132.148.129.180

基本信息:

城市(city): Scottsdale

省份(region): Arizona

国家(country): United States

运营商(isp): GoDaddy.com LLC

主机名(hostname): unknown

机构(organization): GoDaddy.com, LLC

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Apr 6 17:40:28 marvibiene sshd[56095]: Invalid user ftpuser from 132.148.129.180 port 33948 Apr 6 17:40:28 marvibiene sshd[56095]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.148.129.180 Apr 6 17:40:28 marvibiene sshd[56095]: Invalid user ftpuser from 132.148.129.180 port 33948 Apr 6 17:40:30 marvibiene sshd[56095]: Failed password for invalid user ftpuser from 132.148.129.180 port 33948 ssh2 ...	2020-04-07 01:58:52
attackspambots	SSH Brute-Force reported by Fail2Ban	2020-04-05 15:37:05
attack	Mar 29 15:14:10 *** sshd[3464]: Invalid user ubuntu from 132.148.129.180	2020-03-29 23:20:25
attackbots	Invalid user thorstenschwarz from 132.148.129.180 port 49746	2020-03-11 17:43:12
attackspambots	Mar 10 06:29:52 lnxweb62 sshd[14191]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.148.129.180 Mar 10 06:29:53 lnxweb62 sshd[14191]: Failed password for invalid user fabriefijen from 132.148.129.180 port 40828 ssh2 Mar 10 06:33:12 lnxweb62 sshd[15900]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.148.129.180	2020-03-10 13:58:52
attackspambots	Mar 6 00:00:27 takio sshd[30494]: Invalid user ubuntu from 132.148.129.180 port 43990 Mar 6 00:03:43 takio sshd[30512]: Invalid user admin from 132.148.129.180 port 42110 Mar 6 00:06:55 takio sshd[30533]: Invalid user postgres from 132.148.129.180 port 40400	2020-03-06 06:29:35
attack	Mar 5 14:41:12 * sshd[21663]: Failed password for root from 132.148.129.180 port 53982 ssh2	2020-03-05 22:31:21
attackbotsspam	Fail2Ban - SSH Bruteforce Attempt	2020-03-04 15:56:18
attackspambots	Invalid user www from 132.148.129.180 port 37252	2020-02-24 15:00:40
attack	none	2020-02-06 01:56:02
attackspambots	Feb 4 14:51:07 vmd26974 sshd[30836]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.148.129.180 Feb 4 14:51:08 vmd26974 sshd[30836]: Failed password for invalid user phion from 132.148.129.180 port 42050 ssh2 ...	2020-02-05 00:34:45
attack	Feb 4 09:08:41 firewall sshd[14522]: Invalid user ftpuser from 132.148.129.180 Feb 4 09:08:43 firewall sshd[14522]: Failed password for invalid user ftpuser from 132.148.129.180 port 38110 ssh2 Feb 4 09:10:16 firewall sshd[14591]: Invalid user sybase from 132.148.129.180 ...	2020-02-04 20:47:05
attackspam	2020-1-26 11:21:02 AM: ssh bruteforce [3 failed attempts]	2020-01-26 19:02:58
attackbotsspam	Jan 25 20:14:00 webhost01 sshd[28284]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.148.129.180 Jan 25 20:14:02 webhost01 sshd[28284]: Failed password for invalid user ethos from 132.148.129.180 port 56982 ssh2 ...	2020-01-25 23:35:41
attackspambots	Jan 24 20:45:20 marvibiene sshd[34535]: Invalid user ethos from 132.148.129.180 port 33560 Jan 24 20:45:20 marvibiene sshd[34535]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.148.129.180 Jan 24 20:45:20 marvibiene sshd[34535]: Invalid user ethos from 132.148.129.180 port 33560 Jan 24 20:45:21 marvibiene sshd[34535]: Failed password for invalid user ethos from 132.148.129.180 port 33560 ssh2 ...	2020-01-25 04:50:25
attackbotsspam	Jan 18 19:18:07 XXX sshd[38292]: Invalid user avis from 132.148.129.180 port 54264	2020-01-19 03:18:54
attackbotsspam	Invalid user avis from 132.148.129.180 port 58398	2020-01-17 04:10:46
attack	pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.148.129.180 Failed password for invalid user avis from 132.148.129.180 port 42388 ssh2 pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.148.129.180	2020-01-15 16:31:25
attackbots	$f2bV_matches	2020-01-12 01:26:08
attack	Jan 7 16:50:50 server sshd\[3303\]: Invalid user user from 132.148.129.180 Jan 7 16:50:50 server sshd\[3303\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip-132-148-129-180.ip.secureserver.net Jan 7 16:50:52 server sshd\[3303\]: Failed password for invalid user user from 132.148.129.180 port 60288 ssh2 Jan 7 16:52:36 server sshd\[3888\]: Invalid user administrator from 132.148.129.180 Jan 7 16:52:36 server sshd\[3888\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip-132-148-129-180.ip.secureserver.net ...	2020-01-07 22:12:03
attackspam	Jan 6 14:14:06 ovpn sshd\[23080\]: Invalid user user from 132.148.129.180 Jan 6 14:14:06 ovpn sshd\[23080\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.148.129.180 Jan 6 14:14:08 ovpn sshd\[23080\]: Failed password for invalid user user from 132.148.129.180 port 38604 ssh2 Jan 6 14:15:55 ovpn sshd\[23554\]: Invalid user administrator from 132.148.129.180 Jan 6 14:15:55 ovpn sshd\[23554\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.148.129.180	2020-01-06 21:22:05
attackbots	Automatically reported by fail2ban report script (powermetal)	2020-01-03 21:17:26
attackbots	$f2bV_matches	2019-12-22 02:12:04
attackbots	Dec 21 00:17:39 zx01vmsma01 sshd[40941]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.148.129.180 Dec 21 00:17:41 zx01vmsma01 sshd[40941]: Failed password for invalid user user from 132.148.129.180 port 57924 ssh2 ...	2019-12-21 09:07:14
attackspam	Invalid user oracle from 132.148.129.180 port 47462	2019-12-19 06:38:50
attackbotsspam	Nov 23 14:28:21 l02a sshd[15732]: Invalid user proxy from 132.148.129.180 Nov 23 14:28:23 l02a sshd[15732]: Failed password for invalid user proxy from 132.148.129.180 port 50466 ssh2 Nov 23 14:28:21 l02a sshd[15732]: Invalid user proxy from 132.148.129.180 Nov 23 14:28:23 l02a sshd[15732]: Failed password for invalid user proxy from 132.148.129.180 port 50466 ssh2	2019-11-23 22:36:44
attack	Nov 23 09:59:40 mail sshd\[7107\]: Invalid user postgres from 132.148.129.180 Nov 23 09:59:40 mail sshd\[7107\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.148.129.180 Nov 23 09:59:43 mail sshd\[7107\]: Failed password for invalid user postgres from 132.148.129.180 port 48814 ssh2 ...	2019-11-23 17:07:16
attackbotsspam	2019-11-07T18:02:17.441491homeassistant sshd[19593]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.148.129.180 user=root 2019-11-07T18:02:19.300502homeassistant sshd[19593]: Failed password for root from 132.148.129.180 port 35826 ssh2 ...	2019-11-08 03:28:23
attackspambots	Oct 28 03:20:37 Ubuntu-1404-trusty-64-minimal sshd\[24557\]: Invalid user zimbra from 132.148.129.180 Oct 28 03:20:37 Ubuntu-1404-trusty-64-minimal sshd\[24557\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.148.129.180 Oct 28 03:20:39 Ubuntu-1404-trusty-64-minimal sshd\[24557\]: Failed password for invalid user zimbra from 132.148.129.180 port 46446 ssh2 Oct 28 12:59:44 Ubuntu-1404-trusty-64-minimal sshd\[32072\]: Invalid user usuario from 132.148.129.180 Oct 28 12:59:44 Ubuntu-1404-trusty-64-minimal sshd\[32072\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.148.129.180	2019-10-28 20:31:25
attackspam	Oct 27 04:33:52 XXX sshd[49835]: Invalid user postgres from 132.148.129.180 port 59968	2019-10-27 12:39:28

相同子网IP讨论:

IP	类型	评论内容	时间
132.148.129.251	attackbotsspam	Scanning and Vuln Attempts	2019-06-26 19:20:15
132.148.129.251	attackbots	xmlrpc attack	2019-06-24 19:40:35

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 132.148.129.180
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 49088
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;132.148.129.180.		IN	A

;; AUTHORITY SECTION:
.			3504	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019041800 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Fri Apr 19 02:35:27 +08 2019
;; MSG SIZE  rcvd: 119

HOST信息:

180.129.148.132.in-addr.arpa domain name pointer ip-132-148-129-180.ip.secureserver.net.

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
180.129.148.132.in-addr.arpa	name = ip-132-148-129-180.ip.secureserver.net.

Authoritative answers can be found from:

IP	类型	评论内容	时间
217.25.57.58	attack	(mod_security) mod_security (id:230011) triggered by 217.25.57.58 (IR/Iran/-): 5 in the last 3600 secs	2020-01-25 21:06:26
87.8.34.11	attackspam	Jan 25 08:34:19 vps691689 sshd[19915]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=87.8.34.11 Jan 25 08:34:19 vps691689 sshd[19917]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=87.8.34.11 ...	2020-01-25 20:29:14
87.81.239.179	attackspam	Unauthorized connection attempt detected from IP address 87.81.239.179 to port 83 [J]	2020-01-25 20:54:40
202.83.172.43	attackbots	Unauthorized connection attempt detected from IP address 202.83.172.43 to port 1433 [J]	2020-01-25 21:07:14
2.187.6.7	attackbotsspam	Unauthorized connection attempt detected from IP address 2.187.6.7 to port 80 [J]	2020-01-25 21:05:26
121.165.73.64	attack	Unauthorized connection attempt detected from IP address 121.165.73.64 to port 2220 [J]	2020-01-25 20:24:18
88.34.126.171	attackspam	Unauthorized connection attempt detected from IP address 88.34.126.171 to port 80 [J]	2020-01-25 20:54:16
96.55.16.76	attackspam	Unauthorized connection attempt detected from IP address 96.55.16.76 to port 23 [J]	2020-01-25 20:28:15
121.158.119.125	attackspam	Unauthorized connection attempt detected from IP address 121.158.119.125 to port 81 [J]	2020-01-25 20:48:38
201.26.195.155	attack	Unauthorized connection attempt detected from IP address 201.26.195.155 to port 8080 [J]	2020-01-25 21:08:34
111.67.194.236	attack	Unauthorized connection attempt detected from IP address 111.67.194.236 to port 2220 [J]	2020-01-25 20:26:27
200.114.149.31	attackspam	Unauthorized connection attempt detected from IP address 200.114.149.31 to port 8081 [J]	2020-01-25 20:42:17
112.26.160.67	attackbotsspam	Unauthorized connection attempt detected from IP address 112.26.160.67 to port 80 [J]	2020-01-25 20:50:15
177.94.100.55	attackbotsspam	Unauthorized connection attempt detected from IP address 177.94.100.55 to port 80 [J]	2020-01-25 20:45:46
123.223.236.92	attack	Unauthorized connection attempt detected from IP address 123.223.236.92 to port 2220 [J]	2020-01-25 20:23:01

最近上报的IP列表

5.45.110.136	46.27.34.44	109.245.39.35	78.165.233.129
128.199.101.148	86.107.139.160	113.22.53.137	185.253.250.167
200.87.233.68	185.200.118.68	86.160.62.255	141.145.123.175
145.239.204.118	103.36.29.41	88.71.177.209	51.254.200.204
186.179.195.109	185.143.223.135	192.3.2.85	158.176.91.183