104.131.138.126

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Jun 6 23:44:45 minden010 sshd[8759]: Failed password for root from 104.131.138.126 port 32770 ssh2 Jun 6 23:46:38 minden010 sshd[10423]: Failed password for root from 104.131.138.126 port 36856 ssh2 ...	2020-06-07 07:53:51
attack	Jun 2 22:05:37 game-panel sshd[7599]: Failed password for root from 104.131.138.126 port 40660 ssh2 Jun 2 22:09:08 game-panel sshd[7859]: Failed password for root from 104.131.138.126 port 45942 ssh2	2020-06-03 06:37:39
attackspambots	Jun 2 06:45:22 ip-172-31-61-156 sshd[29713]: Failed password for root from 104.131.138.126 port 52244 ssh2 Jun 2 06:47:29 ip-172-31-61-156 sshd[29783]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.138.126 user=root Jun 2 06:47:31 ip-172-31-61-156 sshd[29783]: Failed password for root from 104.131.138.126 port 58134 ssh2 Jun 2 06:47:29 ip-172-31-61-156 sshd[29783]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.138.126 user=root Jun 2 06:47:31 ip-172-31-61-156 sshd[29783]: Failed password for root from 104.131.138.126 port 58134 ssh2 ...	2020-06-02 16:18:32
attackspambots	(sshd) Failed SSH login from 104.131.138.126 (US/United States/-): 5 in the last 3600 secs	2020-05-09 17:55:43
attackspam	$f2bV_matches	2020-05-06 13:44:00
attack	May 3 06:34:16 srv-ubuntu-dev3 sshd[99368]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.138.126 user=root May 3 06:34:18 srv-ubuntu-dev3 sshd[99368]: Failed password for root from 104.131.138.126 port 37690 ssh2 May 3 06:37:56 srv-ubuntu-dev3 sshd[100388]: Invalid user admin from 104.131.138.126 May 3 06:37:56 srv-ubuntu-dev3 sshd[100388]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.138.126 May 3 06:37:56 srv-ubuntu-dev3 sshd[100388]: Invalid user admin from 104.131.138.126 May 3 06:37:59 srv-ubuntu-dev3 sshd[100388]: Failed password for invalid user admin from 104.131.138.126 port 49142 ssh2 May 3 06:41:42 srv-ubuntu-dev3 sshd[100934]: Invalid user admin from 104.131.138.126 May 3 06:41:42 srv-ubuntu-dev3 sshd[100934]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.138.126 May 3 06:41:42 srv-ubuntu-dev3 sshd[100934]: Invalid ...	2020-05-03 14:46:01
attack	Port Scan detected from 104.131.138.126 (US/United States/California/San Francisco/-). 4 hits in the last 105 seconds	2020-04-23 04:11:49
attackspam	2020-04-17T20:00:36.378530abusebot-6.cloudsearch.cf sshd[12419]: Invalid user r from 104.131.138.126 port 45948 2020-04-17T20:00:36.384250abusebot-6.cloudsearch.cf sshd[12419]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.138.126 2020-04-17T20:00:36.378530abusebot-6.cloudsearch.cf sshd[12419]: Invalid user r from 104.131.138.126 port 45948 2020-04-17T20:00:38.339500abusebot-6.cloudsearch.cf sshd[12419]: Failed password for invalid user r from 104.131.138.126 port 45948 ssh2 2020-04-17T20:04:10.882939abusebot-6.cloudsearch.cf sshd[12631]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.138.126 user=root 2020-04-17T20:04:13.219500abusebot-6.cloudsearch.cf sshd[12631]: Failed password for root from 104.131.138.126 port 52874 ssh2 2020-04-17T20:07:41.771598abusebot-6.cloudsearch.cf sshd[12849]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.13 ...	2020-04-18 04:15:33
attack	Apr 11 22:53:04 vpn01 sshd[19431]: Failed password for root from 104.131.138.126 port 55416 ssh2 ...	2020-04-12 05:37:52
attackbots	Apr 7 10:57:26 santamaria sshd\[21921\]: Invalid user test from 104.131.138.126 Apr 7 10:57:26 santamaria sshd\[21921\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.138.126 Apr 7 10:57:29 santamaria sshd\[21921\]: Failed password for invalid user test from 104.131.138.126 port 35216 ssh2 ...	2020-04-07 17:51:59
attack	$f2bV_matches	2020-04-04 14:07:13
attack	ssh brute force	2020-03-26 14:05:54
attackspam	SSH Invalid Login	2020-03-25 07:39:08
attackspambots	invalid user	2020-03-23 20:19:35
attackspam	(sshd) Failed SSH login from 104.131.138.126 (US/United States/-): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Mar 19 14:01:53 ubnt-55d23 sshd[10604]: Invalid user wrchang from 104.131.138.126 port 54684 Mar 19 14:01:55 ubnt-55d23 sshd[10604]: Failed password for invalid user wrchang from 104.131.138.126 port 54684 ssh2	2020-03-19 23:35:56
attackbotsspam	Mar 19 08:18:21 host01 sshd[21866]: Failed password for daemon from 104.131.138.126 port 36654 ssh2 Mar 19 08:22:21 host01 sshd[22478]: Failed password for root from 104.131.138.126 port 57418 ssh2 ...	2020-03-19 17:50:45
attack	Mar 18 10:27:12 mockhub sshd[6978]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.138.126 Mar 18 10:27:14 mockhub sshd[6978]: Failed password for invalid user ubnt from 104.131.138.126 port 43882 ssh2 ...	2020-03-19 03:03:14
attackbotsspam	2020-03-09T17:22:19.986594abusebot-6.cloudsearch.cf sshd[4099]: Invalid user ptao from 104.131.138.126 port 37762 2020-03-09T17:22:19.992558abusebot-6.cloudsearch.cf sshd[4099]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.138.126 2020-03-09T17:22:19.986594abusebot-6.cloudsearch.cf sshd[4099]: Invalid user ptao from 104.131.138.126 port 37762 2020-03-09T17:22:21.784790abusebot-6.cloudsearch.cf sshd[4099]: Failed password for invalid user ptao from 104.131.138.126 port 37762 ssh2 2020-03-09T17:30:25.899388abusebot-6.cloudsearch.cf sshd[4593]: Invalid user ag from 104.131.138.126 port 43372 2020-03-09T17:30:25.905173abusebot-6.cloudsearch.cf sshd[4593]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.138.126 2020-03-09T17:30:25.899388abusebot-6.cloudsearch.cf sshd[4593]: Invalid user ag from 104.131.138.126 port 43372 2020-03-09T17:30:27.415617abusebot-6.cloudsearch.cf sshd[4593]: Failed pa ...	2020-03-10 01:58:07
attackspambots	Mar 5 01:21:53 NPSTNNYC01T sshd[27947]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.138.126 Mar 5 01:21:55 NPSTNNYC01T sshd[27947]: Failed password for invalid user nx from 104.131.138.126 port 33924 ssh2 Mar 5 01:30:56 NPSTNNYC01T sshd[28532]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.138.126 ...	2020-03-05 14:50:54
attackbots	Unauthorized connection attempt detected from IP address 104.131.138.126 to port 2220 [J]	2020-01-18 20:46:39
attackbotsspam	(sshd) Failed SSH login from 104.131.138.126 (US/United States/-): 10 in the last 3600 secs	2020-01-14 18:05:18
attackspambots	Invalid user dfh from 104.131.138.126 port 59198	2020-01-11 08:58:44
attackspam	2020-01-01T15:38:55.490847shield sshd\[3811\]: Invalid user dovecot from 104.131.138.126 port 46454 2020-01-01T15:38:55.494808shield sshd\[3811\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.138.126 2020-01-01T15:38:57.285272shield sshd\[3811\]: Failed password for invalid user dovecot from 104.131.138.126 port 46454 ssh2 2020-01-01T15:40:53.677020shield sshd\[5156\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.138.126 user=sshd 2020-01-01T15:40:56.333533shield sshd\[5156\]: Failed password for sshd from 104.131.138.126 port 35290 ssh2	2020-01-02 02:56:12

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.131.138.126
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 64972
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.131.138.126.		IN	A

;; AUTHORITY SECTION:
.			463	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020010102 1800 900 604800 86400

;; Query time: 33 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jan 02 02:56:09 CST 2020
;; MSG SIZE  rcvd: 119

HOST信息:

Host 126.138.131.104.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 126.138.131.104.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
172.245.7.189	attack	Sep 20 11:38:34 Ubuntu-1404-trusty-64-minimal sshd\[2654\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.245.7.189 user=root Sep 20 11:38:36 Ubuntu-1404-trusty-64-minimal sshd\[2654\]: Failed password for root from 172.245.7.189 port 51292 ssh2 Sep 20 11:38:43 Ubuntu-1404-trusty-64-minimal sshd\[2714\]: Invalid user oracle from 172.245.7.189 Sep 20 11:38:43 Ubuntu-1404-trusty-64-minimal sshd\[2714\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.245.7.189 Sep 20 11:38:45 Ubuntu-1404-trusty-64-minimal sshd\[2714\]: Failed password for invalid user oracle from 172.245.7.189 port 59424 ssh2	2020-09-20 18:36:28
206.189.125.96	attack	206.189.125.96 - - \[20/Sep/2020:06:42:17 +0200\] "POST /wp-login.php HTTP/1.0" 200 8744 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 206.189.125.96 - - \[20/Sep/2020:06:42:17 +0200\] "POST /wp-login.php HTTP/1.0" 200 8572 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 206.189.125.96 - - \[20/Sep/2020:06:42:18 +0200\] "POST /wp-login.php HTTP/1.0" 200 8570 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2020-09-20 18:50:04
91.211.91.2	attack	" "	2020-09-20 18:32:19
74.82.47.55	attackspam	Unauthorized connection attempt from IP address 74.82.47.55 on Port 3389(RDP)	2020-09-20 18:15:06
42.112.36.20	attackbots	TCP ports : 871 / 8674	2020-09-20 18:47:37
221.143.48.143	attack	SSH Brute-Force reported by Fail2Ban	2020-09-20 18:25:06
185.220.102.6	attackbotsspam	(sshd) Failed SSH login from 185.220.102.6 (DE/Germany/185-220-102-6.torservers.net): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 20 05:25:38 server sshd[22039]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.220.102.6 user=root Sep 20 05:25:39 server sshd[22039]: Failed password for root from 185.220.102.6 port 33927 ssh2 Sep 20 05:25:42 server sshd[22039]: Failed password for root from 185.220.102.6 port 33927 ssh2 Sep 20 05:25:44 server sshd[22039]: Failed password for root from 185.220.102.6 port 33927 ssh2 Sep 20 05:25:46 server sshd[22039]: Failed password for root from 185.220.102.6 port 33927 ssh2	2020-09-20 18:53:30
175.193.13.3	attackspambots	(sshd) Failed SSH login from 175.193.13.3 (KR/South Korea/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 20 04:20:27 server sshd[25030]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.193.13.3 user=root Sep 20 04:20:29 server sshd[25030]: Failed password for root from 175.193.13.3 port 34816 ssh2 Sep 20 04:27:57 server sshd[26711]: Invalid user postgres from 175.193.13.3 port 52402 Sep 20 04:27:59 server sshd[26711]: Failed password for invalid user postgres from 175.193.13.3 port 52402 ssh2 Sep 20 04:32:10 server sshd[27848]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.193.13.3 user=root	2020-09-20 18:17:06
66.70.160.187	attackbotsspam	Automatic report - Banned IP Access	2020-09-20 18:51:20
45.138.100.138	attackspam	Chat Spam	2020-09-20 18:36:13
67.45.32.63	attackspambots	Brute forcing email accounts	2020-09-20 18:51:38
162.245.218.151	attackspam	Sep 20 05:55:39 scw-6657dc sshd[11439]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.245.218.151 user=root Sep 20 05:55:39 scw-6657dc sshd[11439]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.245.218.151 user=root Sep 20 05:55:41 scw-6657dc sshd[11439]: Failed password for root from 162.245.218.151 port 38886 ssh2 ...	2020-09-20 18:48:53
201.1.173.138	attackspam	Listed on zen-spamhaus also barracudaCentral and dnsbl-sorbs / proto=6 . srcport=20052 . dstport=8080 . (2280)	2020-09-20 18:44:47
118.27.11.126	attackbotsspam	Sep 20 12:27:19 santamaria sshd\[25757\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.27.11.126 user=root Sep 20 12:27:21 santamaria sshd\[25757\]: Failed password for root from 118.27.11.126 port 43714 ssh2 Sep 20 12:30:08 santamaria sshd\[25789\]: Invalid user ftptest from 118.27.11.126 Sep 20 12:30:08 santamaria sshd\[25789\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.27.11.126 ...	2020-09-20 18:44:12
51.68.251.202	attackspam	Invalid user admin from 51.68.251.202 port 40680	2020-09-20 18:32:51

最近上报的IP列表

35.79.248.110	86.36.172.108	35.107.11.65	211.30.142.161
54.16.187.72	212.174.170.190	222.98.9.172	42.19.146.206
5.139.250.92	150.159.192.49	215.210.113.137	161.135.152.212
115.203.178.52	96.76.40.27	150.105.228.24	220.166.6.159
60.185.132.140	37.69.30.122	143.188.103.170	24.42.189.78