148.66.145.42 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Singapore

运营商(isp): GoDaddy.com

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Wordpress_xmlrpc_attack	2020-03-22 22:45:09

相同子网IP讨论:

IP	类型	评论内容	时间
148.66.145.158	attackspam	$f2bV_matches	2020-04-15 22:01:04
148.66.145.30	attack	Attempt to hack Wordpress Login, XMLRPC or other login	2020-04-05 10:08:25
148.66.145.133	attack	xmlrpc attack	2020-03-31 22:34:24
148.66.145.155	attack	xmlrpc attack	2020-03-23 08:18:59
148.66.145.152	attackbots	xmlrpc attack	2020-03-21 05:04:53
148.66.145.2	attackbots	Mar 16 23:36:07 mercury wordpress(www.learnargentinianspanish.com)[1450]: XML-RPC authentication failure for josh from 148.66.145.2 ...	2020-03-17 09:40:54
148.66.145.28	attackspam	Automatic report - XMLRPC Attack	2020-02-15 15:26:58
148.66.145.146	attackspambots	SCHUETZENMUSIKANTEN.DE 148.66.145.146 \[12/Nov/2019:07:28:50 +0100\] "POST /xmlrpc.php HTTP/1.1" 200 4285 "-" "Mozilla/5.0 $Windows NT 10.0\; Win64\; x64$ AppleWebKit/537.36 $KHTML, like Gecko$ Chrome/60.0.3112.113 Safari/537.36" schuetzenmusikanten.de 148.66.145.146 \[12/Nov/2019:07:28:50 +0100\] "POST /xmlrpc.php HTTP/1.1" 200 4285 "-" "Mozilla/5.0 $Windows NT 10.0\; Win64\; x64$ AppleWebKit/537.36 $KHTML, like Gecko$ Chrome/60.0.3112.113 Safari/537.36"	2019-11-12 17:17:24
148.66.145.28	attackspambots	Automatic report - XMLRPC Attack	2019-10-29 20:23:24
148.66.145.165	attackspambots	148.66.145.165 has been banned for [WebApp Attack] ...	2019-10-26 18:28:54
148.66.145.25	attackbots	Automatic report - Banned IP Access	2019-10-20 23:50:09
148.66.145.134	attackspam	miraklein.com 148.66.145.134 \[02/Oct/2019:23:27:24 +0200\] "POST /xmlrpc.php HTTP/1.1" 301 439 "-" "WordPress" miraniessen.de 148.66.145.134 \[02/Oct/2019:23:27:25 +0200\] "POST /xmlrpc.php HTTP/1.1" 200 4214 "-" "WordPress"	2019-10-03 07:10:28
148.66.145.133	attackbots	xmlrpc attack	2019-10-03 01:04:36
148.66.145.133	attackbotsspam	fail2ban honeypot	2019-10-01 07:28:35
148.66.145.133	attackspam	Automatic report - Banned IP Access	2019-09-29 22:28:42

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 148.66.145.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 12123
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;148.66.145.42.			IN	A

;; AUTHORITY SECTION:
.			327	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020032200 1800 900 604800 86400

;; Query time: 45 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Mar 22 22:45:06 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 42.145.66.148.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 42.145.66.148.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
101.95.29.150	attackbots	port	2020-02-07 02:24:20
5.39.67.185	spam	Used till TEN times per day by verno.prim@gmail.com "Prim Vero Alba Iulia 20200 Chisinau MD" for SPAM on STOLLEN list we don't know with help of OVH, as usual with LIERS and ROBERS !	2020-02-07 02:54:40
190.186.107.59	attackspambots	$f2bV_matches	2020-02-07 02:36:04
197.250.128.34	attackspam	Feb 6 10:41:51 firewall sshd[18901]: Failed password for root from 197.250.128.34 port 23466 ssh2 Feb 6 10:41:54 firewall sshd[18905]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.250.128.34 user=root Feb 6 10:41:57 firewall sshd[18905]: Failed password for root from 197.250.128.34 port 19141 ssh2 ...	2020-02-07 02:21:04
49.88.112.116	attackbots	Feb 6 19:32:32 localhost sshd\[22471\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.116 user=root Feb 6 19:32:34 localhost sshd\[22471\]: Failed password for root from 49.88.112.116 port 26602 ssh2 Feb 6 19:32:37 localhost sshd\[22471\]: Failed password for root from 49.88.112.116 port 26602 ssh2	2020-02-07 02:51:17
61.84.41.44	attackbotsspam	Lines containing failures of 61.84.41.44 (max 1000) Feb 6 13:31:46 localhost sshd[28823]: Invalid user admin from 61.84.41.44 port 57459 Feb 6 13:31:46 localhost sshd[28823]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.84.41.44 Feb 6 13:31:48 localhost sshd[28823]: Failed password for invalid user admin from 61.84.41.44 port 57459 ssh2 Feb 6 13:31:50 localhost sshd[28823]: Connection closed by invalid user admin 61.84.41.44 port 57459 [preauth] Feb 6 13:31:54 localhost sshd[28829]: Invalid user admin from 61.84.41.44 port 57487 Feb 6 13:31:54 localhost sshd[28829]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.84.41.44 Feb 6 13:31:56 localhost sshd[28829]: Failed password for invalid user admin from 61.84.41.44 port 57487 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=61.84.41.44	2020-02-07 02:43:56
125.124.38.96	attackbots	invalid login attempt (rip)	2020-02-07 02:22:30
188.36.146.149	attack	Brute force SMTP login attempted. ...	2020-02-07 02:31:02
125.124.180.71	attackbotsspam	2020-02-06T13:10:33.014300 sshd[4550]: Invalid user rmz from 125.124.180.71 port 47846 2020-02-06T13:10:33.028438 sshd[4550]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.124.180.71 2020-02-06T13:10:33.014300 sshd[4550]: Invalid user rmz from 125.124.180.71 port 47846 2020-02-06T13:10:35.593600 sshd[4550]: Failed password for invalid user rmz from 125.124.180.71 port 47846 ssh2 2020-02-06T13:37:00.829879 sshd[5327]: Invalid user kyh from 125.124.180.71 port 60822 2020-02-06T13:37:00.843427 sshd[5327]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.124.180.71 2020-02-06T13:37:00.829879 sshd[5327]: Invalid user kyh from 125.124.180.71 port 60822 2020-02-06T13:37:02.941875 sshd[5327]: Failed password for invalid user kyh from 125.124.180.71 port 60822 ssh2 ...	2020-02-07 02:54:01
171.249.216.65	attackbots	1580996510 - 02/06/2020 14:41:50 Host: 171.249.216.65/171.249.216.65 Port: 445 TCP Blocked	2020-02-07 02:29:02
39.105.7.54	attackbots	3389BruteforceFW21	2020-02-07 02:39:40
144.217.34.147	attack	144.217.34.147 was recorded 18 times by 12 hosts attempting to connect to the following ports: 3702. Incident counter (4h, 24h, all-time): 18, 66, 123	2020-02-07 02:52:04
185.53.88.78	attackspambots	185.53.88.78 was recorded 9 times by 5 hosts attempting to connect to the following ports: 5060. Incident counter (4h, 24h, all-time): 9, 49, 2949	2020-02-07 02:46:47
201.156.219.235	attack	Automatic report - Port Scan Attack	2020-02-07 02:33:16
23.30.36.85	attackbots	Feb 6 14:40:26 vserver sshd\[19950\]: Invalid user admin from 23.30.36.85Feb 6 14:40:28 vserver sshd\[19950\]: Failed password for invalid user admin from 23.30.36.85 port 55035 ssh2Feb 6 14:41:28 vserver sshd\[19958\]: Invalid user ubuntu from 23.30.36.85Feb 6 14:41:30 vserver sshd\[19958\]: Failed password for invalid user ubuntu from 23.30.36.85 port 55167 ssh2 ...	2020-02-07 02:45:07

最近上报的IP列表

35.181.159.236	41.38.212.233	120.6.142.246	60.52.126.228
189.15.202.177	85.104.19.103	193.242.151.204	93.88.176.27
108.89.206.236	197.45.189.211	196.194.210.104	180.249.116.152
158.222.11.35	91.83.201.210	45.152.34.11	160.145.95.222
91.130.54.76	2.92.196.136	184.56.66.153	197.41.148.155