180.244.105.148

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Indonesia

运营商(isp): PT Telkom Indonesia

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	RDP Bruteforce	2020-09-16 22:13:56
attackbots	RDP Bruteforce	2020-09-16 14:43:58
attackspambots	RDP Bruteforce	2020-09-16 06:34:40

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 180.244.105.148
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 64097
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;180.244.105.148.		IN	A

;; AUTHORITY SECTION:
.			523	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020091502 1800 900 604800 86400

;; Query time: 22 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Sep 16 06:34:35 CST 2020
;; MSG SIZE  rcvd: 119

HOST信息:

Host 148.105.244.180.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 100.100.2.138, trying next server
;; Got SERVFAIL reply from 100.100.2.138, trying next server
Server:		100.100.2.136
Address:	100.100.2.136#53

** server can't find 148.105.244.180.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
42.98.49.26	attack	unauthorized connection attempt	2020-02-27 20:21:32
113.53.60.32	attack	unauthorized connection attempt	2020-02-27 20:28:25
188.166.8.178	attackbots	Feb 27 13:19:52 MK-Soft-VM3 sshd[19627]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.8.178 Feb 27 13:19:55 MK-Soft-VM3 sshd[19627]: Failed password for invalid user zhuhan from 188.166.8.178 port 43726 ssh2 ...	2020-02-27 20:21:59
1.192.63.52	attackspambots	Honeypot attack, port: 445, PTR: PTR record not found	2020-02-27 20:33:32
159.89.165.99	attackbots	Feb 27 11:15:52 mout sshd[8708]: Invalid user bitbucket from 159.89.165.99 port 60006	2020-02-27 20:37:48
45.170.220.90	attack	Port probing on unauthorized port 8080	2020-02-27 20:23:05
118.89.189.176	attackspam	Feb 27 12:53:48 lnxded63 sshd[13127]: Failed password for root from 118.89.189.176 port 52848 ssh2 Feb 27 12:53:48 lnxded63 sshd[13127]: Failed password for root from 118.89.189.176 port 52848 ssh2	2020-02-27 20:16:35
81.218.127.251	attackbotsspam	Feb 27 06:20:57 mxgate1 postfix/postscreen[6040]: CONNECT from [81.218.127.251]:4623 to [176.31.12.44]:25 Feb 27 06:20:57 mxgate1 postfix/dnsblog[6041]: addr 81.218.127.251 listed by domain bl.spamcop.net as 127.0.0.2 Feb 27 06:20:57 mxgate1 postfix/dnsblog[6043]: addr 81.218.127.251 listed by domain b.barracudacentral.org as 127.0.0.2 Feb 27 06:20:58 mxgate1 postfix/postscreen[6040]: PREGREET 19 after 0.74 from [81.218.127.251]:4623: HELO wafyueyl.com Feb 27 06:20:58 mxgate1 postfix/dnsblog[6042]: addr 81.218.127.251 listed by domain cbl.abuseat.org as 127.0.0.2 Feb 27 06:20:58 mxgate1 postfix/dnsblog[6044]: addr 81.218.127.251 listed by domain zen.spamhaus.org as 127.0.0.4 Feb 27 06:20:58 mxgate1 postfix/postscreen[6040]: DNSBL rank 5 for [81.218.127.251]:4623 Feb x@x Feb 27 06:21:00 mxgate1 postfix/postscreen[6040]: HANGUP after 1.9 from [81.218.127.251]:4623 in tests after SMTP handshake Feb 27 06:21:00 mxgate1 postfix/postscreen[6040]: DISCONNECT [81.218.127.251]:........ -------------------------------	2020-02-27 20:32:47
190.0.127.78	attackbots	Feb 27 02:23:05 tdfoods sshd\[30218\]: Invalid user charles from 190.0.127.78 Feb 27 02:23:05 tdfoods sshd\[30218\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190-0-127-78.sanluisctv.com.ar Feb 27 02:23:07 tdfoods sshd\[30218\]: Failed password for invalid user charles from 190.0.127.78 port 59200 ssh2 Feb 27 02:27:36 tdfoods sshd\[30578\]: Invalid user cpaneleximscanner from 190.0.127.78 Feb 27 02:27:36 tdfoods sshd\[30578\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190-0-127-78.sanluisctv.com.ar	2020-02-27 20:28:08
85.132.18.3	attack	Feb 27 06:41:43 h2177944 kernel: \[5979861.401374\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=85.132.18.3 DST=85.214.117.9 LEN=52 TOS=0x00 PREC=0x00 TTL=120 ID=2375 DF PROTO=TCP SPT=40145 DPT=1433 WINDOW=8192 RES=0x00 SYN URGP=0 Feb 27 06:41:43 h2177944 kernel: \[5979861.401388\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=85.132.18.3 DST=85.214.117.9 LEN=52 TOS=0x00 PREC=0x00 TTL=120 ID=2375 DF PROTO=TCP SPT=40145 DPT=1433 WINDOW=8192 RES=0x00 SYN URGP=0 Feb 27 06:41:46 h2177944 kernel: \[5979864.390083\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=85.132.18.3 DST=85.214.117.9 LEN=52 TOS=0x00 PREC=0x00 TTL=120 ID=3009 DF PROTO=TCP SPT=40145 DPT=1433 WINDOW=8192 RES=0x00 SYN URGP=0 Feb 27 06:41:46 h2177944 kernel: \[5979864.390095\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=85.132.18.3 DST=85.214.117.9 LEN=52 TOS=0x00 PREC=0x00 TTL=120 ID=3009 DF PROTO=TCP SPT=40145 DPT=1433 WINDOW=8192 RES=0x00 SYN URGP=0 Feb 27 06:41:52 h2177944 kernel: \[5979870.403825\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=85.132.18.3 DST=85.214.117.9 L	2020-02-27 20:57:37
14.145.145.161	attackbots	Feb 27 12:00:35 vps670341 sshd[16254]: Invalid user rebecca from 14.145.145.161 port 34742	2020-02-27 20:26:27
223.71.167.163	attackspambots	223.71.167.163 was recorded 15 times by 3 hosts attempting to connect to the following ports: 626,3690,7911,4730,3268,34568,27036,4848,2222,8060,2082,9418,992,199,8008. Incident counter (4h, 24h, all-time): 15, 92, 1440	2020-02-27 20:14:56
43.227.135.230	attackbots	unauthorized connection attempt	2020-02-27 20:47:50
27.128.227.38	attackbotsspam	Feb 27 06:42:23 nextcloud sshd\[14010\]: Invalid user frappe from 27.128.227.38 Feb 27 06:42:23 nextcloud sshd\[14010\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.128.227.38 Feb 27 06:42:25 nextcloud sshd\[14010\]: Failed password for invalid user frappe from 27.128.227.38 port 52492 ssh2	2020-02-27 20:26:55
123.113.176.69	attackspambots	Feb 27 05:19:04 mailrelay sshd[30237]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.113.176.69 user=sys Feb 27 05:19:07 mailrelay sshd[30237]: Failed password for sys from 123.113.176.69 port 49991 ssh2 Feb 27 05:19:07 mailrelay sshd[30237]: Received disconnect from 123.113.176.69 port 49991:11: Bye Bye [preauth] Feb 27 05:19:07 mailrelay sshd[30237]: Disconnected from 123.113.176.69 port 49991 [preauth] Feb 27 06:23:00 mailrelay sshd[31573]: Invalid user teamspeak3-server from 123.113.176.69 port 29331 Feb 27 06:23:00 mailrelay sshd[31573]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.113.176.69 Feb 27 06:23:03 mailrelay sshd[31573]: Failed password for invalid user teamspeak3-server from 123.113.176.69 port 29331 ssh2 Feb 27 06:23:03 mailrelay sshd[31573]: Received disconnect from 123.113.176.69 port 29331:11: Bye Bye [preauth] Feb 27 06:23:03 mailrelay sshd[31573]: Disconne........ -------------------------------	2020-02-27 20:39:51

最近上报的IP列表

12.222.98.178	35.221.196.101	137.132.236.96	142.105.76.219
241.211.183.140	211.8.222.26	49.151.187.252	251.153.166.213
103.188.19.136	26.205.81.24	162.45.60.38	146.175.120.5
126.80.23.193	125.212.62.246	185.139.56.186	75.86.99.219
100.20.125.180	45.159.184.134	192.131.18.235	181.208.131.3