45.70.0.158 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Brazil

运营商(isp): Infinitnet Comunicacao E Multimidia Ltda - ME

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Automatic report - Port Scan Attack	2019-10-30 19:04:33

相同子网IP讨论:

IP	类型	评论内容	时间
45.70.0.73	attackbotsspam	Unauthorized connection attempt detected from IP address 45.70.0.73 to port 80	2020-07-22 21:15:58
45.70.0.17	attackbotsspam	Sending SPAM email	2019-12-12 08:53:33
45.70.0.17	attackspambots	proto=tcp . spt=45806 . dpt=25 . (listed on Dark List de Aug 23) (131)	2019-08-24 16:33:49
45.70.0.17	attackbots	Jun 18 07:19:37 our-server-hostname postfix/smtpd[29541]: connect from unknown[45.70.0.17] Jun x@x Jun 18 07:19:40 our-server-hostname postfix/smtpd[29541]: lost connection after RCPT from unknown[45.70.0.17] Jun 18 07:19:40 our-server-hostname postfix/smtpd[29541]: disconnect from unknown[45.70.0.17] Jun 18 07:25:26 our-server-hostname postfix/smtpd[30227]: connect from unknown[45.70.0.17] Jun 18 07:25:33 our-server-hostname postfix/smtpd[30227]: NOQUEUE: reject: RCPT from unknown[45.70.0.17]: 554 5.7.1 Service un .... truncated .... ble; x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun 19 02:30:48 our-server-hostname postfix/smtpd[3522]: too many errors after RCPT from unknown[45.70.0.17] Jun 19 02:30:48 our-server-hostname postfix/smtpd[3522]: disconnect from unknown[45.70.0.17] Jun 19 02:31:50 our-server-hostname postfix/smtpd[5324]: connect from unknown[45.70.0.17] Jun x........ -------------------------------	2019-06-22 22:32:11
45.70.0.17	attackbots	Jun 18 07:19:37 our-server-hostname postfix/smtpd[29541]: connect from unknown[45.70.0.17] Jun x@x Jun 18 07:19:40 our-server-hostname postfix/smtpd[29541]: lost connection after RCPT from unknown[45.70.0.17] Jun 18 07:19:40 our-server-hostname postfix/smtpd[29541]: disconnect from unknown[45.70.0.17] Jun 18 07:25:26 our-server-hostname postfix/smtpd[30227]: connect from unknown[45.70.0.17] Jun 18 07:25:33 our-server-hostname postfix/smtpd[30227]: NOQUEUE: reject: RCPT from unknown[45.70.0.17]: 554 5.7.1 Service un .... truncated .... ble; x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun 19 02:30:48 our-server-hostname postfix/smtpd[3522]: too many errors after RCPT from unknown[45.70.0.17] Jun 19 02:30:48 our-server-hostname postfix/smtpd[3522]: disconnect from unknown[45.70.0.17] Jun 19 02:31:50 our-server-hostname postfix/smtpd[5324]: connect from unknown[45.70.0.17] Jun x........ -------------------------------	2019-06-21 22:34:09

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.70.0.158
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 19196
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.70.0.158.			IN	A

;; AUTHORITY SECTION:
.			542	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019103000 1800 900 604800 86400

;; Query time: 116 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Oct 30 19:04:28 CST 2019
;; MSG SIZE  rcvd: 115

HOST信息:

158.0.70.45.in-addr.arpa domain name pointer ip-45-70-0-158.iflytelecom.com.br.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
158.0.70.45.in-addr.arpa	name = ip-45-70-0-158.iflytelecom.com.br.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
131.221.80.211	attack	Nov 17 09:24:17 lnxweb61 sshd[9614]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=131.221.80.211	2019-11-17 21:15:25
45.183.94.168	attack	SSH Bruteforce attempt	2019-11-17 21:28:49
37.139.4.138	attackspam	Nov 17 14:18:36 dedicated sshd[15316]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.4.138 user=root Nov 17 14:18:38 dedicated sshd[15316]: Failed password for root from 37.139.4.138 port 49067 ssh2 Nov 17 14:21:54 dedicated sshd[15820]: Invalid user 21idc from 37.139.4.138 port 38920 Nov 17 14:21:54 dedicated sshd[15820]: Invalid user 21idc from 37.139.4.138 port 38920	2019-11-17 21:44:13
119.90.43.106	attackbotsspam	Invalid user qwerty from 119.90.43.106 port 25350 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.90.43.106 Failed password for invalid user qwerty from 119.90.43.106 port 25350 ssh2 Invalid user testest123 from 119.90.43.106 port 42258 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.90.43.106	2019-11-17 21:23:55
154.221.25.247	attackbotsspam	2019-11-17T10:55:40.471389struts4.enskede.local sshd\[24981\]: Invalid user squid from 154.221.25.247 port 53438 2019-11-17T10:55:40.480539struts4.enskede.local sshd\[24981\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.221.25.247 2019-11-17T10:55:43.636563struts4.enskede.local sshd\[24981\]: Failed password for invalid user squid from 154.221.25.247 port 53438 ssh2 2019-11-17T11:05:35.229187struts4.enskede.local sshd\[25033\]: Invalid user admin from 154.221.25.247 port 59339 2019-11-17T11:05:35.235419struts4.enskede.local sshd\[25033\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.221.25.247 ...	2019-11-17 21:17:14
37.98.224.105	attackbotsspam	Nov 17 02:41:28 hpm sshd\[25268\]: Invalid user oisangyo from 37.98.224.105 Nov 17 02:41:28 hpm sshd\[25268\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.98.224.105 Nov 17 02:41:30 hpm sshd\[25268\]: Failed password for invalid user oisangyo from 37.98.224.105 port 56106 ssh2 Nov 17 02:45:48 hpm sshd\[25595\]: Invalid user crackers from 37.98.224.105 Nov 17 02:45:48 hpm sshd\[25595\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.98.224.105	2019-11-17 21:38:33
35.241.73.192	attack	SSH Bruteforce	2019-11-17 21:43:07
23.94.43.107	attack	Attack on insecure redis config	2019-11-17 21:14:10
95.58.194.148	attackbots	Nov 17 14:13:39 MK-Soft-VM4 sshd[15245]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.58.194.148 Nov 17 14:13:42 MK-Soft-VM4 sshd[15245]: Failed password for invalid user ksw from 95.58.194.148 port 34948 ssh2 ...	2019-11-17 21:17:36
190.211.160.253	attackspam	2019-11-17T11:00:24.772536struts4.enskede.local sshd\[25002\]: Invalid user server from 190.211.160.253 port 51468 2019-11-17T11:00:24.778793struts4.enskede.local sshd\[25002\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.211.160.253 2019-11-17T11:00:27.919345struts4.enskede.local sshd\[25002\]: Failed password for invalid user server from 190.211.160.253 port 51468 ssh2 2019-11-17T11:05:03.646593struts4.enskede.local sshd\[25023\]: Invalid user vinny from 190.211.160.253 port 59756 2019-11-17T11:05:03.654840struts4.enskede.local sshd\[25023\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.211.160.253 ...	2019-11-17 21:23:41
106.52.88.211	attackbots	Nov 17 10:49:26 eventyay sshd[26839]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.88.211 Nov 17 10:49:28 eventyay sshd[26839]: Failed password for invalid user conti from 106.52.88.211 port 58880 ssh2 Nov 17 10:53:35 eventyay sshd[26891]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.88.211 ...	2019-11-17 21:09:27
88.247.32.37	attackspambots	Automatic report - Port Scan Attack	2019-11-17 21:38:10
45.55.157.147	attack	Nov 17 10:45:10 thevastnessof sshd[3564]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.157.147 ...	2019-11-17 21:25:44
76.73.206.93	attackspambots	SSH Brute Force, server-1 sshd[1989]: Failed password for uucp from 76.73.206.93 port 34108 ssh2	2019-11-17 21:24:14
62.234.65.92	attackspambots	Nov 17 09:25:54 XXX sshd[19228]: Invalid user osadrc from 62.234.65.92 port 39000	2019-11-17 21:41:23

最近上报的IP列表

115.42.195.178	0.214.123.4	45.179.167.24	200.133.136.204
209.100.132.147	242.184.82.85	97.180.196.126	167.154.104.146
113.161.16.10	46.153.169.35	78.95.238.108	17.104.59.225
82.194.77.54	204.123.219.21	146.121.188.137	200.154.47.83
65.202.26.173	86.252.238.83	202.152.58.90	128.12.206.59