45.138.172.185

Basic Info

City: unknown

Region: unknown

Country: None

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
45.138.172.125	attackbotsspam	(pop3d) Failed POP3 login from 45.138.172.125 (DE/Germany/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Aug 2 16:38:29 ir1 dovecot[3110802]: pop3-login: Disconnected (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=45.138.172.125, lip=5.63.12.44, session=	2020-08-03 00:47:50
45.138.172.57	attack	Portscan or hack attempt detected by psad/fwsnort	2020-03-20 23:18:33
45.138.172.252	attackspam	Lines containing failures of 45.138.172.252 /var/log/apache/pucorp.org.log:45.138.172.252 - - [11/Dec/2019:06:02:06 +0100] "GET / HTTP/1.1" 301 691 "-" "Mozilla/4.0 (compatible; MSIE 5.0; Windows NT; DigExt; DTS Agent" ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=45.138.172.252	2019-12-14 17:03:24

Type

Details

Datetime

45.138.172.125

attackbotsspam

(pop3d) Failed POP3 login from 45.138.172.125 (DE/Germany/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Aug  2 16:38:29 ir1 dovecot[3110802]: pop3-login: Disconnected (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=45.138.172.125, lip=5.63.12.44, session=

2020-08-03 00:47:50

45.138.172.57

attack

Portscan or hack attempt detected by psad/fwsnort

2020-03-20 23:18:33

45.138.172.252

attackspam

Lines containing failures of 45.138.172.252
/var/log/apache/pucorp.org.log:45.138.172.252 - - [11/Dec/2019:06:02:06 +0100] "GET / HTTP/1.1" 301 691 "-" "Mozilla/4.0 (compatible; MSIE 5.0; Windows NT; DigExt; DTS Agent"


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=45.138.172.252

2019-12-14 17:03:24

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.138.172.185
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 55680
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;45.138.172.185.			IN	A

;; AUTHORITY SECTION:
.			130	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021400 1800 900 604800 86400

;; Query time: 21 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 14 22:34:24 CST 2022
;; MSG SIZE  rcvd: 107

Host info

Host 185.172.138.45.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 185.172.138.45.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
103.205.25.8	attackspambots	IP: 103.205.25.8 Ports affected Simple Mail Transfer (25) Found in DNSBL('s) ASN Details AS135005 ATA TELECOM Co. Ltd Cambodia (KH) CIDR 103.205.24.0/22 Log Date: 24/02/2020 1:06:54 PM UTC	2020-02-24 21:38:03
167.71.186.160	attackbots	DigitalOcean BotNet attack - 10s of requests to non-existent pages - :443/app-ads.txt - typically bursts of 8 requests per second - undefined, XSS attacks node-superagent/4.1.0	2020-02-24 21:46:45
49.88.112.114	attackspam	Feb 24 03:45:16 wbs sshd\[7589\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.114 user=root Feb 24 03:45:19 wbs sshd\[7589\]: Failed password for root from 49.88.112.114 port 30767 ssh2 Feb 24 03:45:21 wbs sshd\[7589\]: Failed password for root from 49.88.112.114 port 30767 ssh2 Feb 24 03:45:24 wbs sshd\[7589\]: Failed password for root from 49.88.112.114 port 30767 ssh2 Feb 24 03:46:36 wbs sshd\[7679\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.114 user=root	2020-02-24 22:06:52
85.172.54.164	attackspam	DATE:2020-02-24 14:27:41, IP:85.172.54.164, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-02-24 21:57:06
202.186.153.89	attack	Automatic report - Port Scan Attack	2020-02-24 21:34:49
185.234.216.122	attackbotsspam	lfd: (smtpauth) Failed SMTP AUTH login from 185.234.216.122 (-): 5 in the last 3600 secs - Sun Jul 29 16:18:23 2018	2020-02-24 22:13:42
23.228.118.149	attackspambots	Received: from shaxiaplus.top (UnknownHost [23.228.118.149]) by [snipped] with SMTP; Mon, 24 Feb 2020 19:57:16 +0800 Received: from y1213.shaxiaplus.top (unknown [23.228.118.149]) by shaxiaplus.top (Postfix) with ESMTP id 89774421AA for [snipped]; Mon, 24 Feb 2020 06:47:03 -0500 (EST) Reply-To: From: "Domain Service" To: [snipped] Subject: SPAM: [snipped] expiration	2020-02-24 22:15:12
111.229.235.70	attackbotsspam	Automatic report - XMLRPC Attack	2020-02-24 21:30:12
222.186.52.139	attackspam	$f2bV_matches	2020-02-24 22:02:58
192.241.220.151	attackspam	24.02.2020 13:40:18 Connection to port 17185 blocked by firewall	2020-02-24 21:50:47
45.134.179.63	attackspambots	Port scan on 9 port(s): 48 69 460 865 940 3567 6567 8345 45152	2020-02-24 21:56:34
180.117.96.226	attack	lfd: (smtpauth) Failed SMTP AUTH login from 180.117.96.226 (CN/China/-): 5 in the last 3600 secs - Sun Jul 29 14:51:01 2018	2020-02-24 22:16:19
94.242.54.22	attack	fell into ViewStateTrap:oslo	2020-02-24 22:03:28
177.223.168.122	attack	Unauthorized connection attempt from IP address 177.223.168.122 on Port 445(SMB)	2020-02-24 21:40:09
182.38.109.27	attackspambots	lfd: (smtpauth) Failed SMTP AUTH login from 182.38.109.27 (-): 5 in the last 3600 secs - Mon Aug 6 19:19:35 2018	2020-02-24 21:35:27

Recently Reported IPs

8.34.204.26	200.49.85.195	200.42.38.189	238.147.178.140
136.29.129.67	191.22.74.127	31.49.199.28	223.218.212.221
86.180.214.30	74.125.208.124	43.49.73.75	43.189.240.104
189.97.132.196	179.220.65.147	74.9.8.133	233.147.82.117
164.149.130.225	23.12.125.220	127.215.122.162	90.118.88.158