174.138.20.221

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Singapore

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Aug 26 20:40:27 vpn sshd[9621]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.20.221 user=root Aug 26 20:40:29 vpn sshd[9621]: Failed password for root from 174.138.20.221 port 53978 ssh2 Aug 26 20:44:33 vpn sshd[9630]: Invalid user user from 174.138.20.221 Aug 26 20:44:33 vpn sshd[9630]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.20.221 Aug 26 20:44:35 vpn sshd[9630]: Failed password for invalid user user from 174.138.20.221 port 46272 ssh2	2019-07-19 06:33:45

类型

评论内容

时间

attackspambots

Aug 26 20:40:27 vpn sshd[9621]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.20.221  user=root
Aug 26 20:40:29 vpn sshd[9621]: Failed password for root from 174.138.20.221 port 53978 ssh2
Aug 26 20:44:33 vpn sshd[9630]: Invalid user user from 174.138.20.221
Aug 26 20:44:33 vpn sshd[9630]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.20.221
Aug 26 20:44:35 vpn sshd[9630]: Failed password for invalid user user from 174.138.20.221 port 46272 ssh2

2019-07-19 06:33:45

相同子网IP讨论:

IP	类型	评论内容	时间
174.138.20.105	attack	Banned for a week because repeated abuses, for example SSH, but not only	2020-10-13 00:13:33
174.138.20.105	attackbotsspam	2020-10-12T03:18:18+0000 Failed SSH Authentication/Brute Force Attack. (Server 6)	2020-10-12 15:35:56
174.138.20.105	attackspam	2020-10-08T17:58:11.015372hostname sshd[70237]: Failed password for root from 174.138.20.105 port 36342 ssh2 ...	2020-10-09 03:18:42
174.138.20.105	attackspam	2020-10-08T17:58:08.886151hostname sshd[70237]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.20.105 user=root 2020-10-08T17:58:11.015372hostname sshd[70237]: Failed password for root from 174.138.20.105 port 36342 ssh2 ...	2020-10-08 19:23:11
174.138.20.105	attackspambots	Total attacks: 2	2020-08-25 17:47:26
174.138.20.105	attack	Aug 23 06:00:30 jumpserver sshd[10376]: Failed password for invalid user train5 from 174.138.20.105 port 60802 ssh2 Aug 23 06:03:55 jumpserver sshd[10411]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.20.105 user=root Aug 23 06:03:57 jumpserver sshd[10411]: Failed password for root from 174.138.20.105 port 51844 ssh2 ...	2020-08-23 14:26:18
174.138.20.163	attack	Aug 21 19:03:19 email sshd\[2609\]: Invalid user 0 from 174.138.20.163 Aug 21 19:03:19 email sshd\[2609\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.20.163 Aug 21 19:03:20 email sshd\[2610\]: Invalid user 0 from 174.138.20.163 Aug 21 19:03:20 email sshd\[2610\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.20.163 Aug 21 19:03:22 email sshd\[2609\]: Failed password for invalid user 0 from 174.138.20.163 port 39114 ssh2 ...	2020-08-22 03:25:35
174.138.20.105	attackbotsspam	Brute-force attempt banned	2020-08-21 02:26:34
174.138.20.105	attackbotsspam	Aug 6 07:25:01 host sshd[20573]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.20.105 user=root Aug 6 07:25:04 host sshd[20573]: Failed password for root from 174.138.20.105 port 35440 ssh2 ...	2020-08-06 13:30:49
174.138.20.105	attack	fail2ban	2020-08-02 15:56:12
174.138.20.105	attackbotsspam	Unauthorised connection attempt detected at AUO MAIN. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-08-01 01:40:51
174.138.20.105	attackbotsspam	Jul 25 06:02:25 webhost01 sshd[13845]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.20.105 Jul 25 06:02:27 webhost01 sshd[13845]: Failed password for invalid user user from 174.138.20.105 port 37404 ssh2 ...	2020-07-25 07:05:19
174.138.20.105	attackbotsspam	<6 unauthorized SSH connections	2020-07-20 15:07:58
174.138.20.105	attack	Jul 18 23:52:32 server sshd[6370]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.20.105 Jul 18 23:52:34 server sshd[6370]: Failed password for invalid user norman from 174.138.20.105 port 51108 ssh2 Jul 18 23:57:21 server sshd[6760]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.20.105 ...	2020-07-19 06:04:07
174.138.20.105	attackbots	Jul 10 11:32:42 gestao sshd[7843]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.20.105 Jul 10 11:32:44 gestao sshd[7843]: Failed password for invalid user chenglin from 174.138.20.105 port 40208 ssh2 Jul 10 11:36:12 gestao sshd[7924]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.20.105 ...	2020-07-10 19:02:01

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 174.138.20.221
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 60470
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;174.138.20.221.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019071801 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Jul 19 06:33:40 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 221.20.138.174.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 221.20.138.174.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
183.136.130.104	attack	Jun 12 19:13:35 home sshd[19810]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.136.130.104 Jun 12 19:13:37 home sshd[19810]: Failed password for invalid user teamspeak from 183.136.130.104 port 53193 ssh2 Jun 12 19:16:17 home sshd[20155]: Failed password for root from 183.136.130.104 port 39501 ssh2 ...	2020-06-13 01:36:42
122.224.217.42	attack	2020-06-12T19:54:43.019417vps773228.ovh.net sshd[25607]: Invalid user ezequias from 122.224.217.42 port 45348 2020-06-12T19:54:43.034384vps773228.ovh.net sshd[25607]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.224.217.42 2020-06-12T19:54:43.019417vps773228.ovh.net sshd[25607]: Invalid user ezequias from 122.224.217.42 port 45348 2020-06-12T19:54:45.145635vps773228.ovh.net sshd[25607]: Failed password for invalid user ezequias from 122.224.217.42 port 45348 ssh2 2020-06-12T19:58:01.011165vps773228.ovh.net sshd[25660]: Invalid user cvsuser from 122.224.217.42 port 57832 ...	2020-06-13 02:13:35
59.127.1.12	attackspambots	Jun 12 13:36:55 NPSTNNYC01T sshd[28282]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.127.1.12 Jun 12 13:36:57 NPSTNNYC01T sshd[28282]: Failed password for invalid user kl from 59.127.1.12 port 46120 ssh2 Jun 12 13:40:10 NPSTNNYC01T sshd[28523]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.127.1.12 ...	2020-06-13 01:50:19
159.89.88.119	attackspambots	Jun 12 19:51:49 santamaria sshd\[28108\]: Invalid user john from 159.89.88.119 Jun 12 19:51:49 santamaria sshd\[28108\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.88.119 Jun 12 19:51:52 santamaria sshd\[28108\]: Failed password for invalid user john from 159.89.88.119 port 58220 ssh2 ...	2020-06-13 01:58:22
150.158.178.137	attackbots	Jun 12 19:41:18 eventyay sshd[31106]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.158.178.137 Jun 12 19:41:20 eventyay sshd[31106]: Failed password for invalid user benny123 from 150.158.178.137 port 47606 ssh2 Jun 12 19:45:56 eventyay sshd[31190]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.158.178.137 ...	2020-06-13 01:59:17
191.8.82.202	attack	" "	2020-06-13 01:47:15
185.225.39.146	attackspambots	2020-06-12 11:39:35.589949-0500 localhost smtpd[35748]: NOQUEUE: reject: RCPT from unknown[185.225.39.146]: 554 5.7.1 Service unavailable; Client host [185.225.39.146] blocked using zen.spamhaus.org; https://www.spamhaus.org/sbl/query/SBLCSS; from= to= proto=ESMTP helo=	2020-06-13 02:10:03
185.220.102.6	attackspam	Failed keyboard-interactive/pam for root from 185.220.102.6 port 46419 ssh2	2020-06-13 01:55:20
4.28.22.106	attackspam	Brute forcing email accounts	2020-06-13 01:54:58
68.183.12.80	attackbotsspam	2020-06-12T18:03:45.692630shield sshd\[4235\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=chbluxury.com.ng user=root 2020-06-12T18:03:47.213667shield sshd\[4235\]: Failed password for root from 68.183.12.80 port 37988 ssh2 2020-06-12T18:07:03.371748shield sshd\[5557\]: Invalid user test from 68.183.12.80 port 40816 2020-06-12T18:07:03.375429shield sshd\[5557\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=chbluxury.com.ng 2020-06-12T18:07:05.418382shield sshd\[5557\]: Failed password for invalid user test from 68.183.12.80 port 40816 ssh2	2020-06-13 02:15:45
104.236.210.110	attack	Tried our host z.	2020-06-13 02:07:44
194.71.130.33	attack	Observed brute-forces/probes at wordpress endpoints	2020-06-13 01:46:23
217.182.95.16	attack	SSH Brute-Force reported by Fail2Ban	2020-06-13 02:09:31
175.6.73.4	attackspambots	Jun 12 17:26:13 django-0 sshd\[15918\]: Failed password for root from 175.6.73.4 port 15136 ssh2Jun 12 17:29:12 django-0 sshd\[16008\]: Failed password for root from 175.6.73.4 port 28663 ssh2Jun 12 17:31:47 django-0 sshd\[16074\]: Invalid user fn from 175.6.73.4 ...	2020-06-13 01:57:58
79.137.82.213	attackbots	Jun 12 20:02:58 cosmoit sshd[7994]: Failed password for root from 79.137.82.213 port 41056 ssh2	2020-06-13 02:15:24

最近上报的IP列表

77.42.119.129	173.249.33.121	173.249.3.120	173.249.28.247
173.249.25.92	54.36.150.52	173.243.137.165	181.50.196.103
173.249.21.204	173.219.144.76	173.215.29.21	47.218.133.207
173.212.239.47	173.212.238.32	173.212.222.48	173.212.216.183
173.212.213.85	173.212.193.146	173.212.185.241	5.189.136.96