45.61.142.121 - IPInfo

Basic Info

City: New York

Region: New York

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
45.61.142.129	attack	UDP 45.61.142.129:10668 -> port 161, len 85	2020-08-13 04:06:13
45.61.142.93	attack	45.61.142.93 - - [04/Aug/2020:05:20:31 -0400] "GET /welcome/images/about.png HTTP/1.1" 304 - "https://ghostgamingvpn.io/welcome/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 45.61.142.93 - - [04/Aug/2020:05:20:31 -0400] "GET /welcome/images/team-7.jpg HTTP/1.1" 304 - "https://ghostgamingvpn.io/welcome/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 45.61.142.93 - - [04/Aug/2020:05:20:31 -0400] "GET /welcome/images/team-1.jpg HTTP/1.1" 304 - "https://ghostgamingvpn.io/welcome/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 45.61.142.93 - - [04/Aug/2020:05:20:31 -0400] "GET /welcome/images/accepted-worldwide.svg HTTP/1.1" 304 - "https://ghostgamingvpn.io/welcome/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/5 ...	2020-08-05 00:42:33
45.61.142.140	attackspam	SYN FLOOD ATTACK SINCE YESTERDAY 07/10/2020-10:50:06.783825 [] [1:2210023:2] SURICATA STREAM ESTABLISHED SYNACK resend with different ACK [] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} ***:80 -> 45.61.142.140:9978 07/10/2020-10:50:10.816101 [] [1:2210023:2] SURICATA STREAM ESTABLISHED SYNACK resend with different ACK [] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} ***:80 -> 45.61.142.140:9978	2020-07-10 15:58:49
45.61.142.32	attack	Hacking	2020-07-01 09:31:04

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.61.142.121
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10769
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.61.142.121.			IN	A

;; AUTHORITY SECTION:
.			520	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020091602 1800 900 604800 86400

;; Query time: 62 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Sep 17 09:15:39 CST 2020
;; MSG SIZE  rcvd: 117

Host info

121.142.61.45.in-addr.arpa domain name pointer Cynical.Online.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
121.142.61.45.in-addr.arpa	name = Cynical.Online.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
138.197.213.227	attackspambots	Jun 1 00:33:19 journals sshd\[66758\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.213.227 user=root Jun 1 00:33:21 journals sshd\[66758\]: Failed password for root from 138.197.213.227 port 40584 ssh2 Jun 1 00:36:54 journals sshd\[67041\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.213.227 user=root Jun 1 00:36:56 journals sshd\[67041\]: Failed password for root from 138.197.213.227 port 46030 ssh2 Jun 1 00:40:41 journals sshd\[67501\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.213.227 user=root ...	2020-06-01 05:52:32
222.186.173.215	attackbots	May 31 08:42:40 Tower sshd[14545]: refused connect from 112.85.42.176 (112.85.42.176) May 31 17:30:59 Tower sshd[14545]: Connection from 222.186.173.215 port 13498 on 192.168.10.220 port 22 rdomain "" May 31 17:31:00 Tower sshd[14545]: Failed password for root from 222.186.173.215 port 13498 ssh2 May 31 17:31:02 Tower sshd[14545]: Received disconnect from 222.186.173.215 port 13498:11: [preauth] May 31 17:31:02 Tower sshd[14545]: Disconnected from authenticating user root 222.186.173.215 port 13498 [preauth]	2020-06-01 05:33:16
190.151.50.214	attackbotsspam	port scan and connect, tcp 1433 (ms-sql-s)	2020-06-01 05:55:02
189.90.114.58	attack	SSH bruteforce	2020-06-01 06:05:56
159.65.174.81	attackspam	Port Scan detected! ...	2020-06-01 05:52:19
51.38.188.101	attackbotsspam	2020-05-31T20:25:13.435133homeassistant sshd[8804]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.188.101 user=root 2020-05-31T20:25:15.295770homeassistant sshd[8804]: Failed password for root from 51.38.188.101 port 36320 ssh2 ...	2020-06-01 06:07:24
124.207.98.213	attackbots	May 31 18:29:02 firewall sshd[15978]: Failed password for root from 124.207.98.213 port 19777 ssh2 May 31 18:31:57 firewall sshd[16114]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.207.98.213 user=root May 31 18:31:59 firewall sshd[16114]: Failed password for root from 124.207.98.213 port 15347 ssh2 ...	2020-06-01 06:04:59
5.2.188.23	attack	5.2.188.23 - - [31/May/2020:22:25:55 +0200] "POST /xmlrpc.php HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:68.0) Gecko/20100101 Firefox/68.0" 5.2.188.23 - - [31/May/2020:22:25:56 +0200] "POST /xmlrpc.php HTTP/1.1" 403 613 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:68.0) Gecko/20100101 Firefox/68.0" ...	2020-06-01 05:31:31
148.70.102.69	attackspam	May 31 17:34:44 NPSTNNYC01T sshd[2344]: Failed password for root from 148.70.102.69 port 51666 ssh2 May 31 17:38:47 NPSTNNYC01T sshd[2778]: Failed password for root from 148.70.102.69 port 39766 ssh2 ...	2020-06-01 05:56:59
115.84.91.189	attackspam	(imapd) Failed IMAP login from 115.84.91.189 (LA/Laos/-): 1 in the last 3600 secs	2020-06-01 05:34:39
222.186.175.148	attackspambots	May 31 23:55:56 abendstille sshd\[26161\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.148 user=root May 31 23:55:57 abendstille sshd\[26165\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.148 user=root May 31 23:55:59 abendstille sshd\[26161\]: Failed password for root from 222.186.175.148 port 27182 ssh2 May 31 23:55:59 abendstille sshd\[26165\]: Failed password for root from 222.186.175.148 port 19356 ssh2 May 31 23:56:02 abendstille sshd\[26161\]: Failed password for root from 222.186.175.148 port 27182 ssh2 ...	2020-06-01 05:59:37
212.64.12.236	attackspam	May 31 23:55:13 MainVPS sshd[11121]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.12.236 user=root May 31 23:55:15 MainVPS sshd[11121]: Failed password for root from 212.64.12.236 port 38504 ssh2 May 31 23:57:25 MainVPS sshd[13359]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.12.236 user=root May 31 23:57:27 MainVPS sshd[13359]: Failed password for root from 212.64.12.236 port 35974 ssh2 May 31 23:59:44 MainVPS sshd[15379]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.12.236 user=root May 31 23:59:46 MainVPS sshd[15379]: Failed password for root from 212.64.12.236 port 33444 ssh2 ...	2020-06-01 05:59:53
1.179.137.10	attackbots	May 31 22:18:50 MainVPS sshd[20097]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.179.137.10 user=root May 31 22:18:52 MainVPS sshd[20097]: Failed password for root from 1.179.137.10 port 38383 ssh2 May 31 22:22:27 MainVPS sshd[23132]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.179.137.10 user=root May 31 22:22:30 MainVPS sshd[23132]: Failed password for root from 1.179.137.10 port 37482 ssh2 May 31 22:25:49 MainVPS sshd[26044]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.179.137.10 user=root May 31 22:25:51 MainVPS sshd[26044]: Failed password for root from 1.179.137.10 port 36584 ssh2 ...	2020-06-01 05:36:31
180.166.141.58	attackspambots	May 31 23:45:43 debian-2gb-nbg1-2 kernel: \[13220318.355339\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=180.166.141.58 DST=195.201.40.59 LEN=40 TOS=0x08 PREC=0x00 TTL=237 ID=3736 PROTO=TCP SPT=50029 DPT=14377 WINDOW=1024 RES=0x00 SYN URGP=0	2020-06-01 05:58:21
218.22.170.29	attackspambots	DATE:2020-05-31 22:25:23, IP:218.22.170.29, PORT:1433 MSSQL brute force auth on honeypot server (honey-neo-dc)	2020-06-01 06:00:26

Recently Reported IPs

121.32.30.242	105.81.208.102	59.99.232.130	75.240.139.97
117.37.239.201	98.103.120.240	30.91.57.97	115.57.245.61
113.140.224.118	95.20.97.145	216.104.85.41	76.14.239.215
71.149.208.199	68.242.160.7	152.192.24.130	71.1.68.117
116.237.61.73	75.224.223.129	114.199.231.15	124.233.21.71