134.73.129.69 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): EliDC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Jul 28 12:52:20 shared01 sshd[32682]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.73.129.69 user=r.r Jul 28 12:52:22 shared01 sshd[32682]: Failed password for r.r from 134.73.129.69 port 36528 ssh2 Jul 28 12:52:22 shared01 sshd[32682]: Received disconnect from 134.73.129.69 port 36528:11: Bye Bye [preauth] Jul 28 12:52:22 shared01 sshd[32682]: Disconnected from 134.73.129.69 port 36528 [preauth] Jul 28 13:05:40 shared01 sshd[3078]: Invalid user yeuemnhieu from 134.73.129.69 Jul 28 13:05:40 shared01 sshd[3078]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.73.129.69 Jul 28 13:05:42 shared01 sshd[3078]: Failed password for invalid user yeuemnhieu from 134.73.129.69 port 39516 ssh2 Jul 28 13:05:42 shared01 sshd[3078]: Received disconnect from 134.73.129.69 port 39516:11: Bye Bye [preauth] Jul 28 13:05:42 shared01 sshd[3078]: Disconnected from 134.73.129.69 port 39516 [preauth] ........ -------------------------------	2019-07-29 01:38:30
attack	Automatic report - SSH Brute-Force Attack	2019-07-17 11:16:24

类型

评论内容

时间

attack

Jul 28 12:52:20 shared01 sshd[32682]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.73.129.69  user=r.r
Jul 28 12:52:22 shared01 sshd[32682]: Failed password for r.r from 134.73.129.69 port 36528 ssh2
Jul 28 12:52:22 shared01 sshd[32682]: Received disconnect from 134.73.129.69 port 36528:11: Bye Bye [preauth]
Jul 28 12:52:22 shared01 sshd[32682]: Disconnected from 134.73.129.69 port 36528 [preauth]
Jul 28 13:05:40 shared01 sshd[3078]: Invalid user yeuemnhieu from 134.73.129.69
Jul 28 13:05:40 shared01 sshd[3078]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.73.129.69
Jul 28 13:05:42 shared01 sshd[3078]: Failed password for invalid user yeuemnhieu from 134.73.129.69 port 39516 ssh2
Jul 28 13:05:42 shared01 sshd[3078]: Received disconnect from 134.73.129.69 port 39516:11: Bye Bye [preauth]
Jul 28 13:05:42 shared01 sshd[3078]: Disconnected from 134.73.129.69 port 39516 [preauth]


........
-------------------------------

2019-07-29 01:38:30

attack

Automatic report - SSH Brute-Force Attack

2019-07-17 11:16:24

相同子网IP讨论:

IP	类型	评论内容	时间
134.73.129.2	attackbotsspam	Aug 16 00:26:46 MK-Soft-VM7 sshd\[5700\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.73.129.2 user=root Aug 16 00:26:48 MK-Soft-VM7 sshd\[5700\]: Failed password for root from 134.73.129.2 port 45102 ssh2 Aug 16 00:31:16 MK-Soft-VM7 sshd\[5746\]: Invalid user client from 134.73.129.2 port 43024 ...	2019-08-16 09:43:59
134.73.129.2	attack	Aug 13 12:47:30 plex sshd[2174]: Invalid user mc from 134.73.129.2 port 58614	2019-08-13 19:11:20
134.73.129.111	attackbotsspam	Brute force SMTP login attempted. ...	2019-08-10 05:00:58
134.73.129.125	attackspambots	Brute force SMTP login attempted. ...	2019-08-10 05:00:23
134.73.129.127	attackbots	Brute force SMTP login attempted. ...	2019-08-10 05:00:06
134.73.129.130	attackbots	Brute force SMTP login attempted. ...	2019-08-10 04:59:48
134.73.129.134	attackbotsspam	Brute force SMTP login attempted. ...	2019-08-10 04:58:31
134.73.129.143	attack	Brute force SMTP login attempted. ...	2019-08-10 04:56:39
134.73.129.154	attack	Brute force SMTP login attempted. ...	2019-08-10 04:56:15
134.73.129.156	attackbots	Brute force SMTP login attempted. ...	2019-08-10 04:55:12
134.73.129.161	attackspam	Brute force SMTP login attempted. ...	2019-08-10 04:54:40
134.73.129.162	attack	Brute force SMTP login attempted. ...	2019-08-10 04:54:03
134.73.129.170	attackbotsspam	Brute force SMTP login attempted. ...	2019-08-10 04:53:15
134.73.129.173	attackbotsspam	Brute force SMTP login attempted. ...	2019-08-10 04:52:24
134.73.129.190	attack	Brute force SMTP login attempted. ...	2019-08-10 04:51:23

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 134.73.129.69
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 7783
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;134.73.129.69.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019071601 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Jul 17 11:16:18 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 69.129.73.134.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 69.129.73.134.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
39.107.127.164	attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-08-09 22:40:27
175.24.135.90	attackspambots	Aug 9 21:26:02 webhost01 sshd[32580]: Failed password for root from 175.24.135.90 port 32832 ssh2 ...	2020-08-09 23:06:28
49.235.226.43	attackbotsspam	Aug 9 16:32:21 piServer sshd[32453]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.226.43 Aug 9 16:32:24 piServer sshd[32453]: Failed password for invalid user PA$swOrd from 49.235.226.43 port 54334 ssh2 Aug 9 16:38:04 piServer sshd[774]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.226.43 ...	2020-08-09 22:40:08
124.207.98.213	attackspambots	prod8 ...	2020-08-09 22:59:05
141.98.10.200	attack	Bruteforce detected by fail2ban	2020-08-09 23:16:07
63.82.55.100	attackbotsspam	Postfix attempt blocked due to public blacklist entry	2020-08-09 22:56:55
141.98.10.195	attackbots	Bruteforce detected by fail2ban	2020-08-09 23:10:44
94.102.51.28	attackbotsspam	[MK-VM5] Blocked by UFW	2020-08-09 23:07:15
122.51.169.118	attack	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-08-09T14:21:48Z and 2020-08-09T14:32:15Z	2020-08-09 23:03:51
180.218.7.108	attack	20 attempts against mh-ssh on cold	2020-08-09 22:47:17
113.128.246.50	attackspam	prod11 ...	2020-08-09 23:17:40
195.54.167.190	attackspambots	xmlrpc attack	2020-08-09 22:49:10
206.189.47.166	attackspam	2020-08-09T08:12:48.314883sorsha.thespaminator.com sshd[32527]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.47.166 user=root 2020-08-09T08:12:49.889587sorsha.thespaminator.com sshd[32527]: Failed password for root from 206.189.47.166 port 33508 ssh2 ...	2020-08-09 22:45:14
165.227.101.226	attackbots	Aug 9 15:46:21 icinga sshd[31471]: Failed password for root from 165.227.101.226 port 59670 ssh2 Aug 9 15:50:57 icinga sshd[38689]: Failed password for root from 165.227.101.226 port 39686 ssh2 ...	2020-08-09 22:32:40
60.191.29.210	attack	Aug 9 09:07:31 firewall sshd[26142]: Failed password for root from 60.191.29.210 port 5145 ssh2 Aug 9 09:12:22 firewall sshd[26264]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.191.29.210 user=root Aug 9 09:12:24 firewall sshd[26264]: Failed password for root from 60.191.29.210 port 5147 ssh2 ...	2020-08-09 23:02:18

最近上报的IP列表

221.8.150.225	93.245.183.183	175.101.95.36	120.214.191.61
117.203.48.79	61.246.193.25	161.53.119.12	213.209.218.2
103.1.93.14	190.13.173.21	117.198.91.189	156.205.2.6
5.79.121.159	62.210.81.114	52.15.175.46	2a00:d0c0:200:0:b9:1a:9c:16
36.232.207.233	151.255.43.50	191.53.104.250	119.54.161.109