132.148.144.214

基本信息:

城市(city): Scottsdale

省份(region): Arizona

国家(country): United States

运营商(isp): GoDaddy.com LLC

主机名(hostname): unknown

机构(organization): GoDaddy.com, LLC

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	xmlrpc attack	2019-10-08 21:02:53
attack	WordPress brute force	2019-07-24 08:12:57
spam	try to enter my website admin pannel	2019-07-21 11:53:01
attackbotsspam	WordPress brute force	2019-07-13 00:06:08

相同子网IP讨论:

IP	类型	评论内容	时间
132.148.144.101	attack	Automatic report - XMLRPC Attack	2020-02-09 18:13:42
132.148.144.101	attackspambots	access attempt detected by IDS script	2020-01-01 17:06:31
132.148.144.101	attackbotsspam	Hit on /wp-login.php	2019-12-03 01:25:29
132.148.144.101	attackspam	WordPress wp-login brute force :: 132.148.144.101 0.168 BYPASS [13/Nov/2019:12:11:46 0000] [censored_4] "POST /wp-login.php HTTP/1.1" 200 2135 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-11-13 20:13:11
132.148.144.101	attack	[munged]::80 132.148.144.101 - - [20/Oct/2019:22:22:58 +0200] "POST /[munged]: HTTP/1.1" 200 4663 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::80 132.148.144.101 - - [20/Oct/2019:22:23:05 +0200] "POST /[munged]: HTTP/1.1" 200 4663 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-10-21 07:59:53
132.148.144.101	attackspambots	Hit on /wp-login.php	2019-10-16 17:08:21
132.148.144.101	attackspam	xmlrpc attack	2019-09-20 06:40:09

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 132.148.144.214
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 39847
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;132.148.144.214.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019071200 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Jul 13 00:05:56 CST 2019
;; MSG SIZE  rcvd: 119

HOST信息:

214.144.148.132.in-addr.arpa domain name pointer ip-132-148-144-214.ip.secureserver.net.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
214.144.148.132.in-addr.arpa	name = ip-132-148-144-214.ip.secureserver.net.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
36.88.15.207	attackbots	Honeypot attack, port: 445, PTR: PTR record not found	2020-09-05 04:02:23
189.186.123.3	attackbotsspam	Honeypot attack, port: 445, PTR: dsl-189-186-123-3-dyn.prod-infinitum.com.mx.	2020-09-05 03:30:26
186.145.239.222	attackspam	Dovecot Invalid User Login Attempt.	2020-09-05 03:58:42
190.101.177.98	attackspam	Lines containing failures of 190.101.177.98 Sep 3 14:49:29 www sshd[6747]: Invalid user noel from 190.101.177.98 port 49546 Sep 3 14:49:29 www sshd[6747]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.101.177.98 Sep 3 14:49:32 www sshd[6747]: Failed password for invalid user noel from 190.101.177.98 port 49546 ssh2 Sep 3 14:49:32 www sshd[6747]: Received disconnect from 190.101.177.98 port 49546:11: Bye Bye [preauth] Sep 3 14:49:32 www sshd[6747]: Disconnected from invalid user noel 190.101.177.98 port 49546 [preauth] Sep 3 14:53:43 www sshd[7179]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.101.177.98 user=r.r Sep 3 14:53:45 www sshd[7179]: Failed password for r.r from 190.101.177.98 port 54012 ssh2 Sep 3 14:53:45 www sshd[7179]: Received disconnect from 190.101.177.98 port 54012:11: Bye Bye [preauth] Sep 3 14:53:45 www sshd[7179]: Disconnected from authenticating use........ ------------------------------	2020-09-05 03:52:24
43.224.130.146	attack	Invalid user barry from 43.224.130.146 port 40584	2020-09-05 03:32:35
42.104.109.194	attackspambots	Invalid user eric from 42.104.109.194 port 58674	2020-09-05 03:32:03
188.122.82.146	attackbotsspam	0,19-02/03 [bc01/m20] PostRequest-Spammer scoring: zurich	2020-09-05 03:59:48
151.177.108.50	attackspam	sshd: Failed password for invalid user .... from 151.177.108.50 port 56068 ssh2	2020-09-05 03:41:08
80.90.80.117	attack	TCP ports : 7770 / 7777	2020-09-05 03:35:20
36.89.18.217	attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-09-05 03:43:56
94.132.0.248	attackbots	SMB Server BruteForce Attack	2020-09-05 04:03:43
142.4.204.122	attackspam	Sep 4 12:27:56 mout sshd[24346]: Invalid user phoenix from 142.4.204.122 port 44031 Sep 4 12:27:58 mout sshd[24346]: Failed password for invalid user phoenix from 142.4.204.122 port 44031 ssh2 Sep 4 12:28:00 mout sshd[24346]: Disconnected from invalid user phoenix 142.4.204.122 port 44031 [preauth]	2020-09-05 03:54:21
112.85.42.176	attack	Sep 4 21:26:04 jane sshd[11662]: Failed password for root from 112.85.42.176 port 17970 ssh2 Sep 4 21:26:09 jane sshd[11662]: Failed password for root from 112.85.42.176 port 17970 ssh2 ...	2020-09-05 03:29:47
106.13.190.51	attackbots	2020-09-04T12:52:33.717392linuxbox-skyline sshd[82272]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.190.51 user=root 2020-09-04T12:52:35.613963linuxbox-skyline sshd[82272]: Failed password for root from 106.13.190.51 port 54548 ssh2 ...	2020-09-05 03:26:08
190.139.67.171	attack	TCP (SYN) 190.139.67.171:56944 -> port 445, len 44	2020-09-05 03:36:15

最近上报的IP列表

37.124.36.172	108.208.207.209	139.203.224.102	210.245.31.121
79.18.163.19	50.212.6.104	183.42.25.213	199.68.224.199
210.21.200.162	163.157.52.151	191.53.251.140	105.252.160.151
175.111.242.49	171.249.157.7	167.99.174.58	149.126.20.184
198.189.161.11	47.33.114.168	96.0.230.222	212.92.121.37