148.66.145.42 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Singapore

运营商(isp): GoDaddy.com

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Wordpress_xmlrpc_attack	2020-03-22 22:45:09

相同子网IP讨论:

IP	类型	评论内容	时间
148.66.145.158	attackspam	$f2bV_matches	2020-04-15 22:01:04
148.66.145.30	attack	Attempt to hack Wordpress Login, XMLRPC or other login	2020-04-05 10:08:25
148.66.145.133	attack	xmlrpc attack	2020-03-31 22:34:24
148.66.145.155	attack	xmlrpc attack	2020-03-23 08:18:59
148.66.145.152	attackbots	xmlrpc attack	2020-03-21 05:04:53
148.66.145.2	attackbots	Mar 16 23:36:07 mercury wordpress(www.learnargentinianspanish.com)[1450]: XML-RPC authentication failure for josh from 148.66.145.2 ...	2020-03-17 09:40:54
148.66.145.28	attackspam	Automatic report - XMLRPC Attack	2020-02-15 15:26:58
148.66.145.146	attackspambots	SCHUETZENMUSIKANTEN.DE 148.66.145.146 \[12/Nov/2019:07:28:50 +0100\] "POST /xmlrpc.php HTTP/1.1" 200 4285 "-" "Mozilla/5.0 $Windows NT 10.0\; Win64\; x64$ AppleWebKit/537.36 $KHTML, like Gecko$ Chrome/60.0.3112.113 Safari/537.36" schuetzenmusikanten.de 148.66.145.146 \[12/Nov/2019:07:28:50 +0100\] "POST /xmlrpc.php HTTP/1.1" 200 4285 "-" "Mozilla/5.0 $Windows NT 10.0\; Win64\; x64$ AppleWebKit/537.36 $KHTML, like Gecko$ Chrome/60.0.3112.113 Safari/537.36"	2019-11-12 17:17:24
148.66.145.28	attackspambots	Automatic report - XMLRPC Attack	2019-10-29 20:23:24
148.66.145.165	attackspambots	148.66.145.165 has been banned for [WebApp Attack] ...	2019-10-26 18:28:54
148.66.145.25	attackbots	Automatic report - Banned IP Access	2019-10-20 23:50:09
148.66.145.134	attackspam	miraklein.com 148.66.145.134 \[02/Oct/2019:23:27:24 +0200\] "POST /xmlrpc.php HTTP/1.1" 301 439 "-" "WordPress" miraniessen.de 148.66.145.134 \[02/Oct/2019:23:27:25 +0200\] "POST /xmlrpc.php HTTP/1.1" 200 4214 "-" "WordPress"	2019-10-03 07:10:28
148.66.145.133	attackbots	xmlrpc attack	2019-10-03 01:04:36
148.66.145.133	attackbotsspam	fail2ban honeypot	2019-10-01 07:28:35
148.66.145.133	attackspam	Automatic report - Banned IP Access	2019-09-29 22:28:42

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 148.66.145.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 12123
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;148.66.145.42.			IN	A

;; AUTHORITY SECTION:
.			327	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020032200 1800 900 604800 86400

;; Query time: 45 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Mar 22 22:45:06 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 42.145.66.148.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 42.145.66.148.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
137.74.173.182	attackbotsspam	$f2bV_matches	2019-10-25 05:50:05
212.72.144.226	attackbotsspam	(From silke.goward@gmail.com) Hi, Do you want to reach new clients? We are personally welcoming you to sign up with one of the leading influencer and affiliate networks on the web. This network finds influencers and affiliates in your niche who will promote your products/services on their websites and social media channels. Benefits of our program consist of: brand exposure for your business, increased reputation, and potentially more clients. It's the best, easiest and most efficient way to increase your sales! What do you think? Find out more here: http://socialinfluencer.nicheadvertising.online	2019-10-25 05:39:57
84.52.126.234	attackbots	84.52.126.234 - - [24/Oct/2019:21:42:39 +0300] "\x03\x00\x00+&\xE0\x00\x00\x00\x00\x00Cookie: mstshash=hello" 400 150 "-" "-"	2019-10-25 06:02:24
117.211.100.22	attackspambots	WordPress brute force	2019-10-25 06:13:08
139.199.48.217	attack	Oct 25 00:09:31 hosting sshd[5805]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.48.217 user=root Oct 25 00:09:33 hosting sshd[5805]: Failed password for root from 139.199.48.217 port 48912 ssh2 Oct 25 00:14:01 hosting sshd[6344]: Invalid user mongo from 139.199.48.217 port 58824 ...	2019-10-25 05:37:46
112.1.81.70	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/112.1.81.70/ CN - 1H : (881) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : CN NAME ASN : ASN56046 IP : 112.1.81.70 CIDR : 112.1.0.0/17 PREFIX COUNT : 619 UNIQUE IP COUNT : 3001856 ATTACKS DETECTED ASN56046 : 1H - 2 3H - 3 6H - 3 12H - 5 24H - 5 DateTime : 2019-10-24 22:16:05 INFO : HACK ! - Looking for resource vulnerabilities Scan Detected and Blocked by ADMIN - data recovery	2019-10-25 05:36:11
103.15.135.99	attackbotsspam	WordPress login Brute force / Web App Attack on client site.	2019-10-25 05:44:16
182.72.250.129	attack	(From silke.goward@gmail.com) Hi, Do you want to reach new clients? We are personally welcoming you to sign up with one of the leading influencer and affiliate networks on the web. This network finds influencers and affiliates in your niche who will promote your products/services on their websites and social media channels. Benefits of our program consist of: brand exposure for your business, increased reputation, and potentially more clients. It's the best, easiest and most efficient way to increase your sales! What do you think? Find out more here: http://socialinfluencer.nicheadvertising.online	2019-10-25 05:41:28
177.23.196.77	attack	Oct 24 23:29:01 localhost sshd\[6494\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.23.196.77 user=root Oct 24 23:29:03 localhost sshd\[6494\]: Failed password for root from 177.23.196.77 port 43180 ssh2 Oct 24 23:34:05 localhost sshd\[6932\]: Invalid user ubuntu from 177.23.196.77 port 54908	2019-10-25 05:36:41
172.241.140.210	attackspambots	Port Scan: TCP/443	2019-10-25 06:13:32
111.40.183.193	attackspambots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/111.40.183.193/ CN - 1H : (878) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : CN NAME ASN : ASN132525 IP : 111.40.183.193 CIDR : 111.40.128.0/18 PREFIX COUNT : 46 UNIQUE IP COUNT : 365056 ATTACKS DETECTED ASN132525 : 1H - 1 3H - 2 6H - 2 12H - 2 24H - 2 DateTime : 2019-10-24 22:15:29 INFO : HACK ! - Looking for resource vulnerabilities Scan Detected and Blocked by ADMIN - data recovery	2019-10-25 05:53:31
94.198.196.132	attackspambots	94.198.196.132 - - [24/Oct/2019:22:30:13 +0300] "\x03\x00\x00+&\xE0\x00\x00\x00\x00\x00Cookie: mstshash=hello" 400 150 "-" "-"	2019-10-25 05:46:40
86.157.57.212	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/86.157.57.212/ GB - 1H : (95) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : GB NAME ASN : ASN2856 IP : 86.157.57.212 CIDR : 86.144.0.0/12 PREFIX COUNT : 292 UNIQUE IP COUNT : 10658560 ATTACKS DETECTED ASN2856 : 1H - 1 3H - 3 6H - 3 12H - 4 24H - 14 DateTime : 2019-10-24 22:15:30 INFO : Server 403 - Looking for resource vulnerabilities Detected and Blocked by ADMIN - data recovery	2019-10-25 05:52:19
81.22.45.116	attack	Oct 24 23:23:39 mc1 kernel: \[3238561.133150\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.116 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=36566 PROTO=TCP SPT=56953 DPT=26054 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 24 23:28:52 mc1 kernel: \[3238874.453166\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.116 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=61314 PROTO=TCP SPT=56953 DPT=25742 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 24 23:32:08 mc1 kernel: \[3239070.267596\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.116 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=62660 PROTO=TCP SPT=56953 DPT=25614 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-10-25 05:40:14
178.159.47.37	attackbots	fail2ban	2019-10-25 05:56:24

最近上报的IP列表

35.181.159.236	41.38.212.233	120.6.142.246	60.52.126.228
189.15.202.177	85.104.19.103	193.242.151.204	93.88.176.27
108.89.206.236	197.45.189.211	196.194.210.104	180.249.116.152
158.222.11.35	91.83.201.210	45.152.34.11	160.145.95.222
91.130.54.76	2.92.196.136	184.56.66.153	197.41.148.155