157.245.234.138

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States of America

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Aug 12 00:40:10 propaganda sshd[35595]: Connection from 157.245.234.138 port 45960 on 10.0.0.160 port 22 rdomain "" Aug 12 00:40:10 propaganda sshd[35595]: Unable to negotiate with 157.245.234.138 port 45960: no matching MAC found. Their offer: hmac-sha2-256,hmac-sha1,hmac-sha1-96 [preauth]	2020-08-12 16:46:32
attackbotsspam	IMAP	2020-08-12 04:25:35
attack	port scan and connect, tcp 5432 (postgresql)	2020-06-09 01:59:05

类型

评论内容

时间

attack

Aug 12 00:40:10 propaganda sshd[35595]: Connection from 157.245.234.138 port 45960 on 10.0.0.160 port 22 rdomain ""
Aug 12 00:40:10 propaganda sshd[35595]: Unable to negotiate with 157.245.234.138 port 45960: no matching MAC found. Their offer: hmac-sha2-256,hmac-sha1,hmac-sha1-96 [preauth]

2020-08-12 16:46:32

attackbotsspam

IMAP

2020-08-12 04:25:35

attack

port scan and connect, tcp 5432 (postgresql)

2020-06-09 01:59:05

相同子网IP讨论:

IP	类型	评论内容	时间
157.245.234.77	attackspam	Feb 11 00:12:04 dri postfix/smtpd[13331]: warning: unknown[157.245.234.77]: SASL PLAIN authentication failed: Feb 11 00:12:05 dri postfix/smtpd[13330]: warning: unknown[157.245.234.77]: SASL PLAIN au ...	2020-02-11 07:53:58
157.245.234.175	attackbotsspam	2019-11-02T03:52:23Z - RDP login failed multiple times. (157.245.234.175)	2019-11-02 14:05:16
157.245.234.51	attackbots	10/08/2019-07:56:35.671281 157.245.234.51 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-10-08 20:46:18

类型

评论内容

时间

157.245.234.77

attackspam

Feb 11 00:12:04 dri postfix/smtpd[13331]: warning: unknown[157.245.234.77]: SASL PLAIN authentication failed: 
Feb 11 00:12:05 dri postfix/smtpd[13330]: warning: unknown[157.245.234.77]: SASL PLAIN au
...

2020-02-11 07:53:58

157.245.234.175

attackbotsspam

2019-11-02T03:52:23Z - RDP login failed multiple times. (157.245.234.175)

2019-11-02 14:05:16

157.245.234.51

attackbots

10/08/2019-07:56:35.671281 157.245.234.51 Protocol: 6 ET SCAN NMAP -sS window 1024

2019-10-08 20:46:18

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 157.245.234.138
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63304
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;157.245.234.138.		IN	A

;; AUTHORITY SECTION:
.			599	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020060802 1800 900 604800 86400

;; Query time: 94 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Jun 09 01:59:01 CST 2020
;; MSG SIZE  rcvd: 119

HOST信息:

Host 138.234.245.157.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 138.234.245.157.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
159.89.121.91	attackspam	04/19/2020-05:33:30.154010 159.89.121.91 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-04-19 17:44:50
86.201.39.212	attackspambots	Apr 19 10:55:57 h2779839 sshd[28673]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=86.201.39.212 user=root Apr 19 10:55:59 h2779839 sshd[28673]: Failed password for root from 86.201.39.212 port 46800 ssh2 Apr 19 11:00:33 h2779839 sshd[28793]: Invalid user admin from 86.201.39.212 port 37270 Apr 19 11:00:33 h2779839 sshd[28793]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=86.201.39.212 Apr 19 11:00:33 h2779839 sshd[28793]: Invalid user admin from 86.201.39.212 port 37270 Apr 19 11:00:35 h2779839 sshd[28793]: Failed password for invalid user admin from 86.201.39.212 port 37270 ssh2 Apr 19 11:05:19 h2779839 sshd[28990]: Invalid user zm from 86.201.39.212 port 56066 Apr 19 11:05:19 h2779839 sshd[28990]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=86.201.39.212 Apr 19 11:05:19 h2779839 sshd[28990]: Invalid user zm from 86.201.39.212 port 56066 Apr 19 11:05:21 h ...	2020-04-19 17:31:49
79.124.8.95	attackbots	Apr 19 11:16:38 debian-2gb-nbg1-2 kernel: \[9546766.142183\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=79.124.8.95 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=33663 PROTO=TCP SPT=45456 DPT=40062 WINDOW=1024 RES=0x00 SYN URGP=0	2020-04-19 17:20:30
189.59.5.81	attack	Dovecot Invalid User Login Attempt.	2020-04-19 17:44:27
114.67.101.154	attack	Apr 19 09:21:34 Ubuntu-1404-trusty-64-minimal sshd\[14496\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.67.101.154 user=root Apr 19 09:21:35 Ubuntu-1404-trusty-64-minimal sshd\[14496\]: Failed password for root from 114.67.101.154 port 40278 ssh2 Apr 19 09:32:41 Ubuntu-1404-trusty-64-minimal sshd\[24414\]: Invalid user cr from 114.67.101.154 Apr 19 09:32:41 Ubuntu-1404-trusty-64-minimal sshd\[24414\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.67.101.154 Apr 19 09:32:43 Ubuntu-1404-trusty-64-minimal sshd\[24414\]: Failed password for invalid user cr from 114.67.101.154 port 36652 ssh2	2020-04-19 17:17:10
171.103.59.254	attackspam	(imapd) Failed IMAP login from 171.103.59.254 (TH/Thailand/171-103-59-254.static.asianet.co.th): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Apr 19 08:20:30 ir1 dovecot[566034]: imap-login: Disconnected (auth failed, 1 attempts in 5 secs): user=, method=PLAIN, rip=171.103.59.254, lip=5.63.12.44, session=	2020-04-19 17:22:51
62.234.178.25	attackbotsspam	Apr 18 21:12:28 web1 sshd\[20698\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.178.25 user=root Apr 18 21:12:30 web1 sshd\[20698\]: Failed password for root from 62.234.178.25 port 41638 ssh2 Apr 18 21:16:23 web1 sshd\[21115\]: Invalid user dx from 62.234.178.25 Apr 18 21:16:23 web1 sshd\[21115\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.178.25 Apr 18 21:16:25 web1 sshd\[21115\]: Failed password for invalid user dx from 62.234.178.25 port 33758 ssh2	2020-04-19 17:15:52
159.203.107.212	attackbotsspam	php WP PHPmyadamin ABUSE blocked for 12h	2020-04-19 17:35:15
222.186.180.41	attackspam	Apr 19 11:14:01 server sshd[6552]: Failed none for root from 222.186.180.41 port 46550 ssh2 Apr 19 11:14:04 server sshd[6552]: Failed password for root from 222.186.180.41 port 46550 ssh2 Apr 19 11:14:08 server sshd[6552]: Failed password for root from 222.186.180.41 port 46550 ssh2	2020-04-19 17:52:31
49.235.245.12	attack	Apr 19 06:44:40 [host] sshd[14712]: pam_unix(sshd: Apr 19 06:44:42 [host] sshd[14712]: Failed passwor Apr 19 06:48:55 [host] sshd[14800]: pam_unix(sshd:	2020-04-19 17:12:49
106.13.144.78	attackspambots	Port 27164 scan denied	2020-04-19 17:43:41
117.121.214.50	attack	$f2bV_matches	2020-04-19 17:19:02
45.119.212.125	attackbotsspam	Apr 19 05:34:36 h2646465 sshd[15980]: Invalid user contact from 45.119.212.125 Apr 19 05:34:36 h2646465 sshd[15980]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.119.212.125 Apr 19 05:34:36 h2646465 sshd[15980]: Invalid user contact from 45.119.212.125 Apr 19 05:34:38 h2646465 sshd[15980]: Failed password for invalid user contact from 45.119.212.125 port 56424 ssh2 Apr 19 05:49:31 h2646465 sshd[17904]: Invalid user admin from 45.119.212.125 Apr 19 05:49:31 h2646465 sshd[17904]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.119.212.125 Apr 19 05:49:31 h2646465 sshd[17904]: Invalid user admin from 45.119.212.125 Apr 19 05:49:33 h2646465 sshd[17904]: Failed password for invalid user admin from 45.119.212.125 port 40828 ssh2 Apr 19 05:59:55 h2646465 sshd[19163]: Invalid user lyj from 45.119.212.125 ...	2020-04-19 17:13:30
106.12.20.15	attackbotsspam	Apr 19 10:26:48 santamaria sshd\[16827\]: Invalid user yf from 106.12.20.15 Apr 19 10:26:48 santamaria sshd\[16827\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.20.15 Apr 19 10:26:50 santamaria sshd\[16827\]: Failed password for invalid user yf from 106.12.20.15 port 39594 ssh2 ...	2020-04-19 17:18:10
202.150.161.78	attackspam	Apr 19 07:55:24 game-panel sshd[1637]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.150.161.78 Apr 19 07:55:26 game-panel sshd[1637]: Failed password for invalid user rk from 202.150.161.78 port 49278 ssh2 Apr 19 07:59:04 game-panel sshd[1750]: Failed password for root from 202.150.161.78 port 39834 ssh2	2020-04-19 17:16:25

最近上报的IP列表

179.207.221.52	116.107.249.59	152.79.54.132	195.142.126.178
82.222.208.194	59.125.74.72	84.22.28.178	77.87.101.20
14.116.148.176	165.56.181.29	202.191.156.202	110.235.54.213
221.232.177.15	31.198.248.2	185.245.126.5	220.133.165.93
185.26.104.241	96.21.190.171	119.76.178.178	177.222.248.50