104.131.138.126

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Jun 6 23:44:45 minden010 sshd[8759]: Failed password for root from 104.131.138.126 port 32770 ssh2 Jun 6 23:46:38 minden010 sshd[10423]: Failed password for root from 104.131.138.126 port 36856 ssh2 ...	2020-06-07 07:53:51
attack	Jun 2 22:05:37 game-panel sshd[7599]: Failed password for root from 104.131.138.126 port 40660 ssh2 Jun 2 22:09:08 game-panel sshd[7859]: Failed password for root from 104.131.138.126 port 45942 ssh2	2020-06-03 06:37:39
attackspambots	Jun 2 06:45:22 ip-172-31-61-156 sshd[29713]: Failed password for root from 104.131.138.126 port 52244 ssh2 Jun 2 06:47:29 ip-172-31-61-156 sshd[29783]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.138.126 user=root Jun 2 06:47:31 ip-172-31-61-156 sshd[29783]: Failed password for root from 104.131.138.126 port 58134 ssh2 Jun 2 06:47:29 ip-172-31-61-156 sshd[29783]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.138.126 user=root Jun 2 06:47:31 ip-172-31-61-156 sshd[29783]: Failed password for root from 104.131.138.126 port 58134 ssh2 ...	2020-06-02 16:18:32
attackspambots	(sshd) Failed SSH login from 104.131.138.126 (US/United States/-): 5 in the last 3600 secs	2020-05-09 17:55:43
attackspam	$f2bV_matches	2020-05-06 13:44:00
attack	May 3 06:34:16 srv-ubuntu-dev3 sshd[99368]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.138.126 user=root May 3 06:34:18 srv-ubuntu-dev3 sshd[99368]: Failed password for root from 104.131.138.126 port 37690 ssh2 May 3 06:37:56 srv-ubuntu-dev3 sshd[100388]: Invalid user admin from 104.131.138.126 May 3 06:37:56 srv-ubuntu-dev3 sshd[100388]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.138.126 May 3 06:37:56 srv-ubuntu-dev3 sshd[100388]: Invalid user admin from 104.131.138.126 May 3 06:37:59 srv-ubuntu-dev3 sshd[100388]: Failed password for invalid user admin from 104.131.138.126 port 49142 ssh2 May 3 06:41:42 srv-ubuntu-dev3 sshd[100934]: Invalid user admin from 104.131.138.126 May 3 06:41:42 srv-ubuntu-dev3 sshd[100934]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.138.126 May 3 06:41:42 srv-ubuntu-dev3 sshd[100934]: Invalid ...	2020-05-03 14:46:01
attack	Port Scan detected from 104.131.138.126 (US/United States/California/San Francisco/-). 4 hits in the last 105 seconds	2020-04-23 04:11:49
attackspam	2020-04-17T20:00:36.378530abusebot-6.cloudsearch.cf sshd[12419]: Invalid user r from 104.131.138.126 port 45948 2020-04-17T20:00:36.384250abusebot-6.cloudsearch.cf sshd[12419]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.138.126 2020-04-17T20:00:36.378530abusebot-6.cloudsearch.cf sshd[12419]: Invalid user r from 104.131.138.126 port 45948 2020-04-17T20:00:38.339500abusebot-6.cloudsearch.cf sshd[12419]: Failed password for invalid user r from 104.131.138.126 port 45948 ssh2 2020-04-17T20:04:10.882939abusebot-6.cloudsearch.cf sshd[12631]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.138.126 user=root 2020-04-17T20:04:13.219500abusebot-6.cloudsearch.cf sshd[12631]: Failed password for root from 104.131.138.126 port 52874 ssh2 2020-04-17T20:07:41.771598abusebot-6.cloudsearch.cf sshd[12849]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.13 ...	2020-04-18 04:15:33
attack	Apr 11 22:53:04 vpn01 sshd[19431]: Failed password for root from 104.131.138.126 port 55416 ssh2 ...	2020-04-12 05:37:52
attackbots	Apr 7 10:57:26 santamaria sshd\[21921\]: Invalid user test from 104.131.138.126 Apr 7 10:57:26 santamaria sshd\[21921\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.138.126 Apr 7 10:57:29 santamaria sshd\[21921\]: Failed password for invalid user test from 104.131.138.126 port 35216 ssh2 ...	2020-04-07 17:51:59
attack	$f2bV_matches	2020-04-04 14:07:13
attack	ssh brute force	2020-03-26 14:05:54
attackspam	SSH Invalid Login	2020-03-25 07:39:08
attackspambots	invalid user	2020-03-23 20:19:35
attackspam	(sshd) Failed SSH login from 104.131.138.126 (US/United States/-): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Mar 19 14:01:53 ubnt-55d23 sshd[10604]: Invalid user wrchang from 104.131.138.126 port 54684 Mar 19 14:01:55 ubnt-55d23 sshd[10604]: Failed password for invalid user wrchang from 104.131.138.126 port 54684 ssh2	2020-03-19 23:35:56
attackbotsspam	Mar 19 08:18:21 host01 sshd[21866]: Failed password for daemon from 104.131.138.126 port 36654 ssh2 Mar 19 08:22:21 host01 sshd[22478]: Failed password for root from 104.131.138.126 port 57418 ssh2 ...	2020-03-19 17:50:45
attack	Mar 18 10:27:12 mockhub sshd[6978]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.138.126 Mar 18 10:27:14 mockhub sshd[6978]: Failed password for invalid user ubnt from 104.131.138.126 port 43882 ssh2 ...	2020-03-19 03:03:14
attackbotsspam	2020-03-09T17:22:19.986594abusebot-6.cloudsearch.cf sshd[4099]: Invalid user ptao from 104.131.138.126 port 37762 2020-03-09T17:22:19.992558abusebot-6.cloudsearch.cf sshd[4099]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.138.126 2020-03-09T17:22:19.986594abusebot-6.cloudsearch.cf sshd[4099]: Invalid user ptao from 104.131.138.126 port 37762 2020-03-09T17:22:21.784790abusebot-6.cloudsearch.cf sshd[4099]: Failed password for invalid user ptao from 104.131.138.126 port 37762 ssh2 2020-03-09T17:30:25.899388abusebot-6.cloudsearch.cf sshd[4593]: Invalid user ag from 104.131.138.126 port 43372 2020-03-09T17:30:25.905173abusebot-6.cloudsearch.cf sshd[4593]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.138.126 2020-03-09T17:30:25.899388abusebot-6.cloudsearch.cf sshd[4593]: Invalid user ag from 104.131.138.126 port 43372 2020-03-09T17:30:27.415617abusebot-6.cloudsearch.cf sshd[4593]: Failed pa ...	2020-03-10 01:58:07
attackspambots	Mar 5 01:21:53 NPSTNNYC01T sshd[27947]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.138.126 Mar 5 01:21:55 NPSTNNYC01T sshd[27947]: Failed password for invalid user nx from 104.131.138.126 port 33924 ssh2 Mar 5 01:30:56 NPSTNNYC01T sshd[28532]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.138.126 ...	2020-03-05 14:50:54
attackbots	Unauthorized connection attempt detected from IP address 104.131.138.126 to port 2220 [J]	2020-01-18 20:46:39
attackbotsspam	(sshd) Failed SSH login from 104.131.138.126 (US/United States/-): 10 in the last 3600 secs	2020-01-14 18:05:18
attackspambots	Invalid user dfh from 104.131.138.126 port 59198	2020-01-11 08:58:44
attackspam	2020-01-01T15:38:55.490847shield sshd\[3811\]: Invalid user dovecot from 104.131.138.126 port 46454 2020-01-01T15:38:55.494808shield sshd\[3811\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.138.126 2020-01-01T15:38:57.285272shield sshd\[3811\]: Failed password for invalid user dovecot from 104.131.138.126 port 46454 ssh2 2020-01-01T15:40:53.677020shield sshd\[5156\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.138.126 user=sshd 2020-01-01T15:40:56.333533shield sshd\[5156\]: Failed password for sshd from 104.131.138.126 port 35290 ssh2	2020-01-02 02:56:12

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.131.138.126
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 64972
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.131.138.126.		IN	A

;; AUTHORITY SECTION:
.			463	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020010102 1800 900 604800 86400

;; Query time: 33 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jan 02 02:56:09 CST 2020
;; MSG SIZE  rcvd: 119

HOST信息:

Host 126.138.131.104.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 126.138.131.104.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
106.12.18.168	attackbots	Invalid user pramod from 106.12.18.168 port 36926	2020-08-31 18:05:33
159.89.171.81	attackbotsspam	Aug 31 06:50:33 sip sshd[1474602]: Invalid user hj from 159.89.171.81 port 57282 Aug 31 06:50:35 sip sshd[1474602]: Failed password for invalid user hj from 159.89.171.81 port 57282 ssh2 Aug 31 06:55:00 sip sshd[1474630]: Invalid user sysadmin from 159.89.171.81 port 35928 ...	2020-08-31 18:09:09
123.160.228.176	attackspam	20/8/30@23:49:50: FAIL: Alarm-Network address from=123.160.228.176 ...	2020-08-31 18:18:09
195.158.100.201	attackbots	Invalid user lixuan from 195.158.100.201 port 46504	2020-08-31 18:11:55
45.129.33.22	attack	SmallBizIT.US 7 packets to tcp(6300,6308,6311,6312,6314,6319,6320)	2020-08-31 18:12:11
159.89.89.65	attack	Invalid user vnc from 159.89.89.65 port 39888	2020-08-31 18:06:37
193.27.228.193	attack	firewall-block, port(s): 61852/tcp	2020-08-31 17:53:09
115.159.152.188	attack	2020-08-31T08:51:01.693309vps1033 sshd[28097]: Invalid user wangyu from 115.159.152.188 port 33956 2020-08-31T08:51:01.697569vps1033 sshd[28097]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.159.152.188 2020-08-31T08:51:01.693309vps1033 sshd[28097]: Invalid user wangyu from 115.159.152.188 port 33956 2020-08-31T08:51:03.592776vps1033 sshd[28097]: Failed password for invalid user wangyu from 115.159.152.188 port 33956 ssh2 2020-08-31T08:55:09.628045vps1033 sshd[4568]: Invalid user test from 115.159.152.188 port 51152 ...	2020-08-31 17:43:05
118.117.89.173	attackspambots	(smtpauth) Failed SMTP AUTH login from 118.117.89.173 (CN/China/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-08-31 08:19:45 login authenticator failed for (xqR5REBDS) [118.117.89.173]: 535 Incorrect authentication data (set_id=huangying)	2020-08-31 18:18:24
13.75.252.69	attackbots	Aug 31 07:26:56 [host] sshd[10519]: pam_unix(sshd: Aug 31 07:26:58 [host] sshd[10519]: Failed passwor Aug 31 07:30:43 [host] sshd[10609]: Invalid user t	2020-08-31 18:08:37
159.65.224.137	attack	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-08-31 17:52:18
66.240.205.34	attackspam	SmallBizIT.US 3 packets to udp(16464)	2020-08-31 18:02:36
120.39.243.92	attack	Port Scan detected! ...	2020-08-31 18:15:03
167.172.115.176	attack	167.172.115.176 - - \[31/Aug/2020:05:50:25 +0200\] "POST /wp-login.php HTTP/1.0" 200 5983 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 167.172.115.176 - - \[31/Aug/2020:05:50:29 +0200\] "POST /wp-login.php HTTP/1.0" 200 5981 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 167.172.115.176 - - \[31/Aug/2020:05:50:30 +0200\] "POST /xmlrpc.php HTTP/1.0" 200 736 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2020-08-31 17:50:10
184.105.139.80	attackspambots	TCP (SYN) 184.105.139.80:35425 -> port 7547, len 44	2020-08-31 17:57:38

最近上报的IP列表

35.79.248.110	86.36.172.108	35.107.11.65	211.30.142.161
54.16.187.72	212.174.170.190	222.98.9.172	42.19.146.206
5.139.250.92	150.159.192.49	215.210.113.137	161.135.152.212
115.203.178.52	96.76.40.27	150.105.228.24	220.166.6.159
60.185.132.140	37.69.30.122	143.188.103.170	24.42.189.78