134.255.254.52

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Germany

运营商(isp): Active 1 GmbH

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Aug 22 23:18:15 home sshd[3391029]: Invalid user tunnel from 134.255.254.52 port 53610 Aug 22 23:18:15 home sshd[3391029]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.255.254.52 Aug 22 23:18:15 home sshd[3391029]: Invalid user tunnel from 134.255.254.52 port 53610 Aug 22 23:18:17 home sshd[3391029]: Failed password for invalid user tunnel from 134.255.254.52 port 53610 ssh2 Aug 22 23:20:27 home sshd[3391757]: Invalid user vega from 134.255.254.52 port 38102 ...	2020-08-23 05:32:45

类型

评论内容

时间

attack

Aug 22 23:18:15 home sshd[3391029]: Invalid user tunnel from 134.255.254.52 port 53610
Aug 22 23:18:15 home sshd[3391029]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.255.254.52 
Aug 22 23:18:15 home sshd[3391029]: Invalid user tunnel from 134.255.254.52 port 53610
Aug 22 23:18:17 home sshd[3391029]: Failed password for invalid user tunnel from 134.255.254.52 port 53610 ssh2
Aug 22 23:20:27 home sshd[3391757]: Invalid user vega from 134.255.254.52 port 38102
...

2020-08-23 05:32:45

相同子网IP讨论:

IP	类型	评论内容	时间
134.255.254.175	attackbotsspam	Fail2Ban Ban Triggered	2020-07-02 07:28:30
134.255.254.186	attackspambots	Feb 28 15:37:54 game-panel sshd[15426]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.255.254.186 Feb 28 15:37:56 game-panel sshd[15426]: Failed password for invalid user black from 134.255.254.186 port 56600 ssh2 Feb 28 15:47:06 game-panel sshd[15854]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.255.254.186	2020-02-28 23:55:28
134.255.254.186	attackbotsspam	Feb 23 22:47:49 sshd[8169]: Failed password for invalid user mongouser from 134.255.254.186 port 36706 ssh2	2020-02-24 06:42:11
134.255.254.186	attack	Feb 22 01:50:26 firewall sshd[28824]: Invalid user zori from 134.255.254.186 Feb 22 01:50:28 firewall sshd[28824]: Failed password for invalid user zori from 134.255.254.186 port 38230 ssh2 Feb 22 01:53:26 firewall sshd[28903]: Invalid user saed2 from 134.255.254.186 ...	2020-02-22 14:06:36
134.255.254.186	attackbots	Invalid user webadmin from 134.255.254.186 port 44308	2020-02-22 03:26:12

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 134.255.254.52
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 40154
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;134.255.254.52.			IN	A

;; AUTHORITY SECTION:
.			577	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020082201 1800 900 604800 86400

;; Query time: 29 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Aug 23 05:32:42 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 52.254.255.134.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 52.254.255.134.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
190.64.68.179	attackspam	Nov 2 04:52:12 vps691689 sshd[5605]: Failed password for root from 190.64.68.179 port 63713 ssh2 Nov 2 04:57:10 vps691689 sshd[5675]: Failed password for sshd from 190.64.68.179 port 55233 ssh2 ...	2019-11-02 12:04:13
91.121.142.225	attackspam	sshd jail - ssh hack attempt	2019-11-02 08:18:26
45.154.255.44	attackbots	Unauthorized access detected from banned ip	2019-11-02 08:06:15
90.20.251.167	attackbotsspam	Nov 1 15:00:47 datentool sshd[14930]: Did not receive identification string from 90.20.251.167 Nov 1 15:00:54 datentool sshd[14931]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=90.20.251.167 user=r.r Nov 1 15:00:56 datentool sshd[14931]: Failed password for r.r from 90.20.251.167 port 48300 ssh2 Nov 1 15:01:02 datentool sshd[14933]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=90.20.251.167 user=r.r Nov 1 15:01:03 datentool sshd[14933]: Failed password for r.r from 90.20.251.167 port 49210 ssh2 Nov 1 15:01:09 datentool sshd[14935]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=90.20.251.167 user=r.r Nov 1 15:01:12 datentool sshd[14935]: Failed password for r.r from 90.20.251.167 port 49896 ssh2 Nov 1 15:01:18 datentool sshd[14937]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=90.20.251.167 ........ -------------------------------	2019-11-02 08:08:23
123.20.176.126	attack	Spam Timestamp : 01-Nov-19 19:58 BlockList Provider combined abuse (651)	2019-11-02 08:11:48
61.153.49.210	attack	'IP reached maximum auth failures for a one day block'	2019-11-02 07:59:24
185.23.113.235	attackbotsspam	Spam Timestamp : 01-Nov-19 19:33 BlockList Provider combined abuse (648)	2019-11-02 08:14:09
98.126.88.107	attackbots	Nov 1 13:26:48 web1 sshd\[22290\]: Invalid user VinaCIS from 98.126.88.107 Nov 1 13:26:48 web1 sshd\[22290\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=98.126.88.107 Nov 1 13:26:49 web1 sshd\[22290\]: Failed password for invalid user VinaCIS from 98.126.88.107 port 50402 ssh2 Nov 1 13:30:59 web1 sshd\[22722\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=98.126.88.107 user=root Nov 1 13:31:01 web1 sshd\[22722\]: Failed password for root from 98.126.88.107 port 34172 ssh2	2019-11-02 07:53:53
45.143.220.16	attack	\[2019-11-01 23:55:48\] NOTICE\[2601\] chan_sip.c: Registration from '"2000" \' failed for '45.143.220.16:5134' - Wrong password \[2019-11-01 23:55:48\] SECURITY\[2634\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-11-01T23:55:48.715-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="2000",SessionID="0x7fdf2c3f5928",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/45.143.220.16/5134",Challenge="5669094c",ReceivedChallenge="5669094c",ReceivedHash="8081391254c559628edd675997a78d99" \[2019-11-01 23:55:48\] NOTICE\[2601\] chan_sip.c: Registration from '"2000" \' failed for '45.143.220.16:5134' - Wrong password \[2019-11-01 23:55:48\] SECURITY\[2634\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-11-01T23:55:48.820-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="2000",SessionID="0x7fdf2c411158",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UD	2019-11-02 12:00:03
185.153.196.52	attackbotsspam	Port scan on 5 port(s): 5569 6699 7893 8965 33999	2019-11-02 07:43:37
221.230.36.153	attack	Automatic report - Banned IP Access	2019-11-02 07:57:53
190.237.14.71	attackspam	Spam Timestamp : 01-Nov-19 19:32 BlockList Provider combined abuse (647)	2019-11-02 08:14:41
134.209.147.198	attack	$f2bV_matches	2019-11-02 08:08:36
217.112.142.111	attack	Lines containing failures of 217.112.142.111 Oct 27 12:02:14 shared04 postfix/smtpd[30806]: connect from cows.woobra.com[217.112.142.111] Oct 27 12:02:14 shared04 policyd-spf[2739]: prepend Received-SPF: Pass (mailfrom) identhostnamey=mailfrom; client-ip=217.112.142.111; helo=cows.nizzrd.com; envelope-from=x@x Oct 27 12:02:14 shared04 postfix/smtpd[30806]: B06D42E00361: client=cows.woobra.com[217.112.142.111] Oct 27 12:02:14 shared04 postfix/smtpd[30806]: disconnect from cows.woobra.com[217.112.142.111] ehlo=1 mail=1 rcpt=1 data=1 quhostname=1 commands=5 Oct x@x Oct 27 12:02:29 shared04 postfix/smtpd[30806]: connect from cows.woobra.com[217.112.142.111] Oct 27 12:02:29 shared04 policyd-spf[2739]: prepend Received-SPF: Pass (mailfrom) identhostnamey=mailfrom; client-ip=217.112.142.111; helo=cows.nizzrd.com; envelope-from=x@x Oct 27 12:02:29 shared04 postfix/smtpd[30806]: 331Dm3E00361: client=cows.woobra.com[217.112.142.111] Oct 27 12:02:29 shared04 postfix/smtpd[30806]: d........ ------------------------------	2019-11-02 08:12:46
92.53.104.212	attackspambots	45000/tcp 49389/tcp 61389/tcp... [2019-10-11/11-01]103pkt,43pt.(tcp)	2019-11-02 08:08:01

最近上报的IP列表

45.136.7.63	162.142.125.53	162.142.125.52	162.142.125.50
162.142.125.51	162.142.125.42	179.18.196.182	162.142.125.45
7.22.102.17	201.142.238.21	165.232.74.253	250.254.105.30
162.142.125.47	218.10.113.157	144.89.206.76	29.248.236.152
140.195.111.202	53.167.165.94	162.142.125.46	20.33.172.27