134.255.254.52

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Germany

运营商(isp): Active 1 GmbH

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Aug 22 23:18:15 home sshd[3391029]: Invalid user tunnel from 134.255.254.52 port 53610 Aug 22 23:18:15 home sshd[3391029]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.255.254.52 Aug 22 23:18:15 home sshd[3391029]: Invalid user tunnel from 134.255.254.52 port 53610 Aug 22 23:18:17 home sshd[3391029]: Failed password for invalid user tunnel from 134.255.254.52 port 53610 ssh2 Aug 22 23:20:27 home sshd[3391757]: Invalid user vega from 134.255.254.52 port 38102 ...	2020-08-23 05:32:45

类型

评论内容

时间

attack

Aug 22 23:18:15 home sshd[3391029]: Invalid user tunnel from 134.255.254.52 port 53610
Aug 22 23:18:15 home sshd[3391029]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.255.254.52 
Aug 22 23:18:15 home sshd[3391029]: Invalid user tunnel from 134.255.254.52 port 53610
Aug 22 23:18:17 home sshd[3391029]: Failed password for invalid user tunnel from 134.255.254.52 port 53610 ssh2
Aug 22 23:20:27 home sshd[3391757]: Invalid user vega from 134.255.254.52 port 38102
...

2020-08-23 05:32:45

相同子网IP讨论:

IP	类型	评论内容	时间
134.255.254.175	attackbotsspam	Fail2Ban Ban Triggered	2020-07-02 07:28:30
134.255.254.186	attackspambots	Feb 28 15:37:54 game-panel sshd[15426]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.255.254.186 Feb 28 15:37:56 game-panel sshd[15426]: Failed password for invalid user black from 134.255.254.186 port 56600 ssh2 Feb 28 15:47:06 game-panel sshd[15854]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.255.254.186	2020-02-28 23:55:28
134.255.254.186	attackbotsspam	Feb 23 22:47:49 sshd[8169]: Failed password for invalid user mongouser from 134.255.254.186 port 36706 ssh2	2020-02-24 06:42:11
134.255.254.186	attack	Feb 22 01:50:26 firewall sshd[28824]: Invalid user zori from 134.255.254.186 Feb 22 01:50:28 firewall sshd[28824]: Failed password for invalid user zori from 134.255.254.186 port 38230 ssh2 Feb 22 01:53:26 firewall sshd[28903]: Invalid user saed2 from 134.255.254.186 ...	2020-02-22 14:06:36
134.255.254.186	attackbots	Invalid user webadmin from 134.255.254.186 port 44308	2020-02-22 03:26:12

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 134.255.254.52
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 40154
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;134.255.254.52.			IN	A

;; AUTHORITY SECTION:
.			577	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020082201 1800 900 604800 86400

;; Query time: 29 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Aug 23 05:32:42 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 52.254.255.134.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 52.254.255.134.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
222.186.42.137	attack	$f2bV_matches \| Triggered by Fail2Ban at Vostok web server	2020-07-08 09:59:07
116.1.180.22	attack	Failed password for invalid user domingo from 116.1.180.22 port 36062 ssh2	2020-07-08 09:47:30
35.202.230.28	attackspam	Jul 7 22:07:54 host postfix/smtpd[12998]: warning: 28.230.202.35.bc.googleusercontent.com[35.202.230.28]: SASL LOGIN authentication failed: authentication failure Jul 7 22:09:37 host postfix/smtpd[13817]: warning: 28.230.202.35.bc.googleusercontent.com[35.202.230.28]: SASL LOGIN authentication failed: authentication failure ...	2020-07-08 09:46:41
51.77.220.127	attackbotsspam	51.77.220.127 - - [08/Jul/2020:05:16:56 +0400] "POST /GponForm/diag_Form?style/ HTTP/1.1" 502 157 "-" "curl/7.3.2" ...	2020-07-08 10:15:48
35.238.235.88	attack	Jul 8 03:31:40 piServer sshd[6048]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.238.235.88 Jul 8 03:31:43 piServer sshd[6048]: Failed password for invalid user svn from 35.238.235.88 port 47836 ssh2 Jul 8 03:34:33 piServer sshd[6289]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.238.235.88 ...	2020-07-08 09:46:26
120.237.46.74	attack	DATE:2020-07-07 22:09:13, IP:120.237.46.74, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-07-08 10:01:13
129.122.16.156	attackspambots	Jul 7 23:50:17 lnxmail61 sshd[22576]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.122.16.156 Jul 7 23:50:17 lnxmail61 sshd[22576]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.122.16.156	2020-07-08 10:04:15
185.58.205.59	attack	Triggered: repeated knocking on closed ports.	2020-07-08 10:18:03
106.53.9.137	attackspam	frenzy	2020-07-08 10:03:50
49.88.112.113	attackspambots	Jul 7 12:01:45 php1 sshd\[25966\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.113 user=root Jul 7 12:01:47 php1 sshd\[25966\]: Failed password for root from 49.88.112.113 port 46534 ssh2 Jul 7 12:01:49 php1 sshd\[25966\]: Failed password for root from 49.88.112.113 port 46534 ssh2 Jul 7 12:01:51 php1 sshd\[25966\]: Failed password for root from 49.88.112.113 port 46534 ssh2 Jul 7 12:02:32 php1 sshd\[26057\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.113 user=root	2020-07-08 10:12:42
49.233.143.96	attackbotsspam	(mod_security) mod_security (id:210730) triggered by 49.233.143.96 (CN/China/-): 5 in the last 3600 secs	2020-07-08 10:12:25
212.117.61.60	attackbots	none	2020-07-08 10:19:46
106.12.26.181	attack	TCP (SYN) 106.12.26.181:58731 -> port 20110, len 44	2020-07-08 10:14:24
5.135.161.50	attackspam	IP was detected trying to Brute-Force SSH, FTP, Web Apps, Port-Scan or Hacking.	2020-07-08 10:14:41
178.62.0.215	attack	2020-07-08T03:49:59.573549galaxy.wi.uni-potsdam.de sshd[1664]: Invalid user amie from 178.62.0.215 port 40040 2020-07-08T03:49:59.578638galaxy.wi.uni-potsdam.de sshd[1664]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.62.0.215 2020-07-08T03:49:59.573549galaxy.wi.uni-potsdam.de sshd[1664]: Invalid user amie from 178.62.0.215 port 40040 2020-07-08T03:50:01.486579galaxy.wi.uni-potsdam.de sshd[1664]: Failed password for invalid user amie from 178.62.0.215 port 40040 ssh2 2020-07-08T03:52:38.855467galaxy.wi.uni-potsdam.de sshd[1957]: Invalid user jingjie from 178.62.0.215 port 36478 2020-07-08T03:52:38.860824galaxy.wi.uni-potsdam.de sshd[1957]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.62.0.215 2020-07-08T03:52:38.855467galaxy.wi.uni-potsdam.de sshd[1957]: Invalid user jingjie from 178.62.0.215 port 36478 2020-07-08T03:52:40.598282galaxy.wi.uni-potsdam.de sshd[1957]: Failed password for invalid ...	2020-07-08 09:52:42

最近上报的IP列表

45.136.7.63	162.142.125.53	162.142.125.52	162.142.125.50
162.142.125.51	162.142.125.42	179.18.196.182	162.142.125.45
7.22.102.17	201.142.238.21	165.232.74.253	250.254.105.30
162.142.125.47	218.10.113.157	144.89.206.76	29.248.236.152
140.195.111.202	53.167.165.94	162.142.125.46	20.33.172.27