45.61.142.112 - IPInfo

Basic Info

City: New York

Region: New York

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
45.61.142.129	attack	UDP 45.61.142.129:10668 -> port 161, len 85	2020-08-13 04:06:13
45.61.142.93	attack	45.61.142.93 - - [04/Aug/2020:05:20:31 -0400] "GET /welcome/images/about.png HTTP/1.1" 304 - "https://ghostgamingvpn.io/welcome/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 45.61.142.93 - - [04/Aug/2020:05:20:31 -0400] "GET /welcome/images/team-7.jpg HTTP/1.1" 304 - "https://ghostgamingvpn.io/welcome/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 45.61.142.93 - - [04/Aug/2020:05:20:31 -0400] "GET /welcome/images/team-1.jpg HTTP/1.1" 304 - "https://ghostgamingvpn.io/welcome/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 45.61.142.93 - - [04/Aug/2020:05:20:31 -0400] "GET /welcome/images/accepted-worldwide.svg HTTP/1.1" 304 - "https://ghostgamingvpn.io/welcome/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/5 ...	2020-08-05 00:42:33
45.61.142.140	attackspam	SYN FLOOD ATTACK SINCE YESTERDAY 07/10/2020-10:50:06.783825 [] [1:2210023:2] SURICATA STREAM ESTABLISHED SYNACK resend with different ACK [] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} ***:80 -> 45.61.142.140:9978 07/10/2020-10:50:10.816101 [] [1:2210023:2] SURICATA STREAM ESTABLISHED SYNACK resend with different ACK [] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} ***:80 -> 45.61.142.140:9978	2020-07-10 15:58:49
45.61.142.32	attack	Hacking	2020-07-01 09:31:04

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.61.142.112
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 41825
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.61.142.112.			IN	A

;; AUTHORITY SECTION:
.			126	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020121300 1800 900 604800 86400

;; Query time: 28 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Dec 13 16:36:21 CST 2020
;; MSG SIZE  rcvd: 117

Host info

112.142.61.45.in-addr.arpa domain name pointer unassigned.octosec.io.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
112.142.61.45.in-addr.arpa	name = unassigned.octosec.io.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
59.95.130.141	attackbotsspam	Automatic report - Port Scan Attack	2020-08-02 16:41:19
190.78.178.217	attackspambots	Icarus honeypot on github	2020-08-02 17:05:37
142.93.60.53	attackbots	Invalid user yanzihan from 142.93.60.53 port 60788	2020-08-02 16:54:14
51.15.242.244	attack	Telnet/23 MH Probe, Scan, BF, Hack -	2020-08-02 16:39:09
23.152.32.242	attackbotsspam	Unauthorized connection attempt detected from IP address 23.152.32.242 to port 80	2020-08-02 17:14:15
106.38.33.70	attackspambots	Aug 2 15:30:42 webhost01 sshd[29307]: Failed password for root from 106.38.33.70 port 58202 ssh2 ...	2020-08-02 16:45:18
181.30.8.146	attackbotsspam	Aug 2 08:00:39 santamaria sshd\[19149\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.30.8.146 user=root Aug 2 08:00:41 santamaria sshd\[19149\]: Failed password for root from 181.30.8.146 port 56726 ssh2 Aug 2 08:06:59 santamaria sshd\[19244\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.30.8.146 user=root ...	2020-08-02 16:50:06
138.197.171.79	attack	Aug 2 10:20:14 gw1 sshd[1079]: Failed password for root from 138.197.171.79 port 44006 ssh2 ...	2020-08-02 17:01:57
45.141.84.94	attackspambots	Aug 2 10:33:36 debian-2gb-nbg1-2 kernel: \[18615692.571001\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.141.84.94 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=38541 PROTO=TCP SPT=43451 DPT=4790 WINDOW=1024 RES=0x00 SYN URGP=0	2020-08-02 16:44:00
156.96.117.200	attackbotsspam	SIPVicious Scanner Detection	2020-08-02 16:56:47
80.211.0.239	attackbots	Invalid user gazelle12 from 80.211.0.239 port 60774	2020-08-02 16:59:46
80.82.78.82	attackbotsspam	08/02/2020-04:30:36.273276 80.82.78.82 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-08-02 16:37:37
134.209.102.130	attackspam	Hits on port : 6000 30022	2020-08-02 17:09:25
117.89.12.194	attack	Lines containing failures of 117.89.12.194 (max 1000) Jul 27 16:06:02 HOSTNAME sshd[3153]: Invalid user hongru from 117.89.12.194 port 53533 Jul 27 16:06:02 HOSTNAME sshd[3153]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.89.12.194 Jul 27 16:06:04 HOSTNAME sshd[3153]: Failed password for invalid user hongru from 117.89.12.194 port 53533 ssh2 Jul 27 16:06:04 HOSTNAME sshd[3153]: Received disconnect from 117.89.12.194 port 53533:11: Bye Bye [preauth] Jul 27 16:06:04 HOSTNAME sshd[3153]: Disconnected from 117.89.12.194 port 53533 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=117.89.12.194	2020-08-02 16:36:36
101.99.90.7	attackspam	Jul 31 11:37:39 host2 sshd[19756]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.99.90.7 user=r.r Jul 31 11:37:42 host2 sshd[19756]: Failed password for r.r from 101.99.90.7 port 48644 ssh2 Jul 31 11:37:42 host2 sshd[19756]: Received disconnect from 101.99.90.7: 11: Bye Bye [preauth] Jul 31 11:52:26 host2 sshd[10636]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.99.90.7 user=r.r Jul 31 11:52:29 host2 sshd[10636]: Failed password for r.r from 101.99.90.7 port 53184 ssh2 Jul 31 11:52:29 host2 sshd[10636]: Received disconnect from 101.99.90.7: 11: Bye Bye [preauth] Jul 31 11:58:32 host2 sshd[32068]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.99.90.7 user=r.r Jul 31 11:58:35 host2 sshd[32068]: Failed password for r.r from 101.99.90.7 port 33182 ssh2 Jul 31 11:58:35 host2 sshd[32068]: Received disconnect from 101.99.90.7: 11: Bye By........ -------------------------------	2020-08-02 17:01:28

Recently Reported IPs

138.97.225.27	87.214.62.70	51.222.56.132	108.243.192.31
139.228.66.56	86.248.185.67	196.158.13.252	49.88.64.181
172.4.5.152	14.160.222.151	178.76.194.86	35.158.232.97
106.206.0.181	180.248.120.205	14.193.34.168	109.194.163.249
213.178.34.202	118.100.178.199	92.46.71.210	185.65.135.252