175.139.1.34 - IPInfo

基本信息:

城市(city): Kuala Lumpur

省份(region): Kuala Lumpur

国家(country): Malaysia

运营商(isp): Telekom Malaysia Berhad

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Oct 9 23:56:26 mellenthin sshd[851]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.1.34 user=dovecot Oct 9 23:56:29 mellenthin sshd[851]: Failed password for invalid user dovecot from 175.139.1.34 port 54424 ssh2	2020-10-10 06:25:37
attack	Oct 9 11:34:20 ws22vmsma01 sshd[164045]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.1.34 Oct 9 11:34:22 ws22vmsma01 sshd[164045]: Failed password for invalid user moritz from 175.139.1.34 port 49154 ssh2 ...	2020-10-09 22:36:05
attackspam	Oct 9 04:25:34 ns382633 sshd\[5295\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.1.34 user=root Oct 9 04:25:37 ns382633 sshd\[5295\]: Failed password for root from 175.139.1.34 port 49716 ssh2 Oct 9 04:43:28 ns382633 sshd\[7761\]: Invalid user operator from 175.139.1.34 port 46168 Oct 9 04:43:28 ns382633 sshd\[7761\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.1.34 Oct 9 04:43:30 ns382633 sshd\[7761\]: Failed password for invalid user operator from 175.139.1.34 port 46168 ssh2	2020-10-09 14:27:00
attackbots	2020-10-07T09:53:56.808788Z 46ed27c72353 New connection: 175.139.1.34:37198 (172.17.0.5:2222) [session: 46ed27c72353] 2020-10-07T09:58:55.570900Z ad495551d610 New connection: 175.139.1.34:39596 (172.17.0.5:2222) [session: ad495551d610]	2020-10-07 20:43:33
attackbots	2020-10-06T23:52:01.243255mail.broermann.family sshd[23786]: Failed password for root from 175.139.1.34 port 36824 ssh2 2020-10-06T23:54:30.712035mail.broermann.family sshd[24026]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.1.34 user=root 2020-10-06T23:54:32.870658mail.broermann.family sshd[24026]: Failed password for root from 175.139.1.34 port 47438 ssh2 2020-10-06T23:57:00.759520mail.broermann.family sshd[24216]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.1.34 user=root 2020-10-06T23:57:02.845134mail.broermann.family sshd[24216]: Failed password for root from 175.139.1.34 port 58054 ssh2 ...	2020-10-07 12:28:02
attackspam	Oct 4 00:57:17 pve1 sshd[16541]: Failed password for root from 175.139.1.34 port 40426 ssh2 ...	2020-10-04 07:33:25
attackbots	Oct 3 05:14:50 onepixel sshd[217001]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.1.34 Oct 3 05:14:50 onepixel sshd[217001]: Invalid user seedbox from 175.139.1.34 port 51872 Oct 3 05:14:52 onepixel sshd[217001]: Failed password for invalid user seedbox from 175.139.1.34 port 51872 ssh2 Oct 3 05:19:13 onepixel sshd[217690]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.1.34 user=root Oct 3 05:19:15 onepixel sshd[217690]: Failed password for root from 175.139.1.34 port 60772 ssh2	2020-10-03 23:50:38
attackspam	Oct 3 05:14:50 onepixel sshd[217001]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.1.34 Oct 3 05:14:50 onepixel sshd[217001]: Invalid user seedbox from 175.139.1.34 port 51872 Oct 3 05:14:52 onepixel sshd[217001]: Failed password for invalid user seedbox from 175.139.1.34 port 51872 ssh2 Oct 3 05:19:13 onepixel sshd[217690]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.1.34 user=root Oct 3 05:19:15 onepixel sshd[217690]: Failed password for root from 175.139.1.34 port 60772 ssh2	2020-10-03 15:34:47
attackspam	Sep 26 00:10:42 l02a sshd[7168]: Invalid user ly from 175.139.1.34 Sep 26 00:10:43 l02a sshd[7168]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.1.34 Sep 26 00:10:42 l02a sshd[7168]: Invalid user ly from 175.139.1.34 Sep 26 00:10:45 l02a sshd[7168]: Failed password for invalid user ly from 175.139.1.34 port 51670 ssh2	2020-09-26 07:36:29
attack	Sep 25 18:10:04 ns382633 sshd\[11764\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.1.34 user=root Sep 25 18:10:05 ns382633 sshd\[11764\]: Failed password for root from 175.139.1.34 port 58670 ssh2 Sep 25 18:20:06 ns382633 sshd\[13924\]: Invalid user nuc from 175.139.1.34 port 40468 Sep 25 18:20:06 ns382633 sshd\[13924\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.1.34 Sep 25 18:20:08 ns382633 sshd\[13924\]: Failed password for invalid user nuc from 175.139.1.34 port 40468 ssh2	2020-09-26 00:49:14
attack	Time: Fri Sep 25 04:19:35 2020 +0000 IP: 175.139.1.34 (MY/Malaysia/-) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Sep 25 04:16:11 activeserver sshd[30125]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.1.34 user=root Sep 25 04:16:13 activeserver sshd[30125]: Failed password for root from 175.139.1.34 port 35194 ssh2 Sep 25 04:17:54 activeserver sshd[2654]: Invalid user ariel from 175.139.1.34 port 43214 Sep 25 04:17:55 activeserver sshd[2654]: Failed password for invalid user ariel from 175.139.1.34 port 43214 ssh2 Sep 25 04:19:32 activeserver sshd[7467]: Invalid user deploy from 175.139.1.34 port 51228	2020-09-25 16:25:13
attackspam	Sep 18 17:46:28 [-] sshd[30237]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.1.34 user=root Sep 18 17:46:30 [-] sshd[30237]: Failed password for invalid user root from 175.139.1.34 port 56816 ssh2 Sep 18 17:51:43 [-] sshd[30301]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.1.34	2020-09-19 01:02:19
attackbots	2020-09-18T02:48:18.534739randservbullet-proofcloud-66.localdomain sshd[15945]: Invalid user PPAP from 175.139.1.34 port 45404 2020-09-18T02:48:18.538771randservbullet-proofcloud-66.localdomain sshd[15945]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.1.34 2020-09-18T02:48:18.534739randservbullet-proofcloud-66.localdomain sshd[15945]: Invalid user PPAP from 175.139.1.34 port 45404 2020-09-18T02:48:19.960022randservbullet-proofcloud-66.localdomain sshd[15945]: Failed password for invalid user PPAP from 175.139.1.34 port 45404 ssh2 ...	2020-09-18 17:04:24
attackbots	175.139.1.34 (MY/Malaysia/-), 3 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 17 15:37:52 honeypot sshd[139723]: Failed password for root from 193.187.119.69 port 44812 ssh2 Sep 17 15:56:31 honeypot sshd[139942]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.1.34 user=root Sep 17 15:56:34 honeypot sshd[139942]: Failed password for root from 175.139.1.34 port 34610 ssh2 IP Addresses Blocked: 193.187.119.69 (HK/Hong Kong/-)	2020-09-18 07:19:16
attack	$f2bV_matches	2020-08-29 13:23:23
attack	web-1 [ssh] SSH Attack	2020-08-27 05:33:56
attackbotsspam	Aug 24 06:50:55 rancher-0 sshd[1245930]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.1.34 user=root Aug 24 06:50:57 rancher-0 sshd[1245930]: Failed password for root from 175.139.1.34 port 51154 ssh2 ...	2020-08-24 12:59:56
attack	Aug 18 22:46:39 jane sshd[7356]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.1.34 Aug 18 22:46:41 jane sshd[7356]: Failed password for invalid user he from 175.139.1.34 port 35222 ssh2 ...	2020-08-19 05:14:39
attack	2020-07-31T07:49:27.604864hostname sshd[30857]: Failed password for root from 175.139.1.34 port 45078 ssh2 ...	2020-08-01 15:28:31
attackbots	Jul 26 14:45:29 XXXXXX sshd[57595]: Invalid user ehr from 175.139.1.34 port 42778	2020-07-27 03:25:38
attackspambots	SSH Invalid Login	2020-07-23 06:23:32
attackspam	$f2bV_matches	2020-07-08 19:22:04
attackbotsspam	Jul 6 08:02:02 sso sshd[18215]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.1.34 Jul 6 08:02:04 sso sshd[18215]: Failed password for invalid user artifactory from 175.139.1.34 port 53004 ssh2 ...	2020-07-06 14:53:33
attack	Invalid user support from 175.139.1.34 port 47516	2020-07-04 05:20:30
attackspambots	Failed password for invalid user cassandra from 175.139.1.34 port 44964 ssh2	2020-06-24 14:30:59
attackbots	Jun 9 06:33:31 vps687878 sshd\[15057\]: Failed password for root from 175.139.1.34 port 48842 ssh2 Jun 9 06:37:18 vps687878 sshd\[15450\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.1.34 user=root Jun 9 06:37:20 vps687878 sshd\[15450\]: Failed password for root from 175.139.1.34 port 51128 ssh2 Jun 9 06:41:06 vps687878 sshd\[16007\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.1.34 user=root Jun 9 06:41:08 vps687878 sshd\[16007\]: Failed password for root from 175.139.1.34 port 53410 ssh2 ...	2020-06-09 12:52:02
attackbots	Jun 2 18:22:15 vpn01 sshd[8473]: Failed password for root from 175.139.1.34 port 53148 ssh2 ...	2020-06-03 00:54:27
attackbotsspam	2020-06-01T23:23[Censored Hostname] sshd[1923210]: Failed password for root from 175.139.1.34 port 41736 ssh2 2020-06-01T23:26[Censored Hostname] sshd[1923232]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.1.34 user=root 2020-06-01T23:26[Censored Hostname] sshd[1923232]: Failed password for root from 175.139.1.34 port 54612 ssh2[...]	2020-06-02 05:41:59
attack	Jun 1 10:52:44 vmi345603 sshd[30510]: Failed password for root from 175.139.1.34 port 43806 ssh2 ...	2020-06-01 17:28:58
attackbots	SSH bruteforce	2020-05-31 14:12:53

相同子网IP讨论:

IP	类型	评论内容	时间
175.139.191.169	attackspam	2020-09-20 12:47:50 server sshd[35255]: Failed password for invalid user admin from 175.139.191.169 port 40762 ssh2	2020-09-22 00:11:46
175.139.191.169	attackspambots	Automatic report - Banned IP Access	2020-09-21 15:52:31
175.139.191.169	attack	Invalid user deployer from 175.139.191.169 port 35188	2020-09-21 07:47:22
175.139.191.169	attackbotsspam	Jul 28 03:59:39 django-0 sshd[5744]: Invalid user zhangtp from 175.139.191.169 Jul 28 03:59:41 django-0 sshd[5744]: Failed password for invalid user zhangtp from 175.139.191.169 port 37588 ssh2 Jul 28 04:04:42 django-0 sshd[5829]: Invalid user bdos from 175.139.191.169 ...	2020-07-28 12:26:40
175.139.190.165	attackbots	Dovecot Invalid User Login Attempt.	2020-07-27 23:08:51
175.139.194.125	attackbots	2020-07-09 dovecot_login authenticator failed for $User$ \[175.139.194.125\]: 535 Incorrect authentication data $set_id=backup@REMOVED$ 2020-07-09 dovecot_login authenticator failed for $User$ \[175.139.194.125\]: 535 Incorrect authentication data $set_id=backup@REMOVED$ 2020-07-09 dovecot_login authenticator failed for $User$ \[175.139.194.125\]: 535 Incorrect authentication data $set_id=backup@REMOVED$	2020-07-10 06:32:10
175.139.138.176	attackspam	Jul 6 05:41:11 server6 sshd[19667]: Failed password for invalid user guest from 175.139.138.176 port 61445 ssh2 Jul 6 05:41:11 server6 sshd[19669]: Failed password for invalid user guest from 175.139.138.176 port 61455 ssh2 Jul 6 05:41:11 server6 sshd[19673]: Failed password for invalid user guest from 175.139.138.176 port 61479 ssh2 Jul 6 05:41:11 server6 sshd[19667]: Connection closed by 175.139.138.176 [preauth] Jul 6 05:41:11 server6 sshd[19670]: Failed password for invalid user guest from 175.139.138.176 port 61456 ssh2 Jul 6 05:41:11 server6 sshd[19669]: Connection closed by 175.139.138.176 [preauth] Jul 6 05:41:11 server6 sshd[19673]: Connection closed by 175.139.138.176 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=175.139.138.176	2020-07-06 15:10:09
175.139.164.181	attackspambots	1,31-13/05 [bc01/m07] PostRequest-Spammer scoring: brussels	2020-06-23 20:46:00
175.139.194.125	attackspambots	SMTP:25. 62 login attempts blocked over 55 days.	2020-06-17 05:00:14
175.139.173.228	attackbotsspam	Port scan on 1 port(s): 8000	2020-06-12 12:52:52
175.139.165.28	attackspambots	WebFormToEmail Comment SPAM	2020-06-10 17:23:42
175.139.194.125	attack	SMTP:25. 41 login attempts blocked over 42 days.	2020-06-04 06:51:59
175.139.191.169	attackbotsspam	...	2020-05-29 01:30:25
175.139.191.169	attackspam	Invalid user www from 175.139.191.169 port 60464	2020-05-26 15:32:21
175.139.191.169	attackspam	May 25 09:20:12 server1 sshd\[32410\]: Failed password for invalid user jayashree from 175.139.191.169 port 34692 ssh2 May 25 09:24:38 server1 sshd\[1186\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.191.169 user=root May 25 09:24:40 server1 sshd\[1186\]: Failed password for root from 175.139.191.169 port 39980 ssh2 May 25 09:29:11 server1 sshd\[2427\]: Invalid user heinemann from 175.139.191.169 May 25 09:29:11 server1 sshd\[2427\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.191.169 ...	2020-05-26 01:16:51

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 175.139.1.34
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 49860
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;175.139.1.34.			IN	A

;; AUTHORITY SECTION:
.			341	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020030501 1800 900 604800 86400

;; Query time: 156 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Mar 06 04:45:04 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 34.1.139.175.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 34.1.139.175.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
218.78.44.63	attackbotsspam	Nov 2 18:05:35 gw1 sshd[29640]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.78.44.63 Nov 2 18:05:36 gw1 sshd[29640]: Failed password for invalid user 123456 from 218.78.44.63 port 59914 ssh2 ...	2019-11-02 21:07:06
205.151.16.6	attackspambots	Automatic report - XMLRPC Attack	2019-11-02 20:31:30
202.47.80.92	attackspam	PostgreSQL port 5432	2019-11-02 20:49:53
95.163.82.28	attack	Email spam message	2019-11-02 20:48:19
66.214.230.240	attackspambots	PostgreSQL port 5432	2019-11-02 20:33:45
197.156.67.250	attackbotsspam	Nov 2 01:53:53 sachi sshd\[10969\]: Invalid user temp from 197.156.67.250 Nov 2 01:53:53 sachi sshd\[10969\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.156.67.250 Nov 2 01:53:55 sachi sshd\[10969\]: Failed password for invalid user temp from 197.156.67.250 port 50058 ssh2 Nov 2 01:59:03 sachi sshd\[11409\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.156.67.250 user=root Nov 2 01:59:05 sachi sshd\[11409\]: Failed password for root from 197.156.67.250 port 50714 ssh2	2019-11-02 20:47:13
89.248.162.168	attack	7654/tcp 4321/tcp 8500/tcp... [2019-09-01/11-02]2979pkt,989pt.(tcp)	2019-11-02 20:41:55
79.106.225.163	attackspam	invalid login attempt	2019-11-02 20:45:33
222.121.135.68	attackspambots	Nov 2 02:12:26 sachi sshd\[12592\]: Invalid user polycom from 222.121.135.68 Nov 2 02:12:26 sachi sshd\[12592\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.121.135.68 Nov 2 02:12:28 sachi sshd\[12592\]: Failed password for invalid user polycom from 222.121.135.68 port 34221 ssh2 Nov 2 02:17:08 sachi sshd\[12981\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.121.135.68 user=root Nov 2 02:17:11 sachi sshd\[12981\]: Failed password for root from 222.121.135.68 port 16322 ssh2	2019-11-02 21:06:36
2409:4042:210b:133:25bc:a169:5d91:63d2	attack	C2,WP GET /wp-login.php	2019-11-02 20:30:59
150.109.40.31	attackbotsspam	Nov 2 02:49:04 auw2 sshd\[4654\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.109.40.31 user=root Nov 2 02:49:06 auw2 sshd\[4654\]: Failed password for root from 150.109.40.31 port 60124 ssh2 Nov 2 02:53:23 auw2 sshd\[5046\]: Invalid user ark from 150.109.40.31 Nov 2 02:53:23 auw2 sshd\[5046\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.109.40.31 Nov 2 02:53:25 auw2 sshd\[5046\]: Failed password for invalid user ark from 150.109.40.31 port 43122 ssh2	2019-11-02 20:56:55
188.131.170.119	attack	Nov 2 13:26:43 vps01 sshd[16115]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.131.170.119 Nov 2 13:26:45 vps01 sshd[16115]: Failed password for invalid user stayaway from 188.131.170.119 port 60148 ssh2	2019-11-02 20:37:28
31.208.110.174	attack	Portscan detected	2019-11-02 20:36:35
118.70.72.103	attackbotsspam	Nov 2 12:19:15 localhost sshd\[6350\]: Invalid user q1w2e3!@\# from 118.70.72.103 port 64524 Nov 2 12:19:15 localhost sshd\[6350\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.70.72.103 Nov 2 12:19:17 localhost sshd\[6350\]: Failed password for invalid user q1w2e3!@\# from 118.70.72.103 port 64524 ssh2 Nov 2 12:34:33 localhost sshd\[6706\]: Invalid user qwe@123456 from 118.70.72.103 port 35686 Nov 2 12:34:33 localhost sshd\[6706\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.70.72.103 ...	2019-11-02 20:48:43
191.17.173.40	attack	19/11/2@07:58:45: FAIL: IoT-Telnet address from=191.17.173.40 ...	2019-11-02 20:58:17

最近上报的IP列表

66.252.149.64	55.188.99.9	58.182.142.6	160.15.129.198
196.158.204.17	77.74.34.52	208.247.248.218	221.205.67.172
211.197.215.220	93.29.219.241	186.134.198.4	195.228.170.167
96.20.171.110	32.125.207.80	200.80.232.161	178.150.247.202
102.248.49.38	178.127.8.29	85.157.87.219	186.113.217.22