45.160.139.157

Basic Info

City: unknown

Region: unknown

Country: Brazil

Internet Service Provider: Teleart Internet

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Attempted Brute Force (dovecot)	2020-07-24 22:35:00

Comments on same subnet:

IP	Type	Details	Datetime
45.160.139.62	attackbotsspam	(smtpauth) Failed SMTP AUTH login from 45.160.139.62 (BR/Brazil/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-08-02 08:17:41 plain authenticator failed for ([45.160.139.62]) [45.160.139.62]: 535 Incorrect authentication data (set_id=info@vertix.co)	2020-08-02 18:13:10

Type

Details

Datetime

45.160.139.62

attackbotsspam

(smtpauth) Failed SMTP AUTH login from 45.160.139.62 (BR/Brazil/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-08-02 08:17:41 plain authenticator failed for ([45.160.139.62]) [45.160.139.62]: 535 Incorrect authentication data (set_id=info@vertix.co)

2020-08-02 18:13:10

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.160.139.157
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 51059
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.160.139.157.			IN	A

;; AUTHORITY SECTION:
.			287	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020072400 1800 900 604800 86400

;; Query time: 272 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jul 24 22:34:54 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 157.139.160.45.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 157.139.160.45.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
103.48.232.123	attack	2019-10-01T06:21:01.747125abusebot-6.cloudsearch.cf sshd\[21204\]: Invalid user dredlord from 103.48.232.123 port 56602	2019-10-01 14:27:18
222.186.175.150	attackspam	Oct 1 12:18:51 areeb-Workstation sshd[25630]: Failed password for root from 222.186.175.150 port 41958 ssh2 Oct 1 12:18:56 areeb-Workstation sshd[25630]: Failed password for root from 222.186.175.150 port 41958 ssh2 ...	2019-10-01 14:52:45
222.186.42.4	attackbotsspam	2019-10-01T08:54:55.721525lon01.zurich-datacenter.net sshd\[1996\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.4 user=root 2019-10-01T08:54:58.214600lon01.zurich-datacenter.net sshd\[1996\]: Failed password for root from 222.186.42.4 port 16472 ssh2 2019-10-01T08:55:02.657718lon01.zurich-datacenter.net sshd\[1996\]: Failed password for root from 222.186.42.4 port 16472 ssh2 2019-10-01T08:55:06.651475lon01.zurich-datacenter.net sshd\[1996\]: Failed password for root from 222.186.42.4 port 16472 ssh2 2019-10-01T08:55:11.692474lon01.zurich-datacenter.net sshd\[1996\]: Failed password for root from 222.186.42.4 port 16472 ssh2 ...	2019-10-01 14:55:25
186.170.28.46	attack	Automated report - ssh fail2ban: Oct 1 08:03:30 authentication failure Oct 1 08:03:32 wrong password, user=rmkim, port=58922, ssh2 Oct 1 08:08:21 authentication failure	2019-10-01 14:59:06
165.22.80.174	attack	WordPress (CMS) attack attempts. Date: 2019 Oct 01. 05:41:34 Source IP: 165.22.80.174 Portion of the log(s): 165.22.80.174 - [01/Oct/2019:05:41:33 +0200] "POST /wp-login.php HTTP/1.1" 404 118 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 165.22.80.174 - [01/Oct/2019:05:41:26 +0200] "GET /wp-login.php HTTP/1.1" 404 118 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 165.22.80.174 - [01/Oct/2019:05:41:21 +0200] "POST /wp-login.php HTTP/1.1" 404 118 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 165.22.80.174 - [01/Oct/2019:05:41:21 +0200] "GET /wp-login.php HTTP/1.1" 404 118 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 165.22.80.174 - [01/Oct/2019:05:41:21 +0200] "POST /wp-login.php HTTP/1.1" 404 118 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 165.22.80.174 - [01/Oct/2019:05:41:20 +0200] "GET /wp-login.php	2019-10-01 14:41:28
200.59.100.25	attackspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/200.59.100.25/ AR - 1H : (76) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : AR NAME ASN : ASN10617 IP : 200.59.100.25 CIDR : 200.59.100.0/24 PREFIX COUNT : 171 UNIQUE IP COUNT : 52736 WYKRYTE ATAKI Z ASN10617 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 1 DateTime : 2019-10-01 05:52:22 INFO : Port MAX SCAN Scan Detected and Blocked by ADMIN - data recovery	2019-10-01 14:36:26
204.12.220.106	attackspam	20 attempts against mh-misbehave-ban on pluto.magehost.pro	2019-10-01 15:09:10
36.233.40.199	attackspambots	Port scan	2019-10-01 15:06:41
111.230.110.87	attack	Oct 1 07:10:38 www2 sshd\[64003\]: Invalid user amavis from 111.230.110.87Oct 1 07:10:40 www2 sshd\[64003\]: Failed password for invalid user amavis from 111.230.110.87 port 51948 ssh2Oct 1 07:14:26 www2 sshd\[64306\]: Invalid user design from 111.230.110.87 ...	2019-10-01 14:50:55
209.141.41.103	attackbots	Oct 1 06:45:05 rotator sshd\[31827\]: Failed password for root from 209.141.41.103 port 39519 ssh2Oct 1 06:45:09 rotator sshd\[31827\]: Failed password for root from 209.141.41.103 port 39519 ssh2Oct 1 06:45:12 rotator sshd\[31827\]: Failed password for root from 209.141.41.103 port 39519 ssh2Oct 1 06:45:14 rotator sshd\[31827\]: Failed password for root from 209.141.41.103 port 39519 ssh2Oct 1 06:45:17 rotator sshd\[31827\]: Failed password for root from 209.141.41.103 port 39519 ssh2Oct 1 06:45:21 rotator sshd\[31827\]: Failed password for root from 209.141.41.103 port 39519 ssh2 ...	2019-10-01 14:50:07
35.239.243.107	attack	35.239.243.107 - - [01/Oct/2019:05:52:23 +0200] "GET /wp-login.php HTTP/1.1" 200 1129 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 35.239.243.107 - - [01/Oct/2019:05:52:24 +0200] "POST /wp-login.php HTTP/1.1" 200 1524 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 35.239.243.107 - - [01/Oct/2019:05:52:25 +0200] "GET /wp-login.php HTTP/1.1" 200 1129 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 35.239.243.107 - - [01/Oct/2019:05:52:26 +0200] "POST /wp-login.php HTTP/1.1" 200 1507 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 35.239.243.107 - - [01/Oct/2019:05:52:27 +0200] "GET /wp-login.php HTTP/1.1" 200 1129 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 35.239.243.107 - - [01/Oct/2019:05:52:27 +0200] "POST /wp-login.php HTTP/1.1" 200 1503 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-10-01 14:31:16
177.73.140.66	attackbots	Oct 1 06:41:25 game-panel sshd[23948]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.73.140.66 Oct 1 06:41:27 game-panel sshd[23948]: Failed password for invalid user benedito from 177.73.140.66 port 60343 ssh2 Oct 1 06:46:59 game-panel sshd[24129]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.73.140.66	2019-10-01 14:48:18
175.207.13.200	attack	Sep 30 05:31:22 iago sshd[11067]: Invalid user admin from 175.207.13.200 Sep 30 05:31:22 iago sshd[11067]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.207.13.200 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=175.207.13.200	2019-10-01 14:30:52
49.74.67.144	attackbots	2019-10-01T09:39:51.473601tmaserv sshd\[26514\]: Invalid user support from 49.74.67.144 port 1523 2019-10-01T09:39:51.478712tmaserv sshd\[26514\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.74.67.144 2019-10-01T09:39:53.534909tmaserv sshd\[26514\]: Failed password for invalid user support from 49.74.67.144 port 1523 ssh2 2019-10-01T09:52:33.509658tmaserv sshd\[27275\]: Invalid user temp from 49.74.67.144 port 3144 2019-10-01T09:52:33.515708tmaserv sshd\[27275\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.74.67.144 2019-10-01T09:52:35.180521tmaserv sshd\[27275\]: Failed password for invalid user temp from 49.74.67.144 port 3144 ssh2 ...	2019-10-01 15:07:40
70.71.148.228	attackbotsspam	$f2bV_matches	2019-10-01 14:54:41

Recently Reported IPs

118.190.54.205	129.51.96.245	3.83.145.176	40.199.253.60
120.124.37.27	186.116.254.52	204.131.208.104	213.123.206.197
51.89.204.78	79.109.156.163	74.121.227.15	29.140.46.191
100.205.112.236	160.140.153.110	126.92.137.141	199.46.204.210
34.191.143.93	152.230.245.79	230.214.99.89	208.197.220.48