45.165.138.21 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Brazil

运营商(isp): Emanuela de Lima Medeiros

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Commercial

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/45.165.138.21/ BR - 1H : (61) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : BR NAME ASN : ASN268677 IP : 45.165.138.21 CIDR : 45.165.136.0/22 PREFIX COUNT : 1 UNIQUE IP COUNT : 1024 ATTACKS DETECTED ASN268677 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 1 DateTime : 2019-11-26 07:22:55 INFO : HACK ! - Looking for resource vulnerabilities Scan Detected and Blocked by ADMIN - data recovery	2019-11-26 20:00:50

类型

评论内容

时间

attackbots

IP Ban Report :  
 https://help-dysk.pl/wordpress-firewall-plugins/ip/45.165.138.21/ 
 
 BR - 1H : (61)  
 Protection Against DDoS WordPress plugin :  
 "odzyskiwanie danych help-dysk" 
 IP Address Ranges by Country : BR 
 NAME ASN : ASN268677 
 
 IP : 45.165.138.21 
 
 CIDR : 45.165.136.0/22 
 
 PREFIX COUNT : 1 
 
 UNIQUE IP COUNT : 1024 
 
 
 ATTACKS DETECTED ASN268677 :  
  1H - 1 
  3H - 1 
  6H - 1 
 12H - 1 
 24H - 1 
 
 DateTime : 2019-11-26 07:22:55 
 
 INFO :  HACK ! - Looking for resource vulnerabilities Scan Detected and Blocked by ADMIN  - data recovery

2019-11-26 20:00:50

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.165.138.21
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 37908
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.165.138.21.			IN	A

;; AUTHORITY SECTION:
.			436	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019112600 1800 900 604800 86400

;; Query time: 115 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Nov 26 20:00:43 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 21.138.165.45.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 21.138.165.45.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
220.141.68.44	attackspam	Unauthorised access (Aug 24) SRC=220.141.68.44 LEN=40 PREC=0x20 TTL=52 ID=63457 TCP DPT=23 WINDOW=47696 SYN	2019-08-25 00:50:33
80.188.204.250	attackbots	Chat Spam	2019-08-24 23:34:15
87.103.120.250	attackbots	Aug 24 18:49:59 tuotantolaitos sshd[6902]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=87.103.120.250 Aug 24 18:50:01 tuotantolaitos sshd[6902]: Failed password for invalid user daniel from 87.103.120.250 port 42576 ssh2 ...	2019-08-24 23:51:15
5.62.41.170	attackbotsspam	\[2019-08-24 11:56:44\] NOTICE\[1829\] chan_sip.c: Registration from '\' failed for '5.62.41.170:7630' - Wrong password \[2019-08-24 11:56:44\] SECURITY\[1837\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-08-24T11:56:44.258-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="77720",SessionID="0x7f7b301f31b8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/5.62.41.170/51359",Challenge="031eef87",ReceivedChallenge="031eef87",ReceivedHash="ce87c8b512e8a90e26a0106cd2fd8159" \[2019-08-24 12:02:05\] NOTICE\[1829\] chan_sip.c: Registration from '\' failed for '5.62.41.170:7610' - Wrong password \[2019-08-24 12:02:05\] SECURITY\[1837\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-08-24T12:02:05.306-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="21491",SessionID="0x7f7b301f31b8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/5.62.41.170/5	2019-08-25 00:02:35
111.252.254.27	attack	Honeypot attack, port: 23, PTR: 111-252-254-27.dynamic-ip.hinet.net.	2019-08-25 00:08:30
150.242.99.190	attackspambots	Aug 24 17:04:55 icinga sshd[15822]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.242.99.190 Aug 24 17:04:56 icinga sshd[15822]: Failed password for invalid user user4 from 150.242.99.190 port 56674 ssh2 ...	2019-08-24 23:47:03
188.209.237.10	attackspambots	Honeypot attack, port: 23, PTR: PTR record not found	2019-08-24 23:48:49
5.249.149.174	attackspam	Aug 24 06:14:16 hanapaa sshd\[10878\]: Invalid user openproject from 5.249.149.174 Aug 24 06:14:16 hanapaa sshd\[10878\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.249.149.174 Aug 24 06:14:18 hanapaa sshd\[10878\]: Failed password for invalid user openproject from 5.249.149.174 port 32894 ssh2 Aug 24 06:18:42 hanapaa sshd\[11285\]: Invalid user web from 5.249.149.174 Aug 24 06:18:42 hanapaa sshd\[11285\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.249.149.174	2019-08-25 00:40:45
37.41.134.38	attack	Aug 24 12:55:42 this_host sshd[10380]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.41.134.38 user=r.r Aug 24 12:55:43 this_host sshd[10380]: Failed password for r.r from 37.41.134.38 port 54994 ssh2 Aug 24 12:55:45 this_host sshd[10380]: Failed password for r.r from 37.41.134.38 port 54994 ssh2 Aug 24 12:55:48 this_host sshd[10380]: Failed password for r.r from 37.41.134.38 port 54994 ssh2 Aug 24 12:55:50 this_host sshd[10380]: Failed password for r.r from 37.41.134.38 port 54994 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=37.41.134.38	2019-08-24 23:33:20
85.38.164.51	attack	Aug 24 11:26:30 *** sshd[24061]: Invalid user jeffrey from 85.38.164.51	2019-08-25 00:16:13
67.247.33.174	attack	Aug 24 07:36:51 debian sshd\[20307\]: Invalid user ardi from 67.247.33.174 port 60930 Aug 24 07:36:51 debian sshd\[20307\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=67.247.33.174 Aug 24 07:36:53 debian sshd\[20307\]: Failed password for invalid user ardi from 67.247.33.174 port 60930 ssh2 ...	2019-08-25 00:03:52
211.143.127.37	attack	Aug 24 15:08:12 localhost sshd\[8410\]: Invalid user rsync from 211.143.127.37 port 40955 Aug 24 15:08:12 localhost sshd\[8410\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.143.127.37 Aug 24 15:08:15 localhost sshd\[8410\]: Failed password for invalid user rsync from 211.143.127.37 port 40955 ssh2 Aug 24 15:13:31 localhost sshd\[8620\]: Invalid user fg from 211.143.127.37 port 57744 Aug 24 15:13:31 localhost sshd\[8620\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.143.127.37 ...	2019-08-24 23:35:56
212.85.38.50	attack	Aug 24 10:25:11 plusreed sshd[21376]: Invalid user tip from 212.85.38.50 ...	2019-08-24 23:35:22
197.86.194.29	attack	Honeypot attack, port: 445, PTR: 197-86-194-29.dsl.mweb.co.za.	2019-08-24 23:36:39
49.50.87.77	attackbots	Aug 24 06:09:05 lcdev sshd\[24994\]: Invalid user dpn from 49.50.87.77 Aug 24 06:09:05 lcdev sshd\[24994\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.50.87.77 Aug 24 06:09:07 lcdev sshd\[24994\]: Failed password for invalid user dpn from 49.50.87.77 port 48622 ssh2 Aug 24 06:13:53 lcdev sshd\[25522\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.50.87.77 user=root Aug 24 06:13:56 lcdev sshd\[25522\]: Failed password for root from 49.50.87.77 port 53832 ssh2	2019-08-25 00:24:22

最近上报的IP列表

216.45.58.115	140.143.57.203	116.165.40.125	196.218.246.141
74.108.224.112	76.253.43.33	13.85.68.8	143.161.61.190
96.56.178.67	192.195.62.207	162.29.137.71	195.172.205.1
189.153.38.171	39.186.180.68	39.111.7.51	88.193.64.48
76.55.88.163	67.221.85.27	224.100.244.81	126.213.60.26