134.175.20.103

基本信息:

城市(city): unknown

省份(region): Beijing

国家(country): China

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): Shenzhen Tencent Computer Systems Company Limited

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	恶意攻击 134.175.20.103 - - [18/Apr/2019:20:51:46 +0800] "POST /sha.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36" 134.175.20.103 - - [18/Apr/2019:20:51:46 +0800] "POST /ppx.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36" 134.175.20.103 - - [18/Apr/2019:20:51:46 +0800] "POST /1.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36" 134.175.20.103 - - [18/Apr/2019:20:51:46 +0800] "POST /confg.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36" 134.175.20.103 - - [18/Apr/2019:20:51:46 +0800] "POST /conf1g.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36" 134.175.20.103 - - [18/Apr/2019:20:51:46 +0800] "POST /confg.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36"	2019-04-18 20:52:46

类型

评论内容

时间

attack

恶意攻击
134.175.20.103 - - [18/Apr/2019:20:51:46 +0800] "POST /sha.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36"
134.175.20.103 - - [18/Apr/2019:20:51:46 +0800] "POST /ppx.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36"
134.175.20.103 - - [18/Apr/2019:20:51:46 +0800] "POST /1.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36"
134.175.20.103 - - [18/Apr/2019:20:51:46 +0800] "POST /confg.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36"
134.175.20.103 - - [18/Apr/2019:20:51:46 +0800] "POST /conf1g.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36"
134.175.20.103 - - [18/Apr/2019:20:51:46 +0800] "POST /confg.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36"

2019-04-18 20:52:46

相同子网IP讨论:

IP	类型	评论内容	时间
134.175.20.63	attackspambots	Jul 5 23:52:59 main sshd[9443]: Failed password for invalid user fuck from 134.175.20.63 port 44986 ssh2	2020-07-06 04:26:16
134.175.20.63	attack	$f2bV_matches	2020-06-29 17:08:04
134.175.20.63	attackbots	[ssh] SSH attack	2020-06-26 01:53:58
134.175.205.205	attackbots	SSH invalid-user multiple login try	2020-04-18 16:33:52
134.175.205.205	attackspam	Wordpress malicious attack:[sshd]	2020-04-17 15:58:08
134.175.204.181	attackspambots	SSH invalid-user multiple login try	2020-04-12 04:13:57
134.175.204.181	attackspambots	Apr 9 20:59:07 mockhub sshd[21003]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.204.181 Apr 9 20:59:10 mockhub sshd[21003]: Failed password for invalid user admin from 134.175.204.181 port 36530 ssh2 ...	2020-04-10 12:06:39
134.175.204.181	attackbots	Apr 6 09:19:22 h2829583 sshd[26073]: Failed password for root from 134.175.204.181 port 41518 ssh2	2020-04-06 16:31:59
134.175.204.120	attackspambots	until 2020-03-04T20:32:16+00:00, observations: 3, bad account names: 1	2020-03-05 08:12:12
134.175.206.12	attack	2020-03-02T18:41:19.137739vps773228.ovh.net sshd[20153]: Invalid user as-hadoop from 134.175.206.12 port 53240 2020-03-02T18:41:19.148054vps773228.ovh.net sshd[20153]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.206.12 2020-03-02T18:41:19.137739vps773228.ovh.net sshd[20153]: Invalid user as-hadoop from 134.175.206.12 port 53240 2020-03-02T18:41:20.934289vps773228.ovh.net sshd[20153]: Failed password for invalid user as-hadoop from 134.175.206.12 port 53240 ssh2 2020-03-02T18:53:55.257639vps773228.ovh.net sshd[20231]: Invalid user ftptest from 134.175.206.12 port 39514 2020-03-02T18:53:55.279632vps773228.ovh.net sshd[20231]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.206.12 2020-03-02T18:53:55.257639vps773228.ovh.net sshd[20231]: Invalid user ftptest from 134.175.206.12 port 39514 2020-03-02T18:53:57.853387vps773228.ovh.net sshd[20231]: Failed password for invalid user ftptest from 1 ...	2020-03-03 05:16:29
134.175.206.12	attack	Feb 13 00:03:58 plex sshd[12066]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.206.12 user=root Feb 13 00:03:59 plex sshd[12066]: Failed password for root from 134.175.206.12 port 50384 ssh2	2020-02-13 08:56:08
134.175.206.12	attackbotsspam	2020-02-11T10:36:19.9902541495-001 sshd[54488]: Invalid user qzx from 134.175.206.12 port 48254 2020-02-11T10:36:19.9932121495-001 sshd[54488]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.206.12 2020-02-11T10:36:19.9902541495-001 sshd[54488]: Invalid user qzx from 134.175.206.12 port 48254 2020-02-11T10:36:22.5240001495-001 sshd[54488]: Failed password for invalid user qzx from 134.175.206.12 port 48254 ssh2 2020-02-11T10:40:40.6951951495-001 sshd[54770]: Invalid user fte from 134.175.206.12 port 45634 2020-02-11T10:40:40.6988241495-001 sshd[54770]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.206.12 2020-02-11T10:40:40.6951951495-001 sshd[54770]: Invalid user fte from 134.175.206.12 port 45634 2020-02-11T10:40:42.7277711495-001 sshd[54770]: Failed password for invalid user fte from 134.175.206.12 port 45634 ssh2 2020-02-11T10:45:02.6671921495-001 sshd[54980]: Invalid user qrf from 13 ...	2020-02-12 06:09:58
134.175.206.12	attack	Feb 10 14:38:19 sxvn sshd[2063437]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.206.12	2020-02-11 03:07:29
134.175.206.12	attack	Automatic report - SSH Brute-Force Attack	2020-02-04 21:09:05
134.175.206.12	attack	Unauthorized connection attempt detected from IP address 134.175.206.12 to port 2220 [J]	2020-01-24 22:51:19

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 134.175.20.103
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 64906
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;134.175.20.103.			IN	A

;; AUTHORITY SECTION:
.			2965	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019041800 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Thu Apr 18 20:52:44 +08 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 103.20.175.134.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 103.20.175.134.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
36.24.147.170	attack	(sshd) Failed SSH login from 36.24.147.170 (CN/China/-): 5 in the last 3600 secs	2020-06-14 02:28:57
167.172.110.159	attackspam	xmlrpc attack	2020-06-14 02:24:18
61.133.232.248	attackspambots	Jun 13 18:43:53 localhost sshd\[6362\]: Invalid user chi from 61.133.232.248 Jun 13 18:43:53 localhost sshd\[6362\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.133.232.248 Jun 13 18:43:55 localhost sshd\[6362\]: Failed password for invalid user chi from 61.133.232.248 port 31312 ssh2 Jun 13 18:49:03 localhost sshd\[6577\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.133.232.248 user=root Jun 13 18:49:04 localhost sshd\[6577\]: Failed password for root from 61.133.232.248 port 29344 ssh2 ...	2020-06-14 02:44:30
5.182.39.63	attackbots	Cowrie Honeypot: 10 unauthorised SSH/Telnet login attempts between 2020-06-13T17:30:44Z and 2020-06-13T18:00:17Z	2020-06-14 02:24:40
222.128.6.194	attackspambots	Jun 13 15:25:41 server sshd[25150]: User smmsp from 222.128.6.194 not allowed because not listed in AllowUsers Jun 13 15:25:43 server sshd[25150]: Failed password for invalid user smmsp from 222.128.6.194 port 24338 ssh2 Jun 13 15:30:35 server sshd[28872]: Failed password for invalid user crisanto1 from 222.128.6.194 port 23962 ssh2	2020-06-14 02:18:41
195.54.160.202	attack	06/13/2020-12:22:45.669597 195.54.160.202 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-06-14 02:51:20
198.12.156.214	attackbots	10 attempts against mh-misc-ban on heat	2020-06-14 02:35:15
103.104.119.66	attack	2020-06-13 02:41:07 server sshd[6716]: Failed password for invalid user lmt from 103.104.119.66 port 53738 ssh2	2020-06-14 02:18:12
178.128.15.57	attack	Jun 13 14:12:14 h2779839 sshd[31452]: Invalid user neil from 178.128.15.57 port 60066 Jun 13 14:12:14 h2779839 sshd[31452]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.15.57 Jun 13 14:12:14 h2779839 sshd[31452]: Invalid user neil from 178.128.15.57 port 60066 Jun 13 14:12:16 h2779839 sshd[31452]: Failed password for invalid user neil from 178.128.15.57 port 60066 ssh2 Jun 13 14:15:32 h2779839 sshd[31488]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.15.57 user=root Jun 13 14:15:34 h2779839 sshd[31488]: Failed password for root from 178.128.15.57 port 33748 ssh2 Jun 13 14:18:43 h2779839 sshd[31539]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.15.57 user=root Jun 13 14:18:45 h2779839 sshd[31539]: Failed password for root from 178.128.15.57 port 35612 ssh2 Jun 13 14:21:58 h2779839 sshd[31571]: pam_unix(sshd:auth): authentication failu ...	2020-06-14 02:41:32
111.229.85.222	attackbots	(sshd) Failed SSH login from 111.229.85.222 (CN/China/-): 5 in the last 3600 secs	2020-06-14 02:37:50
139.199.59.31	attackspam	2020-06-13T12:17:39.164667abusebot.cloudsearch.cf sshd[9128]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.59.31 user=root 2020-06-13T12:17:41.091632abusebot.cloudsearch.cf sshd[9128]: Failed password for root from 139.199.59.31 port 25567 ssh2 2020-06-13T12:20:11.589356abusebot.cloudsearch.cf sshd[9317]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.59.31 user=root 2020-06-13T12:20:13.716941abusebot.cloudsearch.cf sshd[9317]: Failed password for root from 139.199.59.31 port 52073 ssh2 2020-06-13T12:22:46.899166abusebot.cloudsearch.cf sshd[9466]: Invalid user teampspeak3 from 139.199.59.31 port 22078 2020-06-13T12:22:46.905643abusebot.cloudsearch.cf sshd[9466]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.59.31 2020-06-13T12:22:46.899166abusebot.cloudsearch.cf sshd[9466]: Invalid user teampspeak3 from 139.199.59.31 port 22078 2020-06- ...	2020-06-14 02:11:39
8.129.168.101	attack	[2020-06-13 13:48:40] NOTICE[1273] chan_sip.c: Registration from '' failed for '8.129.168.101:54771' - Wrong password [2020-06-13 13:48:40] SECURITY[1288] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-06-13T13:48:40.023-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="0",SessionID="0x7f31c02f7128",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/8.129.168.101/54771",Challenge="47f33cf3",ReceivedChallenge="47f33cf3",ReceivedHash="69900704c8a668437366ffee83bd8fbd" [2020-06-13 13:48:40] NOTICE[1273] chan_sip.c: Registration from '' failed for '8.129.168.101:54769' - Wrong password [2020-06-13 13:48:40] SECURITY[1288] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-06-13T13:48:40.025-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="0",SessionID="0x7f31c018ea98",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/8.129.168.101/54769",Chal ...	2020-06-14 02:09:01
142.93.223.25	attack	Jun 13 16:15:18 odroid64 sshd\[19062\]: User root from 142.93.223.25 not allowed because not listed in AllowUsers Jun 13 16:15:18 odroid64 sshd\[19062\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.223.25 user=root ...	2020-06-14 02:29:52
188.32.38.91	attackbotsspam	1592050967 - 06/13/2020 14:22:47 Host: 188.32.38.91/188.32.38.91 Port: 445 TCP Blocked	2020-06-14 02:13:08
51.158.111.168	attack	Jun 13 17:25:27 prod4 sshd\[21314\]: Failed password for root from 51.158.111.168 port 45708 ssh2 Jun 13 17:28:36 prod4 sshd\[22252\]: Invalid user lijinze from 51.158.111.168 Jun 13 17:28:38 prod4 sshd\[22252\]: Failed password for invalid user lijinze from 51.158.111.168 port 46772 ssh2 ...	2020-06-14 02:22:02

最近上报的IP列表

202.21.32.139	112.105.74.35	177.93.247.16	104.214.57.180
217.66.157.65	113.129.155.159	86.125.35.90	202.82.10.241
197.48.192.203	185.69.144.17	162.243.141.75	59.99.66.179
202.40.190.210	190.104.39.228	78.40.189.84	197.149.125.50
180.108.76.126	34.229.91.96	14.52.95.114	106.12.202.85