134.73.129.248

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): EliDC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	SSH Brute-Force reported by Fail2Ban	2019-07-17 10:14:54

相同子网IP讨论:

IP	类型	评论内容	时间
134.73.129.2	attackbotsspam	Aug 16 00:26:46 MK-Soft-VM7 sshd\[5700\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.73.129.2 user=root Aug 16 00:26:48 MK-Soft-VM7 sshd\[5700\]: Failed password for root from 134.73.129.2 port 45102 ssh2 Aug 16 00:31:16 MK-Soft-VM7 sshd\[5746\]: Invalid user client from 134.73.129.2 port 43024 ...	2019-08-16 09:43:59
134.73.129.2	attack	Aug 13 12:47:30 plex sshd[2174]: Invalid user mc from 134.73.129.2 port 58614	2019-08-13 19:11:20
134.73.129.111	attackbotsspam	Brute force SMTP login attempted. ...	2019-08-10 05:00:58
134.73.129.125	attackspambots	Brute force SMTP login attempted. ...	2019-08-10 05:00:23
134.73.129.127	attackbots	Brute force SMTP login attempted. ...	2019-08-10 05:00:06
134.73.129.130	attackbots	Brute force SMTP login attempted. ...	2019-08-10 04:59:48
134.73.129.134	attackbotsspam	Brute force SMTP login attempted. ...	2019-08-10 04:58:31
134.73.129.143	attack	Brute force SMTP login attempted. ...	2019-08-10 04:56:39
134.73.129.154	attack	Brute force SMTP login attempted. ...	2019-08-10 04:56:15
134.73.129.156	attackbots	Brute force SMTP login attempted. ...	2019-08-10 04:55:12
134.73.129.161	attackspam	Brute force SMTP login attempted. ...	2019-08-10 04:54:40
134.73.129.162	attack	Brute force SMTP login attempted. ...	2019-08-10 04:54:03
134.73.129.170	attackbotsspam	Brute force SMTP login attempted. ...	2019-08-10 04:53:15
134.73.129.173	attackbotsspam	Brute force SMTP login attempted. ...	2019-08-10 04:52:24
134.73.129.190	attack	Brute force SMTP login attempted. ...	2019-08-10 04:51:23

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 134.73.129.248
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 30053
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;134.73.129.248.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019071601 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Jul 17 10:14:49 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 248.129.73.134.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 248.129.73.134.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
31.14.40.200	attack	CloudCIX Reconnaissance Scan Detected, PTR: academicabelch.net.	2020-01-12 07:15:36
51.89.136.97	attack	CloudCIX Reconnaissance Scan Detected, PTR: ip-51-89-136.eu.	2020-01-12 07:18:20
89.189.154.66	attackspambots	Invalid user user from 89.189.154.66 port 57080	2020-01-12 07:34:37
81.22.45.35	attackspam	Multiport scan : 38 ports scanned 112 191 282 336 366 1370 2490 3112 3215 3545 4160 4265 4275 4380 4390 5335 5370 5475 6111 8120 8175 8497 9175 12635 14145 16163 16165 19195 19197 21214 22822 33377 43980 49466 54123 57614 61344 64779	2020-01-12 07:29:26
117.4.93.189	attack	Unauthorized IMAP connection attempt	2020-01-12 07:42:24
63.143.53.138	attackbots	[2020-01-11 18:41:50] NOTICE[2175] chan_sip.c: Registration from '"125" ' failed for '63.143.53.138:5531' - Wrong password [2020-01-11 18:41:50] SECURITY[2212] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-01-11T18:41:50.929-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="125",SessionID="0x7f5ac400f638",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/63.143.53.138/5531",Challenge="21379738",ReceivedChallenge="21379738",ReceivedHash="0def6575a2bdfbf1546fdb0043e9ecd8" [2020-01-11 18:41:51] NOTICE[2175] chan_sip.c: Registration from '"125" ' failed for '63.143.53.138:5531' - Wrong password [2020-01-11 18:41:51] SECURITY[2212] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-01-11T18:41:51.017-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="125",SessionID="0x7f5ac4718f88",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/63.143.5 ...	2020-01-12 07:45:43
89.144.47.244	attackbots	01/11/2020-16:05:42.580516 89.144.47.244 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-01-12 07:25:42
37.182.101.145	attackbotsspam	D-Link DAP-1860 Remote Command Injection Vulnerability, PTR: net-37-182-101-145.cust.vodafonedsl.it.	2020-01-12 07:26:28
157.230.105.163	attackspambots	Muieblackcat Scanner Remote Code Injection Vulnerability, PTR: PTR record not found	2020-01-12 07:31:01
106.12.43.142	attackspam	Jan 9 14:09:49 plesk sshd[1686]: Invalid user dsetiadi from 106.12.43.142 Jan 9 14:09:49 plesk sshd[1686]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.43.142 Jan 9 14:09:50 plesk sshd[1686]: Failed password for invalid user dsetiadi from 106.12.43.142 port 43716 ssh2 Jan 9 14:09:50 plesk sshd[1686]: Received disconnect from 106.12.43.142: 11: Bye Bye [preauth] Jan 9 14:33:25 plesk sshd[3458]: Invalid user rankwatc from 106.12.43.142 Jan 9 14:33:25 plesk sshd[3458]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.43.142 Jan 9 14:33:26 plesk sshd[3458]: Failed password for invalid user rankwatc from 106.12.43.142 port 58622 ssh2 Jan 9 14:33:26 plesk sshd[3458]: Received disconnect from 106.12.43.142: 11: Bye Bye [preauth] Jan 9 14:38:46 plesk sshd[3807]: Invalid user duj from 106.12.43.142 Jan 9 14:38:46 plesk sshd[3807]: pam_unix(sshd:auth): authentication failur........ -------------------------------	2020-01-12 07:23:23
112.85.42.94	attackspambots	Jan 11 23:33:53 game-panel sshd[21236]: Failed password for root from 112.85.42.94 port 17424 ssh2 Jan 11 23:42:13 game-panel sshd[21513]: Failed password for root from 112.85.42.94 port 36689 ssh2	2020-01-12 07:45:15
222.186.175.151	attackbots	SSH-BruteForce	2020-01-12 07:37:47
122.228.19.79	attackspambots	122.228.19.79 was recorded 24 times by 6 hosts attempting to connect to the following ports: 13579,51106,1099,9876,1023,8007,5801,5050,1311,520,1604,3310,1723,2181,3689,626,111,4786,10001,9999,7547,4022. Incident counter (4h, 24h, all-time): 24, 145, 9049	2020-01-12 07:36:12
27.50.162.133	attack	MySQL Authentication Brute Force Attempt, PTR: PTR record not found	2020-01-12 07:29:42
72.50.58.112	attack	Automatic report - Port Scan Attack	2020-01-12 07:31:49

最近上报的IP列表

168.114.141.45	115.52.224.38	81.50.190.134	118.168.194.216
185.2.5.29	181.169.126.20	85.104.121.206	251.206.167.248
134.73.129.69	179.99.54.251	83.27.252.236	197.1.85.183
117.60.61.236	3.92.126.240	219.255.154.230	70.42.148.38
158.69.241.196	167.250.140.239	41.35.53.114	178.46.211.84