189.45.42.138 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Brazil

运营商(isp): Sul Americana Tecnologia e Informatica Ltda.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	email spam	2019-12-19 19:22:23
attackbots	email spam	2019-12-17 20:54:40
attackspam	Mail sent to address hacked/leaked from Last.fm	2019-06-23 22:08:09

相同子网IP讨论:

IP	类型	评论内容	时间
189.45.42.242	attack	Unauthorized connection attempt from IP address 189.45.42.242 on Port 445(SMB)	2020-05-24 21:28:23
189.45.42.230	attackbotsspam	Attempt to attack host OS, exploiting network vulnerabilities, on 21-09-2019 22:35:20.	2019-09-22 06:16:06
189.45.42.150	attack	proto=tcp . spt=34011 . dpt=25 . (listed on dnsbl-sorbs abuseat-org barracuda) (756)	2019-09-16 04:51:08
189.45.42.150	attackspambots	SMTP/25/465/587-993/995 Probe, Reject, BadAuth, Hack, SPAM -	2019-09-11 15:54:16
189.45.42.148	attackbots	Aug 26 01:23:13 our-server-hostname postfix/smtpd[6486]: connect from unknown[189.45.42.148] Aug x@x Aug 26 01:23:16 our-server-hostname postfix/smtpd[6486]: lost connection after RCPT from unknown[189.45.42.148] Aug 26 01:23:16 our-server-hostname postfix/smtpd[6486]: disconnect from unknown[189.45.42.148] Aug 26 01:47:47 our-server-hostname postfix/smtpd[12816]: connect from unknown[189.45.42.148] Aug x@x Aug x@x Aug x@x Aug x@x Aug x@x Aug x@x Aug 26 01:47:53 our-server-hostname postfix/smtpd[12816]: lost connection after RCPT from unknown[189.45.42.148] Aug 26 01:47:53 our-server-hostname postfix/smtpd[12816]: disconnect from unknown[189.45.42.148] Aug 26 01:50:10 our-server-hostname postfix/smtpd[10918]: connect from unknown[189.45.42.148] Aug x@x Aug 26 01:50:13 our-server-hostname postfix/smtpd[10918]: lost connection after RCPT from unknown[189.45.42.148] Aug 26 01:50:13 our-server-hostname postfix/smtpd[10918]: disconnect from unknown[189.45.42.148] Aug 26 02:0........ -------------------------------	2019-08-26 10:10:34
189.45.42.149	attack	Jun 19 06:34:32 our-server-hostname postfix/smtpd[371]: connect from unknown[189.45.42.149] Jun x@x Jun x@x Jun x@x Jun x@x Jun 19 06:34:36 our-server-hostname postfix/smtpd[371]: lost connection after RCPT from unknown[189.45.42.149] Jun 19 06:34:36 our-server-hostname postfix/smtpd[371]: disconnect from unknown[189.45.42.149] Jun 19 12:52:50 our-server-hostname postfix/smtpd[25497]: connect from unknown[189.45.42.149] Jun x@x Jun x@x Jun 19 12:52:53 our-server-hostname postfix/smtpd[25497]: lost connection after RCPT from unknown[189.45.42.149] Jun 19 12:52:53 our-server-hostname postfix/smtpd[25497]: disconnect from unknown[189.45.42.149] Jun 19 15:06:27 our-server-hostname postfix/smtpd[22106]: connect from unknown[189.45.42.149] Jun x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun 19 15:06:42 our-server-hostname postfix/smtpd[22106]: lost connection after RCPT fro........ -------------------------------	2019-06-22 17:24:11

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 189.45.42.138
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 42554
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;189.45.42.138.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019062300 1800 900 604800 86400

;; Query time: 4 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Jun 23 22:07:59 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

138.42.45.189.in-addr.arpa domain name pointer 189-45-42-138.static.stech.net.br.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
138.42.45.189.in-addr.arpa	name = 189-45-42-138.static.stech.net.br.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
222.186.173.183	attackspambots	Jan 23 08:09:03 php1 sshd\[2074\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.183 user=root Jan 23 08:09:05 php1 sshd\[2074\]: Failed password for root from 222.186.173.183 port 60846 ssh2 Jan 23 08:09:20 php1 sshd\[2238\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.183 user=root Jan 23 08:09:22 php1 sshd\[2238\]: Failed password for root from 222.186.173.183 port 7276 ssh2 Jan 23 08:09:41 php1 sshd\[2250\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.183 user=root	2020-01-24 02:10:21
94.191.28.110	attackspambots	Unauthorized connection attempt detected from IP address 94.191.28.110 to port 2220 [J]	2020-01-24 02:13:48
217.173.253.102	attackbotsspam	Spam	2020-01-24 01:46:17
202.22.145.59	attackspambots	(imapd) Failed IMAP login from 202.22.145.59 (NC/New Caledonia/mail.groupegrand.nc): 1 in the last 3600 secs	2020-01-24 02:03:16
185.209.0.90	attackbotsspam	01/23/2020-13:11:43.331480 185.209.0.90 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2020-01-24 02:18:10
78.190.5.111	attack	Lines containing failures of 78.190.5.111 Jan 23 17:03:36 shared02 sshd[15364]: Invalid user test from 78.190.5.111 port 27720 Jan 23 17:03:36 shared02 sshd[15364]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=78.190.5.111 Jan 23 17:03:38 shared02 sshd[15364]: Failed password for invalid user test from 78.190.5.111 port 27720 ssh2 Jan 23 17:03:38 shared02 sshd[15364]: Connection closed by invalid user test 78.190.5.111 port 27720 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=78.190.5.111	2020-01-24 01:52:07
180.249.203.67	attackbots	1579795687 - 01/23/2020 17:08:07 Host: 180.249.203.67/180.249.203.67 Port: 445 TCP Blocked	2020-01-24 02:17:17
45.117.176.23	attack	Jan 23 07:48:50 php1 sshd\[22631\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.117.176.23 user=root Jan 23 07:48:52 php1 sshd\[22631\]: Failed password for root from 45.117.176.23 port 54542 ssh2 Jan 23 07:52:38 php1 sshd\[23077\]: Invalid user victor from 45.117.176.23 Jan 23 07:52:38 php1 sshd\[23077\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.117.176.23 Jan 23 07:52:41 php1 sshd\[23077\]: Failed password for invalid user victor from 45.117.176.23 port 55840 ssh2	2020-01-24 02:02:45
110.255.241.214	attackspambots	IP was detected trying to Brute-Force SSH, FTP, Web Apps, Port-Scan or Hacking.	2020-01-24 01:58:16
200.46.57.50	attackspam	20/1/23@11:08:17: FAIL: Alarm-Network address from=200.46.57.50 ...	2020-01-24 02:10:36
45.124.169.26	attackbotsspam	IP was detected trying to Brute-Force SSH, FTP, Web Apps, Port-Scan or Hacking.	2020-01-24 02:17:01
222.186.180.142	attackbotsspam	$f2bV_matches	2020-01-24 01:44:27
113.125.108.13	attackspam	$f2bV_matches	2020-01-24 01:40:44
112.85.42.186	attackspambots	Jan 23 23:26:24 areeb-Workstation sshd[27875]: Failed password for root from 112.85.42.186 port 47742 ssh2 Jan 23 23:26:27 areeb-Workstation sshd[27875]: Failed password for root from 112.85.42.186 port 47742 ssh2 ...	2020-01-24 02:18:58
157.245.195.138	attackspam	Unauthorized connection attempt detected from IP address 157.245.195.138 to port 2220 [J]	2020-01-24 01:57:33

最近上报的IP列表

156.211.170.206	203.195.130.124	198.46.166.45	1.190.161.247
67.205.162.85	202.80.112.94	208.66.72.242	107.173.78.116
81.18.146.89	213.226.79.162	191.53.200.63	191.53.199.151
119.2.17.138	107.175.230.238	105.155.250.60	103.85.95.5
91.181.238.14	82.166.139.74	80.211.53.107	77.252.61.133