45.243.53.111 - IPInfo

Basic Info

City: Cairo

Region: Cairo Governorate

Country: Egypt

Internet Service Provider: Link Egypt

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Honeypot attack, port: 445, PTR: PTR record not found	2019-10-23 03:25:07

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.243.53.111
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10670
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.243.53.111.			IN	A

;; AUTHORITY SECTION:
.			396	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019102201 1800 900 604800 86400

;; Query time: 107 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Oct 23 03:25:04 CST 2019
;; MSG SIZE  rcvd: 117

Host info

Host 111.53.243.45.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 111.53.243.45.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
51.83.42.185	attackbots	Feb 11 12:51:48 firewall sshd[20356]: Invalid user vpv from 51.83.42.185 Feb 11 12:51:51 firewall sshd[20356]: Failed password for invalid user vpv from 51.83.42.185 port 59058 ssh2 Feb 11 12:54:54 firewall sshd[20520]: Invalid user lzl from 51.83.42.185 ...	2020-02-12 00:19:56
113.164.79.241	attackbots	1581428790 - 02/11/2020 14:46:30 Host: 113.164.79.241/113.164.79.241 Port: 445 TCP Blocked	2020-02-12 00:21:36
167.249.106.73	attack	Port probing on unauthorized port 23	2020-02-12 00:04:45
189.72.252.111	attackbots	Unauthorized connection attempt from IP address 189.72.252.111 on Port 445(SMB)	2020-02-12 00:05:54
171.239.206.21	attackspambots	Feb 10 07:01:32 riskplan-s sshd[25266]: Address 171.239.206.21 maps to dynamic-ip-adsl.viettel.vn, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Feb 10 07:01:32 riskplan-s sshd[25266]: Invalid user mother from 171.239.206.21 Feb 10 07:01:33 riskplan-s sshd[25266]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.239.206.21 Feb 10 07:01:35 riskplan-s sshd[25266]: Failed password for invalid user mother from 171.239.206.21 port 56668 ssh2 Feb 10 07:01:36 riskplan-s sshd[25266]: Connection closed by 171.239.206.21 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=171.239.206.21	2020-02-12 00:24:16
198.108.66.80	attackbots	...	2020-02-12 00:06:22
182.253.90.33	attackspam	Unauthorized connection attempt from IP address 182.253.90.33 on Port 445(SMB)	2020-02-12 00:23:46
112.133.204.218	attack	1581428827 - 02/11/2020 14:47:07 Host: 112.133.204.218/112.133.204.218 Port: 445 TCP Blocked	2020-02-11 23:36:02
91.120.101.226	attackbotsspam	Feb 11 14:36:12 game-panel sshd[27522]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.120.101.226 Feb 11 14:36:14 game-panel sshd[27522]: Failed password for invalid user edo from 91.120.101.226 port 39575 ssh2 Feb 11 14:38:52 game-panel sshd[27598]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.120.101.226	2020-02-12 00:07:45
78.187.3.102	attack	Unauthorized connection attempt detected from IP address 78.187.3.102 to port 445	2020-02-12 00:08:02
42.118.242.189	attackspam	Feb 11 11:01:27 plusreed sshd[23538]: Invalid user oys from 42.118.242.189 ...	2020-02-12 00:18:28
95.108.181.123	attackbots	[Tue Feb 11 20:46:57.888864 2020] [:error] [pid 20572:tid 139718691903232] [client 95.108.181.123:45713] [client 95.108.181.123] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "XkKwUcVq@NXN2THe1Ji4yQAAAHE"] ...	2020-02-11 23:47:31
80.66.81.148	attackspam	2020-02-11 16:43:54 dovecot_login authenticator failed for $\[80.66.81.148\]$ \[80.66.81.148\]: 535 Incorrect authentication data $set_id=postmaster@nophost.com$ 2020-02-11 16:44:04 dovecot_login authenticator failed for $\[80.66.81.148\]$ \[80.66.81.148\]: 535 Incorrect authentication data 2020-02-11 16:44:20 dovecot_login authenticator failed for $\[80.66.81.148\]$ \[80.66.81.148\]: 535 Incorrect authentication data 2020-02-11 16:44:25 dovecot_login authenticator failed for $\[80.66.81.148\]$ \[80.66.81.148\]: 535 Incorrect authentication data 2020-02-11 16:44:38 dovecot_login authenticator failed for $\[80.66.81.148\]$ \[80.66.81.148\]: 535 Incorrect authentication data	2020-02-11 23:49:43
14.255.106.58	attackspambots	Unauthorized connection attempt from IP address 14.255.106.58 on Port 445(SMB)	2020-02-11 23:48:51
27.41.191.86	attackbots	port scan and connect, tcp 23 (telnet)	2020-02-11 23:57:26

Recently Reported IPs

14.245.154.127	80.102.236.203	98.73.16.168	217.7.146.178
79.103.104.16	173.177.126.234	77.231.228.209	71.167.239.183
212.3.198.232	118.28.204.232	189.230.88.207	122.57.57.57
82.159.141.94	39.198.83.89	39.44.6.5	63.65.165.245
49.6.9.236	152.169.214.87	145.116.42.201	73.214.214.63