189.103.58.134

Basic Info

City: Pindamonhangaba

Region: Sao Paulo

Country: Brazil

Internet Service Provider: Claro

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 189.103.58.134
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 60673
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;189.103.58.134.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025030700 1800 900 604800 86400

;; Query time: 36 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Mar 07 21:20:48 CST 2025
;; MSG SIZE  rcvd: 107

Host info

134.58.103.189.in-addr.arpa domain name pointer bd673a86.virtua.com.br.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
134.58.103.189.in-addr.arpa	name = bd673a86.virtua.com.br.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
148.70.23.121	attackspam	Jul 5 00:29:48 mail sshd\[15731\]: Invalid user duan from 148.70.23.121 port 60946 Jul 5 00:29:48 mail sshd\[15731\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.23.121 ...	2019-07-05 07:43:45
180.76.97.86	attack	Jul 4 18:15:18 mailman sshd[12068]: Invalid user joker from 180.76.97.86 Jul 4 18:15:18 mailman sshd[12068]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.97.86 Jul 4 18:15:21 mailman sshd[12068]: Failed password for invalid user joker from 180.76.97.86 port 50214 ssh2	2019-07-05 07:59:34
118.89.173.37	attackbotsspam	abuseConfidenceScore blocked for 12h	2019-07-05 07:24:03
211.138.182.198	attackbotsspam	$f2bV_matches	2019-07-05 07:52:55
62.133.58.66	attackbots	postfix-failedauth jail [dl]	2019-07-05 07:40:18
78.35.188.106	attackspam	11 attacks on PHP URLs: 78.35.188.106 - - [04/Jul/2019:09:31:09 +0100] "GET /phpmyadmin4/index.php?lang=en HTTP/1.1" 403 1251 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36"	2019-07-05 07:25:14
156.199.185.181	attack	Port scan on 1 port(s): 9527	2019-07-05 07:25:45
153.36.236.35	attackspambots	Jul 5 01:32:30 core01 sshd\[23700\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=153.36.236.35 user=root Jul 5 01:32:32 core01 sshd\[23700\]: Failed password for root from 153.36.236.35 port 57997 ssh2 ...	2019-07-05 07:41:10
45.71.208.253	attackbotsspam	Jul 4 23:39:39 *** sshd[28280]: User ntp from 45.71.208.253 not allowed because not listed in AllowUsers	2019-07-05 08:05:33
209.97.187.108	attackspambots	Jul 4 22:58:32 thevastnessof sshd[11606]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=209.97.187.108 ...	2019-07-05 07:39:51
217.149.173.214	attackbotsspam	php WP PHPmyadamin ABUSE blocked for 12h	2019-07-05 08:10:34
83.209.249.33	attackspambots	Unauthorised access (Jul 5) SRC=83.209.249.33 LEN=40 TTL=50 ID=25596 TCP DPT=23 WINDOW=19435 SYN	2019-07-05 08:07:51
47.200.199.62	attackbotsspam	47.200.199.62 - - \[05/Jul/2019:00:57:23 +0200\] "POST /contact-form.php HTTP/1.1" 404 49228 "-" "-"	2019-07-05 08:00:21
45.252.250.201	attack	[FriJul0500:54:05.2852492019][:error][pid4583:tid47152594962176][client45.252.250.201:58682][client45.252.250.201]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch"$\?:\<\\|script\\|\>$"atARGS:domain.[file"/usr/local/apache.ea3/conf/modsec_rules/99_asl_jitp.conf"][line"317"][id"347147"][rev"1"][msg"Atomicorp.comWAFRules:Wordpressadmin-ajaxXSSattack"][data"admin-ajax.php"][severity"CRITICAL"][hostname"cser.ch"][uri"/wp-admin/admin-ajax.php"][unique_id"XR6DjRmG7onBEAjys9uJmQAAAMk"][FriJul0500:58:24.9255002019][:error][pid29575:tid47152590759680][client45.252.250.201:42480][client45.252.250.201]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch"miglaa\?_"atARGS:action.[file"/usr/local/apache.ea3/conf/modsec_rules/99_asl_jitp.conf"][line"60"][id"334072"][rev"5"][msg"Atomicorp.comWAFRules:CVE-2019-6703Attackblocked"][severity"ALERT"][hostname"cser.ch"][uri"/wp-admin/admin-ajax.php"][unique_id"XR6EkOJOLgY93J5KRwqZPAAAAUc"]	2019-07-05 07:42:20
187.62.152.176	attack	Brute force attempt	2019-07-05 07:53:27

Recently Reported IPs

137.39.114.226	14.150.16.254	81.107.173.143	127.173.131.123
95.83.59.86	9.130.115.178	103.165.23.152	221.141.232.141
40.110.226.176	15.11.62.248	141.124.24.84	108.207.11.222
253.174.171.107	254.46.144.216	143.168.81.249	204.206.37.50
172.229.57.62	195.47.235.141	210.234.75.181	217.55.166.187