132.148.243.21

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States of America

运营商(isp): GoDaddy.com LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Mar 28 22:34:52 host proftpd[8078]: 0.0.0.0 (132.148.243.21[132.148.243.21]) - USER admin@apremex.com: no such user found from 132.148.243.21 [132.148.243.21] to 62.210.151.217:21 ...	2020-03-29 08:26:46

相同子网IP讨论:

IP	类型	评论内容	时间
132.148.243.125	attack	Brute force blocker - service: exim2 - aantal: 25 - Sun Sep 16 01:45:21 2018	2020-03-09 06:12:14

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 132.148.243.21
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 62001
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;132.148.243.21.			IN	A

;; AUTHORITY SECTION:
.			453	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020032802 1800 900 604800 86400

;; Query time: 107 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Mar 29 08:26:43 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

21.243.148.132.in-addr.arpa domain name pointer ip-132-148-243-21.ip.secureserver.net.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
21.243.148.132.in-addr.arpa	name = ip-132-148-243-21.ip.secureserver.net.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
139.199.119.67	attack	212.218.19.43 139.199.119.67 \[24/Sep/2019:14:45:01 +0200\] "GET /scripts/setup.php HTTP/1.1" 301 546 "-" "Mozilla/4.0 \(compatible\; MSIE 8.0\; Windows NT 6.1\; Win64\; x64\; Trident/4.0\)" 212.218.19.43 139.199.119.67 \[24/Sep/2019:14:45:01 +0200\] "GET /phpmyadmin/scripts/setup.php HTTP/1.1" 301 568 "-" "Mozilla/4.0 \(compatible\; MSIE 8.0\; Windows NT 6.1\; Win64\; x64\; Trident/4.0\)" 212.218.19.43 139.199.119.67 \[24/Sep/2019:14:45:01 +0200\] "GET /phpMyAdmin/scripts/setup.php HTTP/1.1" 301 568 "-" "Mozilla/4.0 \(compatible\; MSIE 8.0\; Windows NT 6.1\; Win64\; x64\; Trident/4.0\)"	2019-09-24 22:21:05
54.39.151.167	attackspambots	2019-09-24T14:24:47.654648abusebot.cloudsearch.cf sshd\[6303\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.151.167 user=root	2019-09-24 22:41:51
104.211.79.54	attack	Sep 24 04:49:56 sachi sshd\[17857\]: Invalid user sndoto from 104.211.79.54 Sep 24 04:49:56 sachi sshd\[17857\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.211.79.54 Sep 24 04:49:58 sachi sshd\[17857\]: Failed password for invalid user sndoto from 104.211.79.54 port 33784 ssh2 Sep 24 04:55:16 sachi sshd\[18297\]: Invalid user gnp from 104.211.79.54 Sep 24 04:55:16 sachi sshd\[18297\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.211.79.54	2019-09-24 23:00:57
118.25.14.19	attack	Sep 24 14:29:43 game-panel sshd[12903]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.14.19 Sep 24 14:29:45 game-panel sshd[12903]: Failed password for invalid user kvamme from 118.25.14.19 port 40740 ssh2 Sep 24 14:34:31 game-panel sshd[13128]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.14.19	2019-09-24 22:49:32
27.71.224.2	attackspambots	2019-09-24T09:06:58.4330941495-001 sshd\[15160\]: Invalid user PMA from 27.71.224.2 port 53814 2019-09-24T09:06:58.4370591495-001 sshd\[15160\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.71.224.2 2019-09-24T09:07:00.3185811495-001 sshd\[15160\]: Failed password for invalid user PMA from 27.71.224.2 port 53814 ssh2 2019-09-24T09:13:17.1354951495-001 sshd\[15585\]: Invalid user tj from 27.71.224.2 port 38252 2019-09-24T09:13:17.1440361495-001 sshd\[15585\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.71.224.2 2019-09-24T09:13:19.7230371495-001 sshd\[15585\]: Failed password for invalid user tj from 27.71.224.2 port 38252 ssh2 ...	2019-09-24 22:54:42
110.49.70.248	attackspambots	Sep 24 16:08:30 vps01 sshd[23775]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.49.70.248 Sep 24 16:08:32 vps01 sshd[23775]: Failed password for invalid user melisa from 110.49.70.248 port 43348 ssh2	2019-09-24 22:20:21
139.99.221.61	attackspambots	Sep 24 16:33:11 SilenceServices sshd[3060]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.221.61 Sep 24 16:33:13 SilenceServices sshd[3060]: Failed password for invalid user ts3server4 from 139.99.221.61 port 32820 ssh2 Sep 24 16:39:00 SilenceServices sshd[4774]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.221.61	2019-09-24 22:46:33
145.239.91.88	attack	Sep 24 14:58:11 eventyay sshd[22179]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.91.88 Sep 24 14:58:12 eventyay sshd[22179]: Failed password for invalid user usertest from 145.239.91.88 port 52304 ssh2 Sep 24 15:02:26 eventyay sshd[22307]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.91.88 ...	2019-09-24 22:13:01
111.95.37.222	attack	Sep 24 04:28:56 georgia postfix/smtpd[22392]: warning: hostname fm-dyn-111-95-37-222.fast.net.id does not resolve to address 111.95.37.222: Name or service not known Sep 24 04:28:56 georgia postfix/smtpd[22392]: connect from unknown[111.95.37.222] Sep 24 04:29:16 georgia postfix/smtpd[22392]: SSL_accept error from unknown[111.95.37.222]: lost connection Sep 24 04:29:16 georgia postfix/smtpd[22392]: lost connection after CONNECT from unknown[111.95.37.222] Sep 24 04:29:16 georgia postfix/smtpd[22392]: disconnect from unknown[111.95.37.222] commands=0/0 Sep 24 04:29:33 georgia postfix/smtpd[22392]: warning: hostname fm-dyn-111-95-37-222.fast.net.id does not resolve to address 111.95.37.222: Name or service not known Sep 24 04:29:33 georgia postfix/smtpd[22392]: connect from unknown[111.95.37.222] Sep 24 04:29:34 georgia postfix/smtpd[22392]: warning: unknown[111.95.37.222]: SASL CRAM-MD5 authentication failed: authentication failure Sep 24 04:29:35 georgia postfix/smtpd[2........ -------------------------------	2019-09-24 22:43:06
139.59.84.111	attack	Sep 24 04:13:35 hcbb sshd\[12401\]: Invalid user a3w from 139.59.84.111 Sep 24 04:13:35 hcbb sshd\[12401\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.84.111 Sep 24 04:13:37 hcbb sshd\[12401\]: Failed password for invalid user a3w from 139.59.84.111 port 37674 ssh2 Sep 24 04:18:43 hcbb sshd\[12802\]: Invalid user password from 139.59.84.111 Sep 24 04:18:43 hcbb sshd\[12802\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.84.111	2019-09-24 22:21:58
117.50.55.247	attackbotsspam	Sep 24 16:43:02 markkoudstaal sshd[16072]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.55.247 Sep 24 16:43:05 markkoudstaal sshd[16072]: Failed password for invalid user pass from 117.50.55.247 port 47306 ssh2 Sep 24 16:47:08 markkoudstaal sshd[16428]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.55.247	2019-09-24 23:02:38
69.171.206.254	attackspam	2019-09-24T16:29:26.035346lon01.zurich-datacenter.net sshd\[22086\]: Invalid user juancarlos from 69.171.206.254 port 45239 2019-09-24T16:29:26.043088lon01.zurich-datacenter.net sshd\[22086\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=69.171.206.254 2019-09-24T16:29:28.194481lon01.zurich-datacenter.net sshd\[22086\]: Failed password for invalid user juancarlos from 69.171.206.254 port 45239 ssh2 2019-09-24T16:37:22.990907lon01.zurich-datacenter.net sshd\[22265\]: Invalid user believe from 69.171.206.254 port 22983 2019-09-24T16:37:22.997060lon01.zurich-datacenter.net sshd\[22265\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=69.171.206.254 ...	2019-09-24 22:44:39
222.186.180.8	attack	Sep 24 21:40:14 itv-usvr-02 sshd[28163]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.8 user=root Sep 24 21:40:16 itv-usvr-02 sshd[28163]: Failed password for root from 222.186.180.8 port 62920 ssh2 Sep 24 21:40:22 itv-usvr-02 sshd[28163]: Failed password for root from 222.186.180.8 port 62920 ssh2 Sep 24 21:40:14 itv-usvr-02 sshd[28163]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.8 user=root Sep 24 21:40:16 itv-usvr-02 sshd[28163]: Failed password for root from 222.186.180.8 port 62920 ssh2 Sep 24 21:40:22 itv-usvr-02 sshd[28163]: Failed password for root from 222.186.180.8 port 62920 ssh2	2019-09-24 22:50:00
35.199.154.128	attackspambots	Sep 24 04:13:44 hpm sshd\[3844\]: Invalid user fuser from 35.199.154.128 Sep 24 04:13:44 hpm sshd\[3844\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.154.199.35.bc.googleusercontent.com Sep 24 04:13:46 hpm sshd\[3844\]: Failed password for invalid user fuser from 35.199.154.128 port 51304 ssh2 Sep 24 04:17:28 hpm sshd\[4150\]: Invalid user inads from 35.199.154.128 Sep 24 04:17:28 hpm sshd\[4150\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.154.199.35.bc.googleusercontent.com	2019-09-24 22:28:02
163.172.207.104	attack	\[2019-09-24 10:15:51\] SECURITY\[1978\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-09-24T10:15:51.059-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="27011972592277524",SessionID="0x7f9b344403b8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/163.172.207.104/63133",ACLName="no_extension_match" \[2019-09-24 10:20:10\] SECURITY\[1978\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-09-24T10:20:10.870-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="28011972592277524",SessionID="0x7f9b345d3d08",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/163.172.207.104/65286",ACLName="no_extension_match" \[2019-09-24 10:24:29\] SECURITY\[1978\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-09-24T10:24:29.918-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="29011972592277524",SessionID="0x7f9b34358e08",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/163.172.207.104/61171",ACL	2019-09-24 22:25:34

最近上报的IP列表

188.143.65.136	94.139.161.18	202.28.25.13	89.144.166.58
187.207.149.96	54.39.41.188	131.0.231.26	119.41.167.177
246.71.130.27	123.182.216.158	81.182.187.218	114.32.47.212
202.92.4.181	65.8.234.166	229.228.156.183	89.41.176.211
238.2.251.210	104.248.242.189	194.194.145.103	103.100.210.115