45.64.139.181 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Bangladesh

运营商(isp): ZX Online Ltd ISP of Bangladesh

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Oct 2 00:08:50 mail01 postfix/postscreen[12956]: CONNECT from [45.64.139.181]:54715 to [94.130.181.95]:25 Oct 2 00:08:50 mail01 postfix/dnsblog[12957]: addr 45.64.139.181 listed by domain bl.blocklist.de as 127.0.0.9 Oct 2 00:08:50 mail01 postfix/dnsblog[12959]: addr 45.64.139.181 listed by domain zen.spamhaus.org as 127.0.0.3 Oct 2 00:08:50 mail01 postfix/dnsblog[12959]: addr 45.64.139.181 listed by domain zen.spamhaus.org as 127.0.0.11 Oct 2 00:08:50 mail01 postfix/dnsblog[12959]: addr 45.64.139.181 listed by domain zen.spamhaus.org as 127.0.0.4 Oct 2 00:08:50 mail01 postfix/dnsblog[12958]: addr 45.64.139.181 listed by domain ix.dnsbl.xxxxxx.net as 127.0.0.2 Oct 2 00:08:50 mail01 postfix/postscreen[12956]: PREGREET 20 after 0.79 from [45.64.139.181]:54715: EHLO luserverglass.hostname Oct 2 00:08:50 mail01 postfix/postscreen[12956]: DNSBL rank 5 for [45.64.139.181]:54715 Oct x@x Oct x@x Oct 2 00:08:52 mail01 postfix/postscreen[12956]: HANGUP after 2 from [45......... -------------------------------	2019-10-04 06:01:19

类型

评论内容

时间

attack

Oct  2 00:08:50 mail01 postfix/postscreen[12956]: CONNECT from [45.64.139.181]:54715 to [94.130.181.95]:25
Oct  2 00:08:50 mail01 postfix/dnsblog[12957]: addr 45.64.139.181 listed by domain bl.blocklist.de as 127.0.0.9
Oct  2 00:08:50 mail01 postfix/dnsblog[12959]: addr 45.64.139.181 listed by domain zen.spamhaus.org as 127.0.0.3
Oct  2 00:08:50 mail01 postfix/dnsblog[12959]: addr 45.64.139.181 listed by domain zen.spamhaus.org as 127.0.0.11
Oct  2 00:08:50 mail01 postfix/dnsblog[12959]: addr 45.64.139.181 listed by domain zen.spamhaus.org as 127.0.0.4
Oct  2 00:08:50 mail01 postfix/dnsblog[12958]: addr 45.64.139.181 listed by domain ix.dnsbl.xxxxxx.net as 127.0.0.2
Oct  2 00:08:50 mail01 postfix/postscreen[12956]: PREGREET 20 after 0.79 from [45.64.139.181]:54715: EHLO luserverglass.hostname

Oct  2 00:08:50 mail01 postfix/postscreen[12956]: DNSBL rank 5 for [45.64.139.181]:54715
Oct x@x
Oct x@x
Oct  2 00:08:52 mail01 postfix/postscreen[12956]: HANGUP after 2 from [45.........
-------------------------------

2019-10-04 06:01:19

相同子网IP讨论:

IP	类型	评论内容	时间
45.64.139.180	attackbotsspam	spam	2020-02-29 18:19:56
45.64.139.234	attack	Sending SPAM email	2020-02-06 23:34:12
45.64.139.180	attackbots	spam	2020-01-10 20:51:57
45.64.139.134	attackspam	Unauthorized connection attempt from IP address 45.64.139.134 on Port 445(SMB)	2019-12-20 05:26:54
45.64.139.178	attackspam	email spam	2019-12-17 20:14:28
45.64.139.177	attackspam	postfix (unknown user, SPF fail or relay access denied)	2019-12-14 18:18:19
45.64.139.179	attackbotsspam	[Aegis] @ 2019-10-30 03:55:40 0000 -> Multiple attempts to send e-mail from invalid/unknown sender domain.	2019-10-30 12:51:54
45.64.139.178	attackspambots	Absender hat Spam-Falle ausgel?st	2019-07-04 20:41:11

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.64.139.181
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 8483
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.64.139.181.			IN	A

;; AUTHORITY SECTION:
.			119	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019100301 1800 900 604800 86400

;; Query time: 206 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Oct 04 06:01:16 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 181.139.64.45.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 181.139.64.45.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
37.59.104.76	attackbotsspam	Oct 2 22:22:11 *** sshd[21037]: User root from 37.59.104.76 not allowed because not listed in AllowUsers	2019-10-03 08:03:28
92.91.60.249	attackspambots	Oct 3 04:51:01 gw1 sshd[3964]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.91.60.249 Oct 3 04:51:04 gw1 sshd[3964]: Failed password for invalid user ubnt from 92.91.60.249 port 43564 ssh2 ...	2019-10-03 08:01:18
95.110.17.107	attackbotsspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/95.110.17.107/ RU - 1H : (524) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : RU NAME ASN : ASN28812 IP : 95.110.17.107 CIDR : 95.110.0.0/17 PREFIX COUNT : 29 UNIQUE IP COUNT : 319232 WYKRYTE ATAKI Z ASN28812 : 1H - 1 3H - 1 6H - 3 12H - 6 24H - 7 DateTime : 2019-10-02 23:25:45 INFO : Port MAX SCAN Scan Detected and Blocked by ADMIN - data recovery	2019-10-03 08:17:42
102.65.153.244	attackbotsspam	Automatic report - SSH Brute-Force Attack	2019-10-03 07:45:39
84.51.92.174	attackbotsspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/84.51.92.174/ RU - 1H : (524) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : RU NAME ASN : ASN29124 IP : 84.51.92.174 CIDR : 84.51.64.0/19 PREFIX COUNT : 43 UNIQUE IP COUNT : 130816 WYKRYTE ATAKI Z ASN29124 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 2 DateTime : 2019-10-02 23:25:45 INFO : Port MAX SCAN Scan Detected and Blocked by ADMIN - data recovery	2019-10-03 08:17:59
51.75.70.159	attackspam	2019-10-02T21:22:38.294028shield sshd\[16134\]: Invalid user 123456Qw from 51.75.70.159 port 45396 2019-10-02T21:22:38.298622shield sshd\[16134\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.ip-51-75-70.eu 2019-10-02T21:22:40.024230shield sshd\[16134\]: Failed password for invalid user 123456Qw from 51.75.70.159 port 45396 ssh2 2019-10-02T21:26:30.409917shield sshd\[16631\]: Invalid user youandme from 51.75.70.159 port 57648 2019-10-02T21:26:30.414484shield sshd\[16631\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.ip-51-75-70.eu	2019-10-03 07:45:52
78.246.8.63	attackspambots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/78.246.8.63/ FR - 1H : (171) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : FR NAME ASN : ASN12322 IP : 78.246.8.63 CIDR : 78.224.0.0/11 PREFIX COUNT : 16 UNIQUE IP COUNT : 11051008 WYKRYTE ATAKI Z ASN12322 : 1H - 1 3H - 3 6H - 9 12H - 14 24H - 26 DateTime : 2019-10-02 23:25:45 INFO : Port MAX SCAN Scan Detected and Blocked by ADMIN - data recovery	2019-10-03 08:18:14
103.118.26.184	attackspam	C1,WP GET /lappan/wp-login.php	2019-10-03 07:56:51
139.59.247.114	attackspam	Oct 2 21:51:13 game-panel sshd[22462]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.247.114 Oct 2 21:51:14 game-panel sshd[22462]: Failed password for invalid user cdoran123 from 139.59.247.114 port 43704 ssh2 Oct 2 21:55:57 game-panel sshd[22625]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.247.114	2019-10-03 07:54:10
149.129.252.83	attackbots	Oct 3 02:50:58 server sshd\[1676\]: Invalid user uw from 149.129.252.83 port 49906 Oct 3 02:50:58 server sshd\[1676\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.129.252.83 Oct 3 02:51:00 server sshd\[1676\]: Failed password for invalid user uw from 149.129.252.83 port 49906 ssh2 Oct 3 02:54:58 server sshd\[17081\]: Invalid user prestashop from 149.129.252.83 port 36538 Oct 3 02:54:58 server sshd\[17081\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.129.252.83	2019-10-03 08:05:40
18.27.197.252	attack	$f2bV_matches	2019-10-03 07:48:52
78.224.49.200	attack	Automatic report - Port Scan Attack	2019-10-03 08:07:57
218.92.0.145	attack	Oct 2 13:09:26 web9 sshd\[22412\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.145 user=root Oct 2 13:09:28 web9 sshd\[22412\]: Failed password for root from 218.92.0.145 port 20411 ssh2 Oct 2 13:09:31 web9 sshd\[22412\]: Failed password for root from 218.92.0.145 port 20411 ssh2 Oct 2 13:09:44 web9 sshd\[22454\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.145 user=root Oct 2 13:09:45 web9 sshd\[22454\]: Failed password for root from 218.92.0.145 port 36169 ssh2	2019-10-03 07:42:49
107.167.80.146	attackspam	JANNISJULIUS.DE 107.167.80.146 \[02/Oct/2019:23:25:41 +0200\] "POST /xmlrpc.php HTTP/1.1" 200 4264 "-" "Mozilla/5.0 $Windows NT 10.0\; Win64\; x64$ AppleWebKit/537.36 $KHTML, like Gecko$ Chrome/60.0.3112.113 Safari/537.36" jannisjulius.de 107.167.80.146 \[02/Oct/2019:23:25:41 +0200\] "POST /xmlrpc.php HTTP/1.1" 200 4264 "-" "Mozilla/5.0 $Windows NT 10.0\; Win64\; x64$ AppleWebKit/537.36 $KHTML, like Gecko$ Chrome/60.0.3112.113 Safari/537.36"	2019-10-03 08:18:56
103.248.120.2	attackbotsspam	Oct 2 13:29:16 auw2 sshd\[6151\]: Invalid user supervisor from 103.248.120.2 Oct 2 13:29:16 auw2 sshd\[6151\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.248.120.2 Oct 2 13:29:18 auw2 sshd\[6151\]: Failed password for invalid user supervisor from 103.248.120.2 port 32988 ssh2 Oct 2 13:34:01 auw2 sshd\[6509\]: Invalid user user from 103.248.120.2 Oct 2 13:34:01 auw2 sshd\[6509\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.248.120.2	2019-10-03 07:42:30

最近上报的IP列表

213.191.103.151	149.181.178.133	31.255.151.105	88.238.5.118
3.96.195.73	81.36.171.213	73.181.230.231	108.84.193.217
80.43.131.161	207.62.46.219	190.14.39.120	62.94.144.69
23.253.216.84	236.142.134.71	220.196.218.81	35.31.70.51
169.29.145.237	161.159.91.14	64.90.40.247	121.242.47.156