132.145.48.21 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United Kingdom

运营商(isp): Oracle Public Cloud

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	WordPress login Brute force / Web App Attack on client site.	2020-09-06 21:01:58
attack	132.145.48.21 - - [06/Sep/2020:05:37:39 +0200] "GET /wp-login.php HTTP/1.1" 200 9184 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 132.145.48.21 - - [06/Sep/2020:05:37:40 +0200] "POST /wp-login.php HTTP/1.1" 200 9435 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 132.145.48.21 - - [06/Sep/2020:05:37:41 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-09-06 12:39:59
attack	Automatic report - Banned IP Access	2020-09-06 05:00:48
attack	Jul 30 00:40:14 lcl-usvr-02 sshd[8496]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.145.48.21 user=root Jul 30 00:40:16 lcl-usvr-02 sshd[8496]: Failed password for root from 132.145.48.21 port 50562 ssh2 ...	2019-07-30 04:54:34
attackbotsspam	Jul 28 18:19:48 lcl-usvr-02 sshd[31838]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.145.48.21 user=root Jul 28 18:19:51 lcl-usvr-02 sshd[31838]: Failed password for root from 132.145.48.21 port 61747 ssh2 ...	2019-07-29 02:51:49
attackbots	Jul 26 15:59:03 lcl-usvr-02 sshd[31758]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.145.48.21 user=root Jul 26 15:59:05 lcl-usvr-02 sshd[31758]: Failed password for root from 132.145.48.21 port 60733 ssh2 Jul 26 16:06:45 lcl-usvr-02 sshd[1297]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.145.48.21 user=root Jul 26 16:06:48 lcl-usvr-02 sshd[1297]: Failed password for root from 132.145.48.21 port 58073 ssh2 ...	2019-07-26 18:04:00

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 132.145.48.21
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 54627
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;132.145.48.21.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019072600 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Jul 26 18:03:55 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 21.48.145.132.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 21.48.145.132.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
45.136.108.155	attackbotsspam	Dec 23 10:14:26 h2177944 kernel: \[291241.899926\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.108.155 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=41456 PROTO=TCP SPT=45840 DPT=1001 WINDOW=1024 RES=0x00 SYN URGP=0 Dec 23 10:14:26 h2177944 kernel: \[291241.899942\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.108.155 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=41456 PROTO=TCP SPT=45840 DPT=1001 WINDOW=1024 RES=0x00 SYN URGP=0 Dec 23 10:16:19 h2177944 kernel: \[291355.695323\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.108.155 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=23851 PROTO=TCP SPT=45840 DPT=790 WINDOW=1024 RES=0x00 SYN URGP=0 Dec 23 10:16:19 h2177944 kernel: \[291355.695338\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.108.155 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=23851 PROTO=TCP SPT=45840 DPT=790 WINDOW=1024 RES=0x00 SYN URGP=0 Dec 23 10:28:20 h2177944 kernel: \[292076.284520\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.108.155 DST=85.214.117.9 L	2019-12-23 17:40:35
153.156.71.130	attackbotsspam	Dec 22 22:50:03 sachi sshd\[27582\]: Invalid user guest from 153.156.71.130 Dec 22 22:50:03 sachi sshd\[27582\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=p4934130-ipngnfx01marunouchi.tokyo.ocn.ne.jp Dec 22 22:50:05 sachi sshd\[27582\]: Failed password for invalid user guest from 153.156.71.130 port 60176 ssh2 Dec 22 22:55:50 sachi sshd\[28659\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=p4934130-ipngnfx01marunouchi.tokyo.ocn.ne.jp user=root Dec 22 22:55:52 sachi sshd\[28659\]: Failed password for root from 153.156.71.130 port 37134 ssh2	2019-12-23 17:56:27
49.88.112.72	attack	Dec 23 10:13:18 eventyay sshd[26963]: Failed password for root from 49.88.112.72 port 16771 ssh2 Dec 23 10:13:20 eventyay sshd[26963]: Failed password for root from 49.88.112.72 port 16771 ssh2 Dec 23 10:13:22 eventyay sshd[26963]: Failed password for root from 49.88.112.72 port 16771 ssh2 ...	2019-12-23 17:32:00
185.74.4.189	attackbotsspam	Dec 22 23:17:04 php1 sshd\[9897\]: Invalid user nfs from 185.74.4.189 Dec 22 23:17:04 php1 sshd\[9897\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.74.4.189 Dec 22 23:17:06 php1 sshd\[9897\]: Failed password for invalid user nfs from 185.74.4.189 port 45366 ssh2 Dec 22 23:23:15 php1 sshd\[10496\]: Invalid user savarim from 185.74.4.189 Dec 22 23:23:15 php1 sshd\[10496\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.74.4.189	2019-12-23 17:37:28
159.203.81.28	attackspambots	Dec 23 09:33:50 serwer sshd\[7356\]: User ftpuser from 159.203.81.28 not allowed because not listed in AllowUsers Dec 23 09:33:50 serwer sshd\[7356\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.81.28 user=ftpuser Dec 23 09:33:52 serwer sshd\[7356\]: Failed password for invalid user ftpuser from 159.203.81.28 port 47218 ssh2 ...	2019-12-23 17:23:38
37.17.65.154	attackspambots	Dec 23 11:58:23 areeb-Workstation sshd[2867]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.17.65.154 Dec 23 11:58:25 areeb-Workstation sshd[2867]: Failed password for invalid user flw from 37.17.65.154 port 51172 ssh2 ...	2019-12-23 17:16:57
37.187.195.209	attack	Dec 22 21:01:41 auw2 sshd\[31743\]: Invalid user smg from 37.187.195.209 Dec 22 21:01:41 auw2 sshd\[31743\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=209.ip-37-187-195.eu Dec 22 21:01:43 auw2 sshd\[31743\]: Failed password for invalid user smg from 37.187.195.209 port 56990 ssh2 Dec 22 21:06:37 auw2 sshd\[32199\]: Invalid user webmaster from 37.187.195.209 Dec 22 21:06:37 auw2 sshd\[32199\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=209.ip-37-187-195.eu	2019-12-23 17:54:33
109.74.139.98	attackspam	Unauthorized connection attempt detected from IP address 109.74.139.98 to port 445	2019-12-23 17:33:41
112.112.7.202	attackspam	Brute-force attempt banned	2019-12-23 17:23:10
73.93.102.54	attackspam	Dec 23 14:32:11 vibhu-HP-Z238-Microtower-Workstation sshd\[11277\]: Invalid user Jyrki from 73.93.102.54 Dec 23 14:32:11 vibhu-HP-Z238-Microtower-Workstation sshd\[11277\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=73.93.102.54 Dec 23 14:32:13 vibhu-HP-Z238-Microtower-Workstation sshd\[11277\]: Failed password for invalid user Jyrki from 73.93.102.54 port 34966 ssh2 Dec 23 14:37:33 vibhu-HP-Z238-Microtower-Workstation sshd\[11617\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=73.93.102.54 user=root Dec 23 14:37:34 vibhu-HP-Z238-Microtower-Workstation sshd\[11617\]: Failed password for root from 73.93.102.54 port 40248 ssh2 ...	2019-12-23 17:16:41
2604:a00:6:1650:5054:ff:fedb:92b2	attackbots	C1,WP GET /suche/blog/wp-login.php	2019-12-23 17:27:41
51.158.162.242	attack	Dec 23 12:32:12 hosting sshd[8565]: Invalid user brian from 51.158.162.242 port 45534 ...	2019-12-23 17:59:12
178.62.64.107	attack	Dec 23 10:05:33 vps691689 sshd[20377]: Failed password for games from 178.62.64.107 port 49626 ssh2 Dec 23 10:11:04 vps691689 sshd[20515]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.62.64.107 ...	2019-12-23 17:20:59
54.37.19.148	attackspambots	ssh brute force	2019-12-23 17:37:10
222.186.180.147	attack	Dec 23 16:16:29 itv-usvr-02 sshd[809]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.147 user=root Dec 23 16:16:31 itv-usvr-02 sshd[809]: Failed password for root from 222.186.180.147 port 18924 ssh2	2019-12-23 17:17:23

最近上报的IP列表

199.103.93.109	131.245.240.126	111.39.10.196	60.229.57.103
110.232.253.6	101.53.147.183	14.161.23.243	49.156.214.202
87.116.176.13	151.53.194.188	79.8.24.41	112.207.104.21
79.137.77.131	58.219.136.47	51.254.205.129	14.152.49.80
71.81.218.85	114.32.245.21	135.182.141.236	106.51.2.108