175.139.1.34 - IPInfo

基本信息:

城市(city): Kuala Lumpur

省份(region): Kuala Lumpur

国家(country): Malaysia

运营商(isp): Telekom Malaysia Berhad

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Oct 9 23:56:26 mellenthin sshd[851]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.1.34 user=dovecot Oct 9 23:56:29 mellenthin sshd[851]: Failed password for invalid user dovecot from 175.139.1.34 port 54424 ssh2	2020-10-10 06:25:37
attack	Oct 9 11:34:20 ws22vmsma01 sshd[164045]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.1.34 Oct 9 11:34:22 ws22vmsma01 sshd[164045]: Failed password for invalid user moritz from 175.139.1.34 port 49154 ssh2 ...	2020-10-09 22:36:05
attackspam	Oct 9 04:25:34 ns382633 sshd\[5295\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.1.34 user=root Oct 9 04:25:37 ns382633 sshd\[5295\]: Failed password for root from 175.139.1.34 port 49716 ssh2 Oct 9 04:43:28 ns382633 sshd\[7761\]: Invalid user operator from 175.139.1.34 port 46168 Oct 9 04:43:28 ns382633 sshd\[7761\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.1.34 Oct 9 04:43:30 ns382633 sshd\[7761\]: Failed password for invalid user operator from 175.139.1.34 port 46168 ssh2	2020-10-09 14:27:00
attackbots	2020-10-07T09:53:56.808788Z 46ed27c72353 New connection: 175.139.1.34:37198 (172.17.0.5:2222) [session: 46ed27c72353] 2020-10-07T09:58:55.570900Z ad495551d610 New connection: 175.139.1.34:39596 (172.17.0.5:2222) [session: ad495551d610]	2020-10-07 20:43:33
attackbots	2020-10-06T23:52:01.243255mail.broermann.family sshd[23786]: Failed password for root from 175.139.1.34 port 36824 ssh2 2020-10-06T23:54:30.712035mail.broermann.family sshd[24026]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.1.34 user=root 2020-10-06T23:54:32.870658mail.broermann.family sshd[24026]: Failed password for root from 175.139.1.34 port 47438 ssh2 2020-10-06T23:57:00.759520mail.broermann.family sshd[24216]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.1.34 user=root 2020-10-06T23:57:02.845134mail.broermann.family sshd[24216]: Failed password for root from 175.139.1.34 port 58054 ssh2 ...	2020-10-07 12:28:02
attackspam	Oct 4 00:57:17 pve1 sshd[16541]: Failed password for root from 175.139.1.34 port 40426 ssh2 ...	2020-10-04 07:33:25
attackbots	Oct 3 05:14:50 onepixel sshd[217001]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.1.34 Oct 3 05:14:50 onepixel sshd[217001]: Invalid user seedbox from 175.139.1.34 port 51872 Oct 3 05:14:52 onepixel sshd[217001]: Failed password for invalid user seedbox from 175.139.1.34 port 51872 ssh2 Oct 3 05:19:13 onepixel sshd[217690]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.1.34 user=root Oct 3 05:19:15 onepixel sshd[217690]: Failed password for root from 175.139.1.34 port 60772 ssh2	2020-10-03 23:50:38
attackspam	Oct 3 05:14:50 onepixel sshd[217001]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.1.34 Oct 3 05:14:50 onepixel sshd[217001]: Invalid user seedbox from 175.139.1.34 port 51872 Oct 3 05:14:52 onepixel sshd[217001]: Failed password for invalid user seedbox from 175.139.1.34 port 51872 ssh2 Oct 3 05:19:13 onepixel sshd[217690]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.1.34 user=root Oct 3 05:19:15 onepixel sshd[217690]: Failed password for root from 175.139.1.34 port 60772 ssh2	2020-10-03 15:34:47
attackspam	Sep 26 00:10:42 l02a sshd[7168]: Invalid user ly from 175.139.1.34 Sep 26 00:10:43 l02a sshd[7168]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.1.34 Sep 26 00:10:42 l02a sshd[7168]: Invalid user ly from 175.139.1.34 Sep 26 00:10:45 l02a sshd[7168]: Failed password for invalid user ly from 175.139.1.34 port 51670 ssh2	2020-09-26 07:36:29
attack	Sep 25 18:10:04 ns382633 sshd\[11764\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.1.34 user=root Sep 25 18:10:05 ns382633 sshd\[11764\]: Failed password for root from 175.139.1.34 port 58670 ssh2 Sep 25 18:20:06 ns382633 sshd\[13924\]: Invalid user nuc from 175.139.1.34 port 40468 Sep 25 18:20:06 ns382633 sshd\[13924\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.1.34 Sep 25 18:20:08 ns382633 sshd\[13924\]: Failed password for invalid user nuc from 175.139.1.34 port 40468 ssh2	2020-09-26 00:49:14
attack	Time: Fri Sep 25 04:19:35 2020 +0000 IP: 175.139.1.34 (MY/Malaysia/-) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Sep 25 04:16:11 activeserver sshd[30125]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.1.34 user=root Sep 25 04:16:13 activeserver sshd[30125]: Failed password for root from 175.139.1.34 port 35194 ssh2 Sep 25 04:17:54 activeserver sshd[2654]: Invalid user ariel from 175.139.1.34 port 43214 Sep 25 04:17:55 activeserver sshd[2654]: Failed password for invalid user ariel from 175.139.1.34 port 43214 ssh2 Sep 25 04:19:32 activeserver sshd[7467]: Invalid user deploy from 175.139.1.34 port 51228	2020-09-25 16:25:13
attackspam	Sep 18 17:46:28 [-] sshd[30237]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.1.34 user=root Sep 18 17:46:30 [-] sshd[30237]: Failed password for invalid user root from 175.139.1.34 port 56816 ssh2 Sep 18 17:51:43 [-] sshd[30301]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.1.34	2020-09-19 01:02:19
attackbots	2020-09-18T02:48:18.534739randservbullet-proofcloud-66.localdomain sshd[15945]: Invalid user PPAP from 175.139.1.34 port 45404 2020-09-18T02:48:18.538771randservbullet-proofcloud-66.localdomain sshd[15945]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.1.34 2020-09-18T02:48:18.534739randservbullet-proofcloud-66.localdomain sshd[15945]: Invalid user PPAP from 175.139.1.34 port 45404 2020-09-18T02:48:19.960022randservbullet-proofcloud-66.localdomain sshd[15945]: Failed password for invalid user PPAP from 175.139.1.34 port 45404 ssh2 ...	2020-09-18 17:04:24
attackbots	175.139.1.34 (MY/Malaysia/-), 3 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 17 15:37:52 honeypot sshd[139723]: Failed password for root from 193.187.119.69 port 44812 ssh2 Sep 17 15:56:31 honeypot sshd[139942]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.1.34 user=root Sep 17 15:56:34 honeypot sshd[139942]: Failed password for root from 175.139.1.34 port 34610 ssh2 IP Addresses Blocked: 193.187.119.69 (HK/Hong Kong/-)	2020-09-18 07:19:16
attack	$f2bV_matches	2020-08-29 13:23:23
attack	web-1 [ssh] SSH Attack	2020-08-27 05:33:56
attackbotsspam	Aug 24 06:50:55 rancher-0 sshd[1245930]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.1.34 user=root Aug 24 06:50:57 rancher-0 sshd[1245930]: Failed password for root from 175.139.1.34 port 51154 ssh2 ...	2020-08-24 12:59:56
attack	Aug 18 22:46:39 jane sshd[7356]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.1.34 Aug 18 22:46:41 jane sshd[7356]: Failed password for invalid user he from 175.139.1.34 port 35222 ssh2 ...	2020-08-19 05:14:39
attack	2020-07-31T07:49:27.604864hostname sshd[30857]: Failed password for root from 175.139.1.34 port 45078 ssh2 ...	2020-08-01 15:28:31
attackbots	Jul 26 14:45:29 XXXXXX sshd[57595]: Invalid user ehr from 175.139.1.34 port 42778	2020-07-27 03:25:38
attackspambots	SSH Invalid Login	2020-07-23 06:23:32
attackspam	$f2bV_matches	2020-07-08 19:22:04
attackbotsspam	Jul 6 08:02:02 sso sshd[18215]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.1.34 Jul 6 08:02:04 sso sshd[18215]: Failed password for invalid user artifactory from 175.139.1.34 port 53004 ssh2 ...	2020-07-06 14:53:33
attack	Invalid user support from 175.139.1.34 port 47516	2020-07-04 05:20:30
attackspambots	Failed password for invalid user cassandra from 175.139.1.34 port 44964 ssh2	2020-06-24 14:30:59
attackbots	Jun 9 06:33:31 vps687878 sshd\[15057\]: Failed password for root from 175.139.1.34 port 48842 ssh2 Jun 9 06:37:18 vps687878 sshd\[15450\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.1.34 user=root Jun 9 06:37:20 vps687878 sshd\[15450\]: Failed password for root from 175.139.1.34 port 51128 ssh2 Jun 9 06:41:06 vps687878 sshd\[16007\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.1.34 user=root Jun 9 06:41:08 vps687878 sshd\[16007\]: Failed password for root from 175.139.1.34 port 53410 ssh2 ...	2020-06-09 12:52:02
attackbots	Jun 2 18:22:15 vpn01 sshd[8473]: Failed password for root from 175.139.1.34 port 53148 ssh2 ...	2020-06-03 00:54:27
attackbotsspam	2020-06-01T23:23[Censored Hostname] sshd[1923210]: Failed password for root from 175.139.1.34 port 41736 ssh2 2020-06-01T23:26[Censored Hostname] sshd[1923232]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.1.34 user=root 2020-06-01T23:26[Censored Hostname] sshd[1923232]: Failed password for root from 175.139.1.34 port 54612 ssh2[...]	2020-06-02 05:41:59
attack	Jun 1 10:52:44 vmi345603 sshd[30510]: Failed password for root from 175.139.1.34 port 43806 ssh2 ...	2020-06-01 17:28:58
attackbots	SSH bruteforce	2020-05-31 14:12:53

相同子网IP讨论:

IP	类型	评论内容	时间
175.139.191.169	attackspam	2020-09-20 12:47:50 server sshd[35255]: Failed password for invalid user admin from 175.139.191.169 port 40762 ssh2	2020-09-22 00:11:46
175.139.191.169	attackspambots	Automatic report - Banned IP Access	2020-09-21 15:52:31
175.139.191.169	attack	Invalid user deployer from 175.139.191.169 port 35188	2020-09-21 07:47:22
175.139.191.169	attackbotsspam	Jul 28 03:59:39 django-0 sshd[5744]: Invalid user zhangtp from 175.139.191.169 Jul 28 03:59:41 django-0 sshd[5744]: Failed password for invalid user zhangtp from 175.139.191.169 port 37588 ssh2 Jul 28 04:04:42 django-0 sshd[5829]: Invalid user bdos from 175.139.191.169 ...	2020-07-28 12:26:40
175.139.190.165	attackbots	Dovecot Invalid User Login Attempt.	2020-07-27 23:08:51
175.139.194.125	attackbots	2020-07-09 dovecot_login authenticator failed for $User$ \[175.139.194.125\]: 535 Incorrect authentication data $set_id=backup@REMOVED$ 2020-07-09 dovecot_login authenticator failed for $User$ \[175.139.194.125\]: 535 Incorrect authentication data $set_id=backup@REMOVED$ 2020-07-09 dovecot_login authenticator failed for $User$ \[175.139.194.125\]: 535 Incorrect authentication data $set_id=backup@REMOVED$	2020-07-10 06:32:10
175.139.138.176	attackspam	Jul 6 05:41:11 server6 sshd[19667]: Failed password for invalid user guest from 175.139.138.176 port 61445 ssh2 Jul 6 05:41:11 server6 sshd[19669]: Failed password for invalid user guest from 175.139.138.176 port 61455 ssh2 Jul 6 05:41:11 server6 sshd[19673]: Failed password for invalid user guest from 175.139.138.176 port 61479 ssh2 Jul 6 05:41:11 server6 sshd[19667]: Connection closed by 175.139.138.176 [preauth] Jul 6 05:41:11 server6 sshd[19670]: Failed password for invalid user guest from 175.139.138.176 port 61456 ssh2 Jul 6 05:41:11 server6 sshd[19669]: Connection closed by 175.139.138.176 [preauth] Jul 6 05:41:11 server6 sshd[19673]: Connection closed by 175.139.138.176 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=175.139.138.176	2020-07-06 15:10:09
175.139.164.181	attackspambots	1,31-13/05 [bc01/m07] PostRequest-Spammer scoring: brussels	2020-06-23 20:46:00
175.139.194.125	attackspambots	SMTP:25. 62 login attempts blocked over 55 days.	2020-06-17 05:00:14
175.139.173.228	attackbotsspam	Port scan on 1 port(s): 8000	2020-06-12 12:52:52
175.139.165.28	attackspambots	WebFormToEmail Comment SPAM	2020-06-10 17:23:42
175.139.194.125	attack	SMTP:25. 41 login attempts blocked over 42 days.	2020-06-04 06:51:59
175.139.191.169	attackbotsspam	...	2020-05-29 01:30:25
175.139.191.169	attackspam	Invalid user www from 175.139.191.169 port 60464	2020-05-26 15:32:21
175.139.191.169	attackspam	May 25 09:20:12 server1 sshd\[32410\]: Failed password for invalid user jayashree from 175.139.191.169 port 34692 ssh2 May 25 09:24:38 server1 sshd\[1186\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.191.169 user=root May 25 09:24:40 server1 sshd\[1186\]: Failed password for root from 175.139.191.169 port 39980 ssh2 May 25 09:29:11 server1 sshd\[2427\]: Invalid user heinemann from 175.139.191.169 May 25 09:29:11 server1 sshd\[2427\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.191.169 ...	2020-05-26 01:16:51

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 175.139.1.34
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 49860
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;175.139.1.34.			IN	A

;; AUTHORITY SECTION:
.			341	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020030501 1800 900 604800 86400

;; Query time: 156 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Mar 06 04:45:04 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 34.1.139.175.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 34.1.139.175.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
217.182.73.123	attackspam	Jun 29 07:58:51 dev0-dcde-rnet sshd[22371]: Failed password for root from 217.182.73.123 port 43324 ssh2 Jun 29 08:01:10 dev0-dcde-rnet sshd[22379]: Failed password for root from 217.182.73.123 port 51504 ssh2 Jun 29 08:03:28 dev0-dcde-rnet sshd[22383]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.182.73.123	2020-06-29 14:05:22
222.186.175.169	attack	2020-06-29T09:08:08.919215afi-git.jinr.ru sshd[31074]: Failed password for root from 222.186.175.169 port 16704 ssh2 2020-06-29T09:08:12.112806afi-git.jinr.ru sshd[31074]: Failed password for root from 222.186.175.169 port 16704 ssh2 2020-06-29T09:08:16.186719afi-git.jinr.ru sshd[31074]: Failed password for root from 222.186.175.169 port 16704 ssh2 2020-06-29T09:08:16.186871afi-git.jinr.ru sshd[31074]: error: maximum authentication attempts exceeded for root from 222.186.175.169 port 16704 ssh2 [preauth] 2020-06-29T09:08:16.186885afi-git.jinr.ru sshd[31074]: Disconnecting: Too many authentication failures [preauth] ...	2020-06-29 14:16:32
27.76.71.66	attack	20/6/28@23:56:12: FAIL: Alarm-Network address from=27.76.71.66 ...	2020-06-29 14:20:24
112.80.35.2	attackbots	2020-06-29T05:40:46.156188ns386461 sshd\[20706\]: Invalid user mdm from 112.80.35.2 port 65534 2020-06-29T05:40:46.160654ns386461 sshd\[20706\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.80.35.2 2020-06-29T05:40:48.318529ns386461 sshd\[20706\]: Failed password for invalid user mdm from 112.80.35.2 port 65534 ssh2 2020-06-29T05:56:21.138128ns386461 sshd\[3105\]: Invalid user sama from 112.80.35.2 port 65533 2020-06-29T05:56:21.143210ns386461 sshd\[3105\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.80.35.2 ...	2020-06-29 14:11:33
165.227.182.180	attackspambots	WordPress wp-login brute force :: 165.227.182.180 0.104 - [29/Jun/2020:05:31:48 0000] [censored_1] "POST /wp-login.php HTTP/1.1" 200 1837 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "HTTP/1.1"	2020-06-29 14:12:18
63.83.76.48	attackspambots		2020-06-29 14:13:59
61.177.172.159	attackspam	Jun 29 08:20:17 OPSO sshd\[16761\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.177.172.159 user=root Jun 29 08:20:18 OPSO sshd\[16761\]: Failed password for root from 61.177.172.159 port 47752 ssh2 Jun 29 08:20:22 OPSO sshd\[16761\]: Failed password for root from 61.177.172.159 port 47752 ssh2 Jun 29 08:20:25 OPSO sshd\[16761\]: Failed password for root from 61.177.172.159 port 47752 ssh2 Jun 29 08:20:29 OPSO sshd\[16761\]: Failed password for root from 61.177.172.159 port 47752 ssh2	2020-06-29 14:38:36
65.49.20.68	attackspambots	TCP (SYN) 65.49.20.68:47098 -> port 22, len 44	2020-06-29 14:37:06
115.236.5.94	attack	TCP (SYN) 115.236.5.94:36211 -> port 1433, len 40	2020-06-29 14:29:14
183.89.212.240	attack	'IP reached maximum auth failures for a one day block'	2020-06-29 14:08:04
111.229.15.130	attackbots	Jun 29 06:50:30 srv sshd[19673]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.15.130	2020-06-29 14:19:12
103.122.105.98	attackspam	1593402968 - 06/29/2020 05:56:08 Host: 103.122.105.98/103.122.105.98 Port: 445 TCP Blocked	2020-06-29 14:22:01
218.92.0.189	attack	06/29/2020-02:00:43.645700 218.92.0.189 Protocol: 6 ET SCAN Potential SSH Scan	2020-06-29 14:04:33
218.92.0.246	attack	Jun 29 08:15:12 vpn01 sshd[12639]: Failed password for root from 218.92.0.246 port 24766 ssh2 Jun 29 08:15:15 vpn01 sshd[12639]: Failed password for root from 218.92.0.246 port 24766 ssh2 ...	2020-06-29 14:16:51
222.186.31.166	attackbotsspam	Jun 29 08:29:40 piServer sshd[30820]: Failed password for root from 222.186.31.166 port 20569 ssh2 Jun 29 08:29:43 piServer sshd[30820]: Failed password for root from 222.186.31.166 port 20569 ssh2 Jun 29 08:29:46 piServer sshd[30820]: Failed password for root from 222.186.31.166 port 20569 ssh2 ...	2020-06-29 14:31:17

最近上报的IP列表

66.252.149.64	55.188.99.9	58.182.142.6	160.15.129.198
196.158.204.17	77.74.34.52	208.247.248.218	221.205.67.172
211.197.215.220	93.29.219.241	186.134.198.4	195.228.170.167
96.20.171.110	32.125.207.80	200.80.232.161	178.150.247.202
102.248.49.38	178.127.8.29	85.157.87.219	186.113.217.22