45.160.138.187

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Brazil

运营商(isp): Teleart Internet

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Jul 24 16:57:50 mail.srvfarm.net postfix/smtps/smtpd[2334289]: warning: unknown[45.160.138.187]: SASL PLAIN authentication failed: Jul 24 16:57:51 mail.srvfarm.net postfix/smtps/smtpd[2334289]: lost connection after AUTH from unknown[45.160.138.187] Jul 24 17:04:37 mail.srvfarm.net postfix/smtps/smtpd[2333865]: warning: unknown[45.160.138.187]: SASL PLAIN authentication failed: Jul 24 17:04:37 mail.srvfarm.net postfix/smtps/smtpd[2333865]: lost connection after AUTH from unknown[45.160.138.187] Jul 24 17:05:22 mail.srvfarm.net postfix/smtps/smtpd[2349270]: warning: unknown[45.160.138.187]: SASL PLAIN authentication failed:	2020-07-25 01:45:23

类型

评论内容

时间

attackspambots

Jul 24 16:57:50 mail.srvfarm.net postfix/smtps/smtpd[2334289]: warning: unknown[45.160.138.187]: SASL PLAIN authentication failed: 
Jul 24 16:57:51 mail.srvfarm.net postfix/smtps/smtpd[2334289]: lost connection after AUTH from unknown[45.160.138.187]
Jul 24 17:04:37 mail.srvfarm.net postfix/smtps/smtpd[2333865]: warning: unknown[45.160.138.187]: SASL PLAIN authentication failed: 
Jul 24 17:04:37 mail.srvfarm.net postfix/smtps/smtpd[2333865]: lost connection after AUTH from unknown[45.160.138.187]
Jul 24 17:05:22 mail.srvfarm.net postfix/smtps/smtpd[2349270]: warning: unknown[45.160.138.187]: SASL PLAIN authentication failed:

2020-07-25 01:45:23

相同子网IP讨论:

IP	类型	评论内容	时间
45.160.138.182	attack	Sep 14 18:54:56 mail.srvfarm.net postfix/smtpd[2076883]: warning: unknown[45.160.138.182]: SASL PLAIN authentication failed: Sep 14 18:54:57 mail.srvfarm.net postfix/smtpd[2076883]: lost connection after AUTH from unknown[45.160.138.182] Sep 14 18:56:18 mail.srvfarm.net postfix/smtpd[2076883]: warning: unknown[45.160.138.182]: SASL PLAIN authentication failed: Sep 14 18:56:18 mail.srvfarm.net postfix/smtpd[2076883]: lost connection after AUTH from unknown[45.160.138.182] Sep 14 18:57:07 mail.srvfarm.net postfix/smtps/smtpd[2079600]: warning: unknown[45.160.138.182]: SASL PLAIN authentication failed:	2020-09-15 23:11:47
45.160.138.182	attackbotsspam	Sep 14 18:54:56 mail.srvfarm.net postfix/smtpd[2076883]: warning: unknown[45.160.138.182]: SASL PLAIN authentication failed: Sep 14 18:54:57 mail.srvfarm.net postfix/smtpd[2076883]: lost connection after AUTH from unknown[45.160.138.182] Sep 14 18:56:18 mail.srvfarm.net postfix/smtpd[2076883]: warning: unknown[45.160.138.182]: SASL PLAIN authentication failed: Sep 14 18:56:18 mail.srvfarm.net postfix/smtpd[2076883]: lost connection after AUTH from unknown[45.160.138.182] Sep 14 18:57:07 mail.srvfarm.net postfix/smtps/smtpd[2079600]: warning: unknown[45.160.138.182]: SASL PLAIN authentication failed:	2020-09-15 15:05:16
45.160.138.182	attack	Sep 14 18:54:56 mail.srvfarm.net postfix/smtpd[2076883]: warning: unknown[45.160.138.182]: SASL PLAIN authentication failed: Sep 14 18:54:57 mail.srvfarm.net postfix/smtpd[2076883]: lost connection after AUTH from unknown[45.160.138.182] Sep 14 18:56:18 mail.srvfarm.net postfix/smtpd[2076883]: warning: unknown[45.160.138.182]: SASL PLAIN authentication failed: Sep 14 18:56:18 mail.srvfarm.net postfix/smtpd[2076883]: lost connection after AUTH from unknown[45.160.138.182] Sep 14 18:57:07 mail.srvfarm.net postfix/smtps/smtpd[2079600]: warning: unknown[45.160.138.182]: SASL PLAIN authentication failed:	2020-09-15 07:12:17
45.160.138.113	attack	Aug 15 00:07:55 mail.srvfarm.net postfix/smtps/smtpd[893682]: warning: unknown[45.160.138.113]: SASL PLAIN authentication failed: Aug 15 00:07:56 mail.srvfarm.net postfix/smtps/smtpd[893682]: lost connection after AUTH from unknown[45.160.138.113] Aug 15 00:11:23 mail.srvfarm.net postfix/smtpd[795872]: warning: unknown[45.160.138.113]: SASL PLAIN authentication failed: Aug 15 00:11:23 mail.srvfarm.net postfix/smtpd[795872]: lost connection after AUTH from unknown[45.160.138.113] Aug 15 00:17:44 mail.srvfarm.net postfix/smtps/smtpd[741489]: warning: unknown[45.160.138.113]: SASL PLAIN authentication failed:	2020-08-15 17:11:51
45.160.138.182	attackbotsspam	Aug 15 00:13:58 mail.srvfarm.net postfix/smtpd[848719]: warning: unknown[45.160.138.182]: SASL PLAIN authentication failed: Aug 15 00:13:58 mail.srvfarm.net postfix/smtpd[848719]: lost connection after AUTH from unknown[45.160.138.182] Aug 15 00:15:00 mail.srvfarm.net postfix/smtpd[741824]: warning: unknown[45.160.138.182]: SASL PLAIN authentication failed: Aug 15 00:15:01 mail.srvfarm.net postfix/smtpd[741824]: lost connection after AUTH from unknown[45.160.138.182] Aug 15 00:15:08 mail.srvfarm.net postfix/smtpd[795872]: warning: unknown[45.160.138.182]: SASL PLAIN authentication failed:	2020-08-15 17:11:30
45.160.138.163	attackbotsspam	Aug 15 01:06:14 mail.srvfarm.net postfix/smtps/smtpd[915855]: warning: unknown[45.160.138.163]: SASL PLAIN authentication failed: Aug 15 01:06:14 mail.srvfarm.net postfix/smtps/smtpd[915855]: lost connection after AUTH from unknown[45.160.138.163] Aug 15 01:10:17 mail.srvfarm.net postfix/smtps/smtpd[927777]: warning: unknown[45.160.138.163]: SASL PLAIN authentication failed: Aug 15 01:10:18 mail.srvfarm.net postfix/smtps/smtpd[927777]: lost connection after AUTH from unknown[45.160.138.163] Aug 15 01:13:47 mail.srvfarm.net postfix/smtpd[928780]: warning: unknown[45.160.138.163]: SASL PLAIN authentication failed:	2020-08-15 16:02:58
45.160.138.172	attackspambots	Jul 28 05:35:51 mail.srvfarm.net postfix/smtps/smtpd[2355365]: warning: unknown[45.160.138.172]: SASL PLAIN authentication failed: Jul 28 05:35:52 mail.srvfarm.net postfix/smtps/smtpd[2355365]: lost connection after AUTH from unknown[45.160.138.172] Jul 28 05:38:56 mail.srvfarm.net postfix/smtpd[2354260]: warning: unknown[45.160.138.172]: SASL PLAIN authentication failed: Jul 28 05:38:57 mail.srvfarm.net postfix/smtpd[2354260]: lost connection after AUTH from unknown[45.160.138.172] Jul 28 05:41:05 mail.srvfarm.net postfix/smtps/smtpd[2355866]: warning: unknown[45.160.138.172]: SASL PLAIN authentication failed:	2020-07-28 17:50:43
45.160.138.165	attackspambots	Jul 24 08:44:30 mail.srvfarm.net postfix/smtps/smtpd[2137441]: warning: unknown[45.160.138.165]: SASL PLAIN authentication failed: Jul 24 08:44:30 mail.srvfarm.net postfix/smtps/smtpd[2137441]: lost connection after AUTH from unknown[45.160.138.165] Jul 24 08:46:01 mail.srvfarm.net postfix/smtps/smtpd[2137533]: warning: unknown[45.160.138.165]: SASL PLAIN authentication failed: Jul 24 08:46:02 mail.srvfarm.net postfix/smtps/smtpd[2137533]: lost connection after AUTH from unknown[45.160.138.165] Jul 24 08:54:12 mail.srvfarm.net postfix/smtpd[2140704]: warning: unknown[45.160.138.165]: SASL PLAIN authentication failed:	2020-07-25 04:29:06
45.160.138.211	attack	failed_logins	2020-07-18 17:08:37
45.160.138.211	attackspambots	(smtpauth) Failed SMTP AUTH login from 45.160.138.211 (BR/Brazil/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-07-17 08:24:55 plain authenticator failed for ([45.160.138.211]) [45.160.138.211]: 535 Incorrect authentication data (set_id=dairy)	2020-07-17 15:54:33
45.160.138.160	attackspam	Jun 16 05:16:06 mail.srvfarm.net postfix/smtpd[916166]: warning: unknown[45.160.138.160]: SASL PLAIN authentication failed: Jun 16 05:16:07 mail.srvfarm.net postfix/smtpd[916166]: lost connection after AUTH from unknown[45.160.138.160] Jun 16 05:23:27 mail.srvfarm.net postfix/smtpd[935980]: warning: unknown[45.160.138.160]: SASL PLAIN authentication failed: Jun 16 05:23:27 mail.srvfarm.net postfix/smtpd[935980]: lost connection after AUTH from unknown[45.160.138.160] Jun 16 05:25:26 mail.srvfarm.net postfix/smtps/smtpd[938097]: warning: unknown[45.160.138.160]: SASL PLAIN authentication failed:	2020-06-16 16:38:12
45.160.138.118	attack	(smtpauth) Failed SMTP AUTH login from 45.160.138.118 (BR/Brazil/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-05-10 08:25:11 plain authenticator failed for ([45.160.138.118]) [45.160.138.118]: 535 Incorrect authentication data (set_id=sale)	2020-05-10 13:27:22
45.160.138.219	attack	Unauthorised access (Oct 31) SRC=45.160.138.219 LEN=52 TTL=109 ID=2475 DF TCP DPT=445 WINDOW=8192 SYN	2019-11-01 01:55:04
45.160.138.186	attackbotsspam	Jul 17 08:03:37 offspring postfix/smtpd[27867]: connect from unknown[45.160.138.186] Jul 17 08:03:41 offspring postfix/smtpd[27867]: warning: unknown[45.160.138.186]: SASL CRAM-MD5 authentication failed: authentication failure Jul 17 08:03:41 offspring postfix/smtpd[27867]: warning: unknown[45.160.138.186]: SASL PLAIN authentication failed: authentication failure Jul 17 08:03:43 offspring postfix/smtpd[27867]: warning: unknown[45.160.138.186]: SASL LOGIN authentication failed: authentication failure ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=45.160.138.186	2019-07-17 16:41:44
45.160.138.105	attack	Jul 14 12:05:19 rigel postfix/smtpd[29099]: connect from unknown[45.160.138.105] Jul 14 12:05:22 rigel postfix/smtpd[29099]: warning: unknown[45.160.138.105]: SASL CRAM-MD5 authentication failed: authentication failure Jul 14 12:05:23 rigel postfix/smtpd[29099]: warning: unknown[45.160.138.105]: SASL PLAIN authentication failed: authentication failure Jul 14 12:05:24 rigel postfix/smtpd[29099]: warning: unknown[45.160.138.105]: SASL LOGIN authentication failed: authentication failure ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=45.160.138.105	2019-07-15 03:45:05

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.160.138.187
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 19115
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.160.138.187.			IN	A

;; AUTHORITY SECTION:
.			600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020072401 1800 900 604800 86400

;; Query time: 53 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Jul 25 01:45:17 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 187.138.160.45.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 187.138.160.45.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
117.0.35.153	attackspam	Jun 26 11:16:07 itv-usvr-02 sshd[717]: Invalid user admin from 117.0.35.153 port 65439 Jun 26 11:16:07 itv-usvr-02 sshd[717]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.0.35.153 Jun 26 11:16:07 itv-usvr-02 sshd[717]: Invalid user admin from 117.0.35.153 port 65439 Jun 26 11:16:09 itv-usvr-02 sshd[717]: Failed password for invalid user admin from 117.0.35.153 port 65439 ssh2 Jun 26 11:16:10 itv-usvr-02 sshd[720]: Invalid user admin from 117.0.35.153 port 49333	2019-06-26 12:44:06
170.233.172.100	attack	SMTP-sasl brute force ...	2019-06-26 13:12:43
162.243.58.222	attackbotsspam	Jun 26 06:16:04 localhost sshd\[31348\]: Invalid user cuan from 162.243.58.222 Jun 26 06:16:04 localhost sshd\[31348\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.58.222 Jun 26 06:16:07 localhost sshd\[31348\]: Failed password for invalid user cuan from 162.243.58.222 port 39868 ssh2 Jun 26 06:17:40 localhost sshd\[31380\]: Invalid user sambaup from 162.243.58.222 Jun 26 06:17:40 localhost sshd\[31380\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.58.222 ...	2019-06-26 12:41:03
168.227.80.119	attackbotsspam	smtp auth brute force	2019-06-26 13:04:11
193.204.195.206	attackbotsspam	Brute force SMTP login attempts.	2019-06-26 13:07:58
83.216.109.154	attackspam	Invalid user pi from 83.216.109.154 port 55064	2019-06-26 13:13:01
46.3.96.68	attackspam	26.06.2019 03:52:48 Connection to port 8303 blocked by firewall	2019-06-26 12:43:21
139.59.170.23	attack	F2B jail: sshd. Time: 2019-06-26 05:52:33, Reported by: VKReport	2019-06-26 12:49:40
125.25.84.149	attack	Unauthorized connection attempt from IP address 125.25.84.149 on Port 445(SMB)	2019-06-26 13:15:44
177.184.13.37	attackspam	Scanning and Vuln Attempts	2019-06-26 12:33:29
178.49.9.210	attackbots	2019-06-26T06:57:01.741640centos sshd\[28175\]: Invalid user deploy from 178.49.9.210 port 41522 2019-06-26T06:57:01.745788centos sshd\[28175\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.49.9.210 2019-06-26T06:57:03.564959centos sshd\[28175\]: Failed password for invalid user deploy from 178.49.9.210 port 41522 ssh2	2019-06-26 13:12:07
91.109.6.172	attackbotsspam	Jun 26 09:22:32 tanzim-HP-Z238-Microtower-Workstation sshd\[10491\]: Invalid user guest from 91.109.6.172 Jun 26 09:22:32 tanzim-HP-Z238-Microtower-Workstation sshd\[10491\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.109.6.172 Jun 26 09:22:34 tanzim-HP-Z238-Microtower-Workstation sshd\[10491\]: Failed password for invalid user guest from 91.109.6.172 port 54138 ssh2 ...	2019-06-26 12:48:50
203.190.128.143	attack	$f2bV_matches	2019-06-26 12:34:08
35.202.11.237	attack	RDP Bruteforce	2019-06-26 12:52:47
70.49.103.238	attack	web-1 [ssh] SSH Attack	2019-06-26 13:18:16

最近上报的IP列表

188.163.48.18	185.203.168.30	88.238.27.33	54.254.131.89
2.57.204.17	198.98.49.181	180.169.63.18	178.86.213.221
176.15.230.108	182.73.3.50	171.251.102.20	74.109.189.82
119.123.0.226	194.118.15.81	182.81.188.247	207.187.239.224
239.147.217.32	115.79.52.151	223.166.56.177	243.239.83.185