132.145.140.203

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States of America

运营商(isp): Oracle Public Cloud

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	serveres are UTC Lines containing failures of 132.145.140.203 Jan 25 21:00:11 tux2 sshd[581]: Invalid user support from 132.145.140.203 port 52336 Jan 25 21:00:11 tux2 sshd[581]: Failed password for invalid user support from 132.145.140.203 port 52336 ssh2 Jan 25 21:00:11 tux2 sshd[581]: Connection closed by invalid user support 132.145.140.203 port 52336 [preauth] Jan 25 23:40:44 tux2 sshd[9220]: Invalid user support from 132.145.140.203 port 63630 Jan 25 23:40:44 tux2 sshd[9220]: Failed password for invalid user support from 132.145.140.203 port 63630 ssh2 Jan 25 23:40:44 tux2 sshd[9220]: Connection closed by invalid user support 132.145.140.203 port 63630 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=132.145.140.203	2020-01-26 20:41:22

类型

评论内容

时间

attackspambots

serveres are UTC 
Lines containing failures of 132.145.140.203
Jan 25 21:00:11 tux2 sshd[581]: Invalid user support from 132.145.140.203 port 52336
Jan 25 21:00:11 tux2 sshd[581]: Failed password for invalid user support from 132.145.140.203 port 52336 ssh2
Jan 25 21:00:11 tux2 sshd[581]: Connection closed by invalid user support 132.145.140.203 port 52336 [preauth]
Jan 25 23:40:44 tux2 sshd[9220]: Invalid user support from 132.145.140.203 port 63630
Jan 25 23:40:44 tux2 sshd[9220]: Failed password for invalid user support from 132.145.140.203 port 63630 ssh2
Jan 25 23:40:44 tux2 sshd[9220]: Connection closed by invalid user support 132.145.140.203 port 63630 [preauth]



........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=132.145.140.203

2020-01-26 20:41:22

相同子网IP讨论:

IP	类型	评论内容	时间
132.145.140.38	attack	21 attempts against mh-ssh on cloud	2020-09-22 22:22:56
132.145.140.38	attack	Failed password for invalid user darwin from 132.145.140.38 port 34232 ssh2 Invalid user telnet from 132.145.140.38 port 39224 pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.145.140.38 Invalid user telnet from 132.145.140.38 port 39224 Failed password for invalid user telnet from 132.145.140.38 port 39224 ssh2	2020-09-22 14:27:50
132.145.140.38	attackspam	Sep 21 22:28:02 nopemail auth.info sshd[22537]: Invalid user test from 132.145.140.38 port 37888 ...	2020-09-22 06:30:57
132.145.140.142	attack	Unauthorized connection attempt detected from IP address 132.145.140.142 to port 1433	2019-12-29 18:55:13

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 132.145.140.203
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 27237
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;132.145.140.203.		IN	A

;; AUTHORITY SECTION:
.			226	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020012600 1800 900 604800 86400

;; Query time: 36 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jan 26 20:41:19 CST 2020
;; MSG SIZE  rcvd: 119

HOST信息:

Host 203.140.145.132.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 203.140.145.132.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
184.105.139.101	attack	srv02 Mass scanning activity detected Target: 177(xdmcp) ..	2020-06-24 13:05:34
89.248.162.232	attack	Port-scan: detected 289 distinct ports within a 24-hour window.	2020-06-24 12:55:07
149.202.79.125	attackspambots	Jun 24 05:57:22 debian-2gb-nbg1-2 kernel: \[15229710.146730\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=149.202.79.125 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=4132 PROTO=TCP SPT=46379 DPT=3659 WINDOW=1024 RES=0x00 SYN URGP=0	2020-06-24 12:51:48
103.145.12.177	attackbots	[2020-06-24 00:50:17] NOTICE[1273] chan_sip.c: Registration from '"11" ' failed for '103.145.12.177:5889' - Wrong password [2020-06-24 00:50:17] SECURITY[1288] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-06-24T00:50:17.440-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="11",SessionID="0x7f31c05e9da8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/103.145.12.177/5889",Challenge="18bc8bb6",ReceivedChallenge="18bc8bb6",ReceivedHash="da65f77656962b767fa02d5b1ec71a7e" [2020-06-24 00:50:17] NOTICE[1273] chan_sip.c: Registration from '"11" ' failed for '103.145.12.177:5889' - Wrong password [2020-06-24 00:50:17] SECURITY[1288] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-06-24T00:50:17.545-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="11",SessionID="0x7f31c018ea98",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/103.145.12. ...	2020-06-24 12:56:31
148.72.158.240	attack	06/23/2020-23:56:39.224022 148.72.158.240 Protocol: 17 ET SCAN Sipvicious User-Agent Detected (friendly-scanner)	2020-06-24 13:29:27
119.29.26.222	attackbots	Jun 24 05:50:52 h1745522 sshd[31282]: Invalid user ark from 119.29.26.222 port 58640 Jun 24 05:50:52 h1745522 sshd[31282]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.26.222 Jun 24 05:50:52 h1745522 sshd[31282]: Invalid user ark from 119.29.26.222 port 58640 Jun 24 05:50:54 h1745522 sshd[31282]: Failed password for invalid user ark from 119.29.26.222 port 58640 ssh2 Jun 24 05:54:01 h1745522 sshd[31445]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.26.222 user=root Jun 24 05:54:03 h1745522 sshd[31445]: Failed password for root from 119.29.26.222 port 37794 ssh2 Jun 24 05:57:13 h1745522 sshd[32418]: Invalid user yyf from 119.29.26.222 port 45168 Jun 24 05:57:13 h1745522 sshd[32418]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.26.222 Jun 24 05:57:13 h1745522 sshd[32418]: Invalid user yyf from 119.29.26.222 port 45168 Jun 24 05:57:15 h1745 ...	2020-06-24 12:58:51
36.155.115.227	attackspambots	Jun 24 04:55:48 hcbbdb sshd\[10423\]: Invalid user yangjw from 36.155.115.227 Jun 24 04:55:48 hcbbdb sshd\[10423\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.155.115.227 Jun 24 04:55:51 hcbbdb sshd\[10423\]: Failed password for invalid user yangjw from 36.155.115.227 port 37688 ssh2 Jun 24 04:57:07 hcbbdb sshd\[10603\]: Invalid user sonar from 36.155.115.227 Jun 24 04:57:07 hcbbdb sshd\[10603\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.155.115.227	2020-06-24 12:59:45
101.96.143.79	attack	Jun 24 04:10:05 onepixel sshd[1860268]: Invalid user csserver from 101.96.143.79 port 19430 Jun 24 04:10:05 onepixel sshd[1860268]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.96.143.79 Jun 24 04:10:05 onepixel sshd[1860268]: Invalid user csserver from 101.96.143.79 port 19430 Jun 24 04:10:08 onepixel sshd[1860268]: Failed password for invalid user csserver from 101.96.143.79 port 19430 ssh2 Jun 24 04:12:43 onepixel sshd[1861550]: Invalid user king from 101.96.143.79 port 38652	2020-06-24 13:15:48
103.131.71.142	attackbots	(mod_security) mod_security (id:210730) triggered by 103.131.71.142 (VN/Vietnam/bot-103-131-71-142.coccoc.com): 5 in the last 3600 secs	2020-06-24 13:25:56
88.22.118.244	attackbots	Invalid user mrx from 88.22.118.244 port 58484	2020-06-24 13:11:45
46.38.150.193	attack	2020-06-23T22:57:49.546906linuxbox-skyline auth[139800]: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=guest5 rhost=46.38.150.193 ...	2020-06-24 12:58:38
112.85.42.104	attack	(sshd) Failed SSH login from 112.85.42.104 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jun 24 06:47:43 amsweb01 sshd[14216]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.104 user=root Jun 24 06:47:45 amsweb01 sshd[14216]: Failed password for root from 112.85.42.104 port 26931 ssh2 Jun 24 06:47:47 amsweb01 sshd[14216]: Failed password for root from 112.85.42.104 port 26931 ssh2 Jun 24 06:47:49 amsweb01 sshd[14216]: Failed password for root from 112.85.42.104 port 26931 ssh2 Jun 24 06:47:52 amsweb01 sshd[14236]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.104 user=root	2020-06-24 12:55:32
222.186.169.194	attackspambots	Jun 24 06:46:01 home sshd[12624]: Failed password for root from 222.186.169.194 port 64426 ssh2 Jun 24 06:46:05 home sshd[12624]: Failed password for root from 222.186.169.194 port 64426 ssh2 Jun 24 06:46:14 home sshd[12624]: error: maximum authentication attempts exceeded for root from 222.186.169.194 port 64426 ssh2 [preauth] ...	2020-06-24 13:02:39
113.164.24.10	attackbots	Trying ports that it shouldn't be.	2020-06-24 13:32:30
103.92.31.182	attack	fail2ban -- 103.92.31.182 ...	2020-06-24 12:56:52

最近上报的IP列表

207.195.139.20	26.103.244.130	61.0.124.42	194.44.82.107
190.94.149.86	187.234.109.167	177.85.81.86	111.229.167.200
82.102.104.103	36.226.16.183	5.54.29.52	223.155.179.220
223.10.182.43	30.56.142.114	222.139.195.157	155.100.238.47
7.233.60.208	206.189.231.41	39.40.2.97	197.231.196.102