134.209.1.169 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	firewall-block, port(s): 26341/tcp	2020-05-25 01:23:14
attackspambots	Apr 17 12:53:07 debian-2gb-nbg1-2 kernel: \[9379763.504394\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=134.209.1.169 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=60775 PROTO=TCP SPT=44118 DPT=6778 WINDOW=1024 RES=0x00 SYN URGP=0	2020-04-18 01:44:10
attackspambots	firewall-block, port(s): 29268/tcp	2020-04-16 18:11:11
attackspam	Sep 8 14:52:06 aiointranet sshd\[18146\]: Invalid user student2 from 134.209.1.169 Sep 8 14:52:06 aiointranet sshd\[18146\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.1.169 Sep 8 14:52:08 aiointranet sshd\[18146\]: Failed password for invalid user student2 from 134.209.1.169 port 42978 ssh2 Sep 8 14:56:28 aiointranet sshd\[18533\]: Invalid user git_user from 134.209.1.169 Sep 8 14:56:28 aiointranet sshd\[18533\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.1.169	2019-09-09 09:03:00
attack	Sep 8 13:18:26 webhost01 sshd[7594]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.1.169 Sep 8 13:18:28 webhost01 sshd[7594]: Failed password for invalid user a from 134.209.1.169 port 45844 ssh2 ...	2019-09-08 14:20:38
attackbots	F2B jail: sshd. Time: 2019-09-07 19:05:21, Reported by: VKReport	2019-09-08 01:11:34
attackbots	Sep 4 16:14:00 ubuntu-2gb-nbg1-dc3-1 sshd[15831]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.1.169 Sep 4 16:14:02 ubuntu-2gb-nbg1-dc3-1 sshd[15831]: Failed password for invalid user postgres from 134.209.1.169 port 59306 ssh2 ...	2019-09-04 23:09:46
attack	Sep 3 18:55:47 wbs sshd\[24515\]: Invalid user vnc from 134.209.1.169 Sep 3 18:55:47 wbs sshd\[24515\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.1.169 Sep 3 18:55:49 wbs sshd\[24515\]: Failed password for invalid user vnc from 134.209.1.169 port 39282 ssh2 Sep 3 19:00:38 wbs sshd\[24965\]: Invalid user jakarta from 134.209.1.169 Sep 3 19:00:38 wbs sshd\[24965\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.1.169	2019-09-04 13:49:32
attack	Automatic report - Banned IP Access	2019-09-01 13:07:02
attackbotsspam	Aug 24 20:21:48 server sshd\[30549\]: Invalid user control123 from 134.209.1.169 port 36304 Aug 24 20:21:48 server sshd\[30549\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.1.169 Aug 24 20:21:50 server sshd\[30549\]: Failed password for invalid user control123 from 134.209.1.169 port 36304 ssh2 Aug 24 20:26:02 server sshd\[19919\]: Invalid user czarek from 134.209.1.169 port 53626 Aug 24 20:26:02 server sshd\[19919\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.1.169	2019-08-25 03:42:36
attack	Aug 13 23:10:12 eventyay sshd[9253]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.1.169 Aug 13 23:10:14 eventyay sshd[9253]: Failed password for invalid user minlon from 134.209.1.169 port 45500 ssh2 Aug 13 23:15:05 eventyay sshd[10501]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.1.169 ...	2019-08-14 06:00:57
attackspambots	Aug 5 05:25:21 [munged] sshd[17629]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.1.169 user=root Aug 5 05:25:23 [munged] sshd[17629]: Failed password for root from 134.209.1.169 port 33274 ssh2	2019-08-05 14:10:45
attackbots	Jul 31 02:57:13 [host] sshd[17173]: Invalid user csmi from 134.209.1.169 Jul 31 02:57:13 [host] sshd[17173]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.1.169 Jul 31 02:57:15 [host] sshd[17173]: Failed password for invalid user csmi from 134.209.1.169 port 41612 ssh2	2019-07-31 11:28:34
attack	DATE:2019-07-07 01:38:17, IP:134.209.1.169, PORT:ssh brute force auth on SSH service (patata)	2019-07-07 11:39:59

相同子网IP讨论:

IP	类型	评论内容	时间
134.209.158.114	botsattackproxy	Bot attacker IP	2025-07-11 12:53:52
134.209.181.222	attack	Trojan Linux	2024-05-20 13:11:32
134.209.185.238	attack	Vulnerability Scanner	2024-05-20 13:05:36
134.209.157.216	attack	fraud connect	2024-04-04 18:37:59
134.209.102.122	botsattackproxynormal	A	2022-05-21 11:19:18
134.209.157.198	attack	Automatically reported by fail2ban report script (mx1)	2020-10-14 08:45:01
134.209.176.88	attack	Oct 13 23:33:14 scw-gallant-ride sshd[9597]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.176.88	2020-10-14 08:42:24
134.209.189.230	attack	134.209.189.230 - - [17/Sep/2020:21:16:16 +0200] "GET /muieblackcat HTTP/1.1" 404 390 "-" "-" 134.209.189.230 - - [17/Sep/2020:21:16:16 +0200] "GET //phpMyAdmin/scripts/setup.php HTTP/1.1" 404 390 "-" "-" 134.209.189.230 - - [17/Sep/2020:21:16:16 +0200] "GET //phpmyadmin/scripts/setup.php HTTP/1.1" 404 390 "-" "-" 134.209.189.230 - - [17/Sep/2020:21:16:16 +0200] "GET //pma/scripts/setup.php HTTP/1.1" 404 390 "-" "-" 134.209.189.230 - - [17/Sep/2020:21:16:16 +0200] "GET //myadmin/scripts/setup.php HTTP/1.1" 404 390 "-" "-" ...	2020-10-12 07:14:23
134.209.189.230	attackspambots	GET //pma/scripts/setup.php HTTP/1.1 GET /muieblackcat HTTP/1.1 GET //phpmyAdmin/scripts/setup.php HTTP/1.1 GET //phpMyadmin/scripts/setup.php HTTP/1.1 GET //Admin/scripts/setup.php HTTP/1.1 GET //MyAdmin/scripts/setup.php HTTP/1.1 GET //phpMyAdmin/scripts/setup.php HTTP/1.1 GET //phpmyadmin/scripts/setup.php HTTP/1.1 GET //myadmin/scripts/setup.php HTTP/1.1	2020-10-11 23:27:05
134.209.189.230	attackbots	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2020-10-11 15:25:40
134.209.189.230	attackbotsspam	My-Apache-Badbots (server2)	2020-10-11 08:44:16
134.209.191.184	attack	Oct 10 17:23:00 mail sshd[32523]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.191.184 Oct 10 17:23:03 mail sshd[32523]: Failed password for invalid user developer from 134.209.191.184 port 50192 ssh2 ...	2020-10-11 00:37:35
134.209.155.5	attack	134.209.155.5 - - [09/Oct/2020:22:48:18 +0200] "GET / HTTP/1.1" 200 612 "-" "-"	2020-10-10 23:15:18
134.209.186.72	attackspambots	Oct 10 14:18:07 h2427292 sshd\[32033\]: Invalid user website from 134.209.186.72 Oct 10 14:18:08 h2427292 sshd\[32033\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.186.72 Oct 10 14:18:10 h2427292 sshd\[32033\]: Failed password for invalid user website from 134.209.186.72 port 33258 ssh2 ...	2020-10-10 21:17:39
134.209.191.184	attackbotsspam	Lines containing failures of 134.209.191.184 Oct 7 22:00:40 shared02 sshd[5189]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.191.184 user=r.r Oct 7 22:00:42 shared02 sshd[5189]: Failed password for r.r from 134.209.191.184 port 35696 ssh2 Oct 7 22:00:42 shared02 sshd[5189]: Received disconnect from 134.209.191.184 port 35696:11: Bye Bye [preauth] Oct 7 22:00:42 shared02 sshd[5189]: Disconnected from authenticating user r.r 134.209.191.184 port 35696 [preauth] Oct 7 22:09:46 shared02 sshd[7862]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.191.184 user=r.r Oct 7 22:09:48 shared02 sshd[7862]: Failed password for r.r from 134.209.191.184 port 48704 ssh2 Oct 7 22:09:48 shared02 sshd[7862]: Received disconnect from 134.209.191.184 port 48704:11: Bye Bye [preauth] Oct 7 22:09:48 shared02 sshd[7862]: Disconnected from authenticating user r.r 134.209.191.184 port 4870........ ------------------------------	2020-10-10 16:26:14

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 134.209.1.169
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 17008
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;134.209.1.169.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019070601 1800 900 604800 86400

;; Query time: 5 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Jul 07 11:39:51 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 169.1.209.134.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 169.1.209.134.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
167.114.164.20	attackspambots	Port Scan: TCP/445	2019-09-10 17:43:20
96.44.135.125	attackspambots	Port Scan: TCP/443	2019-09-10 17:28:40
111.197.64.90	attackspambots	Port Scan: TCP/21	2019-09-10 17:49:00
5.21.23.29	attack	Automatic report - Port Scan Attack	2019-09-10 17:35:31
217.17.231.114	attack	Port Scan: TCP/8000	2019-09-10 17:36:07
123.207.95.193	attack	Sep 10 05:16:30 MainVPS sshd[21560]: Invalid user oracle from 123.207.95.193 port 60030 Sep 10 05:16:30 MainVPS sshd[21560]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.207.95.193 Sep 10 05:16:30 MainVPS sshd[21560]: Invalid user oracle from 123.207.95.193 port 60030 Sep 10 05:16:33 MainVPS sshd[21560]: Failed password for invalid user oracle from 123.207.95.193 port 60030 ssh2 Sep 10 05:20:12 MainVPS sshd[21833]: Invalid user admin2 from 123.207.95.193 port 35364 ...	2019-09-10 16:55:00
37.57.138.68	attackspam	[munged]::443 37.57.138.68 - - [10/Sep/2019:03:15:19 +0200] "POST /[munged]: HTTP/1.1" 200 9078 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 37.57.138.68 - - [10/Sep/2019:03:15:20 +0200] "POST /[munged]: HTTP/1.1" 200 9078 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 37.57.138.68 - - [10/Sep/2019:03:15:21 +0200] "POST /[munged]: HTTP/1.1" 200 9078 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 37.57.138.68 - - [10/Sep/2019:03:15:21 +0200] "POST /[munged]: HTTP/1.1" 200 9078 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 37.57.138.68 - - [10/Sep/2019:03:15:22 +0200] "POST /[munged]: HTTP/1.1" 200 9078 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 37.57.138.68 - - [10/Sep/2019:03:15:23 +0200] "POST /[munged]: HTTP/1.1" 200 9078 "-" "Mozilla/5.0 (X11; Ubuntu; Li	2019-09-10 17:08:34
113.89.40.218	attack	Port Scan: TCP/445	2019-09-10 17:48:37
216.244.76.218	attack	Sep 9 22:46:29 web1 sshd\[2243\]: Invalid user butter from 216.244.76.218 Sep 9 22:46:29 web1 sshd\[2243\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=216.244.76.218 Sep 9 22:46:31 web1 sshd\[2243\]: Failed password for invalid user butter from 216.244.76.218 port 54168 ssh2 Sep 9 22:52:43 web1 sshd\[2852\]: Invalid user testtest from 216.244.76.218 Sep 9 22:52:43 web1 sshd\[2852\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=216.244.76.218	2019-09-10 17:10:03
117.239.48.242	attackspambots	Sep 9 22:49:48 aiointranet sshd\[29433\]: Invalid user administrador from 117.239.48.242 Sep 9 22:49:48 aiointranet sshd\[29433\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.239.48.242 Sep 9 22:49:50 aiointranet sshd\[29433\]: Failed password for invalid user administrador from 117.239.48.242 port 55566 ssh2 Sep 9 22:56:28 aiointranet sshd\[29982\]: Invalid user gituser from 117.239.48.242 Sep 9 22:56:28 aiointranet sshd\[29982\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.239.48.242	2019-09-10 17:00:03
14.147.106.202	attack	Port Scan: TCP/22	2019-09-10 17:34:32
61.170.200.65	attackbotsspam	Port Scan: TCP/445	2019-09-10 17:32:12
71.11.80.218	attackbots	Port Scan: UDP/137	2019-09-10 17:54:12
201.208.227.102	attackspam	Port Scan: TCP/23	2019-09-10 17:22:20
146.164.21.68	attack	Sep 10 04:20:47 vmanager6029 sshd\[11534\]: Invalid user developer from 146.164.21.68 port 57159 Sep 10 04:20:47 vmanager6029 sshd\[11534\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.164.21.68 Sep 10 04:20:49 vmanager6029 sshd\[11534\]: Failed password for invalid user developer from 146.164.21.68 port 57159 ssh2	2019-09-10 16:54:25

最近上报的IP列表

201.150.149.102	178.33.226.97	111.192.206.6	37.107.101.121
41.155.110.242	212.129.55.152	167.250.218.191	201.46.62.137
163.179.32.104	110.227.201.242	45.139.243.27	104.136.89.76
143.199.50.235	54.184.144.236	188.165.236.25	156.222.190.163
243.234.130.25	191.240.89.167	211.243.36.36	54.38.78.90