148.66.145.42 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Singapore

运营商(isp): GoDaddy.com

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Wordpress_xmlrpc_attack	2020-03-22 22:45:09

相同子网IP讨论:

IP	类型	评论内容	时间
148.66.145.158	attackspam	$f2bV_matches	2020-04-15 22:01:04
148.66.145.30	attack	Attempt to hack Wordpress Login, XMLRPC or other login	2020-04-05 10:08:25
148.66.145.133	attack	xmlrpc attack	2020-03-31 22:34:24
148.66.145.155	attack	xmlrpc attack	2020-03-23 08:18:59
148.66.145.152	attackbots	xmlrpc attack	2020-03-21 05:04:53
148.66.145.2	attackbots	Mar 16 23:36:07 mercury wordpress(www.learnargentinianspanish.com)[1450]: XML-RPC authentication failure for josh from 148.66.145.2 ...	2020-03-17 09:40:54
148.66.145.28	attackspam	Automatic report - XMLRPC Attack	2020-02-15 15:26:58
148.66.145.146	attackspambots	SCHUETZENMUSIKANTEN.DE 148.66.145.146 \[12/Nov/2019:07:28:50 +0100\] "POST /xmlrpc.php HTTP/1.1" 200 4285 "-" "Mozilla/5.0 $Windows NT 10.0\; Win64\; x64$ AppleWebKit/537.36 $KHTML, like Gecko$ Chrome/60.0.3112.113 Safari/537.36" schuetzenmusikanten.de 148.66.145.146 \[12/Nov/2019:07:28:50 +0100\] "POST /xmlrpc.php HTTP/1.1" 200 4285 "-" "Mozilla/5.0 $Windows NT 10.0\; Win64\; x64$ AppleWebKit/537.36 $KHTML, like Gecko$ Chrome/60.0.3112.113 Safari/537.36"	2019-11-12 17:17:24
148.66.145.28	attackspambots	Automatic report - XMLRPC Attack	2019-10-29 20:23:24
148.66.145.165	attackspambots	148.66.145.165 has been banned for [WebApp Attack] ...	2019-10-26 18:28:54
148.66.145.25	attackbots	Automatic report - Banned IP Access	2019-10-20 23:50:09
148.66.145.134	attackspam	miraklein.com 148.66.145.134 \[02/Oct/2019:23:27:24 +0200\] "POST /xmlrpc.php HTTP/1.1" 301 439 "-" "WordPress" miraniessen.de 148.66.145.134 \[02/Oct/2019:23:27:25 +0200\] "POST /xmlrpc.php HTTP/1.1" 200 4214 "-" "WordPress"	2019-10-03 07:10:28
148.66.145.133	attackbots	xmlrpc attack	2019-10-03 01:04:36
148.66.145.133	attackbotsspam	fail2ban honeypot	2019-10-01 07:28:35
148.66.145.133	attackspam	Automatic report - Banned IP Access	2019-09-29 22:28:42

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 148.66.145.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 12123
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;148.66.145.42.			IN	A

;; AUTHORITY SECTION:
.			327	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020032200 1800 900 604800 86400

;; Query time: 45 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Mar 22 22:45:06 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 42.145.66.148.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 42.145.66.148.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
69.162.113.233	attack	[SMB remote code execution attempt: port tcp/445] *(RWIN=1024)(08101032)	2019-08-10 17:23:23
187.87.4.61	attackspambots	failed_logins	2019-08-10 18:08:47
116.31.116.2	attackspam	2019-08-10T08:20:33.373029abusebot-4.cloudsearch.cf sshd\[19661\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.31.116.2 user=root	2019-08-10 17:29:11
185.211.245.170	attack	Aug 10 11:27:54 relay postfix/smtpd\[7089\]: warning: unknown\[185.211.245.170\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 10 11:28:03 relay postfix/smtpd\[7088\]: warning: unknown\[185.211.245.170\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 10 11:29:45 relay postfix/smtpd\[7087\]: warning: unknown\[185.211.245.170\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 10 11:29:55 relay postfix/smtpd\[29049\]: warning: unknown\[185.211.245.170\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 10 11:40:11 relay postfix/smtpd\[7089\]: warning: unknown\[185.211.245.170\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-08-10 18:00:27
49.84.251.62	attackbots	Helo	2019-08-10 17:12:52
139.198.189.36	attackbots	Aug 10 08:09:18 dedicated sshd[29236]: Invalid user axi from 139.198.189.36 port 51968	2019-08-10 17:27:59
180.157.194.227	attackspambots	Aug 10 07:33:09 plex sshd[22938]: Invalid user test from 180.157.194.227 port 12391	2019-08-10 17:21:56
157.230.190.1	attackbots	Aug 10 11:01:31 localhost sshd\[611\]: Invalid user carol from 157.230.190.1 port 47292 Aug 10 11:01:31 localhost sshd\[611\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.190.1 Aug 10 11:01:33 localhost sshd\[611\]: Failed password for invalid user carol from 157.230.190.1 port 47292 ssh2	2019-08-10 17:11:32
106.32.220.5	attackbots	Aug 10 07:28:12 ovpn sshd[27651]: Invalid user admin from 106.32.220.5 Aug 10 07:28:12 ovpn sshd[27651]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.32.220.5 Aug 10 07:28:15 ovpn sshd[27651]: Failed password for invalid user admin from 106.32.220.5 port 57218 ssh2 Aug 10 07:28:18 ovpn sshd[27651]: Failed password for invalid user admin from 106.32.220.5 port 57218 ssh2 Aug 10 07:28:20 ovpn sshd[27651]: Failed password for invalid user admin from 106.32.220.5 port 57218 ssh2 Aug 10 07:28:22 ovpn sshd[27651]: Failed password for invalid user admin from 106.32.220.5 port 57218 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=106.32.220.5	2019-08-10 18:03:39
201.116.12.217	attackbotsspam	SSH authentication failure x 6 reported by Fail2Ban ...	2019-08-10 18:04:47
114.236.8.193	attack	Reported by AbuseIPDB proxy server.	2019-08-10 17:20:23
182.75.248.254	attackbotsspam	Aug 10 07:07:08 MK-Soft-VM4 sshd\[7943\]: Invalid user psybnc from 182.75.248.254 port 49830 Aug 10 07:07:08 MK-Soft-VM4 sshd\[7943\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.75.248.254 Aug 10 07:07:10 MK-Soft-VM4 sshd\[7943\]: Failed password for invalid user psybnc from 182.75.248.254 port 49830 ssh2 ...	2019-08-10 17:28:31
207.107.67.67	attackbotsspam	Aug 10 04:31:05 * sshd[4515]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.107.67.67 Aug 10 04:31:07 * sshd[4515]: Failed password for invalid user matthew from 207.107.67.67 port 55842 ssh2	2019-08-10 17:18:16
36.228.124.70	attackspam	Aug 9 20:32:14 localhost kernel: [16641327.457460] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=36.228.124.70 DST=[mungedIP2] LEN=40 TOS=0x00 PREC=0x00 TTL=52 ID=55918 PROTO=TCP SPT=58879 DPT=37215 WINDOW=52690 RES=0x00 SYN URGP=0 Aug 9 20:32:14 localhost kernel: [16641327.457467] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=36.228.124.70 DST=[mungedIP2] LEN=40 TOS=0x00 PREC=0x00 TTL=52 ID=55918 PROTO=TCP SPT=58879 DPT=37215 SEQ=758669438 ACK=0 WINDOW=52690 RES=0x00 SYN URGP=0 Aug 9 22:30:09 localhost kernel: [16648402.872598] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=36.228.124.70 DST=[mungedIP2] LEN=40 TOS=0x00 PREC=0x00 TTL=52 ID=64111 PROTO=TCP SPT=58879 DPT=37215 WINDOW=52690 RES=0x00 SYN URGP=0 Aug 9 22:30:09 localhost kernel: [16648402.872607] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=36.228.124.70 DST=[mungedIP2] LEN=40 TOS=0x0	2019-08-10 17:50:15
117.4.121.234	attackbots	Unauthorised access (Aug 10) SRC=117.4.121.234 LEN=52 TTL=108 ID=10755 DF TCP DPT=445 WINDOW=8192 SYN	2019-08-10 17:16:04

最近上报的IP列表

35.181.159.236	41.38.212.233	120.6.142.246	60.52.126.228
189.15.202.177	85.104.19.103	193.242.151.204	93.88.176.27
108.89.206.236	197.45.189.211	196.194.210.104	180.249.116.152
158.222.11.35	91.83.201.210	45.152.34.11	160.145.95.222
91.130.54.76	2.92.196.136	184.56.66.153	197.41.148.155