174.138.21.8 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Sep 16 21:26:59 OPSO sshd\[22590\]: Invalid user Duck from 174.138.21.8 port 40636 Sep 16 21:26:59 OPSO sshd\[22590\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.21.8 Sep 16 21:27:02 OPSO sshd\[22590\]: Failed password for invalid user Duck from 174.138.21.8 port 40636 ssh2 Sep 16 21:31:02 OPSO sshd\[23617\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.21.8 user=admin Sep 16 21:31:04 OPSO sshd\[23617\]: Failed password for admin from 174.138.21.8 port 52320 ssh2	2019-09-17 03:43:14
attack	Sep 13 09:45:53 auw2 sshd\[9510\]: Invalid user admin123 from 174.138.21.8 Sep 13 09:45:53 auw2 sshd\[9510\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.21.8 Sep 13 09:45:55 auw2 sshd\[9510\]: Failed password for invalid user admin123 from 174.138.21.8 port 55378 ssh2 Sep 13 09:50:09 auw2 sshd\[9838\]: Invalid user 12345 from 174.138.21.8 Sep 13 09:50:09 auw2 sshd\[9838\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.21.8	2019-09-14 04:18:22
attackspambots	Sep 3 20:36:27 vps691689 sshd[25715]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.21.8 Sep 3 20:36:29 vps691689 sshd[25715]: Failed password for invalid user raj from 174.138.21.8 port 46160 ssh2 ...	2019-09-04 02:58:08
attack	Sep 1 17:18:26 web9 sshd\[20265\]: Invalid user wking from 174.138.21.8 Sep 1 17:18:26 web9 sshd\[20265\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.21.8 Sep 1 17:18:28 web9 sshd\[20265\]: Failed password for invalid user wking from 174.138.21.8 port 59834 ssh2 Sep 1 17:23:06 web9 sshd\[21169\]: Invalid user thomas from 174.138.21.8 Sep 1 17:23:06 web9 sshd\[21169\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.21.8	2019-09-02 11:24:46
attack	Aug 29 13:50:22 yabzik sshd[13956]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.21.8 Aug 29 13:50:25 yabzik sshd[13956]: Failed password for invalid user 123456 from 174.138.21.8 port 58464 ssh2 Aug 29 13:55:02 yabzik sshd[15597]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.21.8	2019-08-30 01:35:15
attackbotsspam	Aug 27 08:44:43 xb0 sshd[2206]: Failed password for invalid user legal2 from 174.138.21.8 port 36684 ssh2 Aug 27 08:44:43 xb0 sshd[2206]: Received disconnect from 174.138.21.8: 11: Bye Bye [preauth] Aug 27 08:54:31 xb0 sshd[2464]: Failed password for invalid user popd from 174.138.21.8 port 38776 ssh2 Aug 27 08:54:31 xb0 sshd[2464]: Received disconnect from 174.138.21.8: 11: Bye Bye [preauth] Aug 27 08:59:03 xb0 sshd[365]: Failed password for invalid user placrim from 174.138.21.8 port 55166 ssh2 Aug 27 08:59:04 xb0 sshd[365]: Received disconnect from 174.138.21.8: 11: Bye Bye [preauth] Aug 27 09:03:25 xb0 sshd[31896]: Failed password for invalid user admin1 from 174.138.21.8 port 43230 ssh2 Aug 27 09:03:26 xb0 sshd[31896]: Received disconnect from 174.138.21.8: 11: Bye Bye [preauth] Aug 27 09:07:50 xb0 sshd[30138]: Failed password for invalid user rares from 174.138.21.8 port 59590 ssh2 Aug 27 09:07:50 xb0 sshd[30138]: Received disconnect from 174.138.21.8: 11: Bye Bye........ -------------------------------	2019-08-28 02:51:31
attackbots	Aug 24 12:03:23 cp sshd[13121]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.21.8	2019-08-24 19:05:33

相同子网IP讨论:

IP	类型	评论内容	时间
174.138.211.167	attackspambots	Automatic report - Port Scan Attack	2020-05-23 07:12:35
174.138.21.225	attackbots	Sep 26 06:48:39 sachi sshd\[25746\]: Invalid user w from 174.138.21.225 Sep 26 06:48:39 sachi sshd\[25746\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.21.225 Sep 26 06:48:40 sachi sshd\[25746\]: Failed password for invalid user w from 174.138.21.225 port 38482 ssh2 Sep 26 06:54:05 sachi sshd\[26212\]: Invalid user xbot from 174.138.21.225 Sep 26 06:54:05 sachi sshd\[26212\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.21.225	2019-09-27 01:06:16
174.138.21.225	attack	Sep 25 04:34:12 lcprod sshd\[18193\]: Invalid user git from 174.138.21.225 Sep 25 04:34:12 lcprod sshd\[18193\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.21.225 Sep 25 04:34:14 lcprod sshd\[18193\]: Failed password for invalid user git from 174.138.21.225 port 37540 ssh2 Sep 25 04:39:38 lcprod sshd\[18701\]: Invalid user teamspeak3 from 174.138.21.225 Sep 25 04:39:38 lcprod sshd\[18701\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.21.225	2019-09-26 03:04:38
174.138.21.117	attackspambots	Sep 10 03:48:53 plusreed sshd[24925]: Invalid user administrador from 174.138.21.117 ...	2019-09-10 16:01:01
174.138.21.117	attackbots	Brute force attempt	2019-09-09 06:28:52
174.138.21.27	attackspambots	Sep 4 00:45:53 meumeu sshd[17759]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.21.27 Sep 4 00:45:55 meumeu sshd[17759]: Failed password for invalid user admin from 174.138.21.27 port 49960 ssh2 Sep 4 00:50:23 meumeu sshd[18336]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.21.27 ...	2019-09-04 07:07:12
174.138.21.117	attackbots	Sep 2 15:18:04 web1 sshd\[5311\]: Invalid user victoria from 174.138.21.117 Sep 2 15:18:04 web1 sshd\[5311\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.21.117 Sep 2 15:18:05 web1 sshd\[5311\]: Failed password for invalid user victoria from 174.138.21.117 port 50712 ssh2 Sep 2 15:22:28 web1 sshd\[5804\]: Invalid user sgt from 174.138.21.117 Sep 2 15:22:28 web1 sshd\[5804\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.21.117	2019-09-03 09:22:46
174.138.21.27	attackbotsspam	Sep 2 05:21:11 MK-Soft-VM5 sshd\[30329\]: Invalid user s1 from 174.138.21.27 port 51972 Sep 2 05:21:11 MK-Soft-VM5 sshd\[30329\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.21.27 Sep 2 05:21:13 MK-Soft-VM5 sshd\[30329\]: Failed password for invalid user s1 from 174.138.21.27 port 51972 ssh2 ...	2019-09-02 20:02:16
174.138.21.117	attackspam	Sep 1 01:55:42 * sshd[7378]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.21.117 Sep 1 01:55:44 * sshd[7378]: Failed password for invalid user sebastian from 174.138.21.117 port 46142 ssh2	2019-09-01 08:06:40
174.138.21.27	attackspam	Aug 31 19:32:49 vps691689 sshd[24868]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.21.27 Aug 31 19:32:51 vps691689 sshd[24868]: Failed password for invalid user lq from 174.138.21.27 port 50324 ssh2 ...	2019-09-01 05:20:40
174.138.21.117	attackbots	Aug 28 08:01:09 legacy sshd[18326]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.21.117 Aug 28 08:01:12 legacy sshd[18326]: Failed password for invalid user user from 174.138.21.117 port 47096 ssh2 Aug 28 08:06:06 legacy sshd[18521]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.21.117 ...	2019-08-28 14:17:34
174.138.21.117	attackbots	Aug 27 03:12:40 game-panel sshd[11093]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.21.117 Aug 27 03:12:42 game-panel sshd[11093]: Failed password for invalid user test from 174.138.21.117 port 54594 ssh2 Aug 27 03:17:23 game-panel sshd[11267]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.21.117	2019-08-27 11:18:50
174.138.21.27	attackspambots	Aug 26 09:54:36 xtremcommunity sshd\[32589\]: Invalid user maria from 174.138.21.27 port 54394 Aug 26 09:54:36 xtremcommunity sshd\[32589\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.21.27 Aug 26 09:54:38 xtremcommunity sshd\[32589\]: Failed password for invalid user maria from 174.138.21.27 port 54394 ssh2 Aug 26 09:59:41 xtremcommunity sshd\[446\]: Invalid user areyes from 174.138.21.27 port 43906 Aug 26 09:59:41 xtremcommunity sshd\[446\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.21.27 ...	2019-08-26 23:56:11
174.138.21.27	attack	Aug 25 02:07:00 plex sshd[23201]: Invalid user ftpuser from 174.138.21.27 port 54390	2019-08-25 08:29:29
174.138.21.117	attack	Aug 22 13:38:47 debian sshd\[23064\]: Invalid user ftpuser from 174.138.21.117 port 33096 Aug 22 13:38:47 debian sshd\[23064\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.21.117 Aug 22 13:38:49 debian sshd\[23064\]: Failed password for invalid user ftpuser from 174.138.21.117 port 33096 ssh2 ...	2019-08-23 02:52:11

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 174.138.21.8
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 40649
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;174.138.21.8.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019082302 1800 900 604800 86400

;; Query time: 4 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Aug 24 19:05:27 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 8.21.138.174.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 8.21.138.174.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
198.143.158.83	attack	firewall-block, port(s): 3128/tcp	2020-02-11 19:23:13
114.67.69.206	attackbots	Feb 11 08:07:17 silence02 sshd[29652]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.67.69.206 Feb 11 08:07:19 silence02 sshd[29652]: Failed password for invalid user qxu from 114.67.69.206 port 34126 ssh2 Feb 11 08:10:38 silence02 sshd[29898]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.67.69.206	2020-02-11 18:51:24
183.83.131.97	attack	Honeypot attack, port: 445, PTR: broadband.actcorp.in.	2020-02-11 18:54:42
61.19.22.217	attackbotsspam	Feb 11 02:51:31 vps46666688 sshd[13569]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.19.22.217 Feb 11 02:51:33 vps46666688 sshd[13569]: Failed password for invalid user mdq from 61.19.22.217 port 42818 ssh2 ...	2020-02-11 19:00:00
66.249.66.65	attack	Unauthorized connection attempt detected from IP address 66.249.66.65 to port 80	2020-02-11 18:46:11
106.12.69.27	attack	unauthorized access on port 443 [https] FO	2020-02-11 19:19:45
218.186.167.25	attack	Honeypot attack, port: 445, PTR: 25.167.186.218.starhub.net.sg.	2020-02-11 18:41:17
209.17.97.2	attackbotsspam	Unauthorised access (Feb 11) SRC=209.17.97.2 LEN=44 TOS=0x08 PREC=0x20 TTL=243 ID=54321 TCP DPT=8080 WINDOW=65535 SYN	2020-02-11 19:07:11
182.74.16.99	attackspambots	Honeypot attack, port: 445, PTR: PTR record not found	2020-02-11 18:59:28
188.163.96.59	attackbots	Feb 11 05:50:40 mail sshd\[27743\]: Invalid user admin2 from 188.163.96.59 Feb 11 05:50:40 mail sshd\[27743\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.163.96.59 Feb 11 05:50:42 mail sshd\[27743\]: Failed password for invalid user admin2 from 188.163.96.59 port 30053 ssh2 ...	2020-02-11 18:55:30
146.4.22.190	attackbots	unauthorized access on port 443 [https] FO	2020-02-11 19:19:00
49.233.176.124	attackspam	Feb 11 05:45:20 amida sshd[135982]: Invalid user ida from 49.233.176.124 Feb 11 05:45:20 amida sshd[135982]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.176.124 Feb 11 05:45:21 amida sshd[135982]: Failed password for invalid user ida from 49.233.176.124 port 34580 ssh2 Feb 11 05:45:23 amida sshd[135982]: Received disconnect from 49.233.176.124: 11: Bye Bye [preauth] Feb 11 05:51:59 amida sshd[137395]: Invalid user cyd from 49.233.176.124 Feb 11 05:51:59 amida sshd[137395]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.176.124 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=49.233.176.124	2020-02-11 18:40:43
202.62.107.135	attack	Honeypot attack, port: 445, PTR: mail1.etlweb.biz.	2020-02-11 19:12:40
213.32.122.80	attackspambots	Port 443 (HTTPS) access denied	2020-02-11 19:15:33
173.249.49.120	attackbots	Automatic report - XMLRPC Attack	2020-02-11 19:04:53

最近上报的IP列表

246.98.95.15	11.205.99.108	41.5.202.121	26.128.129.201
65.98.248.52	233.155.122.50	175.44.90.255	78.36.6.224
135.104.134.144	178.5.90.220	223.227.61.160	106.12.33.181
83.211.35.48	37.78.221.194	124.228.147.111	185.176.27.250
109.173.71.28	60.182.187.163	183.150.217.248	117.164.225.221