45.148.234.173

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Russian Federation

运营商(isp): Nikolaeva Ekaterina Sergeevna

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Commercial

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/45.148.234.173/ EU - 1H : (4) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : EU NAME ASN : ASN0 IP : 45.148.234.173 CIDR : 45.148.0.0/14 PREFIX COUNT : 50242 UNIQUE IP COUNT : 856039856 ATTACKS DETECTED ASN0 : 1H - 3 3H - 6 6H - 7 12H - 8 24H - 16 DateTime : 2019-11-24 07:19:23 INFO : Server 301 - Looking for resource vulnerabilities Detected and Blocked by ADMIN - data recovery	2019-11-24 20:59:17

类型

评论内容

时间

attackspam

IP Ban Report :  
 https://help-dysk.pl/wordpress-firewall-plugins/ip/45.148.234.173/ 
 
 EU - 1H : (4)  
 Protection Against DDoS WordPress plugin :  
 "odzyskiwanie danych help-dysk" 
 IP Address Ranges by Country : EU 
 NAME ASN : ASN0 
 
 IP : 45.148.234.173 
 
 CIDR : 45.148.0.0/14 
 
 PREFIX COUNT : 50242 
 
 UNIQUE IP COUNT : 856039856 
 
 
 ATTACKS DETECTED ASN0 :  
  1H - 3 
  3H - 6 
  6H - 7 
 12H - 8 
 24H - 16 
 
 DateTime : 2019-11-24 07:19:23 
 
 INFO : Server 301 - Looking for resource vulnerabilities Detected and Blocked by ADMIN  - data recovery

2019-11-24 20:59:17

相同子网IP讨论:

IP	类型	评论内容	时间
45.148.234.125	attackspambots	(mod_security) mod_security (id:210730) triggered by 45.148.234.125 (RU/Russia/-): 5 in the last 300 secs	2020-10-04 02:31:09
45.148.234.125	attack	(mod_security) mod_security (id:210730) triggered by 45.148.234.125 (RU/Russia/-): 5 in the last 300 secs	2020-10-03 18:18:43
45.148.234.161	attack	Chat Spam	2020-08-19 13:51:18
45.148.234.164	attack	Forbidden access	2020-07-16 20:12:01
45.148.234.88	attack	45.148.234.88 - - [20/Oct/2019:08:03:26 -0400] "GET /?page=products&action=../../etc/passwd%00&manufacturerID=12&productID=973&linkID=15902 HTTP/1.1" 200 17150 "https://newportbrassfaucets.com/?page=products&action=../../etc/passwd%00&manufacturerID=12&productID=973&linkID=15902" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.132 Safari/537.36" ...	2019-10-20 21:59:09

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.148.234.173
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 59759
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.148.234.173.			IN	A

;; AUTHORITY SECTION:
.			594	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019112400 1800 900 604800 86400

;; Query time: 53 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Nov 24 20:59:13 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 173.234.148.45.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 173.234.148.45.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
159.148.4.236	attack	Sep 3 11:54:22 kapalua sshd\[24268\]: Invalid user hr from 159.148.4.236 Sep 3 11:54:22 kapalua sshd\[24268\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.148.4.236 Sep 3 11:54:24 kapalua sshd\[24268\]: Failed password for invalid user hr from 159.148.4.236 port 60346 ssh2 Sep 3 11:59:31 kapalua sshd\[24743\]: Invalid user peter from 159.148.4.236 Sep 3 11:59:31 kapalua sshd\[24743\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.148.4.236	2019-09-04 06:14:20
49.234.28.54	attackbotsspam	$f2bV_matches	2019-09-04 05:58:23
164.132.192.219	attackbotsspam	Sep 3 23:56:18 dedicated sshd[16657]: Invalid user git from 164.132.192.219 port 44377	2019-09-04 06:09:14
23.129.64.209	attack	2019-09-03T23:46:03.319718lon01.zurich-datacenter.net sshd\[23745\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=209.emeraldonion.org user=root 2019-09-03T23:46:05.018306lon01.zurich-datacenter.net sshd\[23745\]: Failed password for root from 23.129.64.209 port 55607 ssh2 2019-09-03T23:46:08.248832lon01.zurich-datacenter.net sshd\[23745\]: Failed password for root from 23.129.64.209 port 55607 ssh2 2019-09-03T23:46:11.034613lon01.zurich-datacenter.net sshd\[23745\]: Failed password for root from 23.129.64.209 port 55607 ssh2 2019-09-03T23:46:13.871182lon01.zurich-datacenter.net sshd\[23745\]: Failed password for root from 23.129.64.209 port 55607 ssh2 ...	2019-09-04 06:03:58
190.211.160.253	attack	Sep 3 11:26:45 friendsofhawaii sshd\[11176\]: Invalid user hall from 190.211.160.253 Sep 3 11:26:45 friendsofhawaii sshd\[11176\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.211.160.253 Sep 3 11:26:48 friendsofhawaii sshd\[11176\]: Failed password for invalid user hall from 190.211.160.253 port 39126 ssh2 Sep 3 11:32:31 friendsofhawaii sshd\[11729\]: Invalid user localadmin from 190.211.160.253 Sep 3 11:32:31 friendsofhawaii sshd\[11729\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.211.160.253	2019-09-04 05:43:30
185.217.228.12	attackspam	Tue, 03 Sep 2019 14:35:56 -0400 Received: from skill.xrmbest.com ([185.217.228.12]:26599 helo=canlobby.pro) From: Tinnitus cure spam	2019-09-04 05:44:37
118.25.48.254	attackspambots	Sep 3 16:51:19 ny01 sshd[16613]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.48.254 Sep 3 16:51:21 ny01 sshd[16613]: Failed password for invalid user k from 118.25.48.254 port 59448 ssh2 Sep 3 16:53:58 ny01 sshd[17077]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.48.254	2019-09-04 05:50:43
27.17.36.254	attackspambots	Sep 3 11:27:00 eddieflores sshd\[16970\]: Invalid user git from 27.17.36.254 Sep 3 11:27:00 eddieflores sshd\[16970\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.17.36.254 Sep 3 11:27:02 eddieflores sshd\[16970\]: Failed password for invalid user git from 27.17.36.254 port 57111 ssh2 Sep 3 11:31:07 eddieflores sshd\[17304\]: Invalid user lucia from 27.17.36.254 Sep 3 11:31:07 eddieflores sshd\[17304\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.17.36.254	2019-09-04 05:32:19
218.98.26.166	attackbotsspam	2019-09-03T21:21:58.943029abusebot-6.cloudsearch.cf sshd\[7313\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.98.26.166 user=root	2019-09-04 05:41:46
49.207.6.252	attack	Sep 3 21:07:23 DAAP sshd[29096]: Invalid user testuser from 49.207.6.252 port 48564 Sep 3 21:07:23 DAAP sshd[29096]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.207.6.252 Sep 3 21:07:23 DAAP sshd[29096]: Invalid user testuser from 49.207.6.252 port 48564 Sep 3 21:07:24 DAAP sshd[29096]: Failed password for invalid user testuser from 49.207.6.252 port 48564 ssh2 Sep 3 21:12:29 DAAP sshd[29229]: Invalid user deborah from 49.207.6.252 port 38134 ...	2019-09-04 05:31:59
218.98.40.134	attack	Sep 3 17:34:12 plusreed sshd[9468]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.98.40.134 user=root Sep 3 17:34:14 plusreed sshd[9468]: Failed password for root from 218.98.40.134 port 22132 ssh2 ...	2019-09-04 05:40:41
162.144.83.250	attackbots	WordPress login Brute force / Web App Attack on client site.	2019-09-04 05:24:51
106.75.157.9	attackbotsspam	Sep 3 23:51:59 markkoudstaal sshd[13121]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.157.9 Sep 3 23:52:01 markkoudstaal sshd[13121]: Failed password for invalid user applmgr from 106.75.157.9 port 35932 ssh2 Sep 3 23:57:20 markkoudstaal sshd[13679]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.157.9	2019-09-04 06:12:25
222.124.129.170	attack	[English version follows below] Buna ziua, Aceasta este o alerta de securitate cibernetica. Conform informatiilor detinute de WHITEHAT-RO, anumite adrese IP si/sau domenii web detinute, utilizate sau administrate de dvs. (sau organizatia dvs.), au fost identificate ca fiind asociate unor sisteme/servicii informatice vulnerabile, compromise sau implicate in diferite tipuri de atacuri cibernetice. Cu stima, Echipa WhiteHat ---------- English ---------- Dear Sir/Madam, This is a cyber security alert. WHITEHAT-RO has become aware of one or more IP addresses and/or web domains owned, used, or administered by you (or your organisation), that were identified as beeing associated with information systems/services that are vulnerable, compromised or used in different cyber attacks. Kind regards, WhiteHat Team	2019-09-04 05:34:28
106.2.12.222	attackbotsspam	Sep 3 11:18:46 kapalua sshd\[20268\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.2.12.222 user=games Sep 3 11:18:48 kapalua sshd\[20268\]: Failed password for games from 106.2.12.222 port 44338 ssh2 Sep 3 11:25:59 kapalua sshd\[21120\]: Invalid user maf from 106.2.12.222 Sep 3 11:25:59 kapalua sshd\[21120\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.2.12.222 Sep 3 11:26:02 kapalua sshd\[21120\]: Failed password for invalid user maf from 106.2.12.222 port 40056 ssh2	2019-09-04 05:37:17

最近上报的IP列表

94.70.246.212	87.15.109.105	103.27.200.70	188.213.212.55
117.16.123.204	86.35.37.156	105.159.220.89	37.14.240.100
5.13.137.3	49.115.118.125	188.130.144.108	147.52.44.48
203.110.87.91	152.165.62.208	107.175.90.81	107.175.80.223
107.173.92.156	202.138.244.90	107.174.148.163	177.205.66.67