174.138.29.145

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Singapore

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Sep 6 19:44:41 eventyay sshd[9484]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.29.145 Sep 6 19:44:43 eventyay sshd[9484]: Failed password for invalid user gmodserver from 174.138.29.145 port 48260 ssh2 Sep 6 19:51:57 eventyay sshd[9642]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.29.145 ...	2019-09-07 03:33:14
attackbots	Sep 5 23:42:42 MK-Soft-VM3 sshd\[3231\]: Invalid user ftp_user from 174.138.29.145 port 57232 Sep 5 23:42:42 MK-Soft-VM3 sshd\[3231\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.29.145 Sep 5 23:42:44 MK-Soft-VM3 sshd\[3231\]: Failed password for invalid user ftp_user from 174.138.29.145 port 57232 ssh2 ...	2019-09-06 08:13:04
attackspam	Sep 4 04:06:01 work-partkepr sshd\[4776\]: Invalid user andrew from 174.138.29.145 port 35070 Sep 4 04:06:01 work-partkepr sshd\[4776\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.29.145 ...	2019-09-04 14:34:11
attackspam	Sep 3 03:17:28 MK-Soft-VM6 sshd\[2063\]: Invalid user temp1 from 174.138.29.145 port 56004 Sep 3 03:17:28 MK-Soft-VM6 sshd\[2063\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.29.145 Sep 3 03:17:30 MK-Soft-VM6 sshd\[2063\]: Failed password for invalid user temp1 from 174.138.29.145 port 56004 ssh2 ...	2019-09-03 12:15:50
attack	Aug 31 05:52:32 www4 sshd\[35724\]: Invalid user donna from 174.138.29.145 Aug 31 05:52:32 www4 sshd\[35724\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.29.145 Aug 31 05:52:34 www4 sshd\[35724\]: Failed password for invalid user donna from 174.138.29.145 port 42992 ssh2 ...	2019-08-31 11:08:07
attackspambots	Aug 28 03:14:01 nextcloud sshd\[9231\]: Invalid user guest from 174.138.29.145 Aug 28 03:14:01 nextcloud sshd\[9231\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.29.145 Aug 28 03:14:03 nextcloud sshd\[9231\]: Failed password for invalid user guest from 174.138.29.145 port 49136 ssh2 ...	2019-08-28 10:03:38
attackspambots	Aug 20 22:44:29 sachi sshd\[22471\]: Invalid user ft from 174.138.29.145 Aug 20 22:44:29 sachi sshd\[22471\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.29.145 Aug 20 22:44:31 sachi sshd\[22471\]: Failed password for invalid user ft from 174.138.29.145 port 60552 ssh2 Aug 20 22:52:02 sachi sshd\[23137\]: Invalid user mcserver from 174.138.29.145 Aug 20 22:52:02 sachi sshd\[23137\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.29.145	2019-08-21 17:06:32
attackbotsspam	Aug 20 15:20:39 hcbbdb sshd\[19785\]: Invalid user localhost from 174.138.29.145 Aug 20 15:20:39 hcbbdb sshd\[19785\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.29.145 Aug 20 15:20:41 hcbbdb sshd\[19785\]: Failed password for invalid user localhost from 174.138.29.145 port 41780 ssh2 Aug 20 15:26:17 hcbbdb sshd\[20499\]: Invalid user rpm from 174.138.29.145 Aug 20 15:26:17 hcbbdb sshd\[20499\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.29.145	2019-08-20 23:33:53

相同子网IP讨论:

IP	类型	评论内容	时间
174.138.29.209	attackspam	Mar 1 13:28:41 plusreed sshd[6978]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.29.209 user=root Mar 1 13:28:44 plusreed sshd[6978]: Failed password for root from 174.138.29.209 port 39668 ssh2 ...	2020-03-02 02:42:46
174.138.29.209	attackspambots	Feb 25 04:24:03 gw1 sshd[10408]: Failed password for root from 174.138.29.209 port 60038 ssh2 ...	2020-02-25 07:29:18
174.138.29.52	attackbotsspam	Aug 21 06:11:36 bouncer sshd\[4015\]: Invalid user zacharia from 174.138.29.52 port 60462 Aug 21 06:11:36 bouncer sshd\[4015\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.29.52 Aug 21 06:11:38 bouncer sshd\[4015\]: Failed password for invalid user zacharia from 174.138.29.52 port 60462 ssh2 ...	2019-08-21 12:23:36
174.138.29.52	attack	Aug 19 18:03:00 hiderm sshd\[2195\]: Invalid user m from 174.138.29.52 Aug 19 18:03:00 hiderm sshd\[2195\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.29.52 Aug 19 18:03:02 hiderm sshd\[2195\]: Failed password for invalid user m from 174.138.29.52 port 41542 ssh2 Aug 19 18:11:14 hiderm sshd\[3129\]: Invalid user ts3 from 174.138.29.52 Aug 19 18:11:14 hiderm sshd\[3129\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.29.52	2019-08-20 12:34:49
174.138.29.50	attackspam	Aug 19 13:47:08 TORMINT sshd\[11064\]: Invalid user reshma from 174.138.29.50 Aug 19 13:47:08 TORMINT sshd\[11064\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.29.50 Aug 19 13:47:10 TORMINT sshd\[11064\]: Failed password for invalid user reshma from 174.138.29.50 port 37866 ssh2 ...	2019-08-20 01:52:32
174.138.29.52	attackbotsspam	Aug 18 11:39:42 vtv3 sshd\[1841\]: Invalid user catherine from 174.138.29.52 port 56038 Aug 18 11:39:42 vtv3 sshd\[1841\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.29.52 Aug 18 11:39:44 vtv3 sshd\[1841\]: Failed password for invalid user catherine from 174.138.29.52 port 56038 ssh2 Aug 18 11:48:23 vtv3 sshd\[6359\]: Invalid user legacy from 174.138.29.52 port 55282 Aug 18 11:48:23 vtv3 sshd\[6359\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.29.52 Aug 18 12:05:02 vtv3 sshd\[14576\]: Invalid user alumno from 174.138.29.52 port 43324 Aug 18 12:05:02 vtv3 sshd\[14576\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.29.52 Aug 18 12:05:04 vtv3 sshd\[14576\]: Failed password for invalid user alumno from 174.138.29.52 port 43324 ssh2 Aug 18 12:13:37 vtv3 sshd\[19303\]: Invalid user cactiuser from 174.138.29.52 port 41346 Aug 18 12:13:37 vtv3 sshd\[1930	2019-08-19 05:32:02
174.138.29.53	attack	Aug 18 09:57:19 lcl-usvr-02 sshd[26476]: Invalid user itk from 174.138.29.53 port 57590 Aug 18 09:57:19 lcl-usvr-02 sshd[26476]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.29.53 Aug 18 09:57:19 lcl-usvr-02 sshd[26476]: Invalid user itk from 174.138.29.53 port 57590 Aug 18 09:57:21 lcl-usvr-02 sshd[26476]: Failed password for invalid user itk from 174.138.29.53 port 57590 ssh2 Aug 18 10:02:09 lcl-usvr-02 sshd[27581]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.29.53 user=root Aug 18 10:02:11 lcl-usvr-02 sshd[27581]: Failed password for root from 174.138.29.53 port 47946 ssh2 ...	2019-08-18 18:09:45
174.138.29.53	attackbots	SSH/22 MH Probe, BF, Hack -	2019-08-18 05:17:50

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 174.138.29.145
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 49714
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;174.138.29.145.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019082000 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Aug 20 23:33:32 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 145.29.138.174.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 145.29.138.174.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
178.237.118.108	attack	Mar 9 08:09:51 h2022099 sshd[2616]: Did not receive identification string from 178.237.118.108 Mar 9 08:12:13 h2022099 sshd[3135]: Invalid user oracle from 178.237.118.108 Mar 9 08:12:13 h2022099 sshd[3135]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.237.118.108 Mar 9 08:12:15 h2022099 sshd[3135]: Failed password for invalid user oracle from 178.237.118.108 port 49982 ssh2 Mar 9 08:12:16 h2022099 sshd[3135]: Received disconnect from 178.237.118.108: 11: Bye Bye [preauth] Mar 9 08:14:29 h2022099 sshd[3258]: Connection closed by 178.237.118.108 [preauth] Mar 9 08:16:46 h2022099 sshd[3762]: Invalid user ghostname from 178.237.118.108 Mar 9 08:16:46 h2022099 sshd[3762]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.237.118.108 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=178.237.118.108	2020-03-10 19:35:04
187.226.101.237	attackbotsspam	Mar 10 10:25:28 debian-2gb-nbg1-2 kernel: \[6091476.371484\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=187.226.101.237 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=51 ID=28172 PROTO=TCP SPT=26838 DPT=8000 WINDOW=24294 RES=0x00 SYN URGP=0	2020-03-10 19:52:42
222.186.175.182	attackspambots	Mar 10 12:05:19 nextcloud sshd\[18755\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.182 user=root Mar 10 12:05:21 nextcloud sshd\[18755\]: Failed password for root from 222.186.175.182 port 13348 ssh2 Mar 10 12:05:24 nextcloud sshd\[18755\]: Failed password for root from 222.186.175.182 port 13348 ssh2	2020-03-10 19:11:04
222.186.15.158	attackbotsspam	Mar 10 16:48:12 areeb-Workstation sshd[3128]: Failed password for root from 222.186.15.158 port 20090 ssh2 Mar 10 16:48:15 areeb-Workstation sshd[3128]: Failed password for root from 222.186.15.158 port 20090 ssh2 ...	2020-03-10 19:24:09
110.78.180.126	attackspam	Port scan on 2 port(s): 22 8728	2020-03-10 19:39:59
114.67.229.158	attack	Mar 10 11:18:16 journals dovecot: pop3-login: Aborted login \(auth failed, 1 attempts in 5 secs\): user=\, method=PLAIN, rip=114.67.229.158, lip=212.111.212.230, session=\<455HmXygTN1yQ+We\> Mar 10 11:18:26 journals dovecot: pop3-login: Aborted login \(auth failed, 1 attempts in 9 secs\): user=\, method=PLAIN, rip=114.67.229.158, lip=212.111.212.230, session=\ Mar 10 11:18:40 journals dovecot: pop3-login: Aborted login \(auth failed, 1 attempts in 12 secs\): user=\, method=PLAIN, rip=114.67.229.158, lip=212.111.212.230, session=\ Mar 10 11:25:28 journals dovecot: pop3-login: Aborted login \(auth failed, 1 attempts in 4 secs\): user=\, method=PLAIN, rip=114.67.229.158, lip=212.111.212.230, session=\ Mar 10 11:25:39 journals dovecot: pop3-login: Aborted login \(auth failed, 1 attempts in 9 secs\): user=\, method=PLAIN, rip=114.67.229.158 ...	2020-03-10 19:46:12
114.142.2.228	attackbotsspam	DATE:2020-03-10 10:22:37, IP:114.142.2.228, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-03-10 19:48:15
45.143.220.202	attackspam	\[2020-03-10 05:04:46\] SECURITY\[2093\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-03-10T05:04:46.443+0100",Severity="Error",Service="SIP",EventVersion="2",AccountID="0046903433918",SessionID="0x7f23bd928658",LocalAddress="IPV4/UDP/204.8.216.89/5060",RemoteAddress="IPV4/UDP/45.143.220.202/5099",Challenge="5131adf7",ReceivedChallenge="5131adf7",ReceivedHash="c4363b1e99db025eb1ba1dfa107ee7a6" \[2020-03-10 07:06:28\] SECURITY\[2093\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-03-10T07:06:28.616+0100",Severity="Error",Service="SIP",EventVersion="2",AccountID="90046462607598",SessionID="0x7f23bdb98178",LocalAddress="IPV4/UDP/204.8.216.89/5060",RemoteAddress="IPV4/UDP/45.143.220.202/5071",Challenge="455b8ae7",ReceivedChallenge="455b8ae7",ReceivedHash="0f8d4e9bc22d7b2079da66bba37d9839" \[2020-03-10 09:16:06\] SECURITY\[2093\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-03-10T09:16:06.736+0100",Severity="Error",Service="SIP", ...	2020-03-10 19:46:39
115.112.61.218	attackbotsspam	Mar 10 05:43:47 NPSTNNYC01T sshd[26910]: Failed password for root from 115.112.61.218 port 50022 ssh2 Mar 10 05:47:39 NPSTNNYC01T sshd[27064]: Failed password for root from 115.112.61.218 port 19268 ssh2 ...	2020-03-10 19:33:52
81.250.231.251	attackbotsspam	Mar 10 06:30:04 plusreed sshd[9836]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.250.231.251 user=root Mar 10 06:30:05 plusreed sshd[9836]: Failed password for root from 81.250.231.251 port 50228 ssh2 ...	2020-03-10 19:48:33
177.76.151.250	attackspambots	Mar 9 09:53:04 cumulus sshd[27569]: Invalid user nagiosuser from 177.76.151.250 port 51811 Mar 9 09:53:04 cumulus sshd[27569]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.76.151.250 Mar 9 09:53:06 cumulus sshd[27569]: Failed password for invalid user nagiosuser from 177.76.151.250 port 51811 ssh2 Mar 9 09:53:06 cumulus sshd[27569]: Received disconnect from 177.76.151.250 port 51811:11: Bye Bye [preauth] Mar 9 09:53:06 cumulus sshd[27569]: Disconnected from 177.76.151.250 port 51811 [preauth] Mar 9 10:04:04 cumulus sshd[27942]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.76.151.250 user=r.r Mar 9 10:04:07 cumulus sshd[27942]: Failed password for r.r from 177.76.151.250 port 34496 ssh2 Mar 9 10:04:07 cumulus sshd[27942]: Received disconnect from 177.76.151.250 port 34496:11: Bye Bye [preauth] Mar 9 10:04:07 cumulus sshd[27942]: Disconnected from 177.76.151.250 port 34........ -------------------------------	2020-03-10 19:45:16
2.139.215.255	attackbots	Mar 10 15:06:05 gw1 sshd[25459]: Failed password for 2667399 from 2.139.215.255 port 15030 ssh2 ...	2020-03-10 19:53:30
203.195.205.253	attackbots	Brute-force attempt banned	2020-03-10 19:54:07
149.202.172.119	attackbotsspam	Website administration hacking try	2020-03-10 19:11:29
49.88.112.73	attack	Brute-force attempt banned	2020-03-10 19:37:07

最近上报的IP列表

103.131.71.162	45.119.209.91	115.49.151.180	72.1.52.122
160.251.121.96	97.66.196.26	60.42.118.241	165.100.131.182
52.43.223.187	175.158.64.119	211.84.156.141	31.22.175.249
63.117.134.107	126.192.168.70	104.148.70.38	89.246.206.88
167.252.22.177	51.189.68.226	66.101.231.60	31.39.35.200