134.209.13.209

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Sep 11 10:07:09 kapalua sshd\[11585\]: Invalid user guest from 134.209.13.209 Sep 11 10:07:09 kapalua sshd\[11585\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.13.209 Sep 11 10:07:10 kapalua sshd\[11585\]: Failed password for invalid user guest from 134.209.13.209 port 55192 ssh2 Sep 11 10:12:42 kapalua sshd\[12268\]: Invalid user admin from 134.209.13.209 Sep 11 10:12:42 kapalua sshd\[12268\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.13.209	2019-09-12 04:22:33
attackspambots	Sep 4 02:14:08 ny01 sshd[25955]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.13.209 Sep 4 02:14:10 ny01 sshd[25955]: Failed password for invalid user aldo from 134.209.13.209 port 42968 ssh2 Sep 4 02:18:04 ny01 sshd[26639]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.13.209	2019-09-04 14:29:30
attack	Aug 30 02:13:01 ny01 sshd[19120]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.13.209 Aug 30 02:13:03 ny01 sshd[19120]: Failed password for invalid user vdr from 134.209.13.209 port 60944 ssh2 Aug 30 02:17:06 ny01 sshd[19789]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.13.209	2019-08-30 17:53:26
attack	Invalid user marketing from 134.209.13.209 port 52820	2019-08-29 13:27:03
attack	Aug 24 21:40:25 raspberrypi sshd\[9732\]: Invalid user minecraft from 134.209.13.209Aug 24 21:40:27 raspberrypi sshd\[9732\]: Failed password for invalid user minecraft from 134.209.13.209 port 51000 ssh2Aug 24 21:48:02 raspberrypi sshd\[9853\]: Invalid user user from 134.209.13.209 ...	2019-08-25 05:51:50
attackspam	Aug 19 02:16:16 rb06 sshd[9687]: Failed password for invalid user alberta from 134.209.13.209 port 59958 ssh2 Aug 19 02:16:16 rb06 sshd[9687]: Received disconnect from 134.209.13.209: 11: Bye Bye [preauth] Aug 19 02:22:50 rb06 sshd[15884]: Failed password for invalid user haxor from 134.209.13.209 port 45134 ssh2 Aug 19 02:22:50 rb06 sshd[15884]: Received disconnect from 134.209.13.209: 11: Bye Bye [preauth] Aug 19 02:26:52 rb06 sshd[16240]: Failed password for invalid user iwizservice from 134.209.13.209 port 36022 ssh2 Aug 19 02:26:53 rb06 sshd[16240]: Received disconnect from 134.209.13.209: 11: Bye Bye [preauth] Aug 19 02:30:43 rb06 sshd[15912]: Failed password for invalid user tomek from 134.209.13.209 port 55144 ssh2 Aug 19 02:30:43 rb06 sshd[15912]: Received disconnect from 134.209.13.209: 11: Bye Bye [preauth] Aug 19 02:34:48 rb06 sshd[26854]: Failed password for invalid user da from 134.209.13.209 port 46034 ssh2 Aug 19 02:34:48 rb06 sshd[26854]: Received disco........ -------------------------------	2019-08-19 11:54:41

相同子网IP讨论:

IP	类型	评论内容	时间
134.209.134.227	attackbots	CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2019-09-30 17:02:01

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 134.209.13.209
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 51315
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;134.209.13.209.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019081801 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Aug 19 11:54:36 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 209.13.209.134.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 209.13.209.134.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
162.212.153.219	attack	Port scan detected on ports: 81[TCP], 88[TCP], 8800[TCP]	2019-12-25 16:45:13
204.93.193.178	attack	Dec 25 11:26:13 gw1 sshd[31033]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=204.93.193.178 Dec 25 11:26:15 gw1 sshd[31033]: Failed password for invalid user wahbe from 204.93.193.178 port 55162 ssh2 ...	2019-12-25 17:15:38
58.254.132.239	attack	Dec 25 07:26:21 zulu412 sshd\[792\]: Invalid user marlon from 58.254.132.239 port 22118 Dec 25 07:26:21 zulu412 sshd\[792\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.254.132.239 Dec 25 07:26:23 zulu412 sshd\[792\]: Failed password for invalid user marlon from 58.254.132.239 port 22118 ssh2 ...	2019-12-25 17:10:29
139.28.223.142	attackbots	Dec 25 07:05:51 web01 postfix/smtpd[18756]: connect from unknown[139.28.223.142] Dec 25 07:05:51 web01 policyd-spf[20379]: None; identhostnamey=helo; client-ip=139.28.223.142; helo=deer.elevotal.com; envelope-from=x@x Dec 25 07:05:51 web01 policyd-spf[20379]: Pass; identhostnamey=mailfrom; client-ip=139.28.223.142; helo=deer.elevotal.com; envelope-from=x@x Dec x@x Dec 25 07:05:51 web01 postfix/smtpd[18756]: disconnect from unknown[139.28.223.142] Dec 25 07:08:03 web01 postfix/smtpd[20713]: connect from unknown[139.28.223.142] Dec 25 07:08:03 web01 policyd-spf[20715]: None; identhostnamey=helo; client-ip=139.28.223.142; helo=deer.elevotal.com; envelope-from=x@x Dec 25 07:08:03 web01 policyd-spf[20715]: Pass; identhostnamey=mailfrom; client-ip=139.28.223.142; helo=deer.elevotal.com; envelope-from=x@x Dec x@x Dec 25 07:08:03 web01 postfix/smtpd[20713]: disconnect from unknown[139.28.223.142] Dec 25 07:10:40 web01 postfix/smtpd[20713]: connect from unknown[139.28.223.142] D........ -------------------------------	2019-12-25 17:00:07
51.15.149.58	attackspambots	\[2019-12-25 03:41:40\] NOTICE\[2839\] chan_sip.c: Registration from '"328"\' failed for '51.15.149.58:8341' - Wrong password \[2019-12-25 03:41:40\] SECURITY\[2857\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-12-25T03:41:40.270-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="328",SessionID="0x7f0fb499d728",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/51.15.149.58/8341",Challenge="5682896a",ReceivedChallenge="5682896a",ReceivedHash="52fcee648fef1c78e6b2c46fe89ed945" \[2019-12-25 03:42:38\] NOTICE\[2839\] chan_sip.c: Registration from '"328"\' failed for '51.15.149.58:8399' - Wrong password \[2019-12-25 03:42:38\] SECURITY\[2857\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-12-25T03:42:38.370-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="328",SessionID="0x7f0fb499d728",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/51.15.149	2019-12-25 17:12:59
80.82.70.239	attackbotsspam	Dec 25 09:40:32 debian-2gb-nbg1-2 kernel: \[915968.042674\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=80.82.70.239 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=28290 PROTO=TCP SPT=41223 DPT=3242 WINDOW=1024 RES=0x00 SYN URGP=0	2019-12-25 17:02:45
171.8.68.12	attack	Unauthorized connection attempt detected from IP address 171.8.68.12 to port 445	2019-12-25 17:20:59
49.88.112.65	attack	Dec 25 11:05:11 pkdns2 sshd\[10881\]: Failed password for root from 49.88.112.65 port 43576 ssh2Dec 25 11:05:14 pkdns2 sshd\[10881\]: Failed password for root from 49.88.112.65 port 43576 ssh2Dec 25 11:05:17 pkdns2 sshd\[10881\]: Failed password for root from 49.88.112.65 port 43576 ssh2Dec 25 11:06:49 pkdns2 sshd\[10933\]: Failed password for root from 49.88.112.65 port 30205 ssh2Dec 25 11:07:38 pkdns2 sshd\[10964\]: Failed password for root from 49.88.112.65 port 54280 ssh2Dec 25 11:09:17 pkdns2 sshd\[11038\]: Failed password for root from 49.88.112.65 port 63819 ssh2 ...	2019-12-25 17:17:57
163.172.7.215	attackspambots	[Wed Dec 25 13:26:18.161680 2019] [ssl:info] [pid 9422:tid 140114978137856] [client 163.172.7.215:34189] AH02033: No hostname was provided via SNI for a name based virtual host ...	2019-12-25 17:13:46
42.55.180.112	attackbotsspam	Dec 25 01:13:55 esmtp postfix/smtpd[1358]: lost connection after AUTH from unknown[42.55.180.112] Dec 25 01:14:00 esmtp postfix/smtpd[1341]: lost connection after AUTH from unknown[42.55.180.112] Dec 25 01:14:17 esmtp postfix/smtpd[1358]: lost connection after AUTH from unknown[42.55.180.112] Dec 25 01:14:26 esmtp postfix/smtpd[1358]: lost connection after AUTH from unknown[42.55.180.112] Dec 25 01:14:30 esmtp postfix/smtpd[1341]: lost connection after AUTH from unknown[42.55.180.112] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=42.55.180.112	2019-12-25 17:07:43
64.50.186.5	attackbots	xmlrpc attack	2019-12-25 17:01:18
81.182.254.124	attackbotsspam	[Aegis] @ 2019-12-25 09:44:15 0000 -> Attempted Administrator Privilege Gain: ET SCAN LibSSH Based Frequent SSH Connections Likely BruteForce Attack	2019-12-25 17:17:24
45.55.142.207	attackbotsspam	Dec 25 09:29:04 [host] sshd[3912]: Invalid user kobes from 45.55.142.207 Dec 25 09:29:04 [host] sshd[3912]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.142.207 Dec 25 09:29:06 [host] sshd[3912]: Failed password for invalid user kobes from 45.55.142.207 port 34658 ssh2	2019-12-25 16:52:44
196.196.39.199	attackbots	Automatic report - Banned IP Access	2019-12-25 16:51:23
222.186.173.215	attackbotsspam	$f2bV_matches	2019-12-25 17:06:38

最近上报的IP列表

191.253.31.46	191.240.195.201	191.240.193.147	191.240.89.128
169.56.100.100	174.108.123.35	191.240.68.159	191.240.24.123
191.53.254.167	191.53.254.99	191.53.253.100	191.53.252.133
191.53.250.89	241.166.63.137	191.53.248.162	191.53.238.84
191.53.237.244	191.53.236.191	218.135.39.74	104.132.76.235