80.245.112.134

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Ukraine

运营商(isp): Crelcom LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Sep 22 03:05:01 server sshd\[19193\]: User root from 80.245.112.134 not allowed because listed in DenyUsers Sep 22 03:05:01 server sshd\[19193\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.245.112.134 user=root Sep 22 03:05:03 server sshd\[19193\]: Failed password for invalid user root from 80.245.112.134 port 60314 ssh2 Sep 22 03:09:46 server sshd\[10164\]: Invalid user test from 80.245.112.134 port 46134 Sep 22 03:09:46 server sshd\[10164\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.245.112.134	2019-09-22 08:13:23

类型

评论内容

时间

attack

Sep 22 03:05:01 server sshd\[19193\]: User root from 80.245.112.134 not allowed because listed in DenyUsers
Sep 22 03:05:01 server sshd\[19193\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.245.112.134  user=root
Sep 22 03:05:03 server sshd\[19193\]: Failed password for invalid user root from 80.245.112.134 port 60314 ssh2
Sep 22 03:09:46 server sshd\[10164\]: Invalid user test from 80.245.112.134 port 46134
Sep 22 03:09:46 server sshd\[10164\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.245.112.134

2019-09-22 08:13:23

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 80.245.112.134
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 35705
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;80.245.112.134.			IN	A

;; AUTHORITY SECTION:
.			393	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019092101 1800 900 604800 86400

;; Query time: 942 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Sep 22 08:13:15 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

134.112.245.80.in-addr.arpa domain name pointer ip134-112.crimea.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
134.112.245.80.in-addr.arpa	name = ip134-112.crimea.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
168.167.51.67	attack	168.167.51.67 was recorded 22 times by 1 hosts attempting to connect to the following ports: 500. Incident counter (4h, 24h, all-time): 22, 22, 52	2020-03-17 07:27:33
62.234.86.83	attack	Invalid user pai from 62.234.86.83 port 41793	2020-03-17 07:21:58
89.46.197.46	attackspam	2020-03-16T16:21:48.086813shield sshd\[25465\]: Invalid user webcupuser from 89.46.197.46 port 46575 2020-03-16T16:21:48.096544shield sshd\[25465\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.46.197.46 2020-03-16T16:21:49.920868shield sshd\[25465\]: Failed password for invalid user webcupuser from 89.46.197.46 port 46575 ssh2 2020-03-16T16:22:35.798305shield sshd\[25528\]: Invalid user windows from 89.46.197.46 port 38797 2020-03-16T16:22:35.807909shield sshd\[25528\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.46.197.46	2020-03-17 07:22:45
138.97.255.229	attackspambots	(sshd) Failed SSH login from 138.97.255.229 (BR/Brazil/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Mar 17 00:19:14 amsweb01 sshd[12686]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.97.255.229 user=root Mar 17 00:19:16 amsweb01 sshd[12686]: Failed password for root from 138.97.255.229 port 46368 ssh2 Mar 17 00:32:44 amsweb01 sshd[13936]: Invalid user oracle from 138.97.255.229 port 37990 Mar 17 00:32:46 amsweb01 sshd[13936]: Failed password for invalid user oracle from 138.97.255.229 port 37990 ssh2 Mar 17 00:40:03 amsweb01 sshd[14578]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.97.255.229 user=root	2020-03-17 07:46:43
222.186.190.2	attackbotsspam	Mar 17 00:53:31 eventyay sshd[3854]: Failed password for root from 222.186.190.2 port 13548 ssh2 Mar 17 00:53:44 eventyay sshd[3854]: error: maximum authentication attempts exceeded for root from 222.186.190.2 port 13548 ssh2 [preauth] Mar 17 00:53:49 eventyay sshd[3858]: Failed password for root from 222.186.190.2 port 20934 ssh2 ...	2020-03-17 07:54:03
194.152.206.93	attackbots	Invalid user nisuser2 from 194.152.206.93 port 37405	2020-03-17 07:40:39
45.119.212.222	attack	Mar 17 00:39:45 odroid64 sshd\[31163\]: User root from 45.119.212.222 not allowed because not listed in AllowUsers Mar 17 00:39:45 odroid64 sshd\[31163\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.119.212.222 user=root ...	2020-03-17 07:55:51
39.38.236.240	attack	39.38.236.240 - - \[16/Mar/2020:07:34:33 -0700\] "POST /index.php/admin HTTP/1.1" 404 2040739.38.236.240 - - \[16/Mar/2020:07:34:34 -0700\] "POST /index.php/admin/index/ HTTP/1.1" 404 2043539.38.236.240 - - \[16/Mar/2020:07:34:34 -0700\] "POST /index.php/admin/sales_order/ HTTP/1.1" 404 20459 ...	2020-03-17 07:33:03
222.29.159.167	attackspambots	SSH bruteforce	2020-03-17 07:36:38
54.38.33.178	attack	Mar 17 00:09:50 ns382633 sshd\[23015\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.33.178 user=root Mar 17 00:09:52 ns382633 sshd\[23015\]: Failed password for root from 54.38.33.178 port 42246 ssh2 Mar 17 00:30:23 ns382633 sshd\[27033\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.33.178 user=root Mar 17 00:30:25 ns382633 sshd\[27033\]: Failed password for root from 54.38.33.178 port 39374 ssh2 Mar 17 00:39:59 ns382633 sshd\[28229\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.33.178 user=root	2020-03-17 07:49:39
202.186.147.42	attackspambots	Unauthorized IMAP connection attempt	2020-03-17 07:40:24
222.186.190.17	attackbots	Mar 16 23:09:49 ip-172-31-62-245 sshd\[13824\]: Failed password for root from 222.186.190.17 port 13456 ssh2\ Mar 16 23:09:52 ip-172-31-62-245 sshd\[13824\]: Failed password for root from 222.186.190.17 port 13456 ssh2\ Mar 16 23:09:54 ip-172-31-62-245 sshd\[13824\]: Failed password for root from 222.186.190.17 port 13456 ssh2\ Mar 16 23:10:16 ip-172-31-62-245 sshd\[13828\]: Failed password for root from 222.186.190.17 port 21213 ssh2\ Mar 16 23:10:54 ip-172-31-62-245 sshd\[13836\]: Failed password for root from 222.186.190.17 port 45251 ssh2\	2020-03-17 07:41:16
218.59.139.12	attackspam	Mar 16 16:39:50 mockhub sshd[15871]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.59.139.12 Mar 16 16:39:52 mockhub sshd[15871]: Failed password for invalid user abcd@123321 from 218.59.139.12 port 39631 ssh2 ...	2020-03-17 07:53:07
148.245.69.156	attackbots	1584369295 - 03/16/2020 15:34:55 Host: 148.245.69.156/148.245.69.156 Port: 23 TCP Blocked	2020-03-17 07:18:57
109.94.223.130	attackspam	B: Magento admin pass test (wrong country)	2020-03-17 07:38:55

最近上报的IP列表

42.218.187.252	129.209.236.82	113.190.119.77	153.155.112.107
36.221.120.122	122.192.243.42	122.123.164.225	111.225.223.45
130.83.92.86	30.15.100.176	213.45.93.43	91.213.228.199
74.190.193.49	187.171.28.94	170.213.168.103	20.140.110.77
16.223.59.207	40.52.19.40	71.208.217.198	94.121.57.238