45.64.139.181 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Bangladesh

运营商(isp): ZX Online Ltd ISP of Bangladesh

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Oct 2 00:08:50 mail01 postfix/postscreen[12956]: CONNECT from [45.64.139.181]:54715 to [94.130.181.95]:25 Oct 2 00:08:50 mail01 postfix/dnsblog[12957]: addr 45.64.139.181 listed by domain bl.blocklist.de as 127.0.0.9 Oct 2 00:08:50 mail01 postfix/dnsblog[12959]: addr 45.64.139.181 listed by domain zen.spamhaus.org as 127.0.0.3 Oct 2 00:08:50 mail01 postfix/dnsblog[12959]: addr 45.64.139.181 listed by domain zen.spamhaus.org as 127.0.0.11 Oct 2 00:08:50 mail01 postfix/dnsblog[12959]: addr 45.64.139.181 listed by domain zen.spamhaus.org as 127.0.0.4 Oct 2 00:08:50 mail01 postfix/dnsblog[12958]: addr 45.64.139.181 listed by domain ix.dnsbl.xxxxxx.net as 127.0.0.2 Oct 2 00:08:50 mail01 postfix/postscreen[12956]: PREGREET 20 after 0.79 from [45.64.139.181]:54715: EHLO luserverglass.hostname Oct 2 00:08:50 mail01 postfix/postscreen[12956]: DNSBL rank 5 for [45.64.139.181]:54715 Oct x@x Oct x@x Oct 2 00:08:52 mail01 postfix/postscreen[12956]: HANGUP after 2 from [45......... -------------------------------	2019-10-04 06:01:19

类型

评论内容

时间

attack

Oct  2 00:08:50 mail01 postfix/postscreen[12956]: CONNECT from [45.64.139.181]:54715 to [94.130.181.95]:25
Oct  2 00:08:50 mail01 postfix/dnsblog[12957]: addr 45.64.139.181 listed by domain bl.blocklist.de as 127.0.0.9
Oct  2 00:08:50 mail01 postfix/dnsblog[12959]: addr 45.64.139.181 listed by domain zen.spamhaus.org as 127.0.0.3
Oct  2 00:08:50 mail01 postfix/dnsblog[12959]: addr 45.64.139.181 listed by domain zen.spamhaus.org as 127.0.0.11
Oct  2 00:08:50 mail01 postfix/dnsblog[12959]: addr 45.64.139.181 listed by domain zen.spamhaus.org as 127.0.0.4
Oct  2 00:08:50 mail01 postfix/dnsblog[12958]: addr 45.64.139.181 listed by domain ix.dnsbl.xxxxxx.net as 127.0.0.2
Oct  2 00:08:50 mail01 postfix/postscreen[12956]: PREGREET 20 after 0.79 from [45.64.139.181]:54715: EHLO luserverglass.hostname

Oct  2 00:08:50 mail01 postfix/postscreen[12956]: DNSBL rank 5 for [45.64.139.181]:54715
Oct x@x
Oct x@x
Oct  2 00:08:52 mail01 postfix/postscreen[12956]: HANGUP after 2 from [45.........
-------------------------------

2019-10-04 06:01:19

相同子网IP讨论:

IP	类型	评论内容	时间
45.64.139.180	attackbotsspam	spam	2020-02-29 18:19:56
45.64.139.234	attack	Sending SPAM email	2020-02-06 23:34:12
45.64.139.180	attackbots	spam	2020-01-10 20:51:57
45.64.139.134	attackspam	Unauthorized connection attempt from IP address 45.64.139.134 on Port 445(SMB)	2019-12-20 05:26:54
45.64.139.178	attackspam	email spam	2019-12-17 20:14:28
45.64.139.177	attackspam	postfix (unknown user, SPF fail or relay access denied)	2019-12-14 18:18:19
45.64.139.179	attackbotsspam	[Aegis] @ 2019-10-30 03:55:40 0000 -> Multiple attempts to send e-mail from invalid/unknown sender domain.	2019-10-30 12:51:54
45.64.139.178	attackspambots	Absender hat Spam-Falle ausgel?st	2019-07-04 20:41:11

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.64.139.181
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 8483
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.64.139.181.			IN	A

;; AUTHORITY SECTION:
.			119	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019100301 1800 900 604800 86400

;; Query time: 206 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Oct 04 06:01:16 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 181.139.64.45.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 181.139.64.45.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
222.186.180.142	attack	2020-07-31T11:41[Censored Hostname] sshd[16893]: Failed password for root from 222.186.180.142 port 64968 ssh2 2020-07-31T11:41[Censored Hostname] sshd[16893]: Failed password for root from 222.186.180.142 port 64968 ssh2 2020-07-31T11:41[Censored Hostname] sshd[16893]: Failed password for root from 222.186.180.142 port 64968 ssh2[...]	2020-07-31 17:42:27
123.207.142.31	attack	SSH Brute Force	2020-07-31 18:04:28
1.32.40.181	attackbotsspam	firewall-block, port(s): 23/tcp	2020-07-31 17:38:58
118.71.239.30	attack	port scan and connect, tcp 23 (telnet)	2020-07-31 18:03:46
165.227.214.37	attackbots	Jul 31 10:56:21 santamaria sshd\[14089\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.214.37 user=root Jul 31 10:56:23 santamaria sshd\[14089\]: Failed password for root from 165.227.214.37 port 55626 ssh2 Jul 31 11:00:18 santamaria sshd\[14180\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.214.37 user=root ...	2020-07-31 17:56:21
66.249.66.70	attackspambots	Automatic report - Banned IP Access	2020-07-31 18:07:41
81.170.239.2	attackbots	81.170.239.2 - - [31/Jul/2020:06:27:25 +0100] "POST /wp-login.php HTTP/1.1" 200 2017 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 81.170.239.2 - - [31/Jul/2020:06:27:25 +0100] "POST /wp-login.php HTTP/1.1" 200 1948 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 81.170.239.2 - - [31/Jul/2020:06:27:25 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-07-31 17:32:58
60.165.100.122	attackbots	Unauthorized connection attempt detected from IP address 60.165.100.122 to port 10314	2020-07-31 17:34:09
186.106.18.40	attackspambots	186.106.18.40 - - [31/Jul/2020:05:11:11 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" 186.106.18.40 - - [31/Jul/2020:05:11:12 +0100] "POST /wp-login.php HTTP/1.1" 200 5872 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" 186.106.18.40 - - [31/Jul/2020:05:15:07 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" ...	2020-07-31 17:51:42
49.234.131.75	attack	Failed password for root from 49.234.131.75 port 59564 ssh2 pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.131.75 user=root Failed password for root from 49.234.131.75 port 35720 ssh2 pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.131.75 user=root Failed password for root from 49.234.131.75 port 40096 ssh2	2020-07-31 18:06:07
37.189.29.12	attackbotsspam	Jul 31 03:49:53 hermescis postfix/smtpd[2028]: NOQUEUE: reject: RCPT from unknown[37.189.29.12]: 550 5.1.1 : Recipient address rejected:* from= to= proto=ESMTP helo=	2020-07-31 17:38:08
118.24.123.34	attackbots	Jul 31 08:39:41 ip-172-31-61-156 sshd[13840]: Failed password for root from 118.24.123.34 port 45480 ssh2 Jul 31 08:39:39 ip-172-31-61-156 sshd[13840]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.123.34 user=root Jul 31 08:39:41 ip-172-31-61-156 sshd[13840]: Failed password for root from 118.24.123.34 port 45480 ssh2 Jul 31 08:44:58 ip-172-31-61-156 sshd[14055]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.123.34 user=root Jul 31 08:45:00 ip-172-31-61-156 sshd[14055]: Failed password for root from 118.24.123.34 port 44130 ssh2 ...	2020-07-31 17:59:16
96.78.177.242	attackbotsspam	(sshd) Failed SSH login from 96.78.177.242 (US/United States/96-78-177-242-static.hfc.comcastbusiness.net): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jul 31 11:10:37 grace sshd[18058]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=96.78.177.242 user=root Jul 31 11:10:39 grace sshd[18058]: Failed password for root from 96.78.177.242 port 46250 ssh2 Jul 31 11:25:17 grace sshd[20172]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=96.78.177.242 user=root Jul 31 11:25:20 grace sshd[20172]: Failed password for root from 96.78.177.242 port 46402 ssh2 Jul 31 11:29:36 grace sshd[20479]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=96.78.177.242 user=root	2020-07-31 17:52:08
149.56.13.111	attack	$f2bV_matches	2020-07-31 18:08:19
78.107.232.146	attack	Unauthorized connection attempt detected from IP address 78.107.232.146 to port 23	2020-07-31 17:31:31

最近上报的IP列表

213.191.103.151	149.181.178.133	31.255.151.105	88.238.5.118
3.96.195.73	81.36.171.213	73.181.230.231	108.84.193.217
80.43.131.161	207.62.46.219	190.14.39.120	62.94.144.69
23.253.216.84	236.142.134.71	220.196.218.81	35.31.70.51
169.29.145.237	161.159.91.14	64.90.40.247	121.242.47.156