134.122.31.107

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States of America

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	(sshd) Failed SSH login from 134.122.31.107 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 12 08:38:18 jbs1 sshd[18520]: Invalid user etc from 134.122.31.107 Oct 12 08:38:18 jbs1 sshd[18520]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.122.31.107 Oct 12 08:38:20 jbs1 sshd[18520]: Failed password for invalid user etc from 134.122.31.107 port 50508 ssh2 Oct 12 08:46:10 jbs1 sshd[21384]: Invalid user www from 134.122.31.107 Oct 12 08:46:10 jbs1 sshd[21384]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.122.31.107	2020-10-12 23:27:35
attackbots	(sshd) Failed SSH login from 134.122.31.107 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 12 02:39:16 server4 sshd[14358]: Invalid user teamspeak3 from 134.122.31.107 Oct 12 02:39:16 server4 sshd[14358]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.122.31.107 Oct 12 02:39:19 server4 sshd[14358]: Failed password for invalid user teamspeak3 from 134.122.31.107 port 41936 ssh2 Oct 12 02:45:42 server4 sshd[17949]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.122.31.107 user=mysql Oct 12 02:45:44 server4 sshd[17949]: Failed password for mysql from 134.122.31.107 port 43414 ssh2	2020-10-12 14:52:38
attackbotsspam	$f2bV_matches	2020-10-12 03:19:16
attack	Cowrie Honeypot: Unauthorised SSH/Telnet login attempt with user "root" at 2020-10-11T06:17:23Z	2020-10-11 19:11:58
attackbotsspam	Oct 4 13:07:24 nextcloud sshd\[20336\]: Invalid user abc from 134.122.31.107 Oct 4 13:07:24 nextcloud sshd\[20336\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.122.31.107 Oct 4 13:07:26 nextcloud sshd\[20336\]: Failed password for invalid user abc from 134.122.31.107 port 55348 ssh2	2020-10-05 01:57:41
attackbots	Oct 4 11:20:43 server sshd[28982]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.122.31.107 Oct 4 11:20:45 server sshd[28982]: Failed password for invalid user vncuser from 134.122.31.107 port 60564 ssh2 Oct 4 11:27:45 server sshd[29214]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.122.31.107 Oct 4 11:27:47 server sshd[29214]: Failed password for invalid user arkserver from 134.122.31.107 port 37870 ssh2	2020-10-04 17:40:44
attackspambots	SSH bruteforce	2020-09-30 02:40:13
attackspambots	Invalid user user from 134.122.31.107 port 46136	2020-09-29 18:43:24
attack	2020-09-20T20:05:58.058870vps773228.ovh.net sshd[13984]: Failed password for root from 134.122.31.107 port 51244 ssh2 2020-09-20T20:09:42.843934vps773228.ovh.net sshd[14026]: Invalid user ubuntu from 134.122.31.107 port 33558 2020-09-20T20:09:42.859711vps773228.ovh.net sshd[14026]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.122.31.107 2020-09-20T20:09:42.843934vps773228.ovh.net sshd[14026]: Invalid user ubuntu from 134.122.31.107 port 33558 2020-09-20T20:09:44.910323vps773228.ovh.net sshd[14026]: Failed password for invalid user ubuntu from 134.122.31.107 port 33558 ssh2 ...	2020-09-21 02:25:21
attackspam	DATE:2020-09-20 12:08:59, IP:134.122.31.107, PORT:ssh SSH brute force auth (docker-dc)	2020-09-20 18:25:54

相同子网IP讨论:

IP	类型	评论内容	时间
134.122.31.101	attackspam	04/06/2020-08:44:58.703546 134.122.31.101 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-04-06 22:37:03

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 134.122.31.107
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 6367
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;134.122.31.107.			IN	A

;; AUTHORITY SECTION:
.			264	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020092000 1800 900 604800 86400

;; Query time: 84 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Sep 20 18:25:49 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 107.31.122.134.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 107.31.122.134.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
61.228.162.157	attack	Unauthorised access (Nov 10) SRC=61.228.162.157 LEN=40 PREC=0x20 TTL=51 ID=43530 TCP DPT=23 WINDOW=22044 SYN	2019-11-10 22:25:19
119.29.10.25	attack	2019-11-10T15:41:53.712941scmdmz1 sshd\[5958\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.10.25 user=root 2019-11-10T15:41:55.532424scmdmz1 sshd\[5958\]: Failed password for root from 119.29.10.25 port 44403 ssh2 2019-11-10T15:47:13.756248scmdmz1 sshd\[6405\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.10.25 user=root ...	2019-11-10 22:49:59
218.92.0.200	attackspambots	2019-11-10T14:47:24.729084abusebot-4.cloudsearch.cf sshd\[15759\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.200 user=root	2019-11-10 22:47:35
159.203.201.25	attackbotsspam	159.203.201.25 was recorded 5 times by 5 hosts attempting to connect to the following ports: 389. Incident counter (4h, 24h, all-time): 5, 18, 59	2019-11-10 22:39:27
112.66.185.201	attackbotsspam	Nov 10 12:16:20 mxgate1 postfix/postscreen[10876]: CONNECT from [112.66.185.201]:40675 to [176.31.12.44]:25 Nov 10 12:16:20 mxgate1 postfix/dnsblog[10878]: addr 112.66.185.201 listed by domain zen.spamhaus.org as 127.0.0.11 Nov 10 12:16:20 mxgate1 postfix/dnsblog[10878]: addr 112.66.185.201 listed by domain zen.spamhaus.org as 127.0.0.3 Nov 10 12:16:20 mxgate1 postfix/dnsblog[10878]: addr 112.66.185.201 listed by domain zen.spamhaus.org as 127.0.0.4 Nov 10 12:16:20 mxgate1 postfix/dnsblog[10881]: addr 112.66.185.201 listed by domain ix.dnsbl.xxxxxx.net as 127.0.0.2 Nov 10 12:16:21 mxgate1 postfix/postscreen[10876]: PREGREET 17 after 0.62 from [112.66.185.201]:40675: EHLO 128317.com Nov 10 12:16:21 mxgate1 postfix/dnsblog[10877]: addr 112.66.185.201 listed by domain cbl.abuseat.org as 127.0.0.2 Nov 10 12:16:21 mxgate1 postfix/dnsblog[10880]: addr 112.66.185.201 listed by domain b.barracudacentral.org as 127.0.0.2 Nov 10 12:16:21 mxgate1 postfix/postscreen[10876]: DNSBL ........ -------------------------------	2019-11-10 22:55:06
162.241.32.152	attackspambots	Nov 10 20:28:29 vibhu-HP-Z238-Microtower-Workstation sshd\[23844\]: Invalid user 1q2w3e from 162.241.32.152 Nov 10 20:28:29 vibhu-HP-Z238-Microtower-Workstation sshd\[23844\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.241.32.152 Nov 10 20:28:31 vibhu-HP-Z238-Microtower-Workstation sshd\[23844\]: Failed password for invalid user 1q2w3e from 162.241.32.152 port 57836 ssh2 Nov 10 20:32:28 vibhu-HP-Z238-Microtower-Workstation sshd\[24052\]: Invalid user 12345 from 162.241.32.152 Nov 10 20:32:28 vibhu-HP-Z238-Microtower-Workstation sshd\[24052\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.241.32.152 ...	2019-11-10 23:06:55
119.15.90.69	attackbotsspam	" "	2019-11-10 22:28:14
198.20.103.178	attack	Input Traffic from this IP, but critial abuseconfidencescore	2019-11-10 22:41:10
178.128.236.202	attack	Wordpress login attempts	2019-11-10 22:42:40
41.204.191.53	attackbotsspam	Nov 10 06:47:07 mockhub sshd[29377]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.204.191.53 Nov 10 06:47:09 mockhub sshd[29377]: Failed password for invalid user ma@06&21 from 41.204.191.53 port 58934 ssh2 ...	2019-11-10 23:01:27
222.186.190.2	attack	2019-11-10T15:57:10.337323scmdmz1 sshd\[7230\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.190.2 user=root 2019-11-10T15:57:12.377574scmdmz1 sshd\[7230\]: Failed password for root from 222.186.190.2 port 25272 ssh2 2019-11-10T15:57:16.934538scmdmz1 sshd\[7230\]: Failed password for root from 222.186.190.2 port 25272 ssh2 ...	2019-11-10 22:58:27
223.30.148.138	attackbotsspam	Nov 10 15:41:55 mail sshd[31040]: Failed password for root from 223.30.148.138 port 57444 ssh2 ...	2019-11-10 22:58:05
200.126.236.187	attack	Nov 10 04:41:23 firewall sshd[3324]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.126.236.187 Nov 10 04:41:23 firewall sshd[3324]: Invalid user share from 200.126.236.187 Nov 10 04:41:25 firewall sshd[3324]: Failed password for invalid user share from 200.126.236.187 port 55720 ssh2 ...	2019-11-10 22:29:31
51.68.228.85	attackbotsspam	Automatic report - XMLRPC Attack	2019-11-10 23:06:14
152.136.96.93	attackspam	Nov 10 14:47:06 venus sshd\[30739\]: Invalid user teste from 152.136.96.93 port 47648 Nov 10 14:47:06 venus sshd\[30739\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.96.93 Nov 10 14:47:08 venus sshd\[30739\]: Failed password for invalid user teste from 152.136.96.93 port 47648 ssh2 ...	2019-11-10 23:03:38

最近上报的IP列表

126.173.94.139	161.35.154.143	89.248.172.149	193.226.144.172
91.211.91.2	73.51.164.98	186.155.19.10	45.138.100.138
47.29.120.37	45.81.226.57	83.110.213.45	168.81.115.24
2607:f8b0:4023:c06::bc	122.51.193.108	200.204.163.172	185.235.40.133
150.95.66.29	64.150.229.84	201.1.173.138	105.58.142.71