45.138.1.142 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Germany

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
45.138.168.35	attackbotsspam	Auto Detect Rule! proto TCP (SYN), 45.138.168.35:34397->gjan.info:23, len 40	2020-10-01 02:57:33
45.138.168.35	attackspam	[N3.H3.VM3] Port Scanner Detected Blocked by UFW	2020-09-30 19:09:24
45.138.100.138	attackbotsspam	Chat Spam	2020-09-21 02:35:20
45.138.100.138	attackspam	Chat Spam	2020-09-20 18:36:13
45.138.172.125	attackbotsspam	(pop3d) Failed POP3 login from 45.138.172.125 (DE/Germany/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Aug 2 16:38:29 ir1 dovecot[3110802]: pop3-login: Disconnected (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=45.138.172.125, lip=5.63.12.44, session=	2020-08-03 00:47:50
45.138.100.189	attack	[TueJul2805:56:21.9668962020][:error][pid25791:tid47647209649920][client45.138.100.189:63459][client45.138.100.189]ModSecurity:Accessdeniedwithcode403$phase2$.Matchof"rx$MSWebServicesClientProtocol\\|WormlyBot\\|webauth@cmcm\\\\\\\\.com$"against"REQUEST_HEADERS:User-Agent"required.[file"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf"][line"402"][id"397989"][rev"1"][msg"Atomicorp.comWAFRules:MSIE6.0detected$DisableifyouwanttoallowMSIE6$"][severity"WARNING"][hostname"aquattrozampe.com"][uri"/"][unique_id"Xx@h5VSLNaAiDHoMIEPJhgAAABc"][TueJul2805:56:23.4414652020][:error][pid25921:tid47647176029952][client45.138.100.189:24279][client45.138.100.189]ModSecurity:Accessdeniedwithcode403$phase2$.Matchof"rx$MSWebServicesClientProtocol\\|WormlyBot\\|webauth@cmcm\\\\\\\\.com$"against"REQUEST_HEADERS:User-Agent"required.[file"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf"][line"402"][id"397989"][rev"1"][msg"Atomicorp.comWAFRules:MSIE6.0detected\(Disableifyouwantt	2020-07-28 13:34:26
45.138.157.60	attackbotsspam		2020-07-12 23:14:15
45.138.147.108	attackspam	DDOS - one of 48 separate Russian addresses (plus one Lithuanian) IP addresses used to attack our website by repeatedly attempting to download the same, large file. All requests had the same signature, RestSharp/106.11.4.0	2020-07-10 20:53:30
45.138.157.37	attackbotsspam	Jun 18 06:31:03 www sshd[21141]: reveeclipse mapping checking getaddrinfo for nice.try.kid [45.138.157.37] failed - POSSIBLE BREAK-IN ATTEMPT! Jun 18 06:31:03 www sshd[21141]: Invalid user rob from 45.138.157.37 Jun 18 06:31:03 www sshd[21141]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.138.157.37 Jun 18 06:31:04 www sshd[21141]: Failed password for invalid user rob from 45.138.157.37 port 33136 ssh2 Jun 18 06:31:04 www sshd[21141]: Received disconnect from 45.138.157.37: 11: Bye Bye [preauth] Jun 18 07:16:54 www sshd[22290]: reveeclipse mapping checking getaddrinfo for nice.try.kid [45.138.157.37] failed - POSSIBLE BREAK-IN ATTEMPT! Jun 18 07:16:54 www sshd[22290]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.138.157.37 user=r.r Jun 18 07:16:56 www sshd[22290]: Failed password for r.r from 45.138.157.37 port 44444 ssh2 Jun 18 07:16:56 www sshd[22290]: Received disconnect fro........ -------------------------------	2020-06-18 20:58:17
45.138.101.207	attackspambots	pinterest spam	2020-06-14 02:07:31
45.138.100.247	attackspambots	Chat Spam	2020-06-13 17:38:30
45.138.100.129	attackbots	Chat Spam	2020-06-05 12:07:40
45.138.100.90	attackbotsspam	Chat Spam	2020-06-05 04:06:07
45.138.100.217	attackspam	Chat Spam	2020-06-04 23:23:27
45.138.100.47	attack	Chat Spam	2020-06-04 15:21:16

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.138.1.142
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 56586
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;45.138.1.142.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025013000 1800 900 604800 86400

;; Query time: 38 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jan 30 18:47:23 CST 2025
;; MSG SIZE  rcvd: 105

Host info

Host 142.1.138.45.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 142.1.138.45.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
61.147.103.175	attackspam	Port Scan ...	2020-08-27 16:05:20
93.174.93.195	attackbots	UDP 93.174.93.195:34052 -> port 40775, len 57	2020-08-27 16:27:00
45.118.144.77	attackbots	45.118.144.77 - - [27/Aug/2020:06:12:48 +0200] "GET /wp-login.php HTTP/1.1" 200 8691 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 45.118.144.77 - - [27/Aug/2020:06:12:50 +0200] "POST /wp-login.php HTTP/1.1" 200 8921 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 45.118.144.77 - - [27/Aug/2020:06:12:53 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-08-27 15:50:31
178.255.126.198	attackbots	DATE:2020-08-27 06:21:36, IP:178.255.126.198, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2020-08-27 16:07:32
179.108.245.192	attackspambots	Attempts against SMTP/SSMTP	2020-08-27 15:56:59
184.105.139.67	attack	UDP 184.105.139.67:45314 -> port 161, len 113	2020-08-27 15:52:21
87.170.34.23	attack	Aug 27 07:15:13 buvik sshd[19268]: Failed password for invalid user mdm from 87.170.34.23 port 43324 ssh2 Aug 27 07:18:17 buvik sshd[19593]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=87.170.34.23 user=root Aug 27 07:18:20 buvik sshd[19593]: Failed password for root from 87.170.34.23 port 56653 ssh2 ...	2020-08-27 16:19:50
85.209.0.252	attackspambots	$f2bV_matches	2020-08-27 15:47:05
14.166.35.9	attackbots	Unauthorized connection attempt from IP address 14.166.35.9 on Port 445(SMB)	2020-08-27 16:36:23
78.196.38.46	attackspam	Invalid user scott from 78.196.38.46 port 47212	2020-08-27 16:03:54
181.114.211.180	attack	Brute force attempt	2020-08-27 16:15:48
170.233.69.121	attackspam	Brute force attempt	2020-08-27 16:23:18
197.63.234.140	attackbotsspam	Tried our host z.	2020-08-27 16:04:20
193.148.71.225	attackbots	Here more information about 193.148.71.225 info: [Romania] 44220 Parfumuri Femei.com SRL Connected: 3 servere(s) Reason: ssh Ports: 23 Services: telnet servere: Europe/Moscow (UTC+3) Found at blocklist: blocklist.de, abuseat.org, zen.spamhaus.org, spfbl.net, abuseIPDB.com myIP:* [2020-08-25 09:04:49] (tcp) myIP:23 <- 193.148.71.225:23988 [2020-08-26 05:20:09] (tcp) myIP:23 <- 193.148.71.225:39740 [2020-08-26 05:26:59] (tcp) myIP:23 <- 193.148.71.225:50251 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=193.148.71.225	2020-08-27 15:56:02
103.237.58.126	attack	Brute force attempt	2020-08-27 15:54:04

Recently Reported IPs

150.152.102.169	119.207.189.215	209.121.103.101	14.150.84.138
136.57.151.10	28.0.142.139	115.220.1.50	123.232.214.155
57.116.193.165	82.7.25.126	199.173.179.4	77.53.137.11
208.53.22.98	134.253.116.41	17.50.168.58	60.110.11.31
83.142.59.117	110.25.17.204	160.215.195.188	46.75.253.252