132.145.18.157

基本信息:

城市(city): London

省份(region): England

国家(country): United Kingdom

运营商(isp): Oracle Public Cloud

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	$f2bV_matches	2020-01-12 01:26:26
attackspambots	2020-01-05T21:49:51.685010abusebot-2.cloudsearch.cf sshd[5834]: Invalid user castis from 132.145.18.157 port 53562 2020-01-05T21:49:51.690894abusebot-2.cloudsearch.cf sshd[5834]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.145.18.157 2020-01-05T21:49:51.685010abusebot-2.cloudsearch.cf sshd[5834]: Invalid user castis from 132.145.18.157 port 53562 2020-01-05T21:49:54.038310abusebot-2.cloudsearch.cf sshd[5834]: Failed password for invalid user castis from 132.145.18.157 port 53562 ssh2 2020-01-05T21:51:32.976068abusebot-2.cloudsearch.cf sshd[5920]: Invalid user ubuntu from 132.145.18.157 port 45348 2020-01-05T21:51:32.984561abusebot-2.cloudsearch.cf sshd[5920]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.145.18.157 2020-01-05T21:51:32.976068abusebot-2.cloudsearch.cf sshd[5920]: Invalid user ubuntu from 132.145.18.157 port 45348 2020-01-05T21:51:34.529211abusebot-2.cloudsearch.cf sshd[5920]: Fa ...	2020-01-06 06:03:28
attackspam	Multiple SSH login attempts.	2020-01-04 21:04:27
attackbotsspam	SSHScan	2020-01-04 05:34:42
attackbotsspam	Dec 10 11:06:37 tuxlinux sshd[62941]: Invalid user backuppc from 132.145.18.157 port 41938 Dec 10 11:06:37 tuxlinux sshd[62941]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.145.18.157 Dec 10 11:06:37 tuxlinux sshd[62941]: Invalid user backuppc from 132.145.18.157 port 41938 Dec 10 11:06:37 tuxlinux sshd[62941]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.145.18.157 ...	2019-12-10 18:37:37
attack	Dec 3 06:37:03 MK-Soft-Root2 sshd[26642]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.145.18.157 Dec 3 06:37:04 MK-Soft-Root2 sshd[26642]: Failed password for invalid user postgres from 132.145.18.157 port 34060 ssh2 ...	2019-12-03 13:39:20
attackspambots	Nov 23 09:50:19 sshd[3729]: Invalid user ubuntu from 132.145.18.157 port 41288	2019-11-24 16:09:32
attackbots	Nov 11 17:44:46 mail sshd\[16761\]: Invalid user applmgr from 132.145.18.157 Nov 11 17:44:46 mail sshd\[16761\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.145.18.157 ...	2019-11-12 07:00:04
attack	Nov 11 16:38:53 cvbnet sshd[2145]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.145.18.157 Nov 11 16:38:54 cvbnet sshd[2145]: Failed password for invalid user postgres from 132.145.18.157 port 37982 ssh2 ...	2019-11-11 23:43:55

相同子网IP讨论:

IP	类型	评论内容	时间
132.145.180.139	attackspambots	2020-09-27T18:12:45.179806shield sshd\[10491\]: Invalid user nicolas from 132.145.180.139 port 57586 2020-09-27T18:12:45.188284shield sshd\[10491\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.145.180.139 2020-09-27T18:12:46.532774shield sshd\[10491\]: Failed password for invalid user nicolas from 132.145.180.139 port 57586 ssh2 2020-09-27T18:17:08.095452shield sshd\[10977\]: Invalid user zs from 132.145.180.139 port 37032 2020-09-27T18:17:08.103439shield sshd\[10977\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.145.180.139	2020-09-28 02:32:02
132.145.180.139	attackbots	Sep 27 10:33:16 rocket sshd[26701]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.145.180.139 Sep 27 10:33:18 rocket sshd[26701]: Failed password for invalid user roman from 132.145.180.139 port 46864 ssh2 ...	2020-09-27 18:38:35
132.145.184.238	attackspam	Invalid user ubnt from 132.145.184.238 port 48660	2020-09-11 21:59:41
132.145.184.238	attackbots	Invalid user ubnt from 132.145.184.238 port 48660	2020-09-11 14:06:51
132.145.184.238	attack	Invalid user ubnt from 132.145.184.238 port 54944	2020-09-11 06:18:32
132.145.184.238	attack	2020-09-07 UTC: (2x) - ubnt,user	2020-09-08 23:08:48
132.145.184.238	attackbots	2020-09-08T02:05:40.599425Z 73f53bed5813 New connection: 132.145.184.238:40924 (172.17.0.2:2222) [session: 73f53bed5813] 2020-09-08T03:00:09.386016Z 9f3ceb95c26d New connection: 132.145.184.238:37838 (172.17.0.2:2222) [session: 9f3ceb95c26d]	2020-09-08 14:51:10
132.145.184.238	attack	Sep 8 00:44:38 icecube sshd[75587]: Failed password for root from 132.145.184.238 port 59026 ssh2	2020-09-08 07:22:45
132.145.187.94	attack	404 NOT FOUND	2020-04-27 23:09:10
132.145.187.218	attackspam	Automatic report - Port Scan	2020-02-25 05:02:10

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 132.145.18.157
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 34796
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;132.145.18.157.			IN	A

;; AUTHORITY SECTION:
.			562	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019111100 1800 900 604800 86400

;; Query time: 52 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Nov 11 23:43:52 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 157.18.145.132.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 157.18.145.132.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
49.233.197.193	attackspam	Scanned 3 times in the last 24 hours on port 22	2020-03-31 09:40:07
178.33.66.88	attackspam	Mar 31 02:03:50 yesfletchmain sshd\[19363\]: Invalid user httpd from 178.33.66.88 port 54676 Mar 31 02:03:50 yesfletchmain sshd\[19363\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.33.66.88 Mar 31 02:03:52 yesfletchmain sshd\[19363\]: Failed password for invalid user httpd from 178.33.66.88 port 54676 ssh2 Mar 31 02:10:58 yesfletchmain sshd\[19613\]: User root from 178.33.66.88 not allowed because not listed in AllowUsers Mar 31 02:10:59 yesfletchmain sshd\[19613\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.33.66.88 user=root ...	2020-03-31 09:24:34
83.159.194.187	attackbotsspam	Scanned 3 times in the last 24 hours on port 22	2020-03-31 09:14:02
39.46.216.58	attackspam	Unauthorized connection attempt from IP address 39.46.216.58 on Port 445(SMB)	2020-03-31 09:33:06
212.47.250.50	attack	port	2020-03-31 09:18:26
1.177.117.207	attackspam	SSH brute-force attempt	2020-03-31 09:40:35
202.21.126.107	attackspambots	Unauthorized connection attempt from IP address 202.21.126.107 on Port 445(SMB)	2020-03-31 09:35:19
120.28.167.33	attack	Mar 31 00:16:25 h2646465 sshd[6387]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.28.167.33 user=root Mar 31 00:16:27 h2646465 sshd[6387]: Failed password for root from 120.28.167.33 port 48536 ssh2 Mar 31 00:21:42 h2646465 sshd[7260]: Invalid user nb from 120.28.167.33 Mar 31 00:21:42 h2646465 sshd[7260]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.28.167.33 Mar 31 00:21:42 h2646465 sshd[7260]: Invalid user nb from 120.28.167.33 Mar 31 00:21:45 h2646465 sshd[7260]: Failed password for invalid user nb from 120.28.167.33 port 33650 ssh2 Mar 31 00:26:41 h2646465 sshd[8114]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.28.167.33 user=root Mar 31 00:26:43 h2646465 sshd[8114]: Failed password for root from 120.28.167.33 port 46036 ssh2 Mar 31 00:31:41 h2646465 sshd[8984]: Invalid user cwz from 120.28.167.33 ...	2020-03-31 09:12:03
176.31.31.185	attack	Mar 31 03:27:42 pkdns2 sshd\[45481\]: Invalid user cz from 176.31.31.185Mar 31 03:27:43 pkdns2 sshd\[45481\]: Failed password for invalid user cz from 176.31.31.185 port 42733 ssh2Mar 31 03:30:27 pkdns2 sshd\[45649\]: Invalid user virtualbox from 176.31.31.185Mar 31 03:30:29 pkdns2 sshd\[45649\]: Failed password for invalid user virtualbox from 176.31.31.185 port 40679 ssh2Mar 31 03:33:28 pkdns2 sshd\[45776\]: Failed password for root from 176.31.31.185 port 38633 ssh2Mar 31 03:36:22 pkdns2 sshd\[45943\]: Invalid user planet from 176.31.31.185 ...	2020-03-31 09:30:29
103.3.253.54	attackspambots	Unauthorized connection attempt from IP address 103.3.253.54 on Port 445(SMB)	2020-03-31 09:09:45
58.87.75.178	attackbotsspam	Mar 31 04:33:23 lukav-desktop sshd\[6207\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.87.75.178 user=root Mar 31 04:33:25 lukav-desktop sshd\[6207\]: Failed password for root from 58.87.75.178 port 48268 ssh2 Mar 31 04:38:45 lukav-desktop sshd\[6311\]: Invalid user www from 58.87.75.178 Mar 31 04:38:45 lukav-desktop sshd\[6311\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.87.75.178 Mar 31 04:38:47 lukav-desktop sshd\[6311\]: Failed password for invalid user www from 58.87.75.178 port 47516 ssh2	2020-03-31 09:42:30
109.73.81.128	attack	port	2020-03-31 09:31:08
177.39.218.57	attackspam	Unauthorized connection attempt from IP address 177.39.218.57 on Port 445(SMB)	2020-03-31 09:10:49
223.197.151.55	attack	(sshd) Failed SSH login from 223.197.151.55 (HK/Hong Kong/223-197-151-55.static.imsbiz.com): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Mar 31 02:05:53 amsweb01 sshd[7158]: Invalid user chenwk from 223.197.151.55 port 46165 Mar 31 02:05:55 amsweb01 sshd[7158]: Failed password for invalid user chenwk from 223.197.151.55 port 46165 ssh2 Mar 31 02:18:53 amsweb01 sshd[8431]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.197.151.55 user=root Mar 31 02:18:55 amsweb01 sshd[8431]: Failed password for root from 223.197.151.55 port 50692 ssh2 Mar 31 02:22:45 amsweb01 sshd[9123]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.197.151.55 user=root	2020-03-31 09:33:42
122.225.15.162	attackbotsspam	Unauthorized connection attempt from IP address 122.225.15.162 on Port 445(SMB)	2020-03-31 09:18:12

最近上报的IP列表

81.30.177.40	185.36.81.174	179.177.63.205	46.33.250.251
217.218.20.134	185.127.111.238	151.233.50.234	181.118.161.5
175.37.196.118	181.118.161.148	36.89.238.171	43.243.12.62
113.194.130.166	27.74.245.60	27.67.138.170	197.51.129.199
189.103.85.27	40.117.40.100	69.133.122.145	209.141.49.26