134.175.20.103

基本信息:

城市(city): unknown

省份(region): Beijing

国家(country): China

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): Shenzhen Tencent Computer Systems Company Limited

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	恶意攻击 134.175.20.103 - - [18/Apr/2019:20:51:46 +0800] "POST /sha.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36" 134.175.20.103 - - [18/Apr/2019:20:51:46 +0800] "POST /ppx.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36" 134.175.20.103 - - [18/Apr/2019:20:51:46 +0800] "POST /1.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36" 134.175.20.103 - - [18/Apr/2019:20:51:46 +0800] "POST /confg.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36" 134.175.20.103 - - [18/Apr/2019:20:51:46 +0800] "POST /conf1g.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36" 134.175.20.103 - - [18/Apr/2019:20:51:46 +0800] "POST /confg.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36"	2019-04-18 20:52:46

类型

评论内容

时间

attack

恶意攻击
134.175.20.103 - - [18/Apr/2019:20:51:46 +0800] "POST /sha.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36"
134.175.20.103 - - [18/Apr/2019:20:51:46 +0800] "POST /ppx.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36"
134.175.20.103 - - [18/Apr/2019:20:51:46 +0800] "POST /1.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36"
134.175.20.103 - - [18/Apr/2019:20:51:46 +0800] "POST /confg.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36"
134.175.20.103 - - [18/Apr/2019:20:51:46 +0800] "POST /conf1g.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36"
134.175.20.103 - - [18/Apr/2019:20:51:46 +0800] "POST /confg.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36"

2019-04-18 20:52:46

相同子网IP讨论:

IP	类型	评论内容	时间
134.175.20.63	attackspambots	Jul 5 23:52:59 main sshd[9443]: Failed password for invalid user fuck from 134.175.20.63 port 44986 ssh2	2020-07-06 04:26:16
134.175.20.63	attack	$f2bV_matches	2020-06-29 17:08:04
134.175.20.63	attackbots	[ssh] SSH attack	2020-06-26 01:53:58
134.175.205.205	attackbots	SSH invalid-user multiple login try	2020-04-18 16:33:52
134.175.205.205	attackspam	Wordpress malicious attack:[sshd]	2020-04-17 15:58:08
134.175.204.181	attackspambots	SSH invalid-user multiple login try	2020-04-12 04:13:57
134.175.204.181	attackspambots	Apr 9 20:59:07 mockhub sshd[21003]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.204.181 Apr 9 20:59:10 mockhub sshd[21003]: Failed password for invalid user admin from 134.175.204.181 port 36530 ssh2 ...	2020-04-10 12:06:39
134.175.204.181	attackbots	Apr 6 09:19:22 h2829583 sshd[26073]: Failed password for root from 134.175.204.181 port 41518 ssh2	2020-04-06 16:31:59
134.175.204.120	attackspambots	until 2020-03-04T20:32:16+00:00, observations: 3, bad account names: 1	2020-03-05 08:12:12
134.175.206.12	attack	2020-03-02T18:41:19.137739vps773228.ovh.net sshd[20153]: Invalid user as-hadoop from 134.175.206.12 port 53240 2020-03-02T18:41:19.148054vps773228.ovh.net sshd[20153]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.206.12 2020-03-02T18:41:19.137739vps773228.ovh.net sshd[20153]: Invalid user as-hadoop from 134.175.206.12 port 53240 2020-03-02T18:41:20.934289vps773228.ovh.net sshd[20153]: Failed password for invalid user as-hadoop from 134.175.206.12 port 53240 ssh2 2020-03-02T18:53:55.257639vps773228.ovh.net sshd[20231]: Invalid user ftptest from 134.175.206.12 port 39514 2020-03-02T18:53:55.279632vps773228.ovh.net sshd[20231]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.206.12 2020-03-02T18:53:55.257639vps773228.ovh.net sshd[20231]: Invalid user ftptest from 134.175.206.12 port 39514 2020-03-02T18:53:57.853387vps773228.ovh.net sshd[20231]: Failed password for invalid user ftptest from 1 ...	2020-03-03 05:16:29
134.175.206.12	attack	Feb 13 00:03:58 plex sshd[12066]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.206.12 user=root Feb 13 00:03:59 plex sshd[12066]: Failed password for root from 134.175.206.12 port 50384 ssh2	2020-02-13 08:56:08
134.175.206.12	attackbotsspam	2020-02-11T10:36:19.9902541495-001 sshd[54488]: Invalid user qzx from 134.175.206.12 port 48254 2020-02-11T10:36:19.9932121495-001 sshd[54488]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.206.12 2020-02-11T10:36:19.9902541495-001 sshd[54488]: Invalid user qzx from 134.175.206.12 port 48254 2020-02-11T10:36:22.5240001495-001 sshd[54488]: Failed password for invalid user qzx from 134.175.206.12 port 48254 ssh2 2020-02-11T10:40:40.6951951495-001 sshd[54770]: Invalid user fte from 134.175.206.12 port 45634 2020-02-11T10:40:40.6988241495-001 sshd[54770]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.206.12 2020-02-11T10:40:40.6951951495-001 sshd[54770]: Invalid user fte from 134.175.206.12 port 45634 2020-02-11T10:40:42.7277711495-001 sshd[54770]: Failed password for invalid user fte from 134.175.206.12 port 45634 ssh2 2020-02-11T10:45:02.6671921495-001 sshd[54980]: Invalid user qrf from 13 ...	2020-02-12 06:09:58
134.175.206.12	attack	Feb 10 14:38:19 sxvn sshd[2063437]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.206.12	2020-02-11 03:07:29
134.175.206.12	attack	Automatic report - SSH Brute-Force Attack	2020-02-04 21:09:05
134.175.206.12	attack	Unauthorized connection attempt detected from IP address 134.175.206.12 to port 2220 [J]	2020-01-24 22:51:19

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 134.175.20.103
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 64906
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;134.175.20.103.			IN	A

;; AUTHORITY SECTION:
.			2965	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019041800 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Thu Apr 18 20:52:44 +08 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 103.20.175.134.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 103.20.175.134.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
45.227.253.138	attackbots	Oct 20 14:24:43 relay postfix/smtpd\[16901\]: warning: unknown\[45.227.253.138\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 20 14:25:36 relay postfix/smtpd\[16901\]: warning: unknown\[45.227.253.138\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 20 14:25:43 relay postfix/smtpd\[16900\]: warning: unknown\[45.227.253.138\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 20 14:25:47 relay postfix/smtpd\[21100\]: warning: unknown\[45.227.253.138\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 20 14:26:03 relay postfix/smtpd\[16885\]: warning: unknown\[45.227.253.138\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-10-20 20:33:23
167.71.215.72	attackspambots	2019-10-20T14:13:05.4665311240 sshd\[15508\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.215.72 user=root 2019-10-20T14:13:07.7755291240 sshd\[15508\]: Failed password for root from 167.71.215.72 port 17256 ssh2 2019-10-20T14:16:59.6603351240 sshd\[15649\]: Invalid user rn from 167.71.215.72 port 33047 2019-10-20T14:16:59.6634251240 sshd\[15649\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.215.72 ...	2019-10-20 20:59:16
212.83.143.57	attackspambots	SSH invalid-user multiple login try	2019-10-20 20:54:26
113.230.29.251	attackbots	Unauthorised access (Oct 20) SRC=113.230.29.251 LEN=40 TTL=49 ID=56308 TCP DPT=8080 WINDOW=923 SYN Unauthorised access (Oct 20) SRC=113.230.29.251 LEN=40 TTL=49 ID=13568 TCP DPT=8080 WINDOW=923 SYN Unauthorised access (Oct 19) SRC=113.230.29.251 LEN=40 TTL=49 ID=16052 TCP DPT=8080 WINDOW=923 SYN Unauthorised access (Oct 19) SRC=113.230.29.251 LEN=40 TTL=49 ID=32741 TCP DPT=8080 WINDOW=923 SYN	2019-10-20 21:10:42
130.61.88.249	attack	Oct 20 15:04:19 v22019058497090703 sshd[2574]: Failed password for root from 130.61.88.249 port 32658 ssh2 Oct 20 15:09:23 v22019058497090703 sshd[3032]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=130.61.88.249 Oct 20 15:09:26 v22019058497090703 sshd[3032]: Failed password for invalid user admin from 130.61.88.249 port 57106 ssh2 ...	2019-10-20 21:10:57
42.51.156.6	attackspambots	Oct 20 14:04:59 ArkNodeAT sshd\[30544\]: Invalid user Cold@123 from 42.51.156.6 Oct 20 14:04:59 ArkNodeAT sshd\[30544\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.51.156.6 Oct 20 14:05:01 ArkNodeAT sshd\[30544\]: Failed password for invalid user Cold@123 from 42.51.156.6 port 21753 ssh2	2019-10-20 20:53:39
85.105.16.233	attackbots	Attempt to attack host OS, exploiting network vulnerabilities, on 20-10-2019 13:05:20.	2019-10-20 20:41:14
166.70.207.2	attackbots	Oct 20 14:04:21 rotator sshd\[4600\]: Failed password for root from 166.70.207.2 port 36540 ssh2Oct 20 14:04:24 rotator sshd\[4600\]: Failed password for root from 166.70.207.2 port 36540 ssh2Oct 20 14:04:27 rotator sshd\[4600\]: Failed password for root from 166.70.207.2 port 36540 ssh2Oct 20 14:04:30 rotator sshd\[4600\]: Failed password for root from 166.70.207.2 port 36540 ssh2Oct 20 14:04:33 rotator sshd\[4600\]: Failed password for root from 166.70.207.2 port 36540 ssh2Oct 20 14:04:36 rotator sshd\[4600\]: Failed password for root from 166.70.207.2 port 36540 ssh2 ...	2019-10-20 21:09:49
193.202.83.104	attackspam	193.202.83.104 - - [20/Oct/2019:08:05:19 -0400] "GET /?page=products&action=../../../../../../etc/passwd%00&manufacturerID=12&productID=973&linkID=15902 HTTP/1.1" 200 17303 "https://newportbrassfaucets.com/?page=products&action=../../../../../../etc/passwd%00&manufacturerID=12&productID=973&linkID=15902" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.132 Safari/537.36" ...	2019-10-20 20:35:49
107.170.63.221	attackbots	SSH Bruteforce	2019-10-20 21:04:03
118.122.77.80	attack	Oct 20 11:39:05 marvibiene sshd[13769]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.122.77.80 user=root Oct 20 11:39:07 marvibiene sshd[13769]: Failed password for root from 118.122.77.80 port 42042 ssh2 Oct 20 12:04:51 marvibiene sshd[13968]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.122.77.80 user=root Oct 20 12:04:53 marvibiene sshd[13968]: Failed password for root from 118.122.77.80 port 34276 ssh2 ...	2019-10-20 21:00:09
59.25.197.150	attackspambots	2019-10-20T12:04:36.384021abusebot-5.cloudsearch.cf sshd\[20171\]: Invalid user robert from 59.25.197.150 port 55218	2019-10-20 21:11:12
95.58.194.148	attackbotsspam	Oct 20 08:25:27 xtremcommunity sshd\[706550\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.58.194.148 user=root Oct 20 08:25:28 xtremcommunity sshd\[706550\]: Failed password for root from 95.58.194.148 port 34400 ssh2 Oct 20 08:29:16 xtremcommunity sshd\[706610\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.58.194.148 user=root Oct 20 08:29:18 xtremcommunity sshd\[706610\]: Failed password for root from 95.58.194.148 port 43030 ssh2 Oct 20 08:32:58 xtremcommunity sshd\[706683\]: Invalid user ye from 95.58.194.148 port 51658 Oct 20 08:32:58 xtremcommunity sshd\[706683\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.58.194.148 ...	2019-10-20 20:55:39
201.69.57.106	attackbots	Automatic report - Port Scan Attack	2019-10-20 21:01:12
62.234.141.48	attackspam	Oct 20 08:46:36 TORMINT sshd\[22878\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.141.48 user=root Oct 20 08:46:38 TORMINT sshd\[22878\]: Failed password for root from 62.234.141.48 port 49364 ssh2 Oct 20 08:52:00 TORMINT sshd\[23140\]: Invalid user norman from 62.234.141.48 Oct 20 08:52:00 TORMINT sshd\[23140\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.141.48 ...	2019-10-20 21:06:11

最近上报的IP列表

202.21.32.139	112.105.74.35	177.93.247.16	104.214.57.180
217.66.157.65	113.129.155.159	86.125.35.90	202.82.10.241
197.48.192.203	185.69.144.17	162.243.141.75	59.99.66.179
202.40.190.210	190.104.39.228	78.40.189.84	197.149.125.50
180.108.76.126	34.229.91.96	14.52.95.114	106.12.202.85