134.119.206.3 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): France

运营商(isp): velia.net Internetdienste GmbH

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Sep 14 21:01:58 web1 sshd[21837]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.119.206.3 user=root Sep 14 21:02:00 web1 sshd[21837]: Failed password for root from 134.119.206.3 port 39442 ssh2 Sep 14 21:06:40 web1 sshd[23974]: Invalid user send from 134.119.206.3 port 37836 Sep 14 21:06:40 web1 sshd[23974]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.119.206.3 Sep 14 21:06:40 web1 sshd[23974]: Invalid user send from 134.119.206.3 port 37836 Sep 14 21:06:42 web1 sshd[23974]: Failed password for invalid user send from 134.119.206.3 port 37836 ssh2 Sep 14 21:10:25 web1 sshd[25450]: Invalid user csgo from 134.119.206.3 port 53600 Sep 14 21:10:25 web1 sshd[25450]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.119.206.3 Sep 14 21:10:25 web1 sshd[25450]: Invalid user csgo from 134.119.206.3 port 53600 Sep 14 21:10:27 web1 sshd[25450]: Failed password fo ...	2020-09-14 23:25:07
attackspam	2020-09-14T05:52:35.565145shield sshd\[6903\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.119.206.3 user=root 2020-09-14T05:52:36.726520shield sshd\[6903\]: Failed password for root from 134.119.206.3 port 57716 ssh2 2020-09-14T05:56:32.423871shield sshd\[8295\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.119.206.3 user=root 2020-09-14T05:56:34.789493shield sshd\[8295\]: Failed password for root from 134.119.206.3 port 43770 ssh2 2020-09-14T06:00:27.698070shield sshd\[9744\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.119.206.3 user=root	2020-09-14 15:13:32
attackbots	2020-09-13T18:30:30.206949devel sshd[15582]: Failed password for root from 134.119.206.3 port 50766 ssh2 2020-09-13T18:34:04.141844devel sshd[15854]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.119.206.3 user=root 2020-09-13T18:34:06.046622devel sshd[15854]: Failed password for root from 134.119.206.3 port 36410 ssh2	2020-09-14 07:08:38
attack	2020-08-28T10:23:51.677492abusebot-4.cloudsearch.cf sshd[10111]: Invalid user test2 from 134.119.206.3 port 39676 2020-08-28T10:23:51.685309abusebot-4.cloudsearch.cf sshd[10111]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.119.206.3 2020-08-28T10:23:51.677492abusebot-4.cloudsearch.cf sshd[10111]: Invalid user test2 from 134.119.206.3 port 39676 2020-08-28T10:23:53.601237abusebot-4.cloudsearch.cf sshd[10111]: Failed password for invalid user test2 from 134.119.206.3 port 39676 ssh2 2020-08-28T10:29:56.097402abusebot-4.cloudsearch.cf sshd[10396]: Invalid user postgres from 134.119.206.3 port 42906 2020-08-28T10:29:56.102601abusebot-4.cloudsearch.cf sshd[10396]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.119.206.3 2020-08-28T10:29:56.097402abusebot-4.cloudsearch.cf sshd[10396]: Invalid user postgres from 134.119.206.3 port 42906 2020-08-28T10:29:57.792874abusebot-4.cloudsearch.cf sshd[10396]: ...	2020-08-28 19:33:34
attackbotsspam	B: Abusive ssh attack	2020-08-21 01:14:14

相同子网IP讨论:

IP	类型	评论内容	时间
134.119.206.223	attackspambots	20 attempts against mh-misbehave-ban on dawn.magehost.pro	2019-08-26 03:33:37

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 134.119.206.3
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57753
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;134.119.206.3.			IN	A

;; AUTHORITY SECTION:
.			483	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020082000 1800 900 604800 86400

;; Query time: 112 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Aug 21 01:14:06 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 3.206.119.134.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 3.206.119.134.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
120.52.146.211	attackbotsspam	Sep 1 10:15:24 server sshd[22669]: User root from 120.52.146.211 not allowed because listed in DenyUsers ...	2020-09-01 16:43:15
54.39.50.204	attack	prod11 ...	2020-09-01 16:40:55
185.175.93.24	attackspambots	TCP (SYN) 185.175.93.24:56435 -> port 5900, len 40	2020-09-01 16:39:06
45.95.168.96	attackspambots	2020-09-01 10:07:48 dovecot_login authenticator failed for pr.predictams.live \(USER\) \[45.95.168.96\]: 535 Incorrect authentication data \(set_id=news@nopcommerce.it\) 2020-09-01 10:09:29 dovecot_login authenticator failed for pr.predictams.live \(USER\) \[45.95.168.96\]: 535 Incorrect authentication data \(set_id=news@opso.it\) 2020-09-01 10:09:38 dovecot_login authenticator failed for pr.predictams.live \(USER\) \[45.95.168.96\]: 535 Incorrect authentication data \(set_id=news@nophost.com\) 2020-09-01 10:13:30 dovecot_login authenticator failed for pr.predictams.live \(USER\) \[45.95.168.96\]: 535 Incorrect authentication data \(set_id=news@nopcommerce.it\) 2020-09-01 10:15:14 dovecot_login authenticator failed for pr.predictams.live \(USER\) \[45.95.168.96\]: 535 Incorrect authentication data \(set_id=news@nophost.com\) 2020-09-01 10:15:14 dovecot_login authenticator failed for pr.predictams.live \(USER\) \[45.95.168.96\]: 535 Incorrect authentication data \(set_id=news@opso.it\)	2020-09-01 16:24:03
62.234.78.62	attack	Sep 1 10:39:07 server sshd[1906]: Failed password for invalid user root from 62.234.78.62 port 35046 ssh2 Sep 1 10:39:06 server sshd[1906]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.78.62 user=root Sep 1 10:39:06 server sshd[1906]: User root from 62.234.78.62 not allowed because listed in DenyUsers Sep 1 10:39:07 server sshd[1906]: Failed password for invalid user root from 62.234.78.62 port 35046 ssh2 Sep 1 10:41:04 server sshd[20566]: Invalid user admin from 62.234.78.62 port 60988 ...	2020-09-01 16:24:35
218.92.0.203	attackbots	Sep 1 05:50:54 kh-dev-server sshd[4274]: Failed password for root from 218.92.0.203 port 19508 ssh2 ...	2020-09-01 16:16:56
192.35.168.120	attackbotsspam	Port Scan ...	2020-09-01 16:34:06
5.255.253.9	attack	(mod_security) mod_security (id:210740) triggered by 5.255.253.9 (RU/Russia/5-255-253-9.spider.yandex.com): 5 in the last 3600 secs	2020-09-01 16:27:50
185.220.102.240	attackspam	Sep 1 07:28:29 ssh2 sshd[82692]: User root from 185.220.102.240 not allowed because not listed in AllowUsers Sep 1 07:28:29 ssh2 sshd[82692]: Failed password for invalid user root from 185.220.102.240 port 23548 ssh2 Sep 1 07:28:30 ssh2 sshd[82692]: Failed password for invalid user root from 185.220.102.240 port 23548 ssh2 ...	2020-09-01 16:13:15
138.68.24.88	attackbots	Sep 1 09:59:35 server sshd[19561]: Invalid user device from 138.68.24.88 port 40674 ...	2020-09-01 16:31:35
45.80.64.230	attack	ssh brute force	2020-09-01 16:30:20
162.241.215.221	attackbotsspam	162.241.215.221 - - [01/Sep/2020:08:49:55 +0100] "POST /wp-login.php HTTP/1.1" 200 2234 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 162.241.215.221 - - [01/Sep/2020:08:49:56 +0100] "POST /wp-login.php HTTP/1.1" 200 2231 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 162.241.215.221 - - [01/Sep/2020:08:49:57 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-01 16:07:19
189.35.91.154	attackspam	Sep 1 08:15:29 mailserver sshd\[24327\]: Invalid user admin from 189.35.91.154 ...	2020-09-01 16:16:16
110.175.173.142	attackspambots	(sshd) Failed SSH login from 110.175.173.142 (AU/Australia/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 1 02:10:53 server2 sshd[29300]: Invalid user liyan from 110.175.173.142 Sep 1 02:10:55 server2 sshd[29300]: Failed password for invalid user liyan from 110.175.173.142 port 32882 ssh2 Sep 1 02:23:27 server2 sshd[8235]: Invalid user www from 110.175.173.142 Sep 1 02:23:29 server2 sshd[8235]: Failed password for invalid user www from 110.175.173.142 port 46437 ssh2 Sep 1 02:28:10 server2 sshd[13129]: Invalid user teresa from 110.175.173.142	2020-09-01 16:25:18
45.127.106.204	attack	45.127.106.204 - - \[01/Sep/2020:06:52:36 +0200\] "POST /wp-login.php HTTP/1.0" 200 9031 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 45.127.106.204 - - \[01/Sep/2020:06:52:38 +0200\] "POST /wp-login.php HTTP/1.0" 200 8898 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 45.127.106.204 - - \[01/Sep/2020:06:52:40 +0200\] "POST /wp-login.php HTTP/1.0" 200 8894 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2020-09-01 16:11:16

最近上报的IP列表

128.95.83.171	130.157.220.234	84.233.129.215	111.22.26.225
226.185.122.16	172.145.24.240	191.44.9.189	112.111.244.211
108.90.252.52	193.41.122.0	160.179.59.236	113.188.45.171
5.12.8.41	125.160.204.32	49.206.33.231	141.84.10.168
52.231.157.255	14.160.24.248	188.54.138.248	136.19.146.101