45.248.94.195 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: India

Internet Service Provider: D-Lax It Services

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	TCP (SYN) 45.248.94.195:58847 -> port 1433, len 44	2020-09-28 05:38:02
attack	20/9/26@16:39:03: FAIL: Alarm-Intrusion address from=45.248.94.195 ...	2020-09-27 21:57:31
attackbotsspam	20/9/26@16:39:03: FAIL: Alarm-Intrusion address from=45.248.94.195 ...	2020-09-27 13:45:10
attackbots	Honeypot attack, port: 445, PTR: undefined.hostname.localhost.	2020-03-31 03:29:54
attackspambots	Honeypot attack, port: 445, PTR: undefined.hostname.localhost.	2020-03-07 03:36:04
attackspam	unauthorized connection attempt	2020-02-03 21:11:03
attackspambots	Unauthorized connection attempt detected from IP address 45.248.94.195 to port 1433 [J]	2020-01-18 17:58:59
attackspam	Honeypot attack, port: 445, PTR: undefined.hostname.localhost.	2019-12-14 21:10:51

Comments on same subnet:

IP	Type	Details	Datetime
45.248.94.21	attack	Unauthorized connection attempt from IP address 45.248.94.21 on Port 445(SMB)	2020-01-25 00:55:10

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.248.94.195
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 21462
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.248.94.195.			IN	A

;; AUTHORITY SECTION:
.			388	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121400 1800 900 604800 86400

;; Query time: 106 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Dec 14 21:10:47 CST 2019
;; MSG SIZE  rcvd: 117

Host info

195.94.248.45.in-addr.arpa domain name pointer undefined.hostname.localhost.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
195.94.248.45.in-addr.arpa	name = undefined.hostname.localhost.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
185.216.140.177	attackspambots	08/02/2019-20:21:35.553772 185.216.140.177 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-08-03 08:24:06
137.135.102.98	attack	Aug 3 03:24:27 yabzik sshd[12893]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=137.135.102.98 Aug 3 03:24:29 yabzik sshd[12893]: Failed password for invalid user blueyes from 137.135.102.98 port 50650 ssh2 Aug 3 03:29:11 yabzik sshd[14503]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=137.135.102.98	2019-08-03 08:44:15
92.62.139.103	attack	k+ssh-bruteforce	2019-08-03 08:46:23
157.122.179.120	attack	Aug 3 03:23:29 localhost sshd[31490]: Invalid user webdata from 157.122.179.120 port 58313 Aug 3 03:23:29 localhost sshd[31490]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.122.179.120 Aug 3 03:23:29 localhost sshd[31490]: Invalid user webdata from 157.122.179.120 port 58313 Aug 3 03:23:31 localhost sshd[31490]: Failed password for invalid user webdata from 157.122.179.120 port 58313 ssh2 ...	2019-08-03 08:42:38
1.170.7.6	attackspambots	2323/tcp [2019-08-02]1pkt	2019-08-03 08:13:52
182.247.74.144	attack	37215/tcp 37215/tcp [2019-08-02]2pkt	2019-08-03 08:36:23
178.17.171.102	attackbots	2019-08-02T15:24:04.782101WS-Zach sshd[25983]: User root from 178.17.171.102 not allowed because none of user's groups are listed in AllowGroups 2019-08-02T15:24:08.400558WS-Zach sshd[26016]: User root from 178.17.171.102 not allowed because none of user's groups are listed in AllowGroups 2019-08-02T15:24:08.411547WS-Zach sshd[26016]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.17.171.102 user=root 2019-08-02T15:24:08.400558WS-Zach sshd[26016]: User root from 178.17.171.102 not allowed because none of user's groups are listed in AllowGroups 2019-08-02T15:24:10.588988WS-Zach sshd[26016]: Failed password for invalid user root from 178.17.171.102 port 60372 ssh2 ...	2019-08-03 08:14:19
179.109.60.106	attackbots	$f2bV_matches	2019-08-03 08:21:39
99.45.149.229	attackbotsspam	...	2019-08-03 08:41:53
42.2.73.146	attack	5555/tcp [2019-08-02]1pkt	2019-08-03 08:43:04
134.209.174.76	attackspambots	ZTE Router Exploit Scanner	2019-08-03 08:12:41
128.199.219.121	attack	SSH Bruteforce @ SigaVPN honeypot	2019-08-03 08:28:37
199.87.154.255	attackspambots	Aug 2 21:23:18 nginx sshd[4647]: Connection from 199.87.154.255 port 44471 on 10.23.102.80 port 22 Aug 2 21:23:25 nginx sshd[4647]: Received disconnect from 199.87.154.255 port 44471:11: bye [preauth]	2019-08-03 08:48:12
178.156.202.76	attack	HTTP SQL Injection Attempt, PTR: smtp.facedori.com.	2019-08-03 08:19:53
94.191.60.199	attack	Automatic report - Banned IP Access	2019-08-03 08:13:12

Recently Reported IPs

83.5.44.58	116.225.24.205	218.94.132.114	175.141.236.235
203.195.248.188	169.95.59.92	122.51.231.49	114.74.9.247
46.38.242.158	121.13.106.139	182.253.22.220	84.21.96.77
147.143.255.28	137.95.26.89	47.187.96.126	190.91.58.227
60.88.243.160	69.197.226.72	252.165.181.49	123.207.61.134