49.35.52.3