174.138.29.145

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Singapore

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Sep 6 19:44:41 eventyay sshd[9484]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.29.145 Sep 6 19:44:43 eventyay sshd[9484]: Failed password for invalid user gmodserver from 174.138.29.145 port 48260 ssh2 Sep 6 19:51:57 eventyay sshd[9642]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.29.145 ...	2019-09-07 03:33:14
attackbots	Sep 5 23:42:42 MK-Soft-VM3 sshd\[3231\]: Invalid user ftp_user from 174.138.29.145 port 57232 Sep 5 23:42:42 MK-Soft-VM3 sshd\[3231\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.29.145 Sep 5 23:42:44 MK-Soft-VM3 sshd\[3231\]: Failed password for invalid user ftp_user from 174.138.29.145 port 57232 ssh2 ...	2019-09-06 08:13:04
attackspam	Sep 4 04:06:01 work-partkepr sshd\[4776\]: Invalid user andrew from 174.138.29.145 port 35070 Sep 4 04:06:01 work-partkepr sshd\[4776\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.29.145 ...	2019-09-04 14:34:11
attackspam	Sep 3 03:17:28 MK-Soft-VM6 sshd\[2063\]: Invalid user temp1 from 174.138.29.145 port 56004 Sep 3 03:17:28 MK-Soft-VM6 sshd\[2063\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.29.145 Sep 3 03:17:30 MK-Soft-VM6 sshd\[2063\]: Failed password for invalid user temp1 from 174.138.29.145 port 56004 ssh2 ...	2019-09-03 12:15:50
attack	Aug 31 05:52:32 www4 sshd\[35724\]: Invalid user donna from 174.138.29.145 Aug 31 05:52:32 www4 sshd\[35724\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.29.145 Aug 31 05:52:34 www4 sshd\[35724\]: Failed password for invalid user donna from 174.138.29.145 port 42992 ssh2 ...	2019-08-31 11:08:07
attackspambots	Aug 28 03:14:01 nextcloud sshd\[9231\]: Invalid user guest from 174.138.29.145 Aug 28 03:14:01 nextcloud sshd\[9231\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.29.145 Aug 28 03:14:03 nextcloud sshd\[9231\]: Failed password for invalid user guest from 174.138.29.145 port 49136 ssh2 ...	2019-08-28 10:03:38
attackspambots	Aug 20 22:44:29 sachi sshd\[22471\]: Invalid user ft from 174.138.29.145 Aug 20 22:44:29 sachi sshd\[22471\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.29.145 Aug 20 22:44:31 sachi sshd\[22471\]: Failed password for invalid user ft from 174.138.29.145 port 60552 ssh2 Aug 20 22:52:02 sachi sshd\[23137\]: Invalid user mcserver from 174.138.29.145 Aug 20 22:52:02 sachi sshd\[23137\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.29.145	2019-08-21 17:06:32
attackbotsspam	Aug 20 15:20:39 hcbbdb sshd\[19785\]: Invalid user localhost from 174.138.29.145 Aug 20 15:20:39 hcbbdb sshd\[19785\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.29.145 Aug 20 15:20:41 hcbbdb sshd\[19785\]: Failed password for invalid user localhost from 174.138.29.145 port 41780 ssh2 Aug 20 15:26:17 hcbbdb sshd\[20499\]: Invalid user rpm from 174.138.29.145 Aug 20 15:26:17 hcbbdb sshd\[20499\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.29.145	2019-08-20 23:33:53

相同子网IP讨论:

IP	类型	评论内容	时间
174.138.29.209	attackspam	Mar 1 13:28:41 plusreed sshd[6978]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.29.209 user=root Mar 1 13:28:44 plusreed sshd[6978]: Failed password for root from 174.138.29.209 port 39668 ssh2 ...	2020-03-02 02:42:46
174.138.29.209	attackspambots	Feb 25 04:24:03 gw1 sshd[10408]: Failed password for root from 174.138.29.209 port 60038 ssh2 ...	2020-02-25 07:29:18
174.138.29.52	attackbotsspam	Aug 21 06:11:36 bouncer sshd\[4015\]: Invalid user zacharia from 174.138.29.52 port 60462 Aug 21 06:11:36 bouncer sshd\[4015\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.29.52 Aug 21 06:11:38 bouncer sshd\[4015\]: Failed password for invalid user zacharia from 174.138.29.52 port 60462 ssh2 ...	2019-08-21 12:23:36
174.138.29.52	attack	Aug 19 18:03:00 hiderm sshd\[2195\]: Invalid user m from 174.138.29.52 Aug 19 18:03:00 hiderm sshd\[2195\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.29.52 Aug 19 18:03:02 hiderm sshd\[2195\]: Failed password for invalid user m from 174.138.29.52 port 41542 ssh2 Aug 19 18:11:14 hiderm sshd\[3129\]: Invalid user ts3 from 174.138.29.52 Aug 19 18:11:14 hiderm sshd\[3129\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.29.52	2019-08-20 12:34:49
174.138.29.50	attackspam	Aug 19 13:47:08 TORMINT sshd\[11064\]: Invalid user reshma from 174.138.29.50 Aug 19 13:47:08 TORMINT sshd\[11064\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.29.50 Aug 19 13:47:10 TORMINT sshd\[11064\]: Failed password for invalid user reshma from 174.138.29.50 port 37866 ssh2 ...	2019-08-20 01:52:32
174.138.29.52	attackbotsspam	Aug 18 11:39:42 vtv3 sshd\[1841\]: Invalid user catherine from 174.138.29.52 port 56038 Aug 18 11:39:42 vtv3 sshd\[1841\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.29.52 Aug 18 11:39:44 vtv3 sshd\[1841\]: Failed password for invalid user catherine from 174.138.29.52 port 56038 ssh2 Aug 18 11:48:23 vtv3 sshd\[6359\]: Invalid user legacy from 174.138.29.52 port 55282 Aug 18 11:48:23 vtv3 sshd\[6359\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.29.52 Aug 18 12:05:02 vtv3 sshd\[14576\]: Invalid user alumno from 174.138.29.52 port 43324 Aug 18 12:05:02 vtv3 sshd\[14576\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.29.52 Aug 18 12:05:04 vtv3 sshd\[14576\]: Failed password for invalid user alumno from 174.138.29.52 port 43324 ssh2 Aug 18 12:13:37 vtv3 sshd\[19303\]: Invalid user cactiuser from 174.138.29.52 port 41346 Aug 18 12:13:37 vtv3 sshd\[1930	2019-08-19 05:32:02
174.138.29.53	attack	Aug 18 09:57:19 lcl-usvr-02 sshd[26476]: Invalid user itk from 174.138.29.53 port 57590 Aug 18 09:57:19 lcl-usvr-02 sshd[26476]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.29.53 Aug 18 09:57:19 lcl-usvr-02 sshd[26476]: Invalid user itk from 174.138.29.53 port 57590 Aug 18 09:57:21 lcl-usvr-02 sshd[26476]: Failed password for invalid user itk from 174.138.29.53 port 57590 ssh2 Aug 18 10:02:09 lcl-usvr-02 sshd[27581]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.29.53 user=root Aug 18 10:02:11 lcl-usvr-02 sshd[27581]: Failed password for root from 174.138.29.53 port 47946 ssh2 ...	2019-08-18 18:09:45
174.138.29.53	attackbots	SSH/22 MH Probe, BF, Hack -	2019-08-18 05:17:50

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 174.138.29.145
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 49714
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;174.138.29.145.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019082000 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Aug 20 23:33:32 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 145.29.138.174.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 145.29.138.174.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
52.55.70.221	attackspambots	srv04 Mass scanning activity detected Target: 53(domain) ..	2020-04-20 02:56:39
159.89.88.65	attackbots	DigitalOcean BotNet attack - 10s of requests to non- pages - :443/app-ads.txt - typically bursts of 8 requests per second - undefined, XSS attacks UA removed	2020-04-20 02:29:03
140.143.245.30	attack	Apr 19 13:43:54 mail sshd[29590]: Invalid user sf from 140.143.245.30 Apr 19 13:43:54 mail sshd[29590]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.245.30 Apr 19 13:43:54 mail sshd[29590]: Invalid user sf from 140.143.245.30 Apr 19 13:43:56 mail sshd[29590]: Failed password for invalid user sf from 140.143.245.30 port 48010 ssh2 Apr 19 13:59:35 mail sshd[21519]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.245.30 user=root Apr 19 13:59:37 mail sshd[21519]: Failed password for root from 140.143.245.30 port 54208 ssh2 ...	2020-04-20 02:38:09
222.195.83.218	attackbotsspam	Apr 19 23:11:30 gw1 sshd[25147]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.195.83.218 Apr 19 23:11:32 gw1 sshd[25147]: Failed password for invalid user ftpuser from 222.195.83.218 port 53084 ssh2 ...	2020-04-20 02:38:30
181.48.55.42	attackspambots	Apr 19 12:00:00 XXX sshd[1863]: Invalid user sybase from 181.48.55.42 port 61534	2020-04-20 02:23:36
198.71.236.66	attackbotsspam	xmlrpc attack	2020-04-20 02:56:58
195.69.222.169	attackbots	Triggered by Fail2Ban at Ares web server	2020-04-20 03:00:21
212.64.60.187	attack	Apr 19 17:03:51 XXX sshd[4965]: Invalid user rc from 212.64.60.187 port 59282	2020-04-20 02:59:01
158.69.210.168	attack	Apr 19 20:11:03 xeon sshd[23592]: Failed password for root from 158.69.210.168 port 54103 ssh2	2020-04-20 02:51:29
103.10.30.207	attackspam	Apr 19 14:07:08 ny01 sshd[31641]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.10.30.207 Apr 19 14:07:10 ny01 sshd[31641]: Failed password for invalid user pd from 103.10.30.207 port 51536 ssh2 Apr 19 14:12:07 ny01 sshd[32218]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.10.30.207	2020-04-20 02:28:50
119.28.104.62	attackspambots	2020-04-19T11:55:14.748420shield sshd\[9211\]: Invalid user ubuntu from 119.28.104.62 port 36858 2020-04-19T11:55:14.752495shield sshd\[9211\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.28.104.62 2020-04-19T11:55:16.865435shield sshd\[9211\]: Failed password for invalid user ubuntu from 119.28.104.62 port 36858 ssh2 2020-04-19T11:59:53.598515shield sshd\[10323\]: Invalid user wo from 119.28.104.62 port 55936 2020-04-19T11:59:53.602226shield sshd\[10323\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.28.104.62	2020-04-20 02:29:45
94.177.215.195	attack	$f2bV_matches	2020-04-20 02:26:01
118.24.19.208	attackspambots	(sshd) Failed SSH login from 118.24.19.208 (CN/China/-): 5 in the last 3600 secs	2020-04-20 02:27:51
162.243.129.90	attack	firewall-block, port(s): 5631/tcp	2020-04-20 02:52:39
186.91.205.203	attack	DATE:2020-04-19 13:59:37, IP:186.91.205.203, PORT:1433 MSSQL brute force auth on honeypot server (epe-honey1-hq)	2020-04-20 02:37:54

最近上报的IP列表

103.131.71.162	45.119.209.91	115.49.151.180	72.1.52.122
160.251.121.96	97.66.196.26	60.42.118.241	165.100.131.182
52.43.223.187	175.158.64.119	211.84.156.141	31.22.175.249
63.117.134.107	126.192.168.70	104.148.70.38	89.246.206.88
167.252.22.177	51.189.68.226	66.101.231.60	31.39.35.200