134.73.161.214

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): EliDC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Aug 7 19:32:37 localhost sshd\[25644\]: Invalid user csserver from 134.73.161.214 port 40716 Aug 7 19:32:37 localhost sshd\[25644\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.73.161.214 Aug 7 19:32:40 localhost sshd\[25644\]: Failed password for invalid user csserver from 134.73.161.214 port 40716 ssh2	2019-08-08 08:18:40

类型

评论内容

时间

attack

Aug  7 19:32:37 localhost sshd\[25644\]: Invalid user csserver from 134.73.161.214 port 40716
Aug  7 19:32:37 localhost sshd\[25644\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.73.161.214
Aug  7 19:32:40 localhost sshd\[25644\]: Failed password for invalid user csserver from 134.73.161.214 port 40716 ssh2

2019-08-08 08:18:40

相同子网IP讨论:

IP	类型	评论内容	时间
134.73.161.91	attack	vps1:sshd-InvalidUser	2019-08-16 02:34:10
134.73.161.136	attackspam	vps1:pam-generic	2019-08-15 17:51:21
134.73.161.137	attackspam	Aug 14 23:31:06 MK-Soft-VM7 sshd\[13031\]: Invalid user samir from 134.73.161.137 port 58228 Aug 14 23:31:06 MK-Soft-VM7 sshd\[13031\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.73.161.137 Aug 14 23:31:09 MK-Soft-VM7 sshd\[13031\]: Failed password for invalid user samir from 134.73.161.137 port 58228 ssh2 ...	2019-08-15 11:09:54
134.73.161.20	attack	Aug 14 23:35:21 MK-Soft-VM7 sshd\[13048\]: Invalid user chase from 134.73.161.20 port 59062 Aug 14 23:35:21 MK-Soft-VM7 sshd\[13048\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.73.161.20 Aug 14 23:35:22 MK-Soft-VM7 sshd\[13048\]: Failed password for invalid user chase from 134.73.161.20 port 59062 ssh2 ...	2019-08-15 09:02:05
134.73.161.4	attack	Aug 13 20:17:17 jupiter sshd\[9216\]: Invalid user standort from 134.73.161.4 Aug 13 20:17:17 jupiter sshd\[9216\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.73.161.4 Aug 13 20:17:18 jupiter sshd\[9216\]: Failed password for invalid user standort from 134.73.161.4 port 57184 ssh2 ...	2019-08-14 09:12:37
134.73.161.93	attackspam	Aug 13 20:21:52 jupiter sshd\[9325\]: Invalid user cognos from 134.73.161.93 Aug 13 20:21:52 jupiter sshd\[9325\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.73.161.93 Aug 13 20:21:55 jupiter sshd\[9325\]: Failed password for invalid user cognos from 134.73.161.93 port 46046 ssh2 ...	2019-08-14 06:43:31
134.73.161.189	attackspam	Aug 13 20:26:25 jupiter sshd\[9389\]: Invalid user nxautomation from 134.73.161.189 Aug 13 20:26:25 jupiter sshd\[9389\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.73.161.189 Aug 13 20:26:27 jupiter sshd\[9389\]: Failed password for invalid user nxautomation from 134.73.161.189 port 44350 ssh2 ...	2019-08-14 04:13:06
134.73.161.130	attackbots	Brute force SMTP login attempted. ...	2019-08-13 23:00:08
134.73.161.65	attack	Aug 12 02:29:57 sanyalnet-cloud-vps2 sshd[21642]: Connection from 134.73.161.65 port 45248 on 45.62.253.138 port 22 Aug 12 02:29:59 sanyalnet-cloud-vps2 sshd[21642]: Invalid user fanny from 134.73.161.65 port 45248 Aug 12 02:29:59 sanyalnet-cloud-vps2 sshd[21642]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.73.161.65 Aug 12 02:30:00 sanyalnet-cloud-vps2 sshd[21642]: Failed password for invalid user fanny from 134.73.161.65 port 45248 ssh2 Aug 12 02:30:00 sanyalnet-cloud-vps2 sshd[21642]: Received disconnect from 134.73.161.65 port 45248:11: Bye Bye [preauth] Aug 12 02:30:01 sanyalnet-cloud-vps2 sshd[21642]: Disconnected from 134.73.161.65 port 45248 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=134.73.161.65	2019-08-12 11:13:41
134.73.161.91	attackbotsspam	Aug 12 02:34:18 sanyalnet-cloud-vps2 sshd[21742]: Connection from 134.73.161.91 port 48624 on 45.62.253.138 port 22 Aug 12 02:34:19 sanyalnet-cloud-vps2 sshd[21742]: Invalid user cvs from 134.73.161.91 port 48624 Aug 12 02:34:19 sanyalnet-cloud-vps2 sshd[21742]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.73.161.91 Aug 12 02:34:21 sanyalnet-cloud-vps2 sshd[21742]: Failed password for invalid user cvs from 134.73.161.91 port 48624 ssh2 Aug 12 02:34:22 sanyalnet-cloud-vps2 sshd[21742]: Received disconnect from 134.73.161.91 port 48624:11: Bye Bye [preauth] Aug 12 02:34:22 sanyalnet-cloud-vps2 sshd[21742]: Disconnected from 134.73.161.91 port 48624 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=134.73.161.91	2019-08-12 11:08:04
134.73.161.159	attackbotsspam	SSH Brute Force	2019-08-11 21:57:14
134.73.161.48	attackspambots	SSH Brute Force	2019-08-11 19:06:55
134.73.161.132	attackbotsspam	SSH Brute Force	2019-08-11 16:44:23
134.73.161.220	attackbotsspam	Aug 10 09:46:01 raspberrypi sshd\[30274\]: Invalid user eric from 134.73.161.220Aug 10 09:46:03 raspberrypi sshd\[30274\]: Failed password for invalid user eric from 134.73.161.220 port 58140 ssh2Aug 10 12:09:47 raspberrypi sshd\[1485\]: Invalid user test2 from 134.73.161.220 ...	2019-08-11 05:18:48
134.73.161.57	attack	SSH Bruteforce	2019-08-09 10:40:13

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 134.73.161.214
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63504
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;134.73.161.214.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019080702 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Aug 08 08:18:34 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 214.161.73.134.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 214.161.73.134.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
58.250.89.46	attackbots	Jun 10 05:50:50 ns392434 sshd[19980]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.250.89.46 user=root Jun 10 05:50:52 ns392434 sshd[19980]: Failed password for root from 58.250.89.46 port 33384 ssh2 Jun 10 05:53:19 ns392434 sshd[20058]: Invalid user yangjuan from 58.250.89.46 port 55618 Jun 10 05:53:19 ns392434 sshd[20058]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.250.89.46 Jun 10 05:53:19 ns392434 sshd[20058]: Invalid user yangjuan from 58.250.89.46 port 55618 Jun 10 05:53:21 ns392434 sshd[20058]: Failed password for invalid user yangjuan from 58.250.89.46 port 55618 ssh2 Jun 10 05:54:32 ns392434 sshd[20069]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.250.89.46 user=root Jun 10 05:54:34 ns392434 sshd[20069]: Failed password for root from 58.250.89.46 port 40642 ssh2 Jun 10 05:55:37 ns392434 sshd[20077]: Invalid user pimp from 58.250.89.46 port 53900	2020-06-10 12:14:49
202.146.217.44	attackspambots	Unauthorized connection attempt from IP address 202.146.217.44 on Port 445(SMB)	2020-06-10 08:28:16
161.35.80.37	attackbots	$f2bV_matches	2020-06-10 12:06:52
222.186.30.218	attackspam	Jun 9 18:02:06 tdfoods sshd\[26103\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.218 user=root Jun 9 18:02:08 tdfoods sshd\[26103\]: Failed password for root from 222.186.30.218 port 60727 ssh2 Jun 9 18:02:11 tdfoods sshd\[26103\]: Failed password for root from 222.186.30.218 port 60727 ssh2 Jun 9 18:02:13 tdfoods sshd\[26103\]: Failed password for root from 222.186.30.218 port 60727 ssh2 Jun 9 18:02:15 tdfoods sshd\[26124\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.218 user=root	2020-06-10 12:06:07
106.51.73.204	attackbots	Jun 10 04:07:52 hcbbdb sshd\[18866\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.51.73.204 user=root Jun 10 04:07:54 hcbbdb sshd\[18866\]: Failed password for root from 106.51.73.204 port 21240 ssh2 Jun 10 04:11:57 hcbbdb sshd\[19344\]: Invalid user y from 106.51.73.204 Jun 10 04:11:57 hcbbdb sshd\[19344\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.51.73.204 Jun 10 04:11:59 hcbbdb sshd\[19344\]: Failed password for invalid user y from 106.51.73.204 port 50511 ssh2	2020-06-10 12:17:56
185.202.2.240	bots	trata de entrar a mi equipo sin razon	2020-06-10 09:21:37
179.220.57.228	attackbotsspam	Automatic report - XMLRPC Attack	2020-06-10 08:15:10
106.54.64.77	attackbotsspam	SSH / Telnet Brute Force Attempts on Honeypot	2020-06-10 08:31:14
192.144.155.110	attackspambots	2020-06-09T23:06:31.916527abusebot.cloudsearch.cf sshd[3773]: Invalid user waski from 192.144.155.110 port 57058 2020-06-09T23:06:31.922534abusebot.cloudsearch.cf sshd[3773]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.144.155.110 2020-06-09T23:06:31.916527abusebot.cloudsearch.cf sshd[3773]: Invalid user waski from 192.144.155.110 port 57058 2020-06-09T23:06:33.671602abusebot.cloudsearch.cf sshd[3773]: Failed password for invalid user waski from 192.144.155.110 port 57058 ssh2 2020-06-09T23:11:02.225367abusebot.cloudsearch.cf sshd[4081]: Invalid user admin from 192.144.155.110 port 52652 2020-06-09T23:11:02.234206abusebot.cloudsearch.cf sshd[4081]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.144.155.110 2020-06-09T23:11:02.225367abusebot.cloudsearch.cf sshd[4081]: Invalid user admin from 192.144.155.110 port 52652 2020-06-09T23:11:04.188783abusebot.cloudsearch.cf sshd[4081]: Failed password ...	2020-06-10 08:22:42
178.32.44.233	attackbotsspam	Jun 10 01:52:23 vps639187 sshd\[1584\]: Invalid user raju from 178.32.44.233 port 44046 Jun 10 01:52:23 vps639187 sshd\[1584\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.32.44.233 Jun 10 01:52:25 vps639187 sshd\[1584\]: Failed password for invalid user raju from 178.32.44.233 port 44046 ssh2 ...	2020-06-10 08:11:31
189.142.141.21	attackspambots	Automatic report - Port Scan Attack	2020-06-10 08:29:11
222.186.30.59	attackspam	Jun 9 23:53:23 ny01 sshd[29116]: Failed password for root from 222.186.30.59 port 26879 ssh2 Jun 9 23:54:56 ny01 sshd[29295]: Failed password for root from 222.186.30.59 port 30169 ssh2	2020-06-10 12:09:31
120.53.24.160	attackbots	(sshd) Failed SSH login from 120.53.24.160 (CN/China/-): 5 in the last 3600 secs	2020-06-10 08:21:21
189.195.41.134	attackspam	Jun 10 01:11:06 prod4 sshd\[27622\]: Invalid user flynn from 189.195.41.134 Jun 10 01:11:08 prod4 sshd\[27622\]: Failed password for invalid user flynn from 189.195.41.134 port 37318 ssh2 Jun 10 01:17:42 prod4 sshd\[29115\]: Invalid user yin from 189.195.41.134 ...	2020-06-10 08:11:10
117.50.13.170	attack	Jun 9 22:57:36 ns3033917 sshd[19613]: Invalid user xilon from 117.50.13.170 port 37098 Jun 9 22:57:38 ns3033917 sshd[19613]: Failed password for invalid user xilon from 117.50.13.170 port 37098 ssh2 Jun 9 23:23:06 ns3033917 sshd[19901]: Invalid user temp from 117.50.13.170 port 49790 ...	2020-06-10 08:12:08

最近上报的IP列表

115.204.234.197	84.253.112.21	84.205.241.1	51.223.139.5
46.176.6.140	122.176.27.149	119.136.199.18	47.93.163.150
132.232.72.110	88.238.17.192	79.134.76.177	124.162.40.166
217.115.10.131	178.134.249.114	41.141.41.111	171.226.184.163
153.186.91.100	151.34.70.57	190.41.137.203	127.89.59.169