45.142.115.10 - IPInfo

Basic Info

City: Oerlinghausen

Region: North Rhine-Westphalia

Country: Germany

Internet Service Provider: Nicolas Janzen

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Jun 6 00:03:57 cdc sshd[25802]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.142.115.10 user=root Jun 6 00:03:59 cdc sshd[25802]: Failed password for invalid user root from 45.142.115.10 port 33478 ssh2	2020-06-06 07:21:47
attackspambots	Unauthorised connection attempt detected at AUO MAIN. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-06-04 19:25:15

Type

Details

Datetime

attackbots

Jun  6 00:03:57 cdc sshd[25802]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.142.115.10  user=root
Jun  6 00:03:59 cdc sshd[25802]: Failed password for invalid user root from 45.142.115.10 port 33478 ssh2

2020-06-06 07:21:47

attackspambots

Unauthorised connection attempt detected at AUO MAIN. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)

2020-06-04 19:25:15

Comments on same subnet:

IP	Type	Details	Datetime
45.142.115.115	attackbotsspam	Brute forcing email accounts	2020-09-05 04:03:22
45.142.115.115	attackspambots	Brute forcing email accounts	2020-09-04 19:35:17

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.142.115.10
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 31383
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.142.115.10.			IN	A

;; AUTHORITY SECTION:
.			536	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020060200 1800 900 604800 86400

;; Query time: 114 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Jun 02 18:45:39 CST 2020
;; MSG SIZE  rcvd: 117

Host info

10.115.142.45.in-addr.arpa domain name pointer 10.115.142.45.in-addr.arpa.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
10.115.142.45.in-addr.arpa	name = 10.115.142.45.in-addr.arpa.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
106.12.188.252	attackspam	$f2bV_matches	2020-02-07 02:32:24
106.13.40.65	attack	$f2bV_matches	2020-02-07 01:55:48
112.85.42.176	attack	Feb 6 19:20:34 nextcloud sshd\[11163\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.176 user=root Feb 6 19:20:35 nextcloud sshd\[11163\]: Failed password for root from 112.85.42.176 port 46025 ssh2 Feb 6 19:20:55 nextcloud sshd\[11529\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.176 user=root	2020-02-07 02:25:58
171.249.216.65	attackbots	1580996510 - 02/06/2020 14:41:50 Host: 171.249.216.65/171.249.216.65 Port: 445 TCP Blocked	2020-02-07 02:29:02
106.54.114.248	attackbots	$f2bV_matches	2020-02-07 01:57:26
179.232.1.254	attackbots	Feb 6 16:13:23 localhost sshd\[2589\]: Invalid user wxx from 179.232.1.254 port 48852 Feb 6 16:13:23 localhost sshd\[2589\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.232.1.254 Feb 6 16:13:25 localhost sshd\[2589\]: Failed password for invalid user wxx from 179.232.1.254 port 48852 ssh2	2020-02-07 01:53:53
146.88.240.4	attack	06.02.2020 18:29:58 Connection to port 53 blocked by firewall	2020-02-07 02:23:49
41.42.177.50	attackspam	SMTP-sasl brute force ...	2020-02-07 01:53:35
139.199.228.154	attackbots	$f2bV_matches	2020-02-07 02:33:43
2.37.182.228	attackbots	[05/Feb/2020:01:41:21 -0500] "-" Blank UA	2020-02-07 02:21:43
167.99.187.125	attack	Feb 6 16:32:52 debian-2gb-nbg1-2 kernel: \[3262417.111444\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=167.99.187.125 DST=195.201.40.59 LEN=45 TOS=0x00 PREC=0x00 TTL=237 ID=54321 PROTO=UDP SPT=43076 DPT=53413 LEN=25	2020-02-07 02:31:19
207.189.170.14	attackspambots	Feb 6 15:14:18 ns382633 sshd\[31669\]: Invalid user xhd from 207.189.170.14 port 43864 Feb 6 15:14:18 ns382633 sshd\[31669\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.189.170.14 Feb 6 15:14:19 ns382633 sshd\[31669\]: Failed password for invalid user xhd from 207.189.170.14 port 43864 ssh2 Feb 6 15:26:41 ns382633 sshd\[1644\]: Invalid user kgk from 207.189.170.14 port 57998 Feb 6 15:26:41 ns382633 sshd\[1644\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.189.170.14	2020-02-07 02:12:02
171.100.25.136	attackspam	Feb 6 16:27:01 server sshd\[1324\]: Invalid user admin from 171.100.25.136 Feb 6 16:27:01 server sshd\[1324\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=cm-171-100-25-136.revip10.asianet.co.th Feb 6 16:27:04 server sshd\[1324\]: Failed password for invalid user admin from 171.100.25.136 port 56492 ssh2 Feb 6 18:16:22 server sshd\[19367\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=cm-171-100-25-136.revip10.asianet.co.th user=root Feb 6 18:16:24 server sshd\[19367\]: Failed password for root from 171.100.25.136 port 57551 ssh2 ...	2020-02-07 02:15:53
216.218.206.75	attackbots	3389BruteforceFW23	2020-02-07 02:08:10
164.163.201.33	attackbotsspam	Automatic report - Port Scan Attack	2020-02-07 02:15:16

Recently Reported IPs

14.185.32.215	45.21.6.83	32.87.7.224	66.241.216.145
153.93.94.168	220.252.95.40	12.111.0.198	132.11.139.169
118.195.43.23	180.254.247.68	41.139.154.51	192.30.128.239
193.7.186.59	145.125.9.144	124.28.85.70	178.222.222.254
130.200.254.118	46.41.160.126	118.250.132.215	63.28.29.58