45.148.234.161

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United Kingdom of Great Britain and Northern Ireland

运营商(isp): Nikolaeva Ekaterina Sergeevna

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Chat Spam	2020-08-19 13:51:18

相同子网IP讨论:

IP	类型	评论内容	时间
45.148.234.125	attackspambots	(mod_security) mod_security (id:210730) triggered by 45.148.234.125 (RU/Russia/-): 5 in the last 300 secs	2020-10-04 02:31:09
45.148.234.125	attack	(mod_security) mod_security (id:210730) triggered by 45.148.234.125 (RU/Russia/-): 5 in the last 300 secs	2020-10-03 18:18:43
45.148.234.164	attack	Forbidden access	2020-07-16 20:12:01
45.148.234.173	attackspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/45.148.234.173/ EU - 1H : (4) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : EU NAME ASN : ASN0 IP : 45.148.234.173 CIDR : 45.148.0.0/14 PREFIX COUNT : 50242 UNIQUE IP COUNT : 856039856 ATTACKS DETECTED ASN0 : 1H - 3 3H - 6 6H - 7 12H - 8 24H - 16 DateTime : 2019-11-24 07:19:23 INFO : Server 301 - Looking for resource vulnerabilities Detected and Blocked by ADMIN - data recovery	2019-11-24 20:59:17
45.148.234.88	attack	45.148.234.88 - - [20/Oct/2019:08:03:26 -0400] "GET /?page=products&action=../../etc/passwd%00&manufacturerID=12&productID=973&linkID=15902 HTTP/1.1" 200 17150 "https://newportbrassfaucets.com/?page=products&action=../../etc/passwd%00&manufacturerID=12&productID=973&linkID=15902" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.132 Safari/537.36" ...	2019-10-20 21:59:09

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.148.234.161
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 6041
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.148.234.161.			IN	A

;; AUTHORITY SECTION:
.			573	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020081802 1800 900 604800 86400

;; Query time: 72 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Aug 19 13:51:12 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 161.234.148.45.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 161.234.148.45.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
129.211.10.228	attackbotsspam	Feb 16 23:49:43 host sshd[53016]: Invalid user odroid from 129.211.10.228 port 11080 ...	2020-02-17 06:50:14
94.231.68.222	attackspam	Invalid user pi from 94.231.68.222 port 41470	2020-02-17 07:21:58
183.159.113.57	attackbotsspam	Feb 16 23:26:07 exim[2596]: [1\44] 1j3SMV-0000fs-WF H=(163.com) [183.159.113.57] F= rejected after DATA: This message scored 17.0 spam points.	2020-02-17 07:23:07
90.189.170.118	attackbotsspam	Automatic report - Port Scan Attack	2020-02-17 06:42:49
189.209.1.86	attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-17 07:20:20
185.153.199.155	attack	Feb 16 23:48:38 lnxded63 sshd[31678]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.153.199.155 Feb 16 23:48:40 lnxded63 sshd[31678]: Failed password for invalid user 0 from 185.153.199.155 port 18331 ssh2 Feb 16 23:48:44 lnxded63 sshd[31683]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.153.199.155	2020-02-17 06:56:40
79.124.62.34	attackspambots	ET DROP Dshield Block Listed Source group 1 - port: 3361 proto: TCP cat: Misc Attack	2020-02-17 07:05:38
1.193.39.196	attack	2020-02-16T23:27:09.815689 sshd[16817]: Invalid user teamspeak from 1.193.39.196 port 59680 2020-02-16T23:27:09.828087 sshd[16817]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.193.39.196 2020-02-16T23:27:09.815689 sshd[16817]: Invalid user teamspeak from 1.193.39.196 port 59680 2020-02-16T23:27:11.785903 sshd[16817]: Failed password for invalid user teamspeak from 1.193.39.196 port 59680 ssh2 ...	2020-02-17 07:15:41
84.3.122.229	attackspambots	(sshd) Failed SSH login from 84.3.122.229 (HU/Hungary/54037AE5.catv.pool.telekom.hu): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Feb 17 00:15:06 s1 sshd[12182]: Invalid user nagios from 84.3.122.229 port 41612 Feb 17 00:15:09 s1 sshd[12182]: Failed password for invalid user nagios from 84.3.122.229 port 41612 ssh2 Feb 17 00:25:20 s1 sshd[12507]: Invalid user comi from 84.3.122.229 port 44972 Feb 17 00:25:22 s1 sshd[12507]: Failed password for invalid user comi from 84.3.122.229 port 44972 ssh2 Feb 17 00:27:17 s1 sshd[12569]: Failed password for root from 84.3.122.229 port 35520 ssh2	2020-02-17 07:05:14
177.69.104.168	attackspam	Feb 16 23:26:28 sshd[22240]: Failed password for invalid user eric from 177.69.104.168 port 42945 ssh2	2020-02-17 07:23:24
115.63.204.123	attackspambots	Unauthorised access (Feb 17) SRC=115.63.204.123 LEN=40 TTL=49 ID=33435 TCP DPT=8080 WINDOW=30169 SYN	2020-02-17 07:26:42
178.62.74.244	attackspam	Feb 16 23:23:45 tuxlinux sshd[53027]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.62.74.244 user=daemon Feb 16 23:23:48 tuxlinux sshd[53027]: Failed password for daemon from 178.62.74.244 port 37282 ssh2 Feb 16 23:23:45 tuxlinux sshd[53027]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.62.74.244 user=daemon Feb 16 23:23:48 tuxlinux sshd[53027]: Failed password for daemon from 178.62.74.244 port 37282 ssh2 Feb 16 23:27:35 tuxlinux sshd[53083]: Invalid user velocix from 178.62.74.244 port 41396 ...	2020-02-17 06:51:17
41.76.215.228	attack	RDP Bruteforce	2020-02-17 07:07:18
139.59.32.156	attackbotsspam	Feb 16 23:14:31 server sshd[244003]: Failed password for invalid user ftp from 139.59.32.156 port 56794 ssh2 Feb 16 23:24:10 server sshd[244317]: Failed password for invalid user vds from 139.59.32.156 port 60242 ssh2 Feb 16 23:27:16 server sshd[244575]: Failed password for invalid user test from 139.59.32.156 port 32918 ssh2	2020-02-17 07:08:12
190.95.96.212	attackbotsspam	trying to access non-authorized port	2020-02-17 07:26:14

最近上报的IP列表

110.244.211.148	132.255.84.81	168.244.245.39	41.118.76.111
122.61.27.10	87.90.149.110	139.1.120.112	93.66.201.212
127.75.158.45	217.65.137.188	146.238.148.230	61.80.22.44
69.152.128.42	161.35.119.161	30.234.14.124	125.214.50.55
83.138.195.158	188.166.226.25	34.141.241.41	172.81.239.224