132.148.29.48 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States of America

运营商(isp): GoDaddy.com LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Mar 25 13:45:16 debian-2gb-nbg1-2 kernel: \[7399396.191821\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=132.148.29.48 DST=195.201.40.59 LEN=44 TOS=0x00 PREC=0x00 TTL=47 ID=0 DF PROTO=TCP SPT=21 DPT=14113 WINDOW=14600 RES=0x00 ACK SYN URGP=0	2020-03-26 03:49:45

类型

评论内容

时间

attack

Mar 25 13:45:16 debian-2gb-nbg1-2 kernel: \[7399396.191821\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=132.148.29.48 DST=195.201.40.59 LEN=44 TOS=0x00 PREC=0x00 TTL=47 ID=0 DF PROTO=TCP SPT=21 DPT=14113 WINDOW=14600 RES=0x00 ACK SYN URGP=0

2020-03-26 03:49:45

相同子网IP讨论:

IP	类型	评论内容	时间
132.148.29.143	attackspambots	Probing for vulnerable PHP code	2020-06-11 19:07:44

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 132.148.29.48
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1236
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;132.148.29.48.			IN	A

;; AUTHORITY SECTION:
.			527	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020032502 1800 900 604800 86400

;; Query time: 49 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Mar 26 03:49:42 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

48.29.148.132.in-addr.arpa domain name pointer ip-132-148-29-48.ip.secureserver.net.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
48.29.148.132.in-addr.arpa	name = ip-132-148-29-48.ip.secureserver.net.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
45.82.153.132	attackspam	2019-10-30T10:54:59.208947mail01 postfix/smtpd[4780]: warning: unknown[45.82.153.132]: SASL PLAIN authentication failed: 2019-10-30T10:55:06.164729mail01 postfix/smtpd[22186]: warning: unknown[45.82.153.132]: SASL PLAIN authentication failed: 2019-10-30T10:56:33.187271mail01 postfix/smtpd[3952]: warning: unknown[45.82.153.132]: SASL PLAIN authentication failed:	2019-10-30 17:57:13
121.129.20.247	attackbotsspam	Telnet Server BruteForce Attack	2019-10-30 17:57:42
132.232.59.136	attack	2019-10-28 10:47:04,787 fail2ban.actions \[1516\]: NOTICE \[sshd\] Ban 132.232.59.136 2019-10-28 11:17:40,677 fail2ban.actions \[1516\]: NOTICE \[sshd\] Ban 132.232.59.136 2019-10-28 11:50:53,956 fail2ban.actions \[1516\]: NOTICE \[sshd\] Ban 132.232.59.136 2019-10-28 12:29:13,066 fail2ban.actions \[1516\]: NOTICE \[sshd\] Ban 132.232.59.136 2019-10-28 13:05:28,741 fail2ban.actions \[1516\]: NOTICE \[sshd\] Ban 132.232.59.136 ...	2019-10-30 18:16:26
180.168.76.222	attackspam	frenzy	2019-10-30 18:17:12
103.6.196.189	attack	fail2ban honeypot	2019-10-30 18:24:23
223.71.213.216	attackbots	port scan and connect, tcp 22 (ssh)	2019-10-30 17:51:47
45.6.93.222	attack	Oct 30 09:34:21 ArkNodeAT sshd\[20369\]: Invalid user Million123 from 45.6.93.222 Oct 30 09:34:21 ArkNodeAT sshd\[20369\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.6.93.222 Oct 30 09:34:23 ArkNodeAT sshd\[20369\]: Failed password for invalid user Million123 from 45.6.93.222 port 53546 ssh2	2019-10-30 18:00:32
77.48.60.45	attackspam	Oct 30 10:56:01 dcd-gentoo sshd[6098]: User root from 77.48.60.45 not allowed because none of user's groups are listed in AllowGroups Oct 30 10:56:03 dcd-gentoo sshd[6098]: error: PAM: Authentication failure for illegal user root from 77.48.60.45 Oct 30 10:56:01 dcd-gentoo sshd[6098]: User root from 77.48.60.45 not allowed because none of user's groups are listed in AllowGroups Oct 30 10:56:03 dcd-gentoo sshd[6098]: error: PAM: Authentication failure for illegal user root from 77.48.60.45 Oct 30 10:56:01 dcd-gentoo sshd[6098]: User root from 77.48.60.45 not allowed because none of user's groups are listed in AllowGroups Oct 30 10:56:03 dcd-gentoo sshd[6098]: error: PAM: Authentication failure for illegal user root from 77.48.60.45 Oct 30 10:56:03 dcd-gentoo sshd[6098]: Failed keyboard-interactive/pam for invalid user root from 77.48.60.45 port 53296 ssh2 ...	2019-10-30 18:18:47
27.221.165.154	attack	Port Scan: TCP/23	2019-10-30 17:55:21
104.238.126.167	attackspambots	Brute forcing RDP port 3389	2019-10-30 17:56:17
106.12.114.26	attack	Oct 30 05:11:11 Ubuntu-1404-trusty-64-minimal sshd\[19565\]: Invalid user tomcat from 106.12.114.26 Oct 30 05:11:11 Ubuntu-1404-trusty-64-minimal sshd\[19565\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.114.26 Oct 30 05:11:13 Ubuntu-1404-trusty-64-minimal sshd\[19565\]: Failed password for invalid user tomcat from 106.12.114.26 port 41094 ssh2 Oct 30 05:14:59 Ubuntu-1404-trusty-64-minimal sshd\[20855\]: Invalid user tomcat from 106.12.114.26 Oct 30 05:14:59 Ubuntu-1404-trusty-64-minimal sshd\[20855\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.114.26	2019-10-30 18:29:10
182.171.245.130	attackbotsspam	Oct 30 08:31:04 sauna sshd[104047]: Failed password for root from 182.171.245.130 port 61019 ssh2 ...	2019-10-30 18:30:55
49.151.133.41	attack	445/tcp [2019-10-30]1pkt	2019-10-30 18:06:39
103.14.99.241	attackspam	Lines containing failures of 103.14.99.241 Oct 29 10:51:14 smtp-out sshd[31824]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.14.99.241 user=r.r Oct 29 10:51:16 smtp-out sshd[31824]: Failed password for r.r from 103.14.99.241 port 50016 ssh2 Oct 29 10:51:18 smtp-out sshd[31824]: Received disconnect from 103.14.99.241 port 50016:11: Bye Bye [preauth] Oct 29 10:51:18 smtp-out sshd[31824]: Disconnected from authenticating user r.r 103.14.99.241 port 50016 [preauth] Oct 29 11:01:24 smtp-out sshd[32176]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.14.99.241 user=r.r Oct 29 11:01:26 smtp-out sshd[32176]: Failed password for r.r from 103.14.99.241 port 56840 ssh2 Oct 29 11:01:26 smtp-out sshd[32176]: Received disconnect from 103.14.99.241 port 56840:11: Bye Bye [preauth] Oct 29 11:01:26 smtp-out sshd[32176]: Disconnected from authenticating user r.r 103.14.99.241 port 56840 [preauth........ ------------------------------	2019-10-30 18:25:12
103.8.118.152	attack	Unauthorised access (Oct 30) SRC=103.8.118.152 LEN=52 TTL=116 ID=20085 DF TCP DPT=445 WINDOW=8192 SYN Unauthorised access (Oct 30) SRC=103.8.118.152 LEN=52 TTL=114 ID=24162 DF TCP DPT=445 WINDOW=8192 SYN	2019-10-30 18:00:16

最近上报的IP列表

45.124.19.82	171.247.204.170	39.148.40.79	39.50.228.228
1.53.200.51	208.125.129.51	47.26.30.92	189.189.247.238
72.151.173.38	186.186.145.11	213.33.226.202	157.47.238.112
27.37.211.209	94.25.175.228	95.10.176.235	142.11.227.203
62.28.223.119	51.104.136.2	69.114.175.230	51.152.112.190