148.66.132.169

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Singapore

运营商(isp): GoDaddy.com

主机名(hostname): unknown

机构(organization): GoDaddy.com, LLC

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	148.66.132.169 - - [23/Jun/2019:21:50:03 +0200] "POST [munged]wp-login.php HTTP/1.1" 444 0 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 0.000	2019-06-24 11:30:00

相同子网IP讨论:

IP	类型	评论内容	时间
148.66.132.190	attack	Ssh brute force	2020-10-04 09:05:57
148.66.132.190	attackbotsspam	2020-10-03T03:22:43.911310n23.at sshd[2066088]: Failed password for invalid user git from 148.66.132.190 port 36800 ssh2 2020-10-03T03:37:20.303913n23.at sshd[2077902]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.66.132.190 user=root 2020-10-03T03:37:22.404701n23.at sshd[2077902]: Failed password for root from 148.66.132.190 port 35436 ssh2 ...	2020-10-04 01:42:25
148.66.132.190	attack	2020-10-03T03:22:43.911310n23.at sshd[2066088]: Failed password for invalid user git from 148.66.132.190 port 36800 ssh2 2020-10-03T03:37:20.303913n23.at sshd[2077902]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.66.132.190 user=root 2020-10-03T03:37:22.404701n23.at sshd[2077902]: Failed password for root from 148.66.132.190 port 35436 ssh2 ...	2020-10-03 17:27:56
148.66.132.190	attackspambots	SSH brute	2020-09-29 03:25:49
148.66.132.190	attackbotsspam	Sep 28 07:57:34 nextcloud sshd\[8903\]: Invalid user guest from 148.66.132.190 Sep 28 07:57:34 nextcloud sshd\[8903\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.66.132.190 Sep 28 07:57:36 nextcloud sshd\[8903\]: Failed password for invalid user guest from 148.66.132.190 port 55886 ssh2	2020-09-28 19:37:03
148.66.132.190	attackspambots	Aug 24 14:55:44 ip-172-31-16-56 sshd\[1591\]: Invalid user web from 148.66.132.190\ Aug 24 14:55:46 ip-172-31-16-56 sshd\[1591\]: Failed password for invalid user web from 148.66.132.190 port 58242 ssh2\ Aug 24 15:00:41 ip-172-31-16-56 sshd\[1617\]: Invalid user db2inst1 from 148.66.132.190\ Aug 24 15:00:43 ip-172-31-16-56 sshd\[1617\]: Failed password for invalid user db2inst1 from 148.66.132.190 port 38126 ssh2\ Aug 24 15:05:31 ip-172-31-16-56 sshd\[1667\]: Invalid user postgres from 148.66.132.190\	2020-08-25 00:43:51
148.66.132.190	attackbotsspam	Aug 17 04:15:49 itv-usvr-01 sshd[24156]: Invalid user brisa from 148.66.132.190 Aug 17 04:15:49 itv-usvr-01 sshd[24156]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.66.132.190 Aug 17 04:15:49 itv-usvr-01 sshd[24156]: Invalid user brisa from 148.66.132.190 Aug 17 04:15:51 itv-usvr-01 sshd[24156]: Failed password for invalid user brisa from 148.66.132.190 port 39092 ssh2	2020-08-17 05:32:23
148.66.132.190	attack	Aug 12 23:53:24 cosmoit sshd[26793]: Failed password for root from 148.66.132.190 port 59358 ssh2	2020-08-13 06:02:42
148.66.132.190	attack	Aug 3 00:06:49 itv-usvr-01 sshd[6849]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.66.132.190 user=root Aug 3 00:06:51 itv-usvr-01 sshd[6849]: Failed password for root from 148.66.132.190 port 34194 ssh2 Aug 3 00:11:32 itv-usvr-01 sshd[7198]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.66.132.190 user=root Aug 3 00:11:34 itv-usvr-01 sshd[7198]: Failed password for root from 148.66.132.190 port 47582 ssh2 Aug 3 00:16:02 itv-usvr-01 sshd[7400]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.66.132.190 user=root Aug 3 00:16:04 itv-usvr-01 sshd[7400]: Failed password for root from 148.66.132.190 port 60950 ssh2	2020-08-03 02:05:23
148.66.132.190	attack	Invalid user jogoon from 148.66.132.190 port 38050	2020-08-01 14:04:33
148.66.132.190	attackspambots	Jul 30 08:05:54 piServer sshd[21143]: Failed password for backup from 148.66.132.190 port 35484 ssh2 Jul 30 08:09:27 piServer sshd[21521]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.66.132.190 Jul 30 08:09:29 piServer sshd[21521]: Failed password for invalid user xiehs from 148.66.132.190 port 56024 ssh2 ...	2020-07-30 16:40:13
148.66.132.190	attack	Jul 18 00:02:02 [host] sshd[25700]: Invalid user e Jul 18 00:02:02 [host] sshd[25700]: pam_unix(sshd: Jul 18 00:02:05 [host] sshd[25700]: Failed passwor	2020-07-18 08:22:35
148.66.132.190	attackspam	Jun 26 04:57:54 dignus sshd[8727]: Failed password for invalid user ejabberd from 148.66.132.190 port 37842 ssh2 Jun 26 05:01:36 dignus sshd[9084]: Invalid user deploy from 148.66.132.190 port 38318 Jun 26 05:01:36 dignus sshd[9084]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.66.132.190 Jun 26 05:01:37 dignus sshd[9084]: Failed password for invalid user deploy from 148.66.132.190 port 38318 ssh2 Jun 26 05:05:27 dignus sshd[9474]: Invalid user roberto from 148.66.132.190 port 38806 ...	2020-06-26 22:54:01
148.66.132.190	attackbots	Jun 12 08:05:27 Tower sshd[14390]: Connection from 148.66.132.190 port 37990 on 192.168.10.220 port 22 rdomain "" Jun 12 08:05:29 Tower sshd[14390]: Invalid user monitor from 148.66.132.190 port 37990 Jun 12 08:05:29 Tower sshd[14390]: error: Could not get shadow information for NOUSER Jun 12 08:05:29 Tower sshd[14390]: Failed password for invalid user monitor from 148.66.132.190 port 37990 ssh2 Jun 12 08:05:29 Tower sshd[14390]: Received disconnect from 148.66.132.190 port 37990:11: Bye Bye [preauth] Jun 12 08:05:29 Tower sshd[14390]: Disconnected from invalid user monitor 148.66.132.190 port 37990 [preauth]	2020-06-12 23:58:08
148.66.132.190	attackspam	Unauthorised connection attempt detected at AUO MAIN. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-06-08 04:18:39

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 148.66.132.169
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 134
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;148.66.132.169.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019050800 1800 900 604800 86400

;; Query time: 12 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Wed May 08 21:25:08 +08 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 169.132.66.148.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 169.132.66.148.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
185.220.101.207	attackbots	2020-08-13T14:40:49.804086wiz-ks3 sshd[7853]: Failed password for root from 185.220.101.207 port 7512 ssh2 2020-08-13T14:40:49.804279wiz-ks3 sshd[7853]: error: maximum authentication attempts exceeded for root from 185.220.101.207 port 7512 ssh2 [preauth] 2020-08-13T14:40:37.348421wiz-ks3 sshd[7853]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.220.101.207 user=root 2020-08-13T14:40:39.577706wiz-ks3 sshd[7853]: Failed password for root from 185.220.101.207 port 7512 ssh2 2020-08-13T14:40:42.263607wiz-ks3 sshd[7853]: Failed password for root from 185.220.101.207 port 7512 ssh2 2020-08-13T14:40:45.104659wiz-ks3 sshd[7853]: Failed password for root from 185.220.101.207 port 7512 ssh2 2020-08-13T14:40:47.553565wiz-ks3 sshd[7853]: Failed password for root from 185.220.101.207 port 7512 ssh2 2020-08-13T14:40:49.804086wiz-ks3 sshd[7853]: Failed password for root from 185.220.101.207 port 7512 ssh2 2020-08-13T14:40:49.804279wiz-ks3 sshd[7853]: error: maximum authenticat	2020-08-15 04:20:04
45.129.33.155	attack	firewall-block, port(s): 9320/tcp	2020-08-15 04:36:24
128.199.124.159	attack	Aug 14 20:07:39 minden010 sshd[17842]: Failed password for root from 128.199.124.159 port 48002 ssh2 Aug 14 20:09:59 minden010 sshd[18732]: Failed password for root from 128.199.124.159 port 53842 ssh2 ...	2020-08-15 04:16:53
139.59.17.238	attack	firewall-block, port(s): 17651/tcp	2020-08-15 04:42:58
162.247.74.201	attackbotsspam	prod11 ...	2020-08-15 04:36:51
58.250.164.246	attackspam	Aug 14 20:59:27 marvibiene sshd[18759]: Failed password for root from 58.250.164.246 port 56448 ssh2	2020-08-15 04:43:42
138.59.82.5	attackbotsspam	1597407499 - 08/14/2020 14:18:19 Host: 138.59.82.5/138.59.82.5 Port: 445 TCP Blocked	2020-08-15 04:29:14
117.232.127.51	attackbots	Aug 14 22:01:13 ns37 sshd[11393]: Failed password for root from 117.232.127.51 port 39518 ssh2 Aug 14 22:04:51 ns37 sshd[11534]: Failed password for root from 117.232.127.51 port 55558 ssh2	2020-08-15 04:27:49
58.54.249.210	attackbots	SSH Login Bruteforce	2020-08-15 04:38:28
200.116.47.247	attackbots	Aug 14 21:39:03 rocket sshd[19078]: Failed password for root from 200.116.47.247 port 33011 ssh2 Aug 14 21:45:13 rocket sshd[20300]: Failed password for root from 200.116.47.247 port 14385 ssh2 ...	2020-08-15 04:49:28
112.85.42.229	attackbotsspam	Bruteforce detected by fail2ban	2020-08-15 04:24:24
112.85.42.195	attackspambots	Aug 14 23:04:26 pkdns2 sshd\[55694\]: Failed password for root from 112.85.42.195 port 22727 ssh2Aug 14 23:05:15 pkdns2 sshd\[55765\]: Failed password for root from 112.85.42.195 port 53004 ssh2Aug 14 23:06:04 pkdns2 sshd\[55772\]: Failed password for root from 112.85.42.195 port 32882 ssh2Aug 14 23:06:07 pkdns2 sshd\[55772\]: Failed password for root from 112.85.42.195 port 32882 ssh2Aug 14 23:06:09 pkdns2 sshd\[55772\]: Failed password for root from 112.85.42.195 port 32882 ssh2Aug 14 23:06:55 pkdns2 sshd\[55807\]: Failed password for root from 112.85.42.195 port 17288 ssh2 ...	2020-08-15 04:21:10
27.124.14.20	attackspambots	Unauthorized connection attempt from IP address 27.124.14.20 on Port 445(SMB)	2020-08-15 04:47:24
124.207.221.66	attackbots	Aug 14 22:04:13 rancher-0 sshd[1085843]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.207.221.66 user=root Aug 14 22:04:15 rancher-0 sshd[1085843]: Failed password for root from 124.207.221.66 port 39482 ssh2 ...	2020-08-15 04:25:25
31.29.212.240	attack	Unauthorised access (Aug 14) SRC=31.29.212.240 LEN=48 TTL=113 ID=1800 DF TCP DPT=445 WINDOW=65535 SYN	2020-08-15 04:35:29

最近上报的IP列表

130.70.34.247	52.224.121.164	214.0.208.214	220.187.219.50
202.166.198.138	27.79.216.24	42.196.212.224	219.107.169.182
139.37.131.56	41.77.221.91	192.95.3.200	184.118.54.33
82.137.52.59	150.136.138.194	159.224.64.105	14.184.52.145
193.209.164.85	180.246.99.16	220.124.204.155	118.26.182.13