174.138.20.134

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Singapore

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Aug 20 09:49:27 ip-172-31-1-72 sshd\[4345\]: Invalid user git from 174.138.20.134 Aug 20 09:49:27 ip-172-31-1-72 sshd\[4345\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.20.134 Aug 20 09:49:29 ip-172-31-1-72 sshd\[4345\]: Failed password for invalid user git from 174.138.20.134 port 34770 ssh2 Aug 20 09:57:20 ip-172-31-1-72 sshd\[4879\]: Invalid user zabbix from 174.138.20.134 Aug 20 09:57:20 ip-172-31-1-72 sshd\[4879\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.20.134	2019-08-20 17:59:54
attack	Aug 19 14:17:21 hpm sshd\[14883\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.20.134 user=root Aug 19 14:17:23 hpm sshd\[14883\]: Failed password for root from 174.138.20.134 port 34412 ssh2 Aug 19 14:24:46 hpm sshd\[15437\]: Invalid user legal1 from 174.138.20.134 Aug 19 14:24:46 hpm sshd\[15437\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.20.134 Aug 19 14:24:48 hpm sshd\[15437\]: Failed password for invalid user legal1 from 174.138.20.134 port 56734 ssh2	2019-08-20 08:31:53

类型

评论内容

时间

attack

Aug 20 09:49:27 ip-172-31-1-72 sshd\[4345\]: Invalid user git from 174.138.20.134
Aug 20 09:49:27 ip-172-31-1-72 sshd\[4345\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.20.134
Aug 20 09:49:29 ip-172-31-1-72 sshd\[4345\]: Failed password for invalid user git from 174.138.20.134 port 34770 ssh2
Aug 20 09:57:20 ip-172-31-1-72 sshd\[4879\]: Invalid user zabbix from 174.138.20.134
Aug 20 09:57:20 ip-172-31-1-72 sshd\[4879\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.20.134

2019-08-20 17:59:54

attack

Aug 19 14:17:21 hpm sshd\[14883\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.20.134  user=root
Aug 19 14:17:23 hpm sshd\[14883\]: Failed password for root from 174.138.20.134 port 34412 ssh2
Aug 19 14:24:46 hpm sshd\[15437\]: Invalid user legal1 from 174.138.20.134
Aug 19 14:24:46 hpm sshd\[15437\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.20.134
Aug 19 14:24:48 hpm sshd\[15437\]: Failed password for invalid user legal1 from 174.138.20.134 port 56734 ssh2

2019-08-20 08:31:53

相同子网IP讨论:

IP	类型	评论内容	时间
174.138.20.105	attack	Banned for a week because repeated abuses, for example SSH, but not only	2020-10-13 00:13:33
174.138.20.105	attackbotsspam	2020-10-12T03:18:18+0000 Failed SSH Authentication/Brute Force Attack. (Server 6)	2020-10-12 15:35:56
174.138.20.105	attackspam	2020-10-08T17:58:11.015372hostname sshd[70237]: Failed password for root from 174.138.20.105 port 36342 ssh2 ...	2020-10-09 03:18:42
174.138.20.105	attackspam	2020-10-08T17:58:08.886151hostname sshd[70237]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.20.105 user=root 2020-10-08T17:58:11.015372hostname sshd[70237]: Failed password for root from 174.138.20.105 port 36342 ssh2 ...	2020-10-08 19:23:11
174.138.20.105	attackspambots	Total attacks: 2	2020-08-25 17:47:26
174.138.20.105	attack	Aug 23 06:00:30 jumpserver sshd[10376]: Failed password for invalid user train5 from 174.138.20.105 port 60802 ssh2 Aug 23 06:03:55 jumpserver sshd[10411]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.20.105 user=root Aug 23 06:03:57 jumpserver sshd[10411]: Failed password for root from 174.138.20.105 port 51844 ssh2 ...	2020-08-23 14:26:18
174.138.20.163	attack	Aug 21 19:03:19 email sshd\[2609\]: Invalid user 0 from 174.138.20.163 Aug 21 19:03:19 email sshd\[2609\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.20.163 Aug 21 19:03:20 email sshd\[2610\]: Invalid user 0 from 174.138.20.163 Aug 21 19:03:20 email sshd\[2610\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.20.163 Aug 21 19:03:22 email sshd\[2609\]: Failed password for invalid user 0 from 174.138.20.163 port 39114 ssh2 ...	2020-08-22 03:25:35
174.138.20.105	attackbotsspam	Brute-force attempt banned	2020-08-21 02:26:34
174.138.20.105	attackbotsspam	Aug 6 07:25:01 host sshd[20573]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.20.105 user=root Aug 6 07:25:04 host sshd[20573]: Failed password for root from 174.138.20.105 port 35440 ssh2 ...	2020-08-06 13:30:49
174.138.20.105	attack	fail2ban	2020-08-02 15:56:12
174.138.20.105	attackbotsspam	Unauthorised connection attempt detected at AUO MAIN. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-08-01 01:40:51
174.138.20.105	attackbotsspam	Jul 25 06:02:25 webhost01 sshd[13845]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.20.105 Jul 25 06:02:27 webhost01 sshd[13845]: Failed password for invalid user user from 174.138.20.105 port 37404 ssh2 ...	2020-07-25 07:05:19
174.138.20.105	attackbotsspam	<6 unauthorized SSH connections	2020-07-20 15:07:58
174.138.20.105	attack	Jul 18 23:52:32 server sshd[6370]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.20.105 Jul 18 23:52:34 server sshd[6370]: Failed password for invalid user norman from 174.138.20.105 port 51108 ssh2 Jul 18 23:57:21 server sshd[6760]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.20.105 ...	2020-07-19 06:04:07
174.138.20.105	attackbots	Jul 10 11:32:42 gestao sshd[7843]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.20.105 Jul 10 11:32:44 gestao sshd[7843]: Failed password for invalid user chenglin from 174.138.20.105 port 40208 ssh2 Jul 10 11:36:12 gestao sshd[7924]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.20.105 ...	2020-07-10 19:02:01

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 174.138.20.134
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 28974
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;174.138.20.134.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019081900 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Aug 19 17:30:57 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 134.20.138.174.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 134.20.138.174.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
68.183.181.7	attackspam	Aug 23 01:47:32 ubuntu-2gb-nbg1-dc3-1 sshd[3632]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.181.7 Aug 23 01:47:35 ubuntu-2gb-nbg1-dc3-1 sshd[3632]: Failed password for invalid user jet from 68.183.181.7 port 48226 ssh2 ...	2019-08-23 08:07:20
76.24.160.205	attackspam	Aug 22 23:19:02 web8 sshd\[1467\]: Invalid user icaro from 76.24.160.205 Aug 22 23:19:02 web8 sshd\[1467\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=76.24.160.205 Aug 22 23:19:04 web8 sshd\[1467\]: Failed password for invalid user icaro from 76.24.160.205 port 56704 ssh2 Aug 22 23:23:51 web8 sshd\[4252\]: Invalid user dbadmin from 76.24.160.205 Aug 22 23:23:51 web8 sshd\[4252\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=76.24.160.205	2019-08-23 07:38:29
103.248.119.82	attackspam	Unauthorized connection attempt from IP address 103.248.119.82 on Port 445(SMB)	2019-08-23 07:33:01
65.98.111.218	attackbots	Aug 23 01:17:11 legacy sshd[14008]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=65.98.111.218 Aug 23 01:17:13 legacy sshd[14008]: Failed password for invalid user www from 65.98.111.218 port 58344 ssh2 Aug 23 01:21:01 legacy sshd[14120]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=65.98.111.218 ...	2019-08-23 07:45:21
122.195.200.148	attack	2019-08-22T23:45:17.887367abusebot-8.cloudsearch.cf sshd\[4446\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.195.200.148 user=root	2019-08-23 07:56:15
197.41.233.75	attackbotsspam	Aug 22 21:17:21 srv1 sshd[27269]: Address 197.41.233.75 maps to host-197.41.233.75.tedata.net, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Aug 22 21:17:21 srv1 sshd[27269]: Invalid user admin from 197.41.233.75 Aug 22 21:17:21 srv1 sshd[27269]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.41.233.75 Aug 22 21:17:23 srv1 sshd[27269]: Failed password for invalid user admin from 197.41.233.75 port 46193 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=197.41.233.75	2019-08-23 07:27:04
148.101.221.230	attackspam	SSH-BruteForce	2019-08-23 07:34:37
178.33.233.54	attackspam	Invalid user admin from 178.33.233.54 port 38437	2019-08-23 08:01:55
203.77.234.92	attack	Too many connections or unauthorized access detected from Arctic banned ip	2019-08-23 07:24:32
106.13.18.86	attackspambots	Aug 22 22:34:45 v22019058497090703 sshd[30323]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.18.86 Aug 22 22:34:47 v22019058497090703 sshd[30323]: Failed password for invalid user upload from 106.13.18.86 port 43728 ssh2 Aug 22 22:39:22 v22019058497090703 sshd[30739]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.18.86 ...	2019-08-23 07:33:19
221.199.189.162	attackbotsspam	2019-08-22T23:11:17.827517lon01.zurich-datacenter.net sshd\[15210\]: Invalid user test1 from 221.199.189.162 port 38328 2019-08-22T23:11:17.838409lon01.zurich-datacenter.net sshd\[15210\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.199.189.162 2019-08-22T23:11:20.246212lon01.zurich-datacenter.net sshd\[15210\]: Failed password for invalid user test1 from 221.199.189.162 port 38328 ssh2 2019-08-22T23:14:11.507006lon01.zurich-datacenter.net sshd\[15264\]: Invalid user anwendersoftware from 221.199.189.162 port 53422 2019-08-22T23:14:11.514029lon01.zurich-datacenter.net sshd\[15264\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.199.189.162 ...	2019-08-23 07:42:12
179.108.246.130	attackbotsspam	Try access to SMTP/POP/IMAP server.	2019-08-23 08:04:35
91.134.139.87	attack	Aug 23 00:10:12 lnxmysql61 sshd[17401]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.134.139.87	2019-08-23 07:32:03
122.228.19.79	attackspambots	" "	2019-08-23 07:57:41
182.254.218.252	attackspam	Unauthorised access (Aug 22) SRC=182.254.218.252 LEN=40 TTL=236 ID=21166 TCP DPT=445 WINDOW=1024 SYN	2019-08-23 08:05:39

最近上报的IP列表

92.86.4.50	201.33.39.58	170.254.155.142	216.70.11.83
213.185.240.65	167.57.96.108	47.146.91.131	110.138.3.94
208.123.147.150	58.54.223.156	45.77.108.190	118.25.54.60
167.71.206.188	114.134.187.130	49.232.4.151	150.125.166.255
128.163.229.242	128.245.237.111	163.172.251.80	155.0.142.240