45.136.7.142 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Turkey

运营商(isp): Meric Hosting

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	2020-08-23 22:53:27.408550-0500 localhost smtpd[54954]: NOQUEUE: reject: RCPT from unknown[45.136.7.142]: 450 4.7.25 Client host rejected: cannot find your hostname, [45.136.7.142]; from= to= proto=ESMTP helo=	2020-08-24 14:47:05

类型

评论内容

时间

attackspambots

2020-08-23 22:53:27.408550-0500  localhost smtpd[54954]: NOQUEUE: reject: RCPT from unknown[45.136.7.142]: 450 4.7.25 Client host rejected: cannot find your hostname, [45.136.7.142]; from= to= proto=ESMTP helo=

2020-08-24 14:47:05

相同子网IP讨论:

IP	类型	评论内容	时间
45.136.7.223	attack	2020-08-29 15:30:26.088480-0500 localhost smtpd[88072]: NOQUEUE: reject: RCPT from unknown[45.136.7.223]: 554 5.7.1 Service unavailable; Client host [45.136.7.223] blocked using zen.spamhaus.org; https://www.spamhaus.org/sbl/query/SBLCSS; from= to= proto=ESMTP helo=	2020-08-30 07:18:36
45.136.7.195	attackspam	2020-08-26 22:47:45.019245-0500 localhost smtpd[76824]: NOQUEUE: reject: RCPT from unknown[45.136.7.195]: 554 5.7.1 Service unavailable; Client host [45.136.7.195] blocked using zen.spamhaus.org; https://www.spamhaus.org/sbl/query/SBLCSS; from= to= proto=ESMTP helo=	2020-08-27 15:41:28
45.136.7.181	attackspam	2020-08-26 15:47:15.237179-0500 localhost smtpd[44836]: NOQUEUE: reject: RCPT from unknown[45.136.7.181]: 554 5.7.1 Service unavailable; Client host [45.136.7.181] blocked using zen.spamhaus.org; https://www.spamhaus.org/sbl/query/SBLCSS; from= to= proto=ESMTP helo=	2020-08-27 09:21:22
45.136.7.185	spam	heavily spaming from this IP	2020-08-27 07:06:20
45.136.7.158	attackspambots	2020-08-24 07:03:02.384273-0500 localhost smtpd[92638]: NOQUEUE: reject: RCPT from unknown[45.136.7.158]: 554 5.7.1 Service unavailable; Client host [45.136.7.158] blocked using zen.spamhaus.org; https://www.spamhaus.org/sbl/query/SBLCSS; from= to= proto=ESMTP helo=	2020-08-24 21:00:55
45.136.7.127	attack	2020-08-23 15:32:57.627989-0500 localhost smtpd[19970]: NOQUEUE: reject: RCPT from unknown[45.136.7.127]: 554 5.7.1 Service unavailable; Client host [45.136.7.127] blocked using zen.spamhaus.org; https://www.spamhaus.org/sbl/query/SBLCSS; from= to= proto=ESMTP helo=	2020-08-24 07:14:27
45.136.7.89	attackspambots	2020-08-22 22:58:20.320001-0500 localhost smtpd[36887]: NOQUEUE: reject: RCPT from unknown[45.136.7.89]: 450 4.7.25 Client host rejected: cannot find your hostname, [45.136.7.89]; from= to= proto=ESMTP helo=	2020-08-23 18:28:15
45.136.7.88	attackspambots	spam	2020-08-23 18:24:58
45.136.7.63	attack	spam	2020-08-23 05:59:10
45.136.7.64	attackspam	2020-08-22 15:29:37.350979-0500 localhost smtpd[34772]: NOQUEUE: reject: RCPT from unknown[45.136.7.64]: 450 4.7.25 Client host rejected: cannot find your hostname, [45.136.7.64]; from= to= proto=ESMTP helo=	2020-08-23 05:56:33
45.136.7.32	attackbots	Aug 14 22:06:52 our-server-hostname postfix/smtpd[30734]: connect from unknown[45.136.7.32] Aug x@x Aug 14 22:07:00 our-server-hostname postfix/smtpd[28946]: connect from unknown[45.136.7.32] Aug 14 22:07:02 our-server-hostname postfix/smtpd[30663]: connect from unknown[45.136.7.32] Aug 14 22:07:25 our-server-hostname postfix/smtpd[1346]: connect from unknown[45.136.7.32] Aug x@x Aug x@x Aug x@x Aug x@x Aug x@x Aug 14 22:07:51 our-server-hostname postfix/smtpd[30734]: disconnect from unknown[45.136.7.32] Aug x@x Aug 14 22:08:05 our-server-hostname postfix/smtpd[30663]: disconnect from unknown[45.136.7.32] Aug 14 22:08:27 our-server-hostname postfix/smtpd[30159]: connect from unknown[45.136.7.32] Aug x@x Aug 14 22:08:38 our-server-hostname postfix/smtpd[30159]: disconnect from unknown[45.136.7.32] Aug 14 22:10:51 our-server-hostname postfix/smtpd[31987]: connect from unknown[45.136.7.32] Aug x@x Aug x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=45.136.7	2020-08-15 02:04:40
45.136.7.227	attackbots	2020-08-13 09:24:29.295039-0500 localhost smtpd[80501]: NOQUEUE: reject: RCPT from unknown[45.136.7.227]: 554 5.7.1 Service unavailable; Client host [45.136.7.227] blocked using zen.spamhaus.org; https://www.spamhaus.org/sbl/query/SBLCSS; from= to= proto=ESMTP helo=	2020-08-13 23:13:36
45.136.7.165	attackbotsspam	2020-08-12 22:44:03.313664-0500 localhost smtpd[19658]: NOQUEUE: reject: RCPT from unknown[45.136.7.165]: 554 5.7.1 Service unavailable; Client host [45.136.7.165] blocked using zen.spamhaus.org; https://www.spamhaus.org/sbl/query/SBLCSS; from= to= proto=ESMTP helo=	2020-08-13 18:24:29
45.136.7.167	attackspam	Aug 12 23:42:48 Host-KEWR-E amavis[29128]: (29128-02) Blocked SPAM {RejectedOutbound}, AM.PDP-SOCK LOCAL [45.136.7.167] [45.136.7.167] -> , Queue-ID: 8484D12BA, Message-ID: <1mdXIgp-AKenfKRlFYsEVyWqeFd8-1UnnEl53w02sX0.LdMqROnqLWXHSjlwi-BCCE20nYb6dxU9Hjotb9WWFPE@percentdirection.xyz>, mail_id: 9X2zoyOYnOpQ, Hits: 6.783, size: 10903, 2470 ms Aug 12 23:50:07 Host-KEWR-E amavis[29135]: (29135-02) Blocked SPAM {RejectedOutbound}, AM.PDP-SOCK LOCAL [45.136.7.167] [45.136.7.167] -> , Queue-ID: 6B87B12BA, Message-ID: <2u4Xdy6jRHLGvu7fNXICXnlPFlxdWUxgS2e1kOR1ggE.9vyJZSwLWbRkyPVbhWJzqSMWArsPtmVcAzDwmljsUV4@percentdirection.xyz>, mail_id: LJCz-haj650a, Hits: 12.841, size: 11120, 888 ms ...	2020-08-13 17:31:08
45.136.7.103	attackspambots	IP: 45.136.7.103 Ports affected Simple Mail Transfer (25) Abuse Confidence rating 18% Found in DNSBL('s) ASN Details AS209737 Meric Internet Teknolojileri A.S. Turkey (TR) CIDR 45.136.4.0/22 Log Date: 2/08/2020 8:24:19 PM UTC	2020-08-03 07:19:29

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.136.7.142
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 39919
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.136.7.142.			IN	A

;; AUTHORITY SECTION:
.			271	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020082400 1800 900 604800 86400

;; Query time: 75 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Aug 24 14:47:01 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 142.7.136.45.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 142.7.136.45.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
68.183.91.25	attackspam	Nov 6 15:33:23 yesfletchmain sshd\[22261\]: Invalid user pamela from 68.183.91.25 port 53313 Nov 6 15:33:23 yesfletchmain sshd\[22261\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.91.25 Nov 6 15:33:25 yesfletchmain sshd\[22261\]: Failed password for invalid user pamela from 68.183.91.25 port 53313 ssh2 Nov 6 15:37:44 yesfletchmain sshd\[22313\]: User root from 68.183.91.25 not allowed because not listed in AllowUsers Nov 6 15:37:44 yesfletchmain sshd\[22313\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.91.25 user=root ...	2019-11-07 02:03:41
154.120.242.70	attack	2019-11-06T17:41:21.551509shield sshd\[8564\]: Invalid user ppo from 154.120.242.70 port 38514 2019-11-06T17:41:21.557360shield sshd\[8564\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.120.242.70 2019-11-06T17:41:23.774333shield sshd\[8564\]: Failed password for invalid user ppo from 154.120.242.70 port 38514 ssh2 2019-11-06T17:50:56.120500shield sshd\[9376\]: Invalid user huaweiN2000 from 154.120.242.70 port 42970 2019-11-06T17:50:56.125853shield sshd\[9376\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.120.242.70	2019-11-07 02:06:10
209.94.195.212	attackspam	Nov 6 16:08:59 vps691689 sshd[5251]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=209.94.195.212 Nov 6 16:09:01 vps691689 sshd[5251]: Failed password for invalid user 1qaz!QAZ from 209.94.195.212 port 42659 ssh2 Nov 6 16:13:29 vps691689 sshd[5293]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=209.94.195.212 ...	2019-11-07 02:45:14
124.255.1.200	attackspam	Automatic report - Banned IP Access	2019-11-07 02:37:28
159.203.139.128	attackbots	Nov 6 16:41:37 root sshd[22441]: Failed password for root from 159.203.139.128 port 36048 ssh2 Nov 6 16:46:51 root sshd[22485]: Failed password for root from 159.203.139.128 port 46414 ssh2 ...	2019-11-07 02:14:25
112.197.171.67	attack	Nov 6 17:19:09 vmanager6029 sshd\[5874\]: Invalid user pi from 112.197.171.67 port 46742 Nov 6 17:19:09 vmanager6029 sshd\[5876\]: Invalid user pi from 112.197.171.67 port 46754 Nov 6 17:19:09 vmanager6029 sshd\[5874\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.197.171.67	2019-11-07 02:20:30
36.103.228.38	attack	Nov 6 18:41:53 DAAP sshd[13580]: Invalid user alastair from 36.103.228.38 port 48811 Nov 6 18:41:53 DAAP sshd[13580]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.103.228.38 Nov 6 18:41:53 DAAP sshd[13580]: Invalid user alastair from 36.103.228.38 port 48811 Nov 6 18:41:55 DAAP sshd[13580]: Failed password for invalid user alastair from 36.103.228.38 port 48811 ssh2 ...	2019-11-07 02:20:04
117.197.156.181	attackspambots	SMB Server BruteForce Attack	2019-11-07 02:32:14
23.235.171.246	attackbots	Lines containing failures of 23.235.171.246 (max 1000) Nov 6 08:08:26 localhost sshd[5917]: User r.r from 23.235.171.246 not allowed because listed in DenyUsers Nov 6 08:08:26 localhost sshd[5917]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=23.235.171.246 user=r.r Nov 6 08:08:28 localhost sshd[5917]: Failed password for invalid user r.r from 23.235.171.246 port 60798 ssh2 Nov 6 08:08:30 localhost sshd[5917]: Received disconnect from 23.235.171.246 port 60798:11: Bye Bye [preauth] Nov 6 08:08:30 localhost sshd[5917]: Disconnected from invalid user r.r 23.235.171.246 port 60798 [preauth] Nov 6 08:26:45 localhost sshd[15990]: User r.r from 23.235.171.246 not allowed because listed in DenyUsers Nov 6 08:26:45 localhost sshd[15990]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=23.235.171.246 user=r.r Nov 6 08:26:47 localhost sshd[15990]: Failed password for invalid user r.r from ........ ------------------------------	2019-11-07 02:32:35
182.61.133.172	attack	Nov 6 19:16:55 server sshd\[16153\]: Invalid user godzila from 182.61.133.172 Nov 6 19:16:55 server sshd\[16153\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.133.172 Nov 6 19:16:57 server sshd\[16153\]: Failed password for invalid user godzila from 182.61.133.172 port 57426 ssh2 Nov 6 19:44:30 server sshd\[23336\]: Invalid user xzhr from 182.61.133.172 Nov 6 19:44:30 server sshd\[23336\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.133.172 ...	2019-11-07 02:41:21
3.92.223.207	attackspam	As always with amazon web services	2019-11-07 02:16:31
218.28.168.4	attack	Nov 6 16:39:02 MK-Soft-VM7 sshd[3711]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.28.168.4 Nov 6 16:39:04 MK-Soft-VM7 sshd[3711]: Failed password for invalid user Pass123456789 from 218.28.168.4 port 12930 ssh2 ...	2019-11-07 02:28:40
111.19.162.80	attackspambots	Nov 6 14:58:08 localhost sshd\[48202\]: Invalid user bv from 111.19.162.80 port 35464 Nov 6 14:58:08 localhost sshd\[48202\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.19.162.80 Nov 6 14:58:10 localhost sshd\[48202\]: Failed password for invalid user bv from 111.19.162.80 port 35464 ssh2 Nov 6 15:10:06 localhost sshd\[48672\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.19.162.80 user=root Nov 6 15:10:08 localhost sshd\[48672\]: Failed password for root from 111.19.162.80 port 44348 ssh2 ...	2019-11-07 02:00:32
92.118.37.91	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-11-07 02:35:50
222.186.175.212	attack	$f2bV_matches	2019-11-07 02:12:06

最近上报的IP列表

191.223.53.11	49.235.136.49	106.13.131.132	183.166.148.211
21.4.175.112	178.209.110.78	120.78.7.47	95.18.254.132
64.227.101.139	178.132.135.84	110.171.101.232	159.65.15.86
128.199.223.178	70.37.52.139	42.200.238.180	35.193.14.0
117.239.40.146	210.66.16.184	110.139.203.164	210.251.213.165