132.148.134.246

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): GoDaddy.com LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	132.148.134.246 - - [06/Sep/2019:12:03:47 +0200] "POST /wp-login.php HTTP/1.1" 403 1613 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" cdc5142520122b49007bd7174fb0d7b4 United States US Arizona Scottsdale 132.148.134.246 - - [06/Sep/2019:13:39:18 +0200] "POST /wp-login.php HTTP/1.1" 403 1598 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" eb7e13cfcf8660457734d8cf73141bec United States US Arizona Scottsdale	2019-09-06 20:53:08
attack	[Mon Sep 02 14:16:01.435005 2019] [access_compat:error] [pid 32604] [client 132.148.134.246:52266] AH01797: client denied by server configuration: /var/www/html/luke/wp-login.php ...	2019-09-02 22:28:58
attackbots	www.handydirektreparatur.de 132.148.134.246 \[29/Aug/2019:04:56:47 +0200\] "POST /wp-login.php HTTP/1.1" 200 5665 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" www.handydirektreparatur.de 132.148.134.246 \[29/Aug/2019:04:56:48 +0200\] "POST /xmlrpc.php HTTP/1.1" 200 4114 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-08-29 12:13:09

类型

评论内容

时间

attack

132.148.134.246 - - [06/Sep/2019:12:03:47 +0200] "POST /wp-login.php HTTP/1.1" 403 1613 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" cdc5142520122b49007bd7174fb0d7b4 United States US Arizona Scottsdale 
132.148.134.246 - - [06/Sep/2019:13:39:18 +0200] "POST /wp-login.php HTTP/1.1" 403 1598 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" eb7e13cfcf8660457734d8cf73141bec United States US Arizona Scottsdale

2019-09-06 20:53:08

attack

[Mon Sep 02 14:16:01.435005 2019] [access_compat:error] [pid 32604] [client 132.148.134.246:52266] AH01797: client denied by server configuration: /var/www/html/luke/wp-login.php
...

2019-09-02 22:28:58

attackbots

www.handydirektreparatur.de 132.148.134.246 \[29/Aug/2019:04:56:47 +0200\] "POST /wp-login.php HTTP/1.1" 200 5665 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
www.handydirektreparatur.de 132.148.134.246 \[29/Aug/2019:04:56:48 +0200\] "POST /xmlrpc.php HTTP/1.1" 200 4114 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"

2019-08-29 12:13:09

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 132.148.134.246
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24007
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;132.148.134.246.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019082802 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Aug 29 12:13:05 CST 2019
;; MSG SIZE  rcvd: 119

HOST信息:

246.134.148.132.in-addr.arpa domain name pointer ip-132-148-134-246.ip.secureserver.net.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
246.134.148.132.in-addr.arpa	name = ip-132-148-134-246.ip.secureserver.net.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
106.13.1.81	attackbotsspam	2020-03-31 16:01:09 server sshd[17052]: Failed password for invalid user root from 106.13.1.81 port 36818 ssh2	2020-04-02 03:38:51
111.229.249.75	attack	Invalid user tyy from 111.229.249.75 port 54898	2020-04-02 03:51:43
139.199.30.155	attack	Apr 1 07:48:20 pixelmemory sshd[29331]: Failed password for root from 139.199.30.155 port 48466 ssh2 Apr 1 08:20:17 pixelmemory sshd[997]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.30.155 Apr 1 08:20:19 pixelmemory sshd[997]: Failed password for invalid user portal from 139.199.30.155 port 60728 ssh2 ...	2020-04-02 03:37:27
83.97.20.49	attackspambots	IP was detected trying to Brute-Force SSH, FTP, Web Apps, Port-Scan or Hacking.	2020-04-02 03:42:53
188.214.104.81	attackbots	Apr 1 14:29:21 server postfix/smtpd[2743]: NOQUEUE: reject: RCPT from media-focus.world[188.214.104.81]: 554 5.7.1 Service unavailable; Client host [188.214.104.81] blocked using zen.spamhaus.org; https://www.spamhaus.org/sbl/query/SBLCSS; from= to= proto=ESMTP helo=	2020-04-02 03:36:04
41.32.120.191	attackbots	DATE:2020-04-01 15:13:13, IP:41.32.120.191, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-04-02 03:21:11
115.68.207.164	attack	(sshd) Failed SSH login from 115.68.207.164 (KR/South Korea/-): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Apr 1 20:42:36 ubnt-55d23 sshd[21814]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.68.207.164 user=root Apr 1 20:42:38 ubnt-55d23 sshd[21814]: Failed password for root from 115.68.207.164 port 57870 ssh2	2020-04-02 03:46:43
142.44.218.192	attack	2020-04-01T16:51:35.034194abusebot-4.cloudsearch.cf sshd[19795]: Invalid user sql from 142.44.218.192 port 39108 2020-04-01T16:51:35.040446abusebot-4.cloudsearch.cf sshd[19795]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip192.ip-142-44-218.net 2020-04-01T16:51:35.034194abusebot-4.cloudsearch.cf sshd[19795]: Invalid user sql from 142.44.218.192 port 39108 2020-04-01T16:51:37.636096abusebot-4.cloudsearch.cf sshd[19795]: Failed password for invalid user sql from 142.44.218.192 port 39108 ssh2 2020-04-01T16:53:17.024878abusebot-4.cloudsearch.cf sshd[19903]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip192.ip-142-44-218.net user=root 2020-04-01T16:53:19.154122abusebot-4.cloudsearch.cf sshd[19903]: Failed password for root from 142.44.218.192 port 35312 ssh2 2020-04-01T16:54:19.780555abusebot-4.cloudsearch.cf sshd[19965]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser ...	2020-04-02 03:19:52
49.232.144.7	attackspambots	Invalid user jdf from 49.232.144.7 port 58728	2020-04-02 03:32:39
46.105.96.46	attack	Apr 2 00:26:17 gw1 sshd[24971]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.105.96.46 Apr 2 00:26:19 gw1 sshd[24971]: Failed password for invalid user sophie from 46.105.96.46 port 59444 ssh2 ...	2020-04-02 03:30:05
65.31.127.80	attack	SSH auth scanning - multiple failed logins	2020-04-02 03:17:06
129.211.18.180	attack	Apr 1 20:04:26 ns381471 sshd[12617]: Failed password for root from 129.211.18.180 port 27068 ssh2	2020-04-02 03:26:41
51.68.190.223	attackspambots	2020-04-01T17:29:46.284666 sshd[6548]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.190.223 2020-04-01T17:29:46.271065 sshd[6548]: Invalid user admin from 51.68.190.223 port 40246 2020-04-01T17:29:48.291084 sshd[6548]: Failed password for invalid user admin from 51.68.190.223 port 40246 ssh2 2020-04-01T19:32:52.421402 sshd[7980]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.190.223 user=root 2020-04-01T19:32:54.395023 sshd[7980]: Failed password for root from 51.68.190.223 port 51204 ssh2 ...	2020-04-02 03:37:08
14.232.166.163	attackbots	trying to access non-authorized port	2020-04-02 03:40:29
116.206.203.211	attackbots	php WP PHPmyadamin ABUSE blocked for 12h	2020-04-02 03:13:26

最近上报的IP列表

200.127.109.231	197.124.252.17	146.151.8.198	185.62.148.8
82.201.220.227	125.142.97.209	62.72.18.0	103.41.42.75
134.193.240.118	187.190.153.118	183.2.156.114	74.109.184.186
14.189.165.17	147.91.243.133	94.226.255.121	177.184.245.86
115.54.66.232	89.199.43.94	14.161.29.175	219.156.128.148