189.45.42.138 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Brazil

运营商(isp): Sul Americana Tecnologia e Informatica Ltda.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	email spam	2019-12-19 19:22:23
attackbots	email spam	2019-12-17 20:54:40
attackspam	Mail sent to address hacked/leaked from Last.fm	2019-06-23 22:08:09

相同子网IP讨论:

IP	类型	评论内容	时间
189.45.42.242	attack	Unauthorized connection attempt from IP address 189.45.42.242 on Port 445(SMB)	2020-05-24 21:28:23
189.45.42.230	attackbotsspam	Attempt to attack host OS, exploiting network vulnerabilities, on 21-09-2019 22:35:20.	2019-09-22 06:16:06
189.45.42.150	attack	proto=tcp . spt=34011 . dpt=25 . (listed on dnsbl-sorbs abuseat-org barracuda) (756)	2019-09-16 04:51:08
189.45.42.150	attackspambots	SMTP/25/465/587-993/995 Probe, Reject, BadAuth, Hack, SPAM -	2019-09-11 15:54:16
189.45.42.148	attackbots	Aug 26 01:23:13 our-server-hostname postfix/smtpd[6486]: connect from unknown[189.45.42.148] Aug x@x Aug 26 01:23:16 our-server-hostname postfix/smtpd[6486]: lost connection after RCPT from unknown[189.45.42.148] Aug 26 01:23:16 our-server-hostname postfix/smtpd[6486]: disconnect from unknown[189.45.42.148] Aug 26 01:47:47 our-server-hostname postfix/smtpd[12816]: connect from unknown[189.45.42.148] Aug x@x Aug x@x Aug x@x Aug x@x Aug x@x Aug x@x Aug 26 01:47:53 our-server-hostname postfix/smtpd[12816]: lost connection after RCPT from unknown[189.45.42.148] Aug 26 01:47:53 our-server-hostname postfix/smtpd[12816]: disconnect from unknown[189.45.42.148] Aug 26 01:50:10 our-server-hostname postfix/smtpd[10918]: connect from unknown[189.45.42.148] Aug x@x Aug 26 01:50:13 our-server-hostname postfix/smtpd[10918]: lost connection after RCPT from unknown[189.45.42.148] Aug 26 01:50:13 our-server-hostname postfix/smtpd[10918]: disconnect from unknown[189.45.42.148] Aug 26 02:0........ -------------------------------	2019-08-26 10:10:34
189.45.42.149	attack	Jun 19 06:34:32 our-server-hostname postfix/smtpd[371]: connect from unknown[189.45.42.149] Jun x@x Jun x@x Jun x@x Jun x@x Jun 19 06:34:36 our-server-hostname postfix/smtpd[371]: lost connection after RCPT from unknown[189.45.42.149] Jun 19 06:34:36 our-server-hostname postfix/smtpd[371]: disconnect from unknown[189.45.42.149] Jun 19 12:52:50 our-server-hostname postfix/smtpd[25497]: connect from unknown[189.45.42.149] Jun x@x Jun x@x Jun 19 12:52:53 our-server-hostname postfix/smtpd[25497]: lost connection after RCPT from unknown[189.45.42.149] Jun 19 12:52:53 our-server-hostname postfix/smtpd[25497]: disconnect from unknown[189.45.42.149] Jun 19 15:06:27 our-server-hostname postfix/smtpd[22106]: connect from unknown[189.45.42.149] Jun x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun 19 15:06:42 our-server-hostname postfix/smtpd[22106]: lost connection after RCPT fro........ -------------------------------	2019-06-22 17:24:11

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 189.45.42.138
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 42554
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;189.45.42.138.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019062300 1800 900 604800 86400

;; Query time: 4 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Jun 23 22:07:59 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

138.42.45.189.in-addr.arpa domain name pointer 189-45-42-138.static.stech.net.br.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
138.42.45.189.in-addr.arpa	name = 189-45-42-138.static.stech.net.br.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
102.115.225.184	attackbotsspam	2019-12-10T15:58:01.354250abusebot-5.cloudsearch.cf sshd\[25527\]: Invalid user robbie from 102.115.225.184 port 44880	2019-12-11 00:18:44
138.68.242.220	attackbotsspam	Dec 10 17:42:01 server sshd\[14093\]: Invalid user hung from 138.68.242.220 Dec 10 17:42:01 server sshd\[14093\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.242.220 Dec 10 17:42:04 server sshd\[14093\]: Failed password for invalid user hung from 138.68.242.220 port 37954 ssh2 Dec 10 17:53:25 server sshd\[17415\]: Invalid user bnctr from 138.68.242.220 Dec 10 17:53:25 server sshd\[17415\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.242.220 ...	2019-12-11 00:17:46
222.127.101.155	attack	Dec 10 06:10:51 eddieflores sshd\[10758\]: Invalid user reno from 222.127.101.155 Dec 10 06:10:51 eddieflores sshd\[10758\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.127.101.155 Dec 10 06:10:53 eddieflores sshd\[10758\]: Failed password for invalid user reno from 222.127.101.155 port 51224 ssh2 Dec 10 06:17:42 eddieflores sshd\[11436\]: Invalid user gv from 222.127.101.155 Dec 10 06:17:42 eddieflores sshd\[11436\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.127.101.155	2019-12-11 00:45:17
61.175.194.90	attackbots	Too many connections or unauthorized access detected from Arctic banned ip	2019-12-11 00:23:01
144.217.85.239	attackspambots	Unauthorized connection attempt detected from IP address 144.217.85.239 to port 3705	2019-12-11 00:53:01
177.190.74.42	attack	SIP/5060 Probe, BF, Hack -	2019-12-11 00:43:24
106.51.80.119	attack	Unauthorized connection attempt detected from IP address 106.51.80.119 to port 445	2019-12-11 00:25:34
175.149.70.106	attackbots	SIP/5060 Probe, BF, Hack -	2019-12-11 00:56:32
218.92.0.175	attackbots	Dec 10 17:29:46 MK-Soft-VM7 sshd[2161]: Failed password for root from 218.92.0.175 port 27996 ssh2 Dec 10 17:29:51 MK-Soft-VM7 sshd[2161]: Failed password for root from 218.92.0.175 port 27996 ssh2 ...	2019-12-11 00:30:03
106.12.74.222	attackbotsspam	$f2bV_matches	2019-12-11 00:44:17
5.178.217.227	attackbotsspam	proto=tcp . spt=33903 . dpt=25 . (Found on Dark List de Dec 10) (784)	2019-12-11 00:13:24
92.119.160.143	attackbots	Fail2Ban Ban Triggered	2019-12-11 00:21:42
197.248.16.118	attack	2019-12-10T16:21:01.607428abusebot-7.cloudsearch.cf sshd\[30641\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.248.16.118 user=lp	2019-12-11 00:24:35
177.222.253.22	attack	SIP/5060 Probe, BF, Hack -	2019-12-11 00:25:06
212.83.161.219	attackspam	Spam investment email	2019-12-11 00:24:11

最近上报的IP列表

156.211.170.206	203.195.130.124	198.46.166.45	1.190.161.247
67.205.162.85	202.80.112.94	208.66.72.242	107.173.78.116
81.18.146.89	213.226.79.162	191.53.200.63	191.53.199.151
119.2.17.138	107.175.230.238	105.155.250.60	103.85.95.5
91.181.238.14	82.166.139.74	80.211.53.107	77.252.61.133