45.138.172.185

Basic Info

City: unknown

Region: unknown

Country: None

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
45.138.172.125	attackbotsspam	(pop3d) Failed POP3 login from 45.138.172.125 (DE/Germany/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Aug 2 16:38:29 ir1 dovecot[3110802]: pop3-login: Disconnected (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=45.138.172.125, lip=5.63.12.44, session=	2020-08-03 00:47:50
45.138.172.57	attack	Portscan or hack attempt detected by psad/fwsnort	2020-03-20 23:18:33
45.138.172.252	attackspam	Lines containing failures of 45.138.172.252 /var/log/apache/pucorp.org.log:45.138.172.252 - - [11/Dec/2019:06:02:06 +0100] "GET / HTTP/1.1" 301 691 "-" "Mozilla/4.0 (compatible; MSIE 5.0; Windows NT; DigExt; DTS Agent" ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=45.138.172.252	2019-12-14 17:03:24

Type

Details

Datetime

45.138.172.125

attackbotsspam

(pop3d) Failed POP3 login from 45.138.172.125 (DE/Germany/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Aug  2 16:38:29 ir1 dovecot[3110802]: pop3-login: Disconnected (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=45.138.172.125, lip=5.63.12.44, session=

2020-08-03 00:47:50

45.138.172.57

attack

Portscan or hack attempt detected by psad/fwsnort

2020-03-20 23:18:33

45.138.172.252

attackspam

Lines containing failures of 45.138.172.252
/var/log/apache/pucorp.org.log:45.138.172.252 - - [11/Dec/2019:06:02:06 +0100] "GET / HTTP/1.1" 301 691 "-" "Mozilla/4.0 (compatible; MSIE 5.0; Windows NT; DigExt; DTS Agent"


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=45.138.172.252

2019-12-14 17:03:24

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.138.172.185
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 55680
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;45.138.172.185.			IN	A

;; AUTHORITY SECTION:
.			130	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021400 1800 900 604800 86400

;; Query time: 21 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 14 22:34:24 CST 2022
;; MSG SIZE  rcvd: 107

Host info

Host 185.172.138.45.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 185.172.138.45.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
104.168.28.195	attack	Apr 28 14:20:52 melroy-server sshd[4177]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.168.28.195 Apr 28 14:20:54 melroy-server sshd[4177]: Failed password for invalid user bubbles from 104.168.28.195 port 34850 ssh2 ...	2020-04-29 01:07:38
106.12.116.209	attackbotsspam	2020-04-28T17:10:27.380201amanda2.illicoweb.com sshd\[17266\]: Invalid user sonbol from 106.12.116.209 port 53836 2020-04-28T17:10:27.386354amanda2.illicoweb.com sshd\[17266\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.116.209 2020-04-28T17:10:29.759043amanda2.illicoweb.com sshd\[17266\]: Failed password for invalid user sonbol from 106.12.116.209 port 53836 ssh2 2020-04-28T17:14:31.434946amanda2.illicoweb.com sshd\[17383\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.116.209 user=root 2020-04-28T17:14:33.637123amanda2.illicoweb.com sshd\[17383\]: Failed password for root from 106.12.116.209 port 36166 ssh2 ...	2020-04-29 00:45:41
51.38.187.135	attack	$f2bV_matches	2020-04-29 01:25:25
180.76.246.38	attackspam	Apr 28 14:10:14 host sshd[13024]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.246.38 user=root Apr 28 14:10:16 host sshd[13024]: Failed password for root from 180.76.246.38 port 37690 ssh2 ...	2020-04-29 01:26:38
213.233.208.135	attackspambots	Automatic report - Port Scan Attack	2020-04-29 01:15:38
112.133.232.66	attackbotsspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-04-29 01:00:33
51.141.124.122	attackbots	Brute-force attempt banned	2020-04-29 01:07:58
180.97.204.246	attackspam	Unauthorized connection attempt detected from IP address 180.97.204.246 to port 23 [T]	2020-04-29 00:49:07
94.102.51.31	attackbots	Portscan or hack attempt detected by psad/fwsnort	2020-04-29 01:18:37
134.175.130.52	attackspam	Apr 26 06:01:53 cloud sshd[14693]: Failed password for root from 134.175.130.52 port 51070 ssh2	2020-04-29 00:44:58
123.22.212.99	attackspam	Unauthorised connection attempt detected at AUO NODE 1. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-04-29 00:51:56
88.156.122.72	attackbots	Apr 28 16:16:23 server sshd[31708]: Failed password for root from 88.156.122.72 port 35214 ssh2 Apr 28 16:22:41 server sshd[32334]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=88.156.122.72 Apr 28 16:22:43 server sshd[32334]: Failed password for invalid user user1 from 88.156.122.72 port 46834 ssh2 ...	2020-04-29 00:40:55
117.1.168.37	attackspam	Honeypot attack, port: 445, PTR: localhost.	2020-04-29 00:43:16
118.27.37.223	attack	Apr 28 14:55:32 localhost sshd[108604]: Invalid user postgres from 118.27.37.223 port 56614 Apr 28 14:55:32 localhost sshd[108604]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=v118-27-37-223.0jtl.static.cnode.io Apr 28 14:55:32 localhost sshd[108604]: Invalid user postgres from 118.27.37.223 port 56614 Apr 28 14:55:34 localhost sshd[108604]: Failed password for invalid user postgres from 118.27.37.223 port 56614 ssh2 Apr 28 14:58:40 localhost sshd[108840]: Invalid user qwe from 118.27.37.223 port 41006 ...	2020-04-29 01:10:29
129.204.63.100	attack	Apr 28 15:37:59 ns382633 sshd\[23879\]: Invalid user monitoring from 129.204.63.100 port 56986 Apr 28 15:37:59 ns382633 sshd\[23879\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.63.100 Apr 28 15:38:01 ns382633 sshd\[23879\]: Failed password for invalid user monitoring from 129.204.63.100 port 56986 ssh2 Apr 28 15:47:31 ns382633 sshd\[25766\]: Invalid user timmy from 129.204.63.100 port 50342 Apr 28 15:47:31 ns382633 sshd\[25766\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.63.100	2020-04-29 00:50:22

Recently Reported IPs

8.34.204.26	200.49.85.195	200.42.38.189	238.147.178.140
136.29.129.67	191.22.74.127	31.49.199.28	223.218.212.221
86.180.214.30	74.125.208.124	43.49.73.75	43.189.240.104
189.97.132.196	179.220.65.147	74.9.8.133	233.147.82.117
164.149.130.225	23.12.125.220	127.215.122.162	90.118.88.158