132.148.90.148

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): GoDaddy.com LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	fail2ban honeypot	2019-11-27 16:35:52
attackbots	Automatic report - XMLRPC Attack	2019-11-19 22:19:16

相同子网IP讨论:

IP	类型	评论内容	时间
132.148.90.178	attack	PHI,DEF GET /wp-config.php?aam-media=1	2019-09-08 02:03:34

WHOIS信息:

DIG信息:


; <<>> DiG 9.11.4-P2-RedHat-9.11.4-9.P2.el7 <<>> 132.148.90.148
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 33912
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;132.148.90.148.			IN	A

;; AUTHORITY SECTION:
.			10800	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019111900 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 100.100.2.136#53(100.100.2.136)
;; WHEN: Tue Nov 19 22:23:39 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

148.90.148.132.in-addr.arpa domain name pointer ip-132-148-90-148.ip.secureserver.net.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
148.90.148.132.in-addr.arpa	name = ip-132-148-90-148.ip.secureserver.net.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
61.8.75.5	attackspam	Oct 14 18:59:56 vps01 sshd[28270]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.8.75.5 Oct 14 18:59:58 vps01 sshd[28270]: Failed password for invalid user Qwerty@6 from 61.8.75.5 port 52124 ssh2	2019-10-15 03:37:57
190.195.13.138	attack	2019-10-14T20:28:58.719388tmaserv sshd\[19511\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.195.13.138 2019-10-14T20:29:00.316758tmaserv sshd\[19511\]: Failed password for invalid user penis123 from 190.195.13.138 port 41688 ssh2 2019-10-14T21:32:36.352458tmaserv sshd\[22169\]: Invalid user Pass from 190.195.13.138 port 37502 2019-10-14T21:32:36.355214tmaserv sshd\[22169\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.195.13.138 2019-10-14T21:32:38.434043tmaserv sshd\[22169\]: Failed password for invalid user Pass from 190.195.13.138 port 37502 ssh2 2019-10-14T21:37:13.330251tmaserv sshd\[22364\]: Invalid user solar from 190.195.13.138 port 47298 2019-10-14T21:37:13.333548tmaserv sshd\[22364\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.195.13.138 ...	2019-10-15 03:24:28
118.24.30.97	attack	Oct 14 20:27:56 [snip] sshd[27276]: Invalid user jiushop from 118.24.30.97 port 34266 Oct 14 20:27:56 [snip] sshd[27276]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.30.97 Oct 14 20:27:58 [snip] sshd[27276]: Failed password for invalid user jiushop from 118.24.30.97 port 34266 ssh2[...]	2019-10-15 03:37:26
185.90.118.80	attackspam	10/14/2019-14:23:56.616265 185.90.118.80 Protocol: 6 ET SCAN Potential SSH Scan	2019-10-15 03:42:18
23.129.64.156	attackbots	Automatic report - XMLRPC Attack	2019-10-15 03:51:18
153.135.178.194	attackbotsspam	Unauthorised access (Oct 14) SRC=153.135.178.194 LEN=40 TOS=0x10 PREC=0x40 TTL=50 ID=47720 TCP DPT=8080 WINDOW=37394 SYN Unauthorised access (Oct 14) SRC=153.135.178.194 LEN=40 TOS=0x10 PREC=0x40 TTL=50 ID=41834 TCP DPT=8080 WINDOW=37394 SYN	2019-10-15 03:15:10
193.32.160.139	attack	Oct 14 21:02:06 relay postfix/smtpd\[19163\]: NOQUEUE: reject: RCPT from unknown\[193.32.160.139\]: 554 5.7.1 \: Relay access denied\; from=\<3p71lwbhajvnlh2@aseco.dk\> to=\ proto=ESMTP helo=\<\[193.32.160.142\]\> Oct 14 21:02:06 relay postfix/smtpd\[19163\]: NOQUEUE: reject: RCPT from unknown\[193.32.160.139\]: 554 5.7.1 \: Relay access denied\; from=\<3p71lwbhajvnlh2@aseco.dk\> to=\ proto=ESMTP helo=\<\[193.32.160.142\]\> Oct 14 21:02:06 relay postfix/smtpd\[19163\]: NOQUEUE: reject: RCPT from unknown\[193.32.160.139\]: 554 5.7.1 \: Relay access denied\; from=\<3p71lwbhajvnlh2@aseco.dk\> to=\ proto=ESMTP helo=\<\[193.32.160.142\]\> Oct 14 21:02:06 relay postfix/smtpd\[19163\]: NOQUEUE: reject: RCPT from unknown\[193.32.160.139\]: 554 5.7.1 \: Relay access denied\; from=\<3p71lwbhajvnlh2@aseco.dk\> to=\	2019-10-15 03:44:51
112.11.82.186	attack	Connection by 112.11.82.186 on port: 139 got caught by honeypot at 10/14/2019 4:42:29 AM	2019-10-15 03:27:33
185.90.118.52	attack	Port scan	2019-10-15 03:14:21
120.89.64.8	attackbots	Oct 14 16:24:41 server sshd[50408]: Failed password for invalid user marry from 120.89.64.8 port 58798 ssh2 Oct 14 16:34:46 server sshd[52533]: Failed password for root from 120.89.64.8 port 53446 ssh2 Oct 14 16:39:10 server sshd[53495]: Failed password for invalid user bi from 120.89.64.8 port 35288 ssh2	2019-10-15 03:25:27
192.168.7.123	attackspam	Port 1433 Scan	2019-10-15 03:13:49
201.62.79.25	attack	" "	2019-10-15 03:37:13
138.68.99.46	attackspam	SSH Brute Force, server-1 sshd[23108]: Failed password for root from 138.68.99.46 port 35998 ssh2	2019-10-15 03:36:38
185.90.116.82	attackbots	Port scan	2019-10-15 03:23:42
179.83.121.35	attackbots	Oct 14 07:56:31 localhost postfix/smtpd[15865]: disconnect from unknown[179.83.121.35] ehlo=1 auth=0/1 quhostname=1 commands=2/3 Oct 14 07:56:31 localhost postfix/smtpd[15864]: disconnect from unknown[179.83.121.35] ehlo=1 auth=0/1 quhostname=1 commands=2/3 Oct 14 08:22:48 localhost postfix/smtpd[25968]: disconnect from unknown[179.83.121.35] ehlo=1 auth=0/1 quhostname=1 commands=2/3 Oct 14 08:35:14 localhost postfix/smtpd[30766]: disconnect from unknown[179.83.121.35] ehlo=1 auth=0/1 quhostname=1 commands=2/3 Oct 14 08:35:14 localhost postfix/smtpd[30772]: disconnect from unknown[179.83.121.35] ehlo=1 auth=0/1 quhostname=1 commands=2/3 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=179.83.121.35	2019-10-15 03:28:53

最近上报的IP列表

49.149.135.52	102.171.140.33	94.152.193.221	104.148.21.248
117.196.6.39	5.53.125.32	183.80.98.153	109.60.62.29
197.46.217.100	115.50.126.92	103.73.182.97	103.48.111.250
190.188.100.169	188.4.156.234	110.235.193.211	188.19.180.208
94.132.98.59	106.13.144.164	193.226.226.188	41.114.91.44