134.122.20.211

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States of America

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	134.122.20.211 - - [30/Sep/2020:01:44:22 +0100] "POST /wp-login.php HTTP/1.1" 200 2660 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 134.122.20.211 - - [30/Sep/2020:01:44:28 +0100] "POST /wp-login.php HTTP/1.1" 200 2668 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 134.122.20.211 - - [30/Sep/2020:01:44:31 +0100] "POST /wp-login.php HTTP/1.1" 200 2626 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-30 08:52:54
attackspambots	134.122.20.211 - - [29/Sep/2020:10:06:25 +0100] "POST /wp-login.php HTTP/1.1" 200 4401 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 134.122.20.211 - - [29/Sep/2020:10:06:26 +0100] "POST /wp-login.php HTTP/1.1" 200 4401 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 134.122.20.211 - - [29/Sep/2020:10:06:28 +0100] "POST /wp-login.php HTTP/1.1" 200 4401 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-30 01:44:48
attackspam	134.122.20.211 - - [29/Sep/2020:10:06:25 +0100] "POST /wp-login.php HTTP/1.1" 200 4401 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 134.122.20.211 - - [29/Sep/2020:10:06:26 +0100] "POST /wp-login.php HTTP/1.1" 200 4401 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 134.122.20.211 - - [29/Sep/2020:10:06:28 +0100] "POST /wp-login.php HTTP/1.1" 200 4401 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-29 17:45:08

类型

评论内容

时间

attackspam

134.122.20.211 - - [30/Sep/2020:01:44:22 +0100] "POST /wp-login.php HTTP/1.1" 200 2660 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
134.122.20.211 - - [30/Sep/2020:01:44:28 +0100] "POST /wp-login.php HTTP/1.1" 200 2668 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
134.122.20.211 - - [30/Sep/2020:01:44:31 +0100] "POST /wp-login.php HTTP/1.1" 200 2626 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
...

2020-09-30 08:52:54

attackspambots

134.122.20.211 - - [29/Sep/2020:10:06:25 +0100] "POST /wp-login.php HTTP/1.1" 200 4401 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
134.122.20.211 - - [29/Sep/2020:10:06:26 +0100] "POST /wp-login.php HTTP/1.1" 200 4401 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
134.122.20.211 - - [29/Sep/2020:10:06:28 +0100] "POST /wp-login.php HTTP/1.1" 200 4401 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
...

2020-09-30 01:44:48

attackspam

134.122.20.211 - - [29/Sep/2020:10:06:25 +0100] "POST /wp-login.php HTTP/1.1" 200 4401 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
134.122.20.211 - - [29/Sep/2020:10:06:26 +0100] "POST /wp-login.php HTTP/1.1" 200 4401 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
134.122.20.211 - - [29/Sep/2020:10:06:28 +0100] "POST /wp-login.php HTTP/1.1" 200 4401 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
...

2020-09-29 17:45:08

相同子网IP讨论:

IP	类型	评论内容	时间
134.122.206.108	attackproxy	vpn	2022-11-09 13:48:25
134.122.20.146	attackspambots	$f2bV_matches	2020-08-02 07:56:38
134.122.20.146	attackspam	Jul 31 06:57:23 hosting sshd[25565]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.122.20.146 user=root Jul 31 06:57:24 hosting sshd[25565]: Failed password for root from 134.122.20.146 port 39112 ssh2 ...	2020-07-31 12:11:58
134.122.20.146	attackspam	Jul 24 05:58:52 sshd\[20312\]: Invalid user yly from 134.122.20.146Jul 24 05:58:54 sshd\[20312\]: Failed password for invalid user yly from 134.122.20.146 port 59258 ssh2 ...	2020-07-24 12:16:15
134.122.20.146	attack	Jul 20 13:24:35 Invalid user teste from 134.122.20.146 port 33544	2020-07-20 20:15:48
134.122.20.146	attackbots	Invalid user admin from 134.122.20.146 port 59244	2020-07-18 20:13:10
134.122.20.113	attack	Scanned 333 unique addresses for 2 unique TCP ports in 24 hours (ports 1700,26938)	2020-07-09 03:55:47
134.122.20.146	attackspambots	20 attempts against mh-ssh on flame	2020-07-07 13:18:24
134.122.20.113	attackspam	Failed password for invalid user ubuntu from 134.122.20.113 port 38664 ssh2	2020-07-04 03:42:25
134.122.20.113	attackbots	unauthorized connection attempt	2020-06-28 15:22:26
134.122.20.113	attackbotsspam	Scanned 313 unique addresses for 2 unique TCP ports in 24 hours (ports 10443,26440)	2020-06-25 01:04:13
134.122.20.113	attackspambots	Jun 22 11:19:59 ns382633 sshd\[21367\]: Invalid user tomcat from 134.122.20.113 port 44720 Jun 22 11:19:59 ns382633 sshd\[21367\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.122.20.113 Jun 22 11:20:01 ns382633 sshd\[21367\]: Failed password for invalid user tomcat from 134.122.20.113 port 44720 ssh2 Jun 22 11:29:47 ns382633 sshd\[23341\]: Invalid user martha from 134.122.20.113 port 57000 Jun 22 11:29:47 ns382633 sshd\[23341\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.122.20.113	2020-06-22 19:20:07
134.122.20.113	attack	2020-06-19T05:44:11.367080shield sshd\[30900\]: Invalid user brody from 134.122.20.113 port 60746 2020-06-19T05:44:11.371851shield sshd\[30900\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.122.20.113 2020-06-19T05:44:12.621080shield sshd\[30900\]: Failed password for invalid user brody from 134.122.20.113 port 60746 ssh2 2020-06-19T05:45:36.800948shield sshd\[31265\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.122.20.113 user=root 2020-06-19T05:45:38.386876shield sshd\[31265\]: Failed password for root from 134.122.20.113 port 57678 ssh2	2020-06-19 17:14:41
134.122.20.113	attackspam	Jun 15 15:09:09 scw-6657dc sshd[1582]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.122.20.113 Jun 15 15:09:09 scw-6657dc sshd[1582]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.122.20.113 Jun 15 15:09:11 scw-6657dc sshd[1582]: Failed password for invalid user luis from 134.122.20.113 port 60726 ssh2 ...	2020-06-15 23:14:17
134.122.20.113	attackspam	Jun 14 09:00:43 vlre-nyc-1 sshd\[15991\]: Invalid user haisou from 134.122.20.113 Jun 14 09:00:43 vlre-nyc-1 sshd\[15991\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.122.20.113 Jun 14 09:00:46 vlre-nyc-1 sshd\[15991\]: Failed password for invalid user haisou from 134.122.20.113 port 60020 ssh2 Jun 14 09:03:57 vlre-nyc-1 sshd\[16103\]: Invalid user user03 from 134.122.20.113 Jun 14 09:03:57 vlre-nyc-1 sshd\[16103\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.122.20.113 ...	2020-06-14 17:46:51

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 134.122.20.211
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 54042
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;134.122.20.211.			IN	A

;; AUTHORITY SECTION:
.			519	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020092900 1800 900 604800 86400

;; Query time: 16 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Sep 29 17:45:03 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 211.20.122.134.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 211.20.122.134.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
185.203.236.47	attackbots	\[2019-08-16 16:03:37\] NOTICE\[2288\] chan_sip.c: Registration from '"1004" \' failed for '185.203.236.47:5075' - Wrong password \[2019-08-16 16:03:37\] SECURITY\[2326\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-08-16T16:03:37.391-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="1004",SessionID="0x7ff4d0348688",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.203.236.47/5075",Challenge="0fe6a8f2",ReceivedChallenge="0fe6a8f2",ReceivedHash="05c7f0793ac2dc1927f9a354e7d543ce" \[2019-08-16 16:04:22\] NOTICE\[2288\] chan_sip.c: Registration from '"2420" \' failed for '185.203.236.47:5082' - Wrong password \[2019-08-16 16:04:22\] SECURITY\[2326\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-08-16T16:04:22.644-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="2420",SessionID="0x7ff4d07952f8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4	2019-08-17 06:02:01
193.70.36.161	attackbotsspam	Aug 16 15:59:10 vps200512 sshd\[25361\]: Invalid user laurentiu from 193.70.36.161 Aug 16 15:59:10 vps200512 sshd\[25361\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.70.36.161 Aug 16 15:59:11 vps200512 sshd\[25361\]: Failed password for invalid user laurentiu from 193.70.36.161 port 39632 ssh2 Aug 16 16:04:54 vps200512 sshd\[25524\]: Invalid user hardya from 193.70.36.161 Aug 16 16:04:54 vps200512 sshd\[25524\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.70.36.161	2019-08-17 05:43:39
177.73.140.66	attackspam	Invalid user yuriy from 177.73.140.66 port 38866	2019-08-17 06:04:14
179.232.1.254	attackspambots	Aug 16 09:56:57 hiderm sshd\[2050\]: Invalid user rolo from 179.232.1.254 Aug 16 09:56:57 hiderm sshd\[2050\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.232.1.254 Aug 16 09:56:58 hiderm sshd\[2050\]: Failed password for invalid user rolo from 179.232.1.254 port 57045 ssh2 Aug 16 10:04:59 hiderm sshd\[2794\]: Invalid user matthieu from 179.232.1.254 Aug 16 10:04:59 hiderm sshd\[2794\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.232.1.254	2019-08-17 05:40:42
222.186.52.124	attackbots	Aug 16 17:38:59 TORMINT sshd\[8793\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.52.124 user=root Aug 16 17:39:02 TORMINT sshd\[8793\]: Failed password for root from 222.186.52.124 port 33296 ssh2 Aug 16 17:39:03 TORMINT sshd\[8793\]: Failed password for root from 222.186.52.124 port 33296 ssh2 ...	2019-08-17 05:40:16
185.2.140.155	attackspambots	Aug 16 10:00:19 lcdev sshd\[19228\]: Invalid user lsx from 185.2.140.155 Aug 16 10:00:19 lcdev sshd\[19228\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.2.140.155 Aug 16 10:00:21 lcdev sshd\[19228\]: Failed password for invalid user lsx from 185.2.140.155 port 54298 ssh2 Aug 16 10:04:48 lcdev sshd\[19602\]: Invalid user pck from 185.2.140.155 Aug 16 10:04:48 lcdev sshd\[19602\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.2.140.155	2019-08-17 05:45:51
193.70.86.97	attack	2019-08-16T22:08:35.233334abusebot-3.cloudsearch.cf sshd\[12820\]: Invalid user user from 193.70.86.97 port 54008	2019-08-17 06:17:03
111.231.100.167	attackbots	Aug 16 09:59:55 hcbb sshd\[26131\]: Invalid user ts from 111.231.100.167 Aug 16 09:59:55 hcbb sshd\[26131\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.100.167 Aug 16 09:59:58 hcbb sshd\[26131\]: Failed password for invalid user ts from 111.231.100.167 port 22969 ssh2 Aug 16 10:04:55 hcbb sshd\[26528\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.100.167 user=irc Aug 16 10:04:58 hcbb sshd\[26528\]: Failed password for irc from 111.231.100.167 port 13852 ssh2	2019-08-17 05:42:19
89.248.168.107	attackspam	Aug 16 21:19:47 h2177944 kernel: \[4306885.191305\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=89.248.168.107 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=57478 PROTO=TCP SPT=44855 DPT=11491 WINDOW=1024 RES=0x00 SYN URGP=0 Aug 16 21:20:37 h2177944 kernel: \[4306935.048295\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=89.248.168.107 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=56767 PROTO=TCP SPT=44844 DPT=11313 WINDOW=1024 RES=0x00 SYN URGP=0 Aug 16 21:26:22 h2177944 kernel: \[4307279.659395\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=89.248.168.107 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=52452 PROTO=TCP SPT=44844 DPT=11363 WINDOW=1024 RES=0x00 SYN URGP=0 Aug 16 21:26:35 h2177944 kernel: \[4307292.597250\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=89.248.168.107 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=27751 PROTO=TCP SPT=44909 DPT=11953 WINDOW=1024 RES=0x00 SYN URGP=0 Aug 16 21:26:41 h2177944 kernel: \[4307298.539491\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=89.248.168.107 DST=85.	2019-08-17 04:04:49
180.250.113.117	attackbotsspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-08-16 19:53:01,862 INFO [amun_request_handler] PortScan Detected on Port: 445 (180.250.113.117)	2019-08-17 06:02:23
178.128.100.229	attackbotsspam	Invalid user sysadmin from 178.128.100.229 port 56374	2019-08-17 06:00:45
165.227.159.16	attackbotsspam	Aug 16 21:42:15 hb sshd\[7584\]: Invalid user wilma from 165.227.159.16 Aug 16 21:42:15 hb sshd\[7584\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.159.16 Aug 16 21:42:17 hb sshd\[7584\]: Failed password for invalid user wilma from 165.227.159.16 port 37276 ssh2 Aug 16 21:46:41 hb sshd\[7986\]: Invalid user mason from 165.227.159.16 Aug 16 21:46:41 hb sshd\[7986\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.159.16	2019-08-17 05:52:22
5.188.86.114	attack	08/16/2019-16:01:03.876113 5.188.86.114 Protocol: 6 ET CINS Active Threat Intelligence Poor Reputation IP group 8	2019-08-17 04:02:46
177.41.89.81	attack	Aug 17 02:55:32 lcl-usvr-01 sshd[28043]: Invalid user pcmc from 177.41.89.81 Aug 17 02:55:33 lcl-usvr-01 sshd[28043]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.41.89.81 Aug 17 02:55:32 lcl-usvr-01 sshd[28043]: Invalid user pcmc from 177.41.89.81 Aug 17 02:55:35 lcl-usvr-01 sshd[28043]: Failed password for invalid user pcmc from 177.41.89.81 port 43030 ssh2 Aug 17 03:03:57 lcl-usvr-01 sshd[30058]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.41.89.81 user=root Aug 17 03:03:59 lcl-usvr-01 sshd[30058]: Failed password for root from 177.41.89.81 port 32844 ssh2	2019-08-17 06:09:57
106.12.89.171	attackbots	$f2bV_matches	2019-08-17 06:05:21

最近上报的IP列表

146.21.72.100	242.187.179.197	156.215.66.179	85.134.200.50
11.8.53.166	138.97.54.231	171.252.151.250	145.192.9.27
86.230.169.239	91.160.172.239	70.62.172.212	45.248.210.23
14.117.239.71	119.182.77.141	192.59.135.167	160.7.188.90
163.30.246.18	3.128.248.73	101.217.144.197	44.235.128.207