45.232.243.124

Basic Info

City: unknown

Region: unknown

Country: Brazil

Internet Service Provider: D S Santos Comunicacoes Eireli ME

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	2019-11-23 05:55:53 H=(239-242-232-45.grupowfnettelecom.net.br) [45.232.243.124] sender verify fail for : Unrouteable address 2019-11-23 05:55:53 H=(239-242-232-45.grupowfnettelecom.net.br) [45.232.243.124] F= rejected RCPT : Sender verify failed ...	2019-11-23 13:01:28

Type

Details

Datetime

attack

2019-11-23 05:55:53 H=(239-242-232-45.grupowfnettelecom.net.br) [45.232.243.124] sender verify fail for : Unrouteable address
2019-11-23 05:55:53 H=(239-242-232-45.grupowfnettelecom.net.br) [45.232.243.124] F= rejected RCPT : Sender verify failed
...

2019-11-23 13:01:28

Comments on same subnet:

IP	Type	Details	Datetime
45.232.243.125	attack	email spam	2019-12-19 21:14:06
45.232.243.125	attack	Oct 28 13:16:54 our-server-hostname postfix/smtpd[9540]: connect from unknown[45.232.243.125] Oct x@x Oct 28 13:16:56 our-server-hostname postfix/smtpd[9540]: lost connection after RCPT from unknown[45.232.243.125] Oct 28 13:16:56 our-server-hostname postfix/smtpd[9540]: disconnect from unknown[45.232.243.125] Oct 28 16:39:02 our-server-hostname postfix/smtpd[1897]: connect from unknown[45.232.243.125] Oct x@x Oct 28 16:39:07 our-server-hostname postfix/smtpd[1897]: lost connection after RCPT from unknown[45.232.243.125] Oct 28 16:39:07 our-server-hostname postfix/smtpd[1897]: disconnect from unknown[45.232.243.125] Oct 29 00:25:33 our-server-hostname postfix/smtpd[21929]: connect from unknown[45.232.243.125] Oct x@x Oct x@x Oct x@x Oct x@x Oct x@x Oct x@x Oct x@x Oct x@x Oct x@x Oct x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=45.232.243.125	2019-10-30 17:36:35

Type

Details

Datetime

45.232.243.125

attack

email spam

2019-12-19 21:14:06

45.232.243.125

attack

Oct 28 13:16:54 our-server-hostname postfix/smtpd[9540]: connect from unknown[45.232.243.125]
Oct x@x
Oct 28 13:16:56 our-server-hostname postfix/smtpd[9540]: lost connection after RCPT from unknown[45.232.243.125]
Oct 28 13:16:56 our-server-hostname postfix/smtpd[9540]: disconnect from unknown[45.232.243.125]
Oct 28 16:39:02 our-server-hostname postfix/smtpd[1897]: connect from unknown[45.232.243.125]
Oct x@x
Oct 28 16:39:07 our-server-hostname postfix/smtpd[1897]: lost connection after RCPT from unknown[45.232.243.125]
Oct 28 16:39:07 our-server-hostname postfix/smtpd[1897]: disconnect from unknown[45.232.243.125]
Oct 29 00:25:33 our-server-hostname postfix/smtpd[21929]: connect from unknown[45.232.243.125]
Oct x@x
Oct x@x
Oct x@x
Oct x@x
Oct x@x
Oct x@x
Oct x@x
Oct x@x
Oct x@x
Oct x@x


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=45.232.243.125

2019-10-30 17:36:35

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.232.243.124
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 17801
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.232.243.124.			IN	A

;; AUTHORITY SECTION:
.			517	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019112201 1800 900 604800 86400

;; Query time: 51 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Nov 23 13:01:25 CST 2019
;; MSG SIZE  rcvd: 118

Host info

124.243.232.45.in-addr.arpa domain name pointer 124-243-232-45.grupowfnettelecom.net.br.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
124.243.232.45.in-addr.arpa	name = 124-243-232-45.grupowfnettelecom.net.br.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
191.53.238.149	attackspam	Aug 14 15:04:18 xeon postfix/smtpd[10611]: warning: unknown[191.53.238.149]: SASL PLAIN authentication failed: authentication failure	2019-08-15 03:24:46
133.130.89.210	attack	Automatic report - Banned IP Access	2019-08-15 03:11:14
107.167.189.99	attackspam	Aug 14 16:19:35 MK-Soft-VM3 sshd\[614\]: Invalid user doom from 107.167.189.99 port 51894 Aug 14 16:19:35 MK-Soft-VM3 sshd\[614\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.167.189.99 Aug 14 16:19:36 MK-Soft-VM3 sshd\[614\]: Failed password for invalid user doom from 107.167.189.99 port 51894 ssh2 ...	2019-08-15 03:30:45
104.131.111.64	attackbotsspam	Invalid user testing from 104.131.111.64 port 38180	2019-08-15 03:31:54
177.154.230.18	attackspam	failed_logins	2019-08-15 03:04:29
213.4.33.11	attack	Invalid user copy from 213.4.33.11 port 51260	2019-08-15 03:29:18
177.72.112.222	attackbots	Aug 14 19:13:46 XXX sshd[21354]: Invalid user test from 177.72.112.222 port 38908	2019-08-15 03:32:16
202.5.36.56	attackbotsspam	Aug 14 09:52:56 xtremcommunity sshd\[16812\]: Invalid user liza from 202.5.36.56 port 41532 Aug 14 09:52:56 xtremcommunity sshd\[16812\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.5.36.56 Aug 14 09:52:58 xtremcommunity sshd\[16812\]: Failed password for invalid user liza from 202.5.36.56 port 41532 ssh2 Aug 14 09:58:38 xtremcommunity sshd\[17015\]: Invalid user dummy from 202.5.36.56 port 59676 Aug 14 09:58:38 xtremcommunity sshd\[17015\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.5.36.56 ...	2019-08-15 03:05:13
111.230.151.134	attackspam	Aug 14 17:14:19 SilenceServices sshd[9098]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.230.151.134 Aug 14 17:14:21 SilenceServices sshd[9098]: Failed password for invalid user mailtest from 111.230.151.134 port 39046 ssh2 Aug 14 17:18:40 SilenceServices sshd[12299]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.230.151.134	2019-08-15 02:51:26
106.52.15.213	attackbots	Aug 14 17:09:52 mail sshd\[5363\]: Failed password for invalid user fluffy from 106.52.15.213 port 56990 ssh2 Aug 14 17:27:06 mail sshd\[5556\]: Invalid user mysql from 106.52.15.213 port 60768 Aug 14 17:27:06 mail sshd\[5556\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.15.213 ...	2019-08-15 03:02:57
115.159.31.140	attack	$f2bV_matches	2019-08-15 03:27:07
49.212.136.218	attackbotsspam	Aug 14 14:52:51 XXX sshd[6842]: Invalid user apples from 49.212.136.218 port 49619	2019-08-15 02:57:47
124.156.196.204	attackbots	$f2bV_matches	2019-08-15 03:11:45
41.32.24.125	attackspambots	Aug 14 20:34:23 XXX sshd[25164]: Invalid user view from 41.32.24.125 port 52472	2019-08-15 03:19:22
81.19.2.216	attackbots	Aug 14 22:00:50 site2 sshd\[23812\]: Address 81.19.2.216 maps to gw.omega.cz, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!Aug 14 22:00:50 site2 sshd\[23812\]: Invalid user wy from 81.19.2.216Aug 14 22:00:52 site2 sshd\[23812\]: Failed password for invalid user wy from 81.19.2.216 port 53323 ssh2Aug 14 22:05:57 site2 sshd\[23876\]: Address 81.19.2.216 maps to gw.omega.cz, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!Aug 14 22:05:57 site2 sshd\[23876\]: Invalid user guest from 81.19.2.216 ...	2019-08-15 03:18:28

Recently Reported IPs

89.186.124.191	43.252.231.165	218.76.28.247	5.229.201.237
85.234.30.66	77.54.236.229	95.178.216.184	183.56.160.22
198.27.67.87	71.94.177.206	3.133.154.245	1.55.141.56
212.64.102.110	70.118.65.126	86.126.68.195	176.127.128.167
101.20.101.96	199.18.10.237	20.29.10.162	86.151.32.240