132.145.34.45 - IPInfo

基本信息:

城市(city): Seattle

省份(region): Washington

国家(country): United States

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): Oracle Corporation

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
132.145.34.191	attackbotsspam	Jun 9 07:14:16 zimbra sshd[23918]: Invalid user xfs from 132.145.34.191 Jun 9 07:14:16 zimbra sshd[23918]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.145.34.191 Jun 9 07:14:18 zimbra sshd[23918]: Failed password for invalid user xfs from 132.145.34.191 port 51800 ssh2 Jun 9 07:14:18 zimbra sshd[23918]: Received disconnect from 132.145.34.191 port 51800:11: Bye Bye [preauth] Jun 9 07:14:18 zimbra sshd[23918]: Disconnected from 132.145.34.191 port 51800 [preauth] Jun 9 07:19:15 zimbra sshd[27411]: Invalid user mc3 from 132.145.34.191 Jun 9 07:19:15 zimbra sshd[27411]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.145.34.191 Jun 9 07:19:17 zimbra sshd[27411]: Failed password for invalid user mc3 from 132.145.34.191 port 48110 ssh2 Jun 9 07:19:17 zimbra sshd[27411]: Received disconnect from 132.145.34.191 port 48110:11: Bye Bye [preauth] Jun 9 07:19:17 zimbra sshd[27411]........ -------------------------------	2020-06-09 20:57:41
132.145.34.57	attackbotsspam	php WP PHPmyadamin ABUSE blocked for 12h	2019-11-26 03:34:58
132.145.34.57	attack	132.145.34.57 - - [24/Nov/2019:15:56:45 +0100] "GET /scripts/setup.php HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0" 132.145.34.57 - - [24/Nov/2019:15:56:46 +0100] "GET /MyAdmin/scripts/setup.php HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0" ...	2019-11-24 23:16:29

类型

评论内容

时间

132.145.34.191

attackbotsspam

Jun  9 07:14:16 zimbra sshd[23918]: Invalid user xfs from 132.145.34.191
Jun  9 07:14:16 zimbra sshd[23918]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.145.34.191
Jun  9 07:14:18 zimbra sshd[23918]: Failed password for invalid user xfs from 132.145.34.191 port 51800 ssh2
Jun  9 07:14:18 zimbra sshd[23918]: Received disconnect from 132.145.34.191 port 51800:11: Bye Bye [preauth]
Jun  9 07:14:18 zimbra sshd[23918]: Disconnected from 132.145.34.191 port 51800 [preauth]
Jun  9 07:19:15 zimbra sshd[27411]: Invalid user mc3 from 132.145.34.191
Jun  9 07:19:15 zimbra sshd[27411]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.145.34.191
Jun  9 07:19:17 zimbra sshd[27411]: Failed password for invalid user mc3 from 132.145.34.191 port 48110 ssh2
Jun  9 07:19:17 zimbra sshd[27411]: Received disconnect from 132.145.34.191 port 48110:11: Bye Bye [preauth]
Jun  9 07:19:17 zimbra sshd[27411]........
-------------------------------

2020-06-09 20:57:41

132.145.34.57

attackbotsspam

php WP PHPmyadamin ABUSE blocked for 12h

2019-11-26 03:34:58

132.145.34.57

attack

132.145.34.57 - - [24/Nov/2019:15:56:45 +0100] "GET /scripts/setup.php HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0"
132.145.34.57 - - [24/Nov/2019:15:56:46 +0100] "GET /MyAdmin/scripts/setup.php HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0"
...

2019-11-24 23:16:29

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 132.145.34.45
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2603
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;132.145.34.45.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019040501 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Sat Apr 06 02:59:07 +08 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 45.34.145.132.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 45.34.145.132.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
190.245.136.108	attackspam	Repeated RDP login failures. Last user: Logmeinremoteuser	2020-04-02 13:34:01
125.227.130.121	attackspam	Repeated RDP login failures. Last user: Administrator	2020-04-02 14:05:55
54.227.99.204	attackspam	Repeated RDP login failures. Last user: Administrator	2020-04-02 13:20:01
13.90.19.95	attack	Repeated RDP login failures. Last user: Administrator	2020-04-02 13:46:29
194.90.121.5	attackspambots	Repeated RDP login failures. Last user: Administrator	2020-04-02 13:32:34
62.148.143.182	attackspam	Repeated RDP login failures. Last user: Temp2	2020-04-02 13:19:10
185.209.0.165	attackspambots	Repeated RDP login failures. Last user: Server01	2020-04-02 13:54:30
1.34.85.119	attack	Repeated RDP login failures. Last user: Guest	2020-04-02 13:28:06
190.154.48.34	attack	Repeated RDP login failures. Last user: Administrator	2020-04-02 13:53:05
80.82.64.110	attackspam	Apr 2 07:16:09 ns3042688 courier-pop3d: LOGIN FAILED, user=hr@tienda-dewalt.eu, ip=\[::ffff:80.82.64.110\] ...	2020-04-02 13:17:41
196.28.226.146	attackbots	Repeated RDP login failures. Last user: App	2020-04-02 13:47:59
94.26.58.96	attackbotsspam	Repeated RDP login failures. Last user: Admin	2020-04-02 13:56:46
202.8.121.145	attackbots	Repeated RDP login failures. Last user: Laura	2020-04-02 13:32:04
120.31.207.90	attackbots	Repeated RDP login failures. Last user: Test	2020-04-02 13:25:51
213.3.49.89	attackbotsspam	Repeated RDP login failures. Last user: Usuario	2020-04-02 14:00:28

最近上报的IP列表

87.54.237.210	116.203.41.104	139.162.75.112	187.111.160.8
201.92.218.127	77.247.109.49	180.247.149.42	185.189.213.100
181.231.152.44	168.228.185.96	220.227.40.235	205.170.93.195
200.206.49.139	181.223.227.155	151.80.155.98	139.59.4.54
129.204.141.3	107.170.196.44	105.225.134.11	104.248.57.21