45.228.242.57 - IPInfo

Basic Info

City: Nova Serrana

Region: Minas Gerais

Country: Brazil

Internet Service Provider: G4 Telecom Ltda EPP

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Honeypot attack, port: 445, PTR: 45-228-242-57.g4telecom.com.br.	2020-01-20 03:42:50

Comments on same subnet:

IP	Type	Details	Datetime
45.228.242.118	attackspam	Unauthorized connection attempt detected from IP address 45.228.242.118 to port 445	2019-12-12 21:13:37

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.228.242.57
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10962
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.228.242.57.			IN	A

;; AUTHORITY SECTION:
.			311	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020011900 1800 900 604800 86400

;; Query time: 109 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jan 20 03:42:46 CST 2020
;; MSG SIZE  rcvd: 117

Host info

57.242.228.45.in-addr.arpa domain name pointer 45-228-242-57.g4telecom.com.br.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
57.242.228.45.in-addr.arpa	name = 45-228-242-57.g4telecom.com.br.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
62.234.95.148	attackbots	Oct 2 05:55:04 MK-Soft-VM5 sshd[29633]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.95.148 Oct 2 05:55:06 MK-Soft-VM5 sshd[29633]: Failed password for invalid user oksana from 62.234.95.148 port 47840 ssh2 ...	2019-10-02 12:06:32
188.166.251.87	attack	Oct 1 18:08:05 wbs sshd\[26637\]: Invalid user print from 188.166.251.87 Oct 1 18:08:05 wbs sshd\[26637\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.251.87 Oct 1 18:08:07 wbs sshd\[26637\]: Failed password for invalid user print from 188.166.251.87 port 35275 ssh2 Oct 1 18:12:48 wbs sshd\[27183\]: Invalid user dingch from 188.166.251.87 Oct 1 18:12:48 wbs sshd\[27183\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.251.87	2019-10-02 12:26:54
153.36.236.35	attackspambots	Oct 1 18:30:19 tdfoods sshd\[5828\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=153.36.236.35 user=root Oct 1 18:30:21 tdfoods sshd\[5828\]: Failed password for root from 153.36.236.35 port 21164 ssh2 Oct 1 18:30:23 tdfoods sshd\[5828\]: Failed password for root from 153.36.236.35 port 21164 ssh2 Oct 1 18:30:25 tdfoods sshd\[5828\]: Failed password for root from 153.36.236.35 port 21164 ssh2 Oct 1 18:36:02 tdfoods sshd\[6337\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=153.36.236.35 user=root	2019-10-02 12:38:11
104.155.91.177	attack	Oct 2 07:06:00 site3 sshd\[204588\]: Invalid user ftpuser from 104.155.91.177 Oct 2 07:06:00 site3 sshd\[204588\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.155.91.177 Oct 2 07:06:03 site3 sshd\[204588\]: Failed password for invalid user ftpuser from 104.155.91.177 port 34458 ssh2 Oct 2 07:09:56 site3 sshd\[204731\]: Invalid user pi from 104.155.91.177 Oct 2 07:09:56 site3 sshd\[204731\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.155.91.177 ...	2019-10-02 12:52:39
222.186.180.17	attack	2019-10-02T03:55:31.760687abusebot.cloudsearch.cf sshd\[8792\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.17 user=root	2019-10-02 12:06:54
102.114.135.93	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/102.114.135.93/ MU - 1H : (15) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : MU NAME ASN : ASN23889 IP : 102.114.135.93 CIDR : 102.114.128.0/17 PREFIX COUNT : 521 UNIQUE IP COUNT : 946944 WYKRYTE ATAKI Z ASN23889 : 1H - 2 3H - 4 6H - 6 12H - 10 24H - 14 DateTime : 2019-10-02 06:18:50 INFO : Port SSH 22 Scan Detected and Blocked by ADMIN - data recovery	2019-10-02 12:28:05
36.67.106.109	attackbotsspam	Oct 2 00:30:35 ny01 sshd[23382]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.67.106.109 Oct 2 00:30:38 ny01 sshd[23382]: Failed password for invalid user vs from 36.67.106.109 port 43301 ssh2 Oct 2 00:36:23 ny01 sshd[24364]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.67.106.109	2019-10-02 12:38:39
114.67.70.206	attack	Oct 2 06:26:50 vps647732 sshd[16797]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.67.70.206 Oct 2 06:26:53 vps647732 sshd[16797]: Failed password for invalid user kasni from 114.67.70.206 port 52844 ssh2 ...	2019-10-02 12:27:16
200.34.88.37	attackspambots	Oct 1 18:06:44 hpm sshd\[7199\]: Invalid user aker from 200.34.88.37 Oct 1 18:06:44 hpm sshd\[7199\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.34.88.37 Oct 1 18:06:46 hpm sshd\[7199\]: Failed password for invalid user aker from 200.34.88.37 port 37744 ssh2 Oct 1 18:10:44 hpm sshd\[7712\]: Invalid user test from 200.34.88.37 Oct 1 18:10:44 hpm sshd\[7712\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.34.88.37	2019-10-02 12:13:58
118.178.119.198	attackspam	2019-09-30T22:11:30.576709srv.ecualinux.com sshd[24838]: Invalid user plesk from 118.178.119.198 port 53328 2019-09-30T22:11:30.579744srv.ecualinux.com sshd[24838]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.178.119.198 2019-09-30T22:11:32.466848srv.ecualinux.com sshd[24838]: Failed password for invalid user plesk from 118.178.119.198 port 53328 ssh2 2019-09-30T22:15:42.193744srv.ecualinux.com sshd[25360]: Invalid user xiuzuan from 118.178.119.198 port 34958 2019-09-30T22:15:42.196467srv.ecualinux.com sshd[25360]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.178.119.198 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=118.178.119.198	2019-10-02 12:16:36
222.186.42.163	attack	SSH Brute Force, server-1 sshd[27425]: Failed password for root from 222.186.42.163 port 42670 ssh2	2019-10-02 12:49:25
216.167.250.210	attackbotsspam	RDP Bruteforce	2019-10-02 12:44:17
103.212.235.182	attackbots	Oct 1 18:20:28 eddieflores sshd\[18450\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.212.235.182 user=root Oct 1 18:20:30 eddieflores sshd\[18450\]: Failed password for root from 103.212.235.182 port 49700 ssh2 Oct 1 18:25:39 eddieflores sshd\[18857\]: Invalid user ntadmin from 103.212.235.182 Oct 1 18:25:39 eddieflores sshd\[18857\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.212.235.182 Oct 1 18:25:41 eddieflores sshd\[18857\]: Failed password for invalid user ntadmin from 103.212.235.182 port 34566 ssh2	2019-10-02 12:35:09
198.200.124.197	attackbots	Oct 1 17:51:21 friendsofhawaii sshd\[3485\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=198-200-124-197.cpe.distributel.net user=root Oct 1 17:51:23 friendsofhawaii sshd\[3485\]: Failed password for root from 198.200.124.197 port 51880 ssh2 Oct 1 17:55:00 friendsofhawaii sshd\[3806\]: Invalid user ubnt from 198.200.124.197 Oct 1 17:55:00 friendsofhawaii sshd\[3806\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=198-200-124-197.cpe.distributel.net Oct 1 17:55:02 friendsofhawaii sshd\[3806\]: Failed password for invalid user ubnt from 198.200.124.197 port 35412 ssh2	2019-10-02 12:09:45
104.248.88.144	attackbots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/104.248.88.144/ NL - 1H : (157) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : NL NAME ASN : ASN14061 IP : 104.248.88.144 CIDR : 104.248.80.0/20 PREFIX COUNT : 490 UNIQUE IP COUNT : 1963008 WYKRYTE ATAKI Z ASN14061 : 1H - 1 3H - 3 6H - 7 12H - 16 24H - 52 DateTime : 2019-10-02 05:54:28 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-10-02 12:32:43

Recently Reported IPs

76.209.197.212	42.230.39.84	126.61.74.106	167.172.221.136
220.135.189.192	60.229.74.30	187.217.193.210	112.105.247.136
154.254.70.153	108.217.9.90	86.23.121.75	193.246.19.155
60.238.247.244	24.78.167.66	125.164.85.47	108.228.181.5
113.186.181.57	197.46.75.110	101.21.148.22	174.157.140.206