104.131.138.126

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Jun 6 23:44:45 minden010 sshd[8759]: Failed password for root from 104.131.138.126 port 32770 ssh2 Jun 6 23:46:38 minden010 sshd[10423]: Failed password for root from 104.131.138.126 port 36856 ssh2 ...	2020-06-07 07:53:51
attack	Jun 2 22:05:37 game-panel sshd[7599]: Failed password for root from 104.131.138.126 port 40660 ssh2 Jun 2 22:09:08 game-panel sshd[7859]: Failed password for root from 104.131.138.126 port 45942 ssh2	2020-06-03 06:37:39
attackspambots	Jun 2 06:45:22 ip-172-31-61-156 sshd[29713]: Failed password for root from 104.131.138.126 port 52244 ssh2 Jun 2 06:47:29 ip-172-31-61-156 sshd[29783]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.138.126 user=root Jun 2 06:47:31 ip-172-31-61-156 sshd[29783]: Failed password for root from 104.131.138.126 port 58134 ssh2 Jun 2 06:47:29 ip-172-31-61-156 sshd[29783]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.138.126 user=root Jun 2 06:47:31 ip-172-31-61-156 sshd[29783]: Failed password for root from 104.131.138.126 port 58134 ssh2 ...	2020-06-02 16:18:32
attackspambots	(sshd) Failed SSH login from 104.131.138.126 (US/United States/-): 5 in the last 3600 secs	2020-05-09 17:55:43
attackspam	$f2bV_matches	2020-05-06 13:44:00
attack	May 3 06:34:16 srv-ubuntu-dev3 sshd[99368]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.138.126 user=root May 3 06:34:18 srv-ubuntu-dev3 sshd[99368]: Failed password for root from 104.131.138.126 port 37690 ssh2 May 3 06:37:56 srv-ubuntu-dev3 sshd[100388]: Invalid user admin from 104.131.138.126 May 3 06:37:56 srv-ubuntu-dev3 sshd[100388]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.138.126 May 3 06:37:56 srv-ubuntu-dev3 sshd[100388]: Invalid user admin from 104.131.138.126 May 3 06:37:59 srv-ubuntu-dev3 sshd[100388]: Failed password for invalid user admin from 104.131.138.126 port 49142 ssh2 May 3 06:41:42 srv-ubuntu-dev3 sshd[100934]: Invalid user admin from 104.131.138.126 May 3 06:41:42 srv-ubuntu-dev3 sshd[100934]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.138.126 May 3 06:41:42 srv-ubuntu-dev3 sshd[100934]: Invalid ...	2020-05-03 14:46:01
attack	Port Scan detected from 104.131.138.126 (US/United States/California/San Francisco/-). 4 hits in the last 105 seconds	2020-04-23 04:11:49
attackspam	2020-04-17T20:00:36.378530abusebot-6.cloudsearch.cf sshd[12419]: Invalid user r from 104.131.138.126 port 45948 2020-04-17T20:00:36.384250abusebot-6.cloudsearch.cf sshd[12419]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.138.126 2020-04-17T20:00:36.378530abusebot-6.cloudsearch.cf sshd[12419]: Invalid user r from 104.131.138.126 port 45948 2020-04-17T20:00:38.339500abusebot-6.cloudsearch.cf sshd[12419]: Failed password for invalid user r from 104.131.138.126 port 45948 ssh2 2020-04-17T20:04:10.882939abusebot-6.cloudsearch.cf sshd[12631]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.138.126 user=root 2020-04-17T20:04:13.219500abusebot-6.cloudsearch.cf sshd[12631]: Failed password for root from 104.131.138.126 port 52874 ssh2 2020-04-17T20:07:41.771598abusebot-6.cloudsearch.cf sshd[12849]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.13 ...	2020-04-18 04:15:33
attack	Apr 11 22:53:04 vpn01 sshd[19431]: Failed password for root from 104.131.138.126 port 55416 ssh2 ...	2020-04-12 05:37:52
attackbots	Apr 7 10:57:26 santamaria sshd\[21921\]: Invalid user test from 104.131.138.126 Apr 7 10:57:26 santamaria sshd\[21921\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.138.126 Apr 7 10:57:29 santamaria sshd\[21921\]: Failed password for invalid user test from 104.131.138.126 port 35216 ssh2 ...	2020-04-07 17:51:59
attack	$f2bV_matches	2020-04-04 14:07:13
attack	ssh brute force	2020-03-26 14:05:54
attackspam	SSH Invalid Login	2020-03-25 07:39:08
attackspambots	invalid user	2020-03-23 20:19:35
attackspam	(sshd) Failed SSH login from 104.131.138.126 (US/United States/-): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Mar 19 14:01:53 ubnt-55d23 sshd[10604]: Invalid user wrchang from 104.131.138.126 port 54684 Mar 19 14:01:55 ubnt-55d23 sshd[10604]: Failed password for invalid user wrchang from 104.131.138.126 port 54684 ssh2	2020-03-19 23:35:56
attackbotsspam	Mar 19 08:18:21 host01 sshd[21866]: Failed password for daemon from 104.131.138.126 port 36654 ssh2 Mar 19 08:22:21 host01 sshd[22478]: Failed password for root from 104.131.138.126 port 57418 ssh2 ...	2020-03-19 17:50:45
attack	Mar 18 10:27:12 mockhub sshd[6978]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.138.126 Mar 18 10:27:14 mockhub sshd[6978]: Failed password for invalid user ubnt from 104.131.138.126 port 43882 ssh2 ...	2020-03-19 03:03:14
attackbotsspam	2020-03-09T17:22:19.986594abusebot-6.cloudsearch.cf sshd[4099]: Invalid user ptao from 104.131.138.126 port 37762 2020-03-09T17:22:19.992558abusebot-6.cloudsearch.cf sshd[4099]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.138.126 2020-03-09T17:22:19.986594abusebot-6.cloudsearch.cf sshd[4099]: Invalid user ptao from 104.131.138.126 port 37762 2020-03-09T17:22:21.784790abusebot-6.cloudsearch.cf sshd[4099]: Failed password for invalid user ptao from 104.131.138.126 port 37762 ssh2 2020-03-09T17:30:25.899388abusebot-6.cloudsearch.cf sshd[4593]: Invalid user ag from 104.131.138.126 port 43372 2020-03-09T17:30:25.905173abusebot-6.cloudsearch.cf sshd[4593]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.138.126 2020-03-09T17:30:25.899388abusebot-6.cloudsearch.cf sshd[4593]: Invalid user ag from 104.131.138.126 port 43372 2020-03-09T17:30:27.415617abusebot-6.cloudsearch.cf sshd[4593]: Failed pa ...	2020-03-10 01:58:07
attackspambots	Mar 5 01:21:53 NPSTNNYC01T sshd[27947]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.138.126 Mar 5 01:21:55 NPSTNNYC01T sshd[27947]: Failed password for invalid user nx from 104.131.138.126 port 33924 ssh2 Mar 5 01:30:56 NPSTNNYC01T sshd[28532]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.138.126 ...	2020-03-05 14:50:54
attackbots	Unauthorized connection attempt detected from IP address 104.131.138.126 to port 2220 [J]	2020-01-18 20:46:39
attackbotsspam	(sshd) Failed SSH login from 104.131.138.126 (US/United States/-): 10 in the last 3600 secs	2020-01-14 18:05:18
attackspambots	Invalid user dfh from 104.131.138.126 port 59198	2020-01-11 08:58:44
attackspam	2020-01-01T15:38:55.490847shield sshd\[3811\]: Invalid user dovecot from 104.131.138.126 port 46454 2020-01-01T15:38:55.494808shield sshd\[3811\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.138.126 2020-01-01T15:38:57.285272shield sshd\[3811\]: Failed password for invalid user dovecot from 104.131.138.126 port 46454 ssh2 2020-01-01T15:40:53.677020shield sshd\[5156\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.138.126 user=sshd 2020-01-01T15:40:56.333533shield sshd\[5156\]: Failed password for sshd from 104.131.138.126 port 35290 ssh2	2020-01-02 02:56:12

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.131.138.126
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 64972
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.131.138.126.		IN	A

;; AUTHORITY SECTION:
.			463	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020010102 1800 900 604800 86400

;; Query time: 33 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jan 02 02:56:09 CST 2020
;; MSG SIZE  rcvd: 119

HOST信息:

Host 126.138.131.104.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 126.138.131.104.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
211.121.197.90	attackbots	Human Trafficking Spam Subject: Locals for sex Meet gorgeous babes	2019-07-06 14:17:51
96.35.158.10	attackspam	Jul 6 04:53:09 mail sshd\[29946\]: Failed password for invalid user confluence from 96.35.158.10 port 39651 ssh2 Jul 6 05:09:15 mail sshd\[30072\]: Invalid user admin3 from 96.35.158.10 port 60156 ...	2019-07-06 13:22:59
83.48.29.116	attackspambots	Jul 6 06:55:33 MK-Soft-Root2 sshd\[17885\]: Invalid user calenda from 83.48.29.116 port 36685 Jul 6 06:55:33 MK-Soft-Root2 sshd\[17885\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=83.48.29.116 Jul 6 06:55:36 MK-Soft-Root2 sshd\[17885\]: Failed password for invalid user calenda from 83.48.29.116 port 36685 ssh2 ...	2019-07-06 14:00:14
201.150.88.242	attackspam	SMTP-sasl brute force ...	2019-07-06 13:45:29
59.145.221.103	attackbotsspam	Jul 6 05:46:41 mail sshd\[11821\]: Invalid user dale from 59.145.221.103\ Jul 6 05:46:44 mail sshd\[11821\]: Failed password for invalid user dale from 59.145.221.103 port 60690 ssh2\ Jul 6 05:49:50 mail sshd\[11856\]: Invalid user anselme from 59.145.221.103\ Jul 6 05:49:51 mail sshd\[11856\]: Failed password for invalid user anselme from 59.145.221.103 port 44967 ssh2\ Jul 6 05:53:00 mail sshd\[11863\]: Invalid user capricorne from 59.145.221.103\ Jul 6 05:53:03 mail sshd\[11863\]: Failed password for invalid user capricorne from 59.145.221.103 port 57473 ssh2\	2019-07-06 13:24:38
142.234.203.95	attack	GET /wp-login.php?action=register	2019-07-06 14:18:53
219.235.1.141	attackbots	SMB Server BruteForce Attack	2019-07-06 13:57:09
182.61.43.47	attackbotsspam	Automated report - ssh fail2ban: Jul 6 06:55:21 authentication failure Jul 6 06:55:24 wrong password, user=linux, port=33988, ssh2 Jul 6 07:25:32 authentication failure	2019-07-06 14:04:28
203.70.166.59	attack	[SatJul0605:52:02.9441632019][:error][pid25038:tid47246360000256][client203.70.166.59:19485][client203.70.166.59]ModSecurity:Accessdeniedwithcode404$phase2$.Patternmatch"/$\?:title\\|sourceinc\\|xml\\|general\\|info\\|dir\\|javascript\\|cache\\|menu\\|themes\\|functions\\|dump\\|inc$[0-9] \\\\\\\\.php"atREQUEST_URI.[file"/etc/apache2/conf.d/modsec_rules/50_asl_rootkits.conf"][line"74"][id"318814"][rev"2"][msg"Atomicorp.comWAFRules:PossibleAttempttoAccessunauthorizedshellorexploit"][data"/info8.php"][severity"CRITICAL"][hostname"136.243.224.57"][uri"/info8.php"][unique_id"XSAa4rnLzdXYJbQN1QdZxwAAARU"][SatJul0605:52:18.9021872019][:error][pid25038:tid47246360000256][client203.70.166.59:19485][client203.70.166.59]ModSecurity:Accessdeniedwithcode404$phase2$.Patternmatch"/$\?:title\\|sourceinc\\|xml\\|general\\|info\\|dir\\|javascript\\|cache\\|menu\\|themes\\|functions\\|dump\\|inc$[0-9] \\\\\\\\.php"atREQUEST_URI.[file"/etc/apache2/conf.d/modsec_rules/50_asl_rootkits.conf"][line"74"][id"318814"][re	2019-07-06 13:36:26
198.108.67.77	attack	Portscan or hack attempt detected by psad/fwsnort	2019-07-06 14:13:31
59.48.40.34	attackspambots	DATE:2019-07-06 06:26:18, IP:59.48.40.34, PORT:ssh brute force auth on SSH service (patata)	2019-07-06 14:12:04
46.191.134.226	attack	Jul 6 07:07:05 lnxded64 sshd[2303]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.191.134.226	2019-07-06 13:56:34
37.187.22.227	attackbots	Jul 6 05:51:25 ks10 sshd[19503]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.187.22.227 Jul 6 05:51:28 ks10 sshd[19503]: Failed password for invalid user jeremy from 37.187.22.227 port 43844 ssh2 ...	2019-07-06 13:54:46
210.217.32.25	attack	Brute force attack to crack SMTP password (port 25 / 587)	2019-07-06 14:23:18
196.52.43.116	attackspambots	06.07.2019 03:51:47 Connection to port 5909 blocked by firewall	2019-07-06 13:50:27

最近上报的IP列表

35.79.248.110	86.36.172.108	35.107.11.65	211.30.142.161
54.16.187.72	212.174.170.190	222.98.9.172	42.19.146.206
5.139.250.92	150.159.192.49	215.210.113.137	161.135.152.212
115.203.178.52	96.76.40.27	150.105.228.24	220.166.6.159
60.185.132.140	37.69.30.122	143.188.103.170	24.42.189.78