45.121.43.226 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Indonesia

运营商(isp): PT Fajar Techno System

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Commercial

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	email spam	2019-12-19 18:41:40
attackspam	proto=tcp . spt=42314 . dpt=25 . (listed on Github Combined on 3 lists ) (462)	2019-07-14 00:09:30

相同子网IP讨论:

IP	类型	评论内容	时间
45.121.43.21	attackspambots	Unauthorized connection attempt detected from IP address 45.121.43.21 to port 23	2020-01-01 23:40:05
45.121.43.4	attack	A spam email was sent from this SMTP server. This kind of spam emails had the following features.: - They attempted to camouflage the SMTP server with a KDDI's legitimate server. - The domain of URLs in the messages was best-self.info (103.212.223.59).	2019-11-17 06:01:31
45.121.43.21	attackspambots	email spam	2019-11-05 22:13:22

类型

评论内容

时间

45.121.43.21

attackspambots

Unauthorized connection attempt detected from IP address 45.121.43.21 to port 23

2020-01-01 23:40:05

45.121.43.4

attack

A spam email was sent from this SMTP server. This kind of spam emails had the following features.:
- They attempted to camouflage the SMTP server with a KDDI's legitimate server. 
- The domain of URLs in the messages was best-self.info (103.212.223.59).

2019-11-17 06:01:31

45.121.43.21

attackspambots

email spam

2019-11-05 22:13:22

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.121.43.226
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 26113
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.121.43.226.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019052800 1800 900 604800 86400

;; Query time: 4 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue May 28 17:06:51 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 226.43.121.45.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 226.43.121.45.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
31.170.49.7	attack	Automatic report - Port Scan Attack	2020-09-14 20:15:23
213.230.110.89	attackspambots	2020-09-14T09:46:42+0200 Failed SSH Authentication/Brute Force Attack. (Server 9)	2020-09-14 20:09:49
193.169.255.46	attackbotsspam	Sep 14 11:13:27 ns308116 postfix/smtpd[32703]: warning: unknown[193.169.255.46]: SASL LOGIN authentication failed: authentication failure Sep 14 11:13:27 ns308116 postfix/smtpd[32703]: warning: unknown[193.169.255.46]: SASL LOGIN authentication failed: authentication failure Sep 14 11:13:27 ns308116 postfix/smtpd[1257]: warning: unknown[193.169.255.46]: SASL LOGIN authentication failed: authentication failure Sep 14 11:13:27 ns308116 postfix/smtpd[1257]: warning: unknown[193.169.255.46]: SASL LOGIN authentication failed: authentication failure Sep 14 11:13:27 ns308116 postfix/smtpd[1259]: warning: unknown[193.169.255.46]: SASL LOGIN authentication failed: authentication failure Sep 14 11:13:27 ns308116 postfix/smtpd[1259]: warning: unknown[193.169.255.46]: SASL LOGIN authentication failed: authentication failure ...	2020-09-14 19:42:14
13.75.92.25	attack	(smtpauth) Failed SMTP AUTH login from 13.75.92.25 (HK/Hong Kong/-): 5 in the last 3600 secs	2020-09-14 19:54:09
51.83.42.108	attack	Bruteforce detected by fail2ban	2020-09-14 20:23:12
77.121.92.243	attackbots	RDP Bruteforce	2020-09-14 20:07:31
189.91.5.42	attack	Sep 13 18:29:11 mail.srvfarm.net postfix/smtpd[1231911]: warning: unknown[189.91.5.42]: SASL PLAIN authentication failed: Sep 13 18:29:11 mail.srvfarm.net postfix/smtpd[1231911]: lost connection after AUTH from unknown[189.91.5.42] Sep 13 18:30:22 mail.srvfarm.net postfix/smtpd[1214684]: warning: unknown[189.91.5.42]: SASL PLAIN authentication failed: Sep 13 18:30:23 mail.srvfarm.net postfix/smtpd[1214684]: lost connection after AUTH from unknown[189.91.5.42] Sep 13 18:30:41 mail.srvfarm.net postfix/smtpd[1232278]: warning: unknown[189.91.5.42]: SASL PLAIN authentication failed:	2020-09-14 19:42:44
46.161.27.75	attackspambots	TCP (SYN) 46.161.27.75:40536 -> port 5556, len 44	2020-09-14 20:12:12
109.196.240.63	attackbots	Sep 13 18:02:49 mail.srvfarm.net postfix/smtpd[1217748]: warning: ip-109-196-240-63.static.system77.pl[109.196.240.63]: SASL PLAIN authentication failed: Sep 13 18:02:49 mail.srvfarm.net postfix/smtpd[1217748]: lost connection after AUTH from ip-109-196-240-63.static.system77.pl[109.196.240.63] Sep 13 18:04:59 mail.srvfarm.net postfix/smtpd[1214559]: warning: ip-109-196-240-63.static.system77.pl[109.196.240.63]: SASL PLAIN authentication failed: Sep 13 18:04:59 mail.srvfarm.net postfix/smtpd[1214559]: lost connection after AUTH from ip-109-196-240-63.static.system77.pl[109.196.240.63] Sep 13 18:06:44 mail.srvfarm.net postfix/smtps/smtpd[1228782]: warning: ip-109-196-240-63.static.system77.pl[109.196.240.63]: SASL PLAIN authentication failed:	2020-09-14 19:47:38
113.116.207.111	attackspam	Email spam message	2020-09-14 20:13:05
58.230.147.230	attackspam	Sep 14 14:01:03 ourumov-web sshd\[19112\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.230.147.230 user=root Sep 14 14:01:06 ourumov-web sshd\[19112\]: Failed password for root from 58.230.147.230 port 57354 ssh2 Sep 14 14:02:32 ourumov-web sshd\[19206\]: Invalid user squid from 58.230.147.230 port 40078 ...	2020-09-14 20:17:57
186.250.203.144	attack	(smtpauth) Failed SMTP AUTH login from 186.250.203.144 (BR/Brazil/186-250-203-144.ibl.com.br): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-09-13 22:00:48 plain authenticator failed for ([186.250.203.144]) [186.250.203.144]: 535 Incorrect authentication data (set_id=int)	2020-09-14 19:43:07
196.0.117.110	attackspambots	Sep 13 17:56:23 mail.srvfarm.net postfix/smtps/smtpd[1213808]: warning: unknown[196.0.117.110]: SASL PLAIN authentication failed: Sep 13 17:56:24 mail.srvfarm.net postfix/smtps/smtpd[1213808]: lost connection after AUTH from unknown[196.0.117.110] Sep 13 18:04:18 mail.srvfarm.net postfix/smtps/smtpd[1213844]: warning: unknown[196.0.117.110]: SASL PLAIN authentication failed: Sep 13 18:04:18 mail.srvfarm.net postfix/smtps/smtpd[1213844]: lost connection after AUTH from unknown[196.0.117.110] Sep 13 18:06:18 mail.srvfarm.net postfix/smtps/smtpd[1228781]: warning: unknown[196.0.117.110]: SASL PLAIN authentication failed:	2020-09-14 19:41:52
213.108.134.146	attackbots	RDP Bruteforce	2020-09-14 20:06:59
45.248.192.7	attackspam	Sep 13 18:09:49 mail.srvfarm.net postfix/smtps/smtpd[1214572]: warning: unknown[45.248.192.7]: SASL PLAIN authentication failed: Sep 13 18:09:49 mail.srvfarm.net postfix/smtps/smtpd[1214572]: lost connection after AUTH from unknown[45.248.192.7] Sep 13 18:13:04 mail.srvfarm.net postfix/smtps/smtpd[1216382]: warning: unknown[45.248.192.7]: SASL PLAIN authentication failed: Sep 13 18:13:05 mail.srvfarm.net postfix/smtps/smtpd[1216382]: lost connection after AUTH from unknown[45.248.192.7] Sep 13 18:14:52 mail.srvfarm.net postfix/smtps/smtpd[1230508]: warning: unknown[45.248.192.7]: SASL PLAIN authentication failed:	2020-09-14 19:53:07

最近上报的IP列表

9.81.119.204	237.41.245.80	77.89.182.255	250.0.61.93
234.158.113.37	221.34.91.229	22.250.61.195	162.251.236.8
194.31.117.225	154.79.177.46	15.22.113.237	13.211.134.171
218.150.156.64	118.161.134.206	229.206.156.138	158.220.230.90
36.70.52.137	150.188.144.198	137.45.184.233	112.85.42.195