36.48.145.134 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Jilin Telecom Corporation

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Apr 25 07:00:58 OPSO sshd\[20789\]: Invalid user opscode from 36.48.145.134 port 3665 Apr 25 07:00:58 OPSO sshd\[20789\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.48.145.134 Apr 25 07:01:00 OPSO sshd\[20789\]: Failed password for invalid user opscode from 36.48.145.134 port 3665 ssh2 Apr 25 07:06:40 OPSO sshd\[21946\]: Invalid user robert from 36.48.145.134 port 3949 Apr 25 07:06:40 OPSO sshd\[21946\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.48.145.134	2020-04-25 17:17:48

类型

评论内容

时间

attackbots

Apr 25 07:00:58 OPSO sshd\[20789\]: Invalid user opscode from 36.48.145.134 port 3665
Apr 25 07:00:58 OPSO sshd\[20789\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.48.145.134
Apr 25 07:01:00 OPSO sshd\[20789\]: Failed password for invalid user opscode from 36.48.145.134 port 3665 ssh2
Apr 25 07:06:40 OPSO sshd\[21946\]: Invalid user robert from 36.48.145.134 port 3949
Apr 25 07:06:40 OPSO sshd\[21946\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.48.145.134

2020-04-25 17:17:48

相同子网IP讨论:

IP	类型	评论内容	时间
36.48.145.8	attackbotsspam	Jul 3 02:47:41 rudra sshd[339235]: Invalid user julian from 36.48.145.8 Jul 3 02:47:41 rudra sshd[339235]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.48.145.8 Jul 3 02:47:44 rudra sshd[339235]: Failed password for invalid user julian from 36.48.145.8 port 2600 ssh2 Jul 3 02:47:44 rudra sshd[339235]: Received disconnect from 36.48.145.8: 11: Bye Bye [preauth] Jul 3 03:02:41 rudra sshd[342429]: Invalid user marcia from 36.48.145.8 Jul 3 03:02:41 rudra sshd[342429]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.48.145.8 Jul 3 03:02:42 rudra sshd[342429]: Failed password for invalid user marcia from 36.48.145.8 port 2479 ssh2 Jul 3 03:02:43 rudra sshd[342429]: Received disconnect from 36.48.145.8: 11: Bye Bye [preauth] Jul 3 03:06:31 rudra sshd[343516]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.48.145.8 user=r.r Jul 3 03:........ -------------------------------	2020-07-04 02:14:02
36.48.145.118	attack	2020-06-05T21:41:43.688723shield sshd\[16007\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.48.145.118 user=root 2020-06-05T21:41:45.415732shield sshd\[16007\]: Failed password for root from 36.48.145.118 port 5755 ssh2 2020-06-05T21:42:55.872902shield sshd\[16257\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.48.145.118 user=root 2020-06-05T21:42:57.152972shield sshd\[16257\]: Failed password for root from 36.48.145.118 port 5910 ssh2 2020-06-05T21:44:10.346656shield sshd\[16503\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.48.145.118 user=root	2020-06-06 10:22:49
36.48.145.118	attack	Lines containing failures of 36.48.145.118 Jun 1 13:37:33 neon sshd[8477]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.48.145.118 user=r.r Jun 1 13:37:35 neon sshd[8477]: Failed password for r.r from 36.48.145.118 port 5503 ssh2 Jun 1 13:37:38 neon sshd[8477]: Received disconnect from 36.48.145.118 port 5503:11: Bye Bye [preauth] Jun 1 13:37:38 neon sshd[8477]: Disconnected from authenticating user r.r 36.48.145.118 port 5503 [preauth] Jun 1 13:54:01 neon sshd[13709]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.48.145.118 user=r.r Jun 1 13:54:03 neon sshd[13709]: Failed password for r.r from 36.48.145.118 port 6059 ssh2 Jun 1 13:54:03 neon sshd[13709]: Received disconnect from 36.48.145.118 port 6059:11: Bye Bye [preauth] Jun 1 13:54:03 neon sshd[13709]: Disconnected from authenticating user r.r 36.48.145.118 port 6059 [preauth] Jun 1 13:58:30 neon sshd[15246]: pam_un........ ------------------------------	2020-06-02 00:09:42
36.48.145.152	attackspam	May 24 22:21:11 icinga sshd[55274]: Failed password for root from 36.48.145.152 port 4365 ssh2 May 24 22:28:10 icinga sshd[62521]: Failed password for root from 36.48.145.152 port 4569 ssh2 ...	2020-05-25 04:42:46

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 36.48.145.134
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 18618
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;36.48.145.134.			IN	A

;; AUTHORITY SECTION:
.			588	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020042500 1800 900 604800 86400

;; Query time: 58 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Apr 25 17:17:40 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 134.145.48.36.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 134.145.48.36.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
175.212.62.83	attack	2019-11-12T01:17:19.0553511495-001 sshd\[54899\]: Invalid user bery from 175.212.62.83 port 52312 2019-11-12T01:17:19.0627211495-001 sshd\[54899\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.212.62.83 2019-11-12T01:17:21.2211311495-001 sshd\[54899\]: Failed password for invalid user bery from 175.212.62.83 port 52312 ssh2 2019-11-12T01:21:39.6473251495-001 sshd\[55014\]: Invalid user QWER4321g from 175.212.62.83 port 60250 2019-11-12T01:21:39.6550241495-001 sshd\[55014\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.212.62.83 2019-11-12T01:21:41.1716281495-001 sshd\[55014\]: Failed password for invalid user QWER4321g from 175.212.62.83 port 60250 ssh2 ...	2019-11-12 15:32:08
112.94.161.141	attackbots	Nov 12 07:53:42 OPSO sshd\[3208\]: Invalid user dallman from 112.94.161.141 port 34080 Nov 12 07:53:42 OPSO sshd\[3208\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.94.161.141 Nov 12 07:53:44 OPSO sshd\[3208\]: Failed password for invalid user dallman from 112.94.161.141 port 34080 ssh2 Nov 12 07:57:59 OPSO sshd\[4108\]: Invalid user system from 112.94.161.141 port 41404 Nov 12 07:57:59 OPSO sshd\[4108\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.94.161.141	2019-11-12 15:12:52
180.250.115.93	attackbots	Nov 11 21:03:32 tdfoods sshd\[865\]: Invalid user user from 180.250.115.93 Nov 11 21:03:32 tdfoods sshd\[865\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.250.115.93 Nov 11 21:03:34 tdfoods sshd\[865\]: Failed password for invalid user user from 180.250.115.93 port 42414 ssh2 Nov 11 21:08:07 tdfoods sshd\[1269\]: Invalid user sadier from 180.250.115.93 Nov 11 21:08:07 tdfoods sshd\[1269\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.250.115.93	2019-11-12 15:10:56
157.245.166.183	attack	157.245.166.183 - - \[12/Nov/2019:07:32:14 +0100\] "POST /wp-login.php HTTP/1.0" 200 4802 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 157.245.166.183 - - \[12/Nov/2019:07:32:20 +0100\] "POST /wp-login.php HTTP/1.0" 200 4802 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 157.245.166.183 - - \[12/Nov/2019:07:32:26 +0100\] "POST /wp-login.php HTTP/1.0" 200 4800 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-11-12 15:24:40
62.234.154.64	attack	Nov 11 21:20:25 kapalua sshd\[20896\]: Invalid user enio from 62.234.154.64 Nov 11 21:20:25 kapalua sshd\[20896\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.154.64 Nov 11 21:20:26 kapalua sshd\[20896\]: Failed password for invalid user enio from 62.234.154.64 port 50296 ssh2 Nov 11 21:24:48 kapalua sshd\[21245\]: Invalid user malmin from 62.234.154.64 Nov 11 21:24:48 kapalua sshd\[21245\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.154.64	2019-11-12 15:36:20
181.143.72.66	attackspam	Nov 12 08:20:58 markkoudstaal sshd[8541]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.143.72.66 Nov 12 08:21:00 markkoudstaal sshd[8541]: Failed password for invalid user server from 181.143.72.66 port 11334 ssh2 Nov 12 08:25:21 markkoudstaal sshd[8907]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.143.72.66	2019-11-12 15:30:50
218.4.234.74	attackspambots	Nov 11 21:20:51 php1 sshd\[30018\]: Invalid user goppelt from 218.4.234.74 Nov 11 21:20:51 php1 sshd\[30018\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.4.234.74 Nov 11 21:20:53 php1 sshd\[30018\]: Failed password for invalid user goppelt from 218.4.234.74 port 2802 ssh2 Nov 11 21:26:50 php1 sshd\[30526\]: Invalid user nyx from 218.4.234.74 Nov 11 21:26:50 php1 sshd\[30526\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.4.234.74	2019-11-12 15:39:16
45.82.35.90	attackspambots	Lines containing failures of 45.82.35.90 Nov 12 05:53:13 shared04 postfix/smtpd[4033]: connect from longterm.acebankz.com[45.82.35.90] Nov 12 05:53:13 shared04 policyd-spf[4888]: prepend Received-SPF: Pass (mailfrom) identhostnamey=mailfrom; client-ip=45.82.35.90; helo=longterm.saarkashyap.co; envelope-from=x@x Nov x@x Nov 12 05:53:15 shared04 postfix/smtpd[4033]: disconnect from longterm.acebankz.com[45.82.35.90] ehlo=1 mail=1 rcpt=0/1 data=0/1 quhostname=1 commands=3/5 Nov 12 05:53:38 shared04 postfix/smtpd[5641]: connect from longterm.acebankz.com[45.82.35.90] Nov 12 05:53:38 shared04 policyd-spf[5722]: prepend Received-SPF: Pass (mailfrom) identhostnamey=mailfrom; client-ip=45.82.35.90; helo=longterm.saarkashyap.co; envelope-from=x@x Nov x@x Nov 12 05:53:40 shared04 postfix/smtpd[5641]: disconnect from longterm.acebankz.com[45.82.35.90] ehlo=1 mail=1 rcpt=0/1 data=0/1 quhostname=1 commands=3/5 Nov 12 05:56:02 shared04 postfix/smtpd[4033]: connect from longterm.aceban........ ------------------------------	2019-11-12 15:22:54
83.78.88.103	attackbots	SSH/22 MH Probe, BF, Hack -	2019-11-12 15:48:07
58.87.75.178	attack	Nov 12 07:27:51 eventyay sshd[21043]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.87.75.178 Nov 12 07:27:54 eventyay sshd[21043]: Failed password for invalid user anaconda from 58.87.75.178 port 54884 ssh2 Nov 12 07:32:54 eventyay sshd[21145]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.87.75.178 ...	2019-11-12 15:15:46
207.154.232.160	attackbots	Nov 12 06:40:25 thevastnessof sshd[30055]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.154.232.160 ...	2019-11-12 15:10:37
106.39.15.168	attackspambots	2019-11-12T07:25:49.260065shield sshd\[9290\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.39.15.168 user=root 2019-11-12T07:25:51.312990shield sshd\[9290\]: Failed password for root from 106.39.15.168 port 42374 ssh2 2019-11-12T07:31:07.283555shield sshd\[9917\]: Invalid user pcap from 106.39.15.168 port 59836 2019-11-12T07:31:07.289114shield sshd\[9917\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.39.15.168 2019-11-12T07:31:09.331770shield sshd\[9917\]: Failed password for invalid user pcap from 106.39.15.168 port 59836 ssh2	2019-11-12 15:34:46
92.118.38.38	attack	2019-11-12T07:30:54.306535mail01 postfix/smtpd[15855]: warning: unknown[92.118.38.38]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-11-12T07:30:54.306945mail01 postfix/smtpd[28937]: warning: unknown[92.118.38.38]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-11-12T07:31:11.053793mail01 postfix/smtpd[21954]: warning: unknown[92.118.38.38]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2019-11-12 15:46:40
112.85.42.229	attack	F2B jail: sshd. Time: 2019-11-12 08:21:30, Reported by: VKReport	2019-11-12 15:33:59
106.251.67.78	attackbotsspam	Nov 12 08:10:49 ns37 sshd[5467]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.251.67.78 Nov 12 08:10:51 ns37 sshd[5467]: Failed password for invalid user andy from 106.251.67.78 port 40798 ssh2 Nov 12 08:14:31 ns37 sshd[5715]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.251.67.78	2019-11-12 15:34:15

最近上报的IP列表

79.107.93.133	68.187.220.146	112.43.156.219	123.122.109.179
5.26.208.151	122.51.110.52	119.195.69.212	118.24.110.178
103.83.179.102	122.114.76.171	125.160.113.222	195.154.199.139
62.234.97.41	107.173.202.200	49.235.88.90	80.212.103.125
122.51.225.137	121.146.156.47	180.83.60.254	104.168.48.101