189.54.113.40 - IPInfo

基本信息:

城市(city): Diadema

省份(region): Sao Paulo

国家(country): Brazil

运营商(isp): Claro

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 189.54.113.40
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 28282
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;189.54.113.40.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025021301 1800 900 604800 86400

;; Query time: 17 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 14 08:03:13 CST 2025
;; MSG SIZE  rcvd: 106

HOST信息:

40.113.54.189.in-addr.arpa domain name pointer bd367128.virtua.com.br.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
40.113.54.189.in-addr.arpa	name = bd367128.virtua.com.br.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
51.77.150.118	attackspam	2020-08-21T13:52:13.954369randservbullet-proofcloud-66.localdomain sshd[16468]: Invalid user tunel from 51.77.150.118 port 59818 2020-08-21T13:52:13.958918randservbullet-proofcloud-66.localdomain sshd[16468]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.ip-51-77-150.eu 2020-08-21T13:52:13.954369randservbullet-proofcloud-66.localdomain sshd[16468]: Invalid user tunel from 51.77.150.118 port 59818 2020-08-21T13:52:15.674260randservbullet-proofcloud-66.localdomain sshd[16468]: Failed password for invalid user tunel from 51.77.150.118 port 59818 ssh2 ...	2020-08-22 01:07:48
103.14.209.68	attackbots	Lines containing failures of 103.14.209.68 Aug 21 13:58:43 v2hgb postfix/smtpd[2870]: connect from cook.vinyavidedu.com[103.14.209.68] Aug x@x Aug 21 13:58:44 v2hgb postfix/smtpd[2870]: disconnect from cook.vinyavidedu.com[103.14.209.68] ehlo=1 mail=1 rcpt=0/1 quhostname=1 commands=3/4 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=103.14.209.68	2020-08-22 00:54:27
185.42.229.115	attack	Unauthorized connection attempt from IP address 185.42.229.115 on Port 445(SMB)	2020-08-22 01:07:17
61.83.90.240	attackbots	2020-08-21 06:53:20.585467-0500 localhost smtpd[92968]: NOQUEUE: reject: RCPT from unknown[61.83.90.240]: 554 5.7.1 Service unavailable; Client host [61.83.90.240] blocked using zen.spamhaus.org; https://www.spamhaus.org/sbl/query/SBLCSS / https://www.spamhaus.org/query/ip/61.83.90.240; from= to= proto=ESMTP helo=<[61.83.90.240]>	2020-08-22 01:27:49
202.165.207.108	attack	Unauthorized connection attempt from IP address 202.165.207.108 on Port 445(SMB)	2020-08-22 01:34:34
77.103.207.152	attackspambots	Brute-force attempt banned	2020-08-22 01:25:04
185.14.251.4	attackspam	srvr1: (mod_security) mod_security (id:942100) triggered by 185.14.251.4 (IQ/-/-): 1 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/08/21 12:02:59 [error] 482759#0: 840293 [client 185.14.251.4] ModSecurity: Access denied with code 406 (phase 2). [file "/etc/modsecurity.d/REQUEST-942-APPLICATION-ATTACK-SQLI.conf"] [line "45"] [id "942100"] [rev ""] [msg ""] [redacted] [severity "0"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-sqli"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/152/248/66"] [tag "PCI/6.5.2"] [redacted] [uri "/forum/viewthread.php"] [unique_id "159801137987.153806"] [ref ""], client: 185.14.251.4, [redacted] request: "GET /forum/viewthread.php?thread_id=1122%27+OR+++%275667%27+%3D+%270%27 HTTP/1.1" [redacted]	2020-08-22 01:29:01
112.199.95.43	attackspambots	2020-08-21 06:54:22.872002-0500 localhost smtpd[93110]: NOQUEUE: reject: RCPT from unknown[112.199.95.43]: 554 5.7.1 Service unavailable; Client host [112.199.95.43] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/112.199.95.43; from= to= proto=ESMTP helo=<43.95.199.112.clbrz.static.inet.eastern-tele.com>	2020-08-22 01:24:18
83.169.197.13	attack	Unauthorized connection attempt from IP address 83.169.197.13 on Port 445(SMB)	2020-08-22 01:13:07
78.187.137.154	attack	Unauthorized connection attempt from IP address 78.187.137.154 on Port 445(SMB)	2020-08-22 01:04:51
45.254.33.16	attackspambots	2020-08-21 06:53:51.850176-0500 localhost smtpd[93110]: NOQUEUE: reject: RCPT from unknown[45.254.33.16]: 554 5.7.1 Service unavailable; Client host [45.254.33.16] blocked using zen.spamhaus.org; https://www.spamhaus.org/sbl/query/SBLCSS; from= to= proto=ESMTP helo=<00fd8723.asianbea.buzz>	2020-08-22 01:25:38
183.82.34.31	attackbots	Unauthorized connection attempt from IP address 183.82.34.31 on Port 445(SMB)	2020-08-22 00:55:21
138.99.6.184	attack	Multiple SSH authentication failures from 138.99.6.184	2020-08-22 01:01:30
123.16.80.106	attack	Automatic report - Port Scan Attack	2020-08-22 01:16:15
162.243.50.8	attackbotsspam	Aug 21 21:03:59 dhoomketu sshd[2550985]: Invalid user yan from 162.243.50.8 port 47040 Aug 21 21:03:59 dhoomketu sshd[2550985]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.50.8 Aug 21 21:03:59 dhoomketu sshd[2550985]: Invalid user yan from 162.243.50.8 port 47040 Aug 21 21:04:01 dhoomketu sshd[2550985]: Failed password for invalid user yan from 162.243.50.8 port 47040 ssh2 Aug 21 21:08:10 dhoomketu sshd[2551051]: Invalid user ts3 from 162.243.50.8 port 50535 ...	2020-08-22 00:51:33

最近上报的IP列表

161.65.150.123	206.63.181.44	153.145.237.128	244.81.184.216
16.52.165.201	224.95.187.227	139.66.45.230	160.211.139.135
85.87.108.63	156.100.192.65	168.236.151.183	29.209.216.196
7.158.239.199	138.231.182.235	114.171.197.205	109.29.93.171
44.175.204.134	157.32.143.131	175.9.78.221	159.50.57.223