138.197.134.111

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Canada

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Feb 27 00:17:44 lnxded64 sshd[19986]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.134.111	2020-02-27 08:29:00
attackspam	Feb 22 06:58:00 sshd\[16201\]: Invalid user temp1 from 138.197.134.111Feb 22 06:58:02 sshd\[16201\]: Failed password for invalid user temp1 from 138.197.134.111 port 40854 ssh2 ...	2020-02-22 20:15:44
attackspam	Feb 17 16:34:02 mout sshd[7086]: Invalid user notes from 138.197.134.111 port 52598	2020-02-18 02:38:26
attackspam	ssh brute force	2020-02-17 20:35:36
attack	Invalid user zabbix from 138.197.134.111 port 48900	2020-02-13 15:59:22

相同子网IP讨论:

IP	类型	评论内容	时间
138.197.134.206	attackspambots	xmlrpc attack	2020-05-02 06:11:17
138.197.134.206	attack	Accessing a honeypot website	2020-04-06 18:18:17
138.197.134.206	attackbotsspam	CMS (WordPress or Joomla) login attempt.	2020-04-04 20:59:43
138.197.134.206	attack	Hit on CMS login honeypot	2020-03-20 02:31:01
138.197.134.206	attackbotsspam	138.197.134.206 - - [09/Mar/2020:12:18:25 +0000] "POST /wp-login.php HTTP/1.1" 200 6409 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.197.134.206 - - [09/Mar/2020:12:18:25 +0000] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-03-09 20:33:14

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.197.134.111
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 19654
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.197.134.111.		IN	A

;; AUTHORITY SECTION:
.			484	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020021300 1800 900 604800 86400

;; Query time: 331 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Feb 13 15:59:14 CST 2020
;; MSG SIZE  rcvd: 119

HOST信息:

Host 111.134.197.138.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 111.134.197.138.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
210.216.30.140	attackbots	Jul 15 01:20:09 ns37 sshd[7455]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.216.30.140	2019-07-15 11:03:06
175.168.37.255	attackspambots	Automatic report - Port Scan Attack	2019-07-15 11:20:25
187.44.113.33	attack	Jul 14 23:08:40 tuxlinux sshd[16330]: Invalid user desktop from 187.44.113.33 port 45287 Jul 14 23:08:40 tuxlinux sshd[16330]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.44.113.33 Jul 14 23:08:40 tuxlinux sshd[16330]: Invalid user desktop from 187.44.113.33 port 45287 Jul 14 23:08:40 tuxlinux sshd[16330]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.44.113.33 Jul 14 23:08:40 tuxlinux sshd[16330]: Invalid user desktop from 187.44.113.33 port 45287 Jul 14 23:08:40 tuxlinux sshd[16330]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.44.113.33 Jul 14 23:08:42 tuxlinux sshd[16330]: Failed password for invalid user desktop from 187.44.113.33 port 45287 ssh2 ...	2019-07-15 11:38:40
79.107.96.0	attackbotsspam	Automatic report - Port Scan Attack	2019-07-15 11:14:34
87.121.98.242	attackbotsspam	Jul 14 22:53:27 web1 postfix/smtpd[24671]: warning: unknown[87.121.98.242]: SASL LOGIN authentication failed: authentication failure ...	2019-07-15 11:23:34
119.184.27.176	attackspam	Automatic report - Port Scan Attack	2019-07-15 10:53:18
137.63.184.100	attack	Jul 15 05:27:26 dev sshd\[11596\]: Invalid user prueba from 137.63.184.100 port 49860 Jul 15 05:27:26 dev sshd\[11596\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=137.63.184.100 ...	2019-07-15 11:34:15
185.211.245.170	attackbots	Jul 15 04:31:29 mail postfix/smtpd\[11807\]: warning: unknown\[185.211.245.170\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Jul 15 04:31:36 mail postfix/smtpd\[11862\]: warning: unknown\[185.211.245.170\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Jul 15 04:31:37 mail postfix/smtpd\[11806\]: warning: unknown\[185.211.245.170\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Jul 15 05:02:10 mail postfix/smtpd\[11805\]: warning: unknown\[185.211.245.170\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\	2019-07-15 11:17:52
139.59.85.89	attackspam	Jul 15 04:32:14 microserver sshd[2116]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.85.89 user=root Jul 15 04:32:17 microserver sshd[2116]: Failed password for root from 139.59.85.89 port 56854 ssh2 Jul 15 04:37:51 microserver sshd[2816]: Invalid user jaime from 139.59.85.89 port 56376 Jul 15 04:37:51 microserver sshd[2816]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.85.89 Jul 15 04:37:53 microserver sshd[2816]: Failed password for invalid user jaime from 139.59.85.89 port 56376 ssh2 Jul 15 04:48:53 microserver sshd[4211]: Invalid user lt from 139.59.85.89 port 55427 Jul 15 04:48:53 microserver sshd[4211]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.85.89 Jul 15 04:48:55 microserver sshd[4211]: Failed password for invalid user lt from 139.59.85.89 port 55427 ssh2 Jul 15 04:54:30 microserver sshd[4878]: Invalid user golden from 139.59.85.89 port 54947 Jul 15	2019-07-15 11:10:41
185.148.82.161	attackspam	WordPress wp-login brute force :: 185.148.82.161 0.084 BYPASS [15/Jul/2019:07:09:20 1000] [censored_2] "POST /wp-login.php HTTP/1.1" 200 4630 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-07-15 11:19:24
125.209.109.188	attackbots	Automatic report - Port Scan Attack	2019-07-15 10:54:49
159.65.111.89	attackspambots	Jul 15 08:11:11 areeb-Workstation sshd\[10303\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.111.89 user=root Jul 15 08:11:13 areeb-Workstation sshd\[10303\]: Failed password for root from 159.65.111.89 port 52058 ssh2 Jul 15 08:15:54 areeb-Workstation sshd\[11301\]: Invalid user ce from 159.65.111.89 Jul 15 08:15:54 areeb-Workstation sshd\[11301\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.111.89 ...	2019-07-15 11:08:18
54.38.185.87	attack	Jul 14 22:14:24 aat-srv002 sshd[24051]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.185.87 Jul 14 22:14:26 aat-srv002 sshd[24051]: Failed password for invalid user drricardokacowicz from 54.38.185.87 port 45626 ssh2 Jul 14 22:19:54 aat-srv002 sshd[24156]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.185.87 Jul 14 22:19:56 aat-srv002 sshd[24156]: Failed password for invalid user user6 from 54.38.185.87 port 42524 ssh2 ...	2019-07-15 11:30:56
165.22.128.115	attackbots	Jul 15 03:17:08 MK-Soft-VM3 sshd\[21445\]: Invalid user d from 165.22.128.115 port 53984 Jul 15 03:17:08 MK-Soft-VM3 sshd\[21445\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.128.115 Jul 15 03:17:10 MK-Soft-VM3 sshd\[21445\]: Failed password for invalid user d from 165.22.128.115 port 53984 ssh2 ...	2019-07-15 11:26:56
198.20.163.65	attack	1,36-01/01 concatform PostRequest-Spammer scoring: wien2018	2019-07-15 11:40:14

最近上报的IP列表

45.143.222.30	88.67.184.118	129.204.109.154	41.119.7.89
79.167.117.117	5.251.23.255	218.78.166.161	198.23.242.107
54.212.128.50	23.9.68.56	167.99.164.64	37.57.255.137
123.16.175.8	93.76.233.223	70.226.44.175	181.244.48.111
14.186.218.3	216.230.11.51	145.245.111.95	35.198.196.216