189.103.70.145

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Brazil

运营商(isp): Claro S.A.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Mobile ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/189.103.70.145/ BR - 1H : (75) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : BR NAME ASN : ASN28573 IP : 189.103.70.145 CIDR : 189.103.64.0/19 PREFIX COUNT : 1254 UNIQUE IP COUNT : 9653760 ATTACKS DETECTED ASN28573 : 1H - 2 3H - 3 6H - 5 12H - 6 24H - 7 DateTime : 2019-10-26 22:27:33 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-10-27 05:48:20

类型

评论内容

时间

attack

IP Ban Report :  
 https://help-dysk.pl/wordpress-firewall-plugins/ip/189.103.70.145/ 
 
 BR - 1H : (75)  
 Protection Against DDoS WordPress plugin :  
 "odzyskiwanie danych help-dysk" 
 IP Address Ranges by Country : BR 
 NAME ASN : ASN28573 
 
 IP : 189.103.70.145 
 
 CIDR : 189.103.64.0/19 
 
 PREFIX COUNT : 1254 
 
 UNIQUE IP COUNT : 9653760 
 
 
 ATTACKS DETECTED ASN28573 :  
  1H - 2 
  3H - 3 
  6H - 5 
 12H - 6 
 24H - 7 
 
 DateTime : 2019-10-26 22:27:33 
 
 INFO : Port Scan TELNET Detected and Blocked by ADMIN  - data recovery

2019-10-27 05:48:20

相同子网IP讨论:

IP	类型	评论内容	时间
189.103.70.149	attackspam	Unauthorized connection attempt detected from IP address 189.103.70.149 to port 23	2020-06-29 02:29:29
189.103.70.149	attack	Honeypot attack, port: 81, PTR: bd674695.virtua.com.br.	2020-02-27 14:53:23

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 189.103.70.145
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 64381
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;189.103.70.145.			IN	A

;; AUTHORITY SECTION:
.			471	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019102601 1800 900 604800 86400

;; Query time: 76 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Oct 27 05:48:16 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

145.70.103.189.in-addr.arpa domain name pointer bd674691.virtua.com.br.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
145.70.103.189.in-addr.arpa	name = bd674691.virtua.com.br.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
182.72.150.222	attack	Invalid user xoptimo from 182.72.150.222 port 55244	2019-12-27 21:18:47
37.187.104.135	attackbotsspam	Dec 27 13:09:37 debian64 sshd\[17637\]: Invalid user carlita from 37.187.104.135 port 60282 Dec 27 13:09:37 debian64 sshd\[17637\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.187.104.135 Dec 27 13:09:40 debian64 sshd\[17637\]: Failed password for invalid user carlita from 37.187.104.135 port 60282 ssh2 ...	2019-12-27 20:55:47
61.8.69.98	attackbotsspam	invalid user	2019-12-27 20:41:15
218.92.0.138	attack	pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.138 user=root Failed password for root from 218.92.0.138 port 20107 ssh2 Failed password for root from 218.92.0.138 port 20107 ssh2 Failed password for root from 218.92.0.138 port 20107 ssh2 Failed password for root from 218.92.0.138 port 20107 ssh2	2019-12-27 20:58:06
115.87.233.21	attack	Dec 27 07:21:24 [munged] sshd[19262]: Failed password for root from 115.87.233.21 port 3312 ssh2	2019-12-27 21:13:28
5.196.204.173	attackbotsspam	5.196.204.173 - - \[27/Dec/2019:07:21:15 +0100\] "POST /wp-login.php HTTP/1.0" 200 5707 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 5.196.204.173 - - \[27/Dec/2019:07:21:16 +0100\] "POST /wp-login.php HTTP/1.0" 200 5707 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 5.196.204.173 - - \[27/Dec/2019:07:21:16 +0100\] "POST /xmlrpc.php HTTP/1.0" 200 802 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2019-12-27 21:17:02
113.172.101.2	attack	Dec 27 07:21:15 vpn01 sshd[9867]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.172.101.2 Dec 27 07:21:17 vpn01 sshd[9867]: Failed password for invalid user admin from 113.172.101.2 port 33948 ssh2 ...	2019-12-27 21:17:50
43.252.178.50	attackspambots	$f2bV_matches	2019-12-27 21:01:16
49.68.95.52	attackbots	$f2bV_matches	2019-12-27 20:42:08
92.63.194.81	attackbots	Unauthorized connection attempt detected from IP address 92.63.194.81 to port 1723	2019-12-27 21:02:02
93.171.157.8	attack	Dec 27 07:21:30 vpn01 sshd[9891]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.171.157.8 Dec 27 07:21:32 vpn01 sshd[9891]: Failed password for invalid user admin from 93.171.157.8 port 47835 ssh2 ...	2019-12-27 21:10:05
189.91.239.121	attackspam	5x Failed Password	2019-12-27 20:45:18
81.22.45.219	attackspambots	12/27/2019-13:34:45.171753 81.22.45.219 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-12-27 20:57:18
164.177.42.33	attackbotsspam	$f2bV_matches	2019-12-27 20:56:51
52.142.201.115	attackbots	Invalid user chelliah from 52.142.201.115 port 40434	2019-12-27 21:10:44

最近上报的IP列表

102.165.50.231	77.42.112.156	211.243.244.57	198.71.237.7
5.45.103.254	190.40.174.53	188.173.218.183	83.221.170.153
46.176.129.88	181.64.24.220	211.232.39.8	54.37.79.198
14.46.209.82	178.213.207.191	178.220.250.163	49.81.94.218
216.83.44.203	42.161.46.102	129.226.78.164	149.129.243.158