必须是合法有效的IP地址, 可以是IPv4或者是IPv6, 例如127.0.0.1或者2001:DB8:0:0:8:800:200C:417A
基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Ukraine

运营商(isp): Kyivstar PJSC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:
类型 评论内容 时间
attackbots
unauthorized connection attempt
2020-01-28 13:46:30
相同子网IP讨论:
IP 类型 评论内容 时间
134.249.138.36 attack
2019-07-23T21:59:44.897187abusebot-6.cloudsearch.cf sshd\[4986\]: Invalid user darren from 134.249.138.36 port 46368
2019-07-24 06:21:35
134.249.138.36 attack
Jul 17 06:05:31 xxxxxxx9247313 sshd[2514]: Invalid user nao from 134.249.138.36
Jul 17 06:05:31 xxxxxxx9247313 sshd[2514]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.249.138.36 
Jul 17 06:05:33 xxxxxxx9247313 sshd[2514]: Failed password for invalid user nao from 134.249.138.36 port 45412 ssh2
Jul 17 06:10:19 xxxxxxx9247313 sshd[2645]: Invalid user postgres from 134.249.138.36
Jul 17 06:10:19 xxxxxxx9247313 sshd[2645]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.249.138.36 
Jul 17 06:10:21 xxxxxxx9247313 sshd[2645]: Failed password for invalid user postgres from 134.249.138.36 port 44980 ssh2
Jul 17 06:15:05 xxxxxxx9247313 sshd[2755]: Invalid user ftpuser from 134.249.138.36
Jul 17 06:15:05 xxxxxxx9247313 sshd[2755]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.249.138.36 
Jul 17 06:15:06 xxxxxxx9247313 sshd[2755]: Failed password........
------------------------------
2019-07-18 04:26:27
134.249.138.36 attackspam
Jul 10 21:46:55 [snip] sshd[27817]: Invalid user oracle2 from 134.249.138.36 port 50348
Jul 10 21:46:55 [snip] sshd[27817]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.249.138.36
Jul 10 21:46:57 [snip] sshd[27817]: Failed password for invalid user oracle2 from 134.249.138.36 port 50348 ssh2[...]
2019-07-15 21:13:43
134.249.138.36 attackspambots
Jul 12 20:48:53 MK-Soft-VM5 sshd\[28699\]: Invalid user kevin from 134.249.138.36 port 34272
Jul 12 20:48:53 MK-Soft-VM5 sshd\[28699\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.249.138.36
Jul 12 20:48:54 MK-Soft-VM5 sshd\[28699\]: Failed password for invalid user kevin from 134.249.138.36 port 34272 ssh2
...
2019-07-13 12:32:28
134.249.138.36 attack
Jul 12 17:59:05 mail sshd\[7362\]: Invalid user jj from 134.249.138.36 port 55296
Jul 12 17:59:05 mail sshd\[7362\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.249.138.36
Jul 12 17:59:07 mail sshd\[7362\]: Failed password for invalid user jj from 134.249.138.36 port 55296 ssh2
Jul 12 18:04:38 mail sshd\[7533\]: Invalid user admin from 134.249.138.36 port 58196
Jul 12 18:04:38 mail sshd\[7533\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.249.138.36
...
2019-07-13 02:14:20
134.249.138.36 attackspambots
Jul 12 03:05:22 mail sshd\[17803\]: Invalid user lena from 134.249.138.36 port 42784
Jul 12 03:05:22 mail sshd\[17803\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.249.138.36
Jul 12 03:05:24 mail sshd\[17803\]: Failed password for invalid user lena from 134.249.138.36 port 42784 ssh2
Jul 12 03:10:41 mail sshd\[17924\]: Invalid user uno50 from 134.249.138.36 port 45678
Jul 12 03:10:41 mail sshd\[17924\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.249.138.36
...
2019-07-12 11:24:59
WHOIS信息:
b
DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 134.249.138.158
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 62423
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;134.249.138.158.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019060100 1800 900 604800 86400

;; Query time: 12 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Jun 01 14:32:33 CST 2019
;; MSG SIZE  rcvd: 119

HOST信息:
158.138.249.134.in-addr.arpa domain name pointer 134-249-138-158.broadband.kyivstar.net.
NSLOOKUP信息:
Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
158.138.249.134.in-addr.arpa	name = 134-249-138-158.broadband.kyivstar.net.

Authoritative answers can be found from:

相关IP信息:
最新评论:
IP 类型 评论内容 时间
177.23.58.56 attack
libpam_shield report: forced login attempt
2019-06-29 03:51:03
46.163.116.130 attack
Banned for posting to wp-login.php without referer {"redirect_to":"","user_email":"traveltocity@zohomail.eu","user_login":"traveltocityyy","wp-submit":"Register"}
2019-06-29 04:12:51
130.61.121.78 attackspam
Jun 28 21:01:06 vmd17057 sshd\[21466\]: Invalid user nrpe from 130.61.121.78 port 55350
Jun 28 21:01:06 vmd17057 sshd\[21466\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=130.61.121.78
Jun 28 21:01:08 vmd17057 sshd\[21466\]: Failed password for invalid user nrpe from 130.61.121.78 port 55350 ssh2
...
2019-06-29 04:06:05
103.76.15.106 attack
445/tcp
[2019-06-28]1pkt
2019-06-29 04:12:16
119.7.72.31 attackspambots
" "
2019-06-29 03:58:38
163.172.12.188 attackspam
wp brute-force
2019-06-29 03:42:52
188.166.72.240 attackbots
Jun 28 21:15:27 vpn01 sshd\[31894\]: Invalid user hadoop from 188.166.72.240
Jun 28 21:15:27 vpn01 sshd\[31894\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.72.240
Jun 28 21:15:29 vpn01 sshd\[31894\]: Failed password for invalid user hadoop from 188.166.72.240 port 38226 ssh2
2019-06-29 04:15:48
195.5.109.245 attackspambots
445/tcp 445/tcp
[2019-06-28]2pkt
2019-06-29 03:39:43
92.53.96.208 attackspam
92.53.96.208 - - [28/Jun/2019:20:29:51 +0200] "GET /wp-login.php HTTP/1.1" 200 1237 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
92.53.96.208 - - [28/Jun/2019:20:29:51 +0200] "POST /wp-login.php HTTP/1.1" 200 1632 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
92.53.96.208 - - [28/Jun/2019:20:29:51 +0200] "GET /wp-login.php HTTP/1.1" 200 1237 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
92.53.96.208 - - [28/Jun/2019:20:29:51 +0200] "POST /wp-login.php HTTP/1.1" 200 1607 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
92.53.96.208 - - [28/Jun/2019:20:29:51 +0200] "GET /wp-login.php HTTP/1.1" 200 1237 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
92.53.96.208 - - [28/Jun/2019:20:29:51 +0200] "POST /wp-login.php HTTP/1.1" 200 1608 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
...
2019-06-29 03:45:53
45.127.56.246 attackbots
445/tcp 445/tcp 445/tcp
[2019-06-28]3pkt
2019-06-29 03:32:49
193.169.252.18 attack
Jun 28 20:17:46 mail postfix/smtpd\[24288\]: warning: unknown\[193.169.252.18\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\
Jun 28 20:32:10 mail postfix/smtpd\[24567\]: warning: unknown\[193.169.252.18\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\
Jun 28 21:15:15 mail postfix/smtpd\[25482\]: warning: unknown\[193.169.252.18\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\
Jun 28 21:29:43 mail postfix/smtpd\[25531\]: warning: unknown\[193.169.252.18\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\
2019-06-29 03:40:40
216.244.66.248 attackbots
Misuse of DNS server
2019-06-29 04:09:46
103.254.205.196 attackspam
445/tcp
[2019-06-28]1pkt
2019-06-29 03:34:37
14.169.198.196 attackspam
Lines containing failures of 14.169.198.196
Jun 28 15:28:11 shared11 postfix/smtpd[15630]: warning: hostname static.vnpt.vn does not resolve to address 14.169.198.196
Jun 28 15:28:11 shared11 postfix/smtpd[15630]: connect from unknown[14.169.198.196]
Jun x@x
Jun x@x
Jun x@x
Jun x@x
Jun x@x
Jun x@x


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=14.169.198.196
2019-06-29 03:39:15
190.214.49.2 attack
Jun 28 15:32:13 tux postfix/smtpd[30926]: connect from mail.distrhostnameo09d21.saludzona5.gob.ec[190.214.49.2]
Jun 28 15:32:14 tux postfix/smtpd[30926]: Anonymous TLS connection established from mail.distrhostnameo09d21.saludzona5.gob.ec[190.214.49.2]: TLSv1.2 whostnameh cipher AECDH-AES256-SHA (256/256 bhostnames)
Jun x@x


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=190.214.49.2
2019-06-29 03:52:04

最近上报的IP列表

20.55.216.45 151.184.244.177 199.92.122.60 20.167.57.84
241.184.226.114 132.219.138.161 86.104.148.20 208.203.143.109
3.231.122.31 198.98.48.141 108.196.188.113 14.229.33.21
218.22.190.133 188.0.2.8 29.85.121.146 84.242.116.94
37.239.190.231 22.80.30.147 173.220.178.123 194.254.171.220