134.209.15.14 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	fire	2019-11-17 00:53:34
attackbotsspam	Brute force SMTP login attempted. ...	2019-08-10 05:55:42
attackbotsspam	fire	2019-08-09 13:59:37
attackspambots	24.06.2019 18:14:16 SSH access blocked by firewall	2019-06-25 05:49:19
attackbotsspam	Jun 23 23:35:40 server2 sshd\[879\]: User root from 134.209.15.14 not allowed because not listed in AllowUsers Jun 23 23:35:43 server2 sshd\[881\]: Invalid user admin from 134.209.15.14 Jun 23 23:35:45 server2 sshd\[883\]: User root from 134.209.15.14 not allowed because not listed in AllowUsers Jun 23 23:35:47 server2 sshd\[887\]: Invalid user admin from 134.209.15.14 Jun 23 23:35:49 server2 sshd\[899\]: Invalid user user from 134.209.15.14 Jun 23 23:35:52 server2 sshd\[903\]: Invalid user user from 134.209.15.14	2019-06-24 04:51:52
attackbots	Jun 21 23:14:10 server2 sshd\[4749\]: User root from 134.209.15.14 not allowed because not listed in AllowUsers Jun 21 23:14:11 server2 sshd\[4751\]: Invalid user admin from 134.209.15.14 Jun 21 23:14:12 server2 sshd\[4753\]: User root from 134.209.15.14 not allowed because not listed in AllowUsers Jun 21 23:14:14 server2 sshd\[4755\]: Invalid user admin from 134.209.15.14 Jun 21 23:14:15 server2 sshd\[4757\]: Invalid user user from 134.209.15.14 Jun 21 23:14:16 server2 sshd\[4759\]: Invalid user user from 134.209.15.14	2019-06-22 04:24:45

相同子网IP讨论:

IP	类型	评论内容	时间
134.209.158.114	botsattackproxy	Bot attacker IP	2025-07-11 12:53:52
134.209.157.216	attack	fraud connect	2024-04-04 18:37:59
134.209.157.198	attack	Automatically reported by fail2ban report script (mx1)	2020-10-14 08:45:01
134.209.155.5	attack	134.209.155.5 - - [09/Oct/2020:22:48:18 +0200] "GET / HTTP/1.1" 200 612 "-" "-"	2020-10-10 23:15:18
134.209.155.5	attackbots	134.209.155.5 - - [09/Oct/2020:22:48:18 +0200] "GET / HTTP/1.1" 200 612 "-" "-"	2020-10-10 15:05:34
134.209.154.74	attackspam	TCP (SYN) 134.209.154.74:50861 -> port 14290, len 44	2020-10-07 03:12:13
134.209.154.74	attackspam	TCP ports : 18176 / 32042	2020-10-06 19:11:47
134.209.159.10	attackbotsspam	Port scan: Attack repeated for 24 hours	2020-10-06 03:35:32
134.209.159.10	attackspam	TCP (SYN) 134.209.159.10:59946 -> port 18716, len 44	2020-10-05 19:29:50
134.209.153.36	attackspam	Oct 3 14:41:22 mout sshd[12511]: Invalid user rg from 134.209.153.36 port 38328 Oct 3 14:41:24 mout sshd[12511]: Failed password for invalid user rg from 134.209.153.36 port 38328 ssh2 Oct 3 14:41:24 mout sshd[12511]: Disconnected from invalid user rg 134.209.153.36 port 38328 [preauth]	2020-10-04 04:32:43
134.209.153.36	attack	$f2bV_matches	2020-10-03 20:39:14
134.209.153.36	attackbots	Oct 2 06:57:53 kunden sshd[6278]: Invalid user developer from 134.209.153.36 Oct 2 06:57:53 kunden sshd[6278]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.153.36 Oct 2 06:57:56 kunden sshd[6278]: Failed password for invalid user developer from 134.209.153.36 port 39016 ssh2 Oct 2 06:57:56 kunden sshd[6278]: Received disconnect from 134.209.153.36: 11: Bye Bye [preauth] Oct 2 07:03:03 kunden sshd[11337]: Invalid user cc from 134.209.153.36 Oct 2 07:03:04 kunden sshd[11337]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.153.36 Oct 2 07:03:06 kunden sshd[11337]: Failed password for invalid user cc from 134.209.153.36 port 39582 ssh2 Oct 2 07:03:06 kunden sshd[11337]: Received disconnect from 134.209.153.36: 11: Bye Bye [preauth] Oct 2 07:04:42 kunden sshd[12131]: Invalid user ubuntu from 134.209.153.36 Oct 2 07:04:42 kunden sshd[12131]: pam_unix(sshd:auth): aut........ -------------------------------	2020-10-03 06:47:07
134.209.157.198	attack	WordPress login Brute force / Web App Attack on client site.	2020-09-30 03:13:30
134.209.157.198	attackbots	134.209.157.198 - - [29/Sep/2020:09:44:29 +0100] "POST /wp-login.php HTTP/1.1" 200 2342 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 134.209.157.198 - - [29/Sep/2020:09:44:29 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 134.209.157.198 - - [29/Sep/2020:09:49:17 +0100] "POST /wp-login.php HTTP/1.1" 200 2342 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-29 19:18:00
134.209.150.94	attack	TCP (SYN) 134.209.150.94:54706 -> port 8872, len 44	2020-09-28 04:09:00

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 134.209.15.14
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 53625
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;134.209.15.14.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019061801 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Jun 19 12:09:21 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 14.15.209.134.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 14.15.209.134.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
14.231.195.174	attack	445/tcp 445/tcp [2019-10-26]2pkt	2019-10-26 15:54:08
178.238.232.40	attackbots	[portscan] Port scan	2019-10-26 16:17:59
106.75.153.43	attackbots	Oct 26 07:09:01 MK-Soft-Root2 sshd[20401]: Failed password for root from 106.75.153.43 port 60728 ssh2 ...	2019-10-26 16:14:47
46.38.144.57	attack	Oct 26 09:50:46 webserver postfix/smtpd\[21173\]: warning: unknown\[46.38.144.57\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 26 09:51:57 webserver postfix/smtpd\[21173\]: warning: unknown\[46.38.144.57\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 26 09:53:08 webserver postfix/smtpd\[21173\]: warning: unknown\[46.38.144.57\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 26 09:54:19 webserver postfix/smtpd\[21173\]: warning: unknown\[46.38.144.57\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 26 09:55:24 webserver postfix/smtpd\[21989\]: warning: unknown\[46.38.144.57\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-10-26 15:58:09
171.242.250.210	attack	445/tcp [2019-10-26]1pkt	2019-10-26 16:05:08
74.82.47.51	attackspambots	scan r	2019-10-26 16:11:13
165.22.130.168	attackspambots	Oct 21 06:49:43 nirvana postfix/smtpd[14164]: connect from unknown[165.22.130.168] Oct 21 06:49:44 nirvana postfix/smtpd[14164]: warning: unknown[165.22.130.168]: SASL LOGIN authentication failed: authentication failure Oct 21 06:49:44 nirvana postfix/smtpd[14164]: disconnect from unknown[165.22.130.168] Oct 21 06:55:21 nirvana postfix/smtpd[21609]: connect from unknown[165.22.130.168] Oct 21 06:55:22 nirvana postfix/smtpd[21609]: warning: unknown[165.22.130.168]: SASL LOGIN authentication failed: authentication failure Oct 21 06:55:22 nirvana postfix/smtpd[21609]: disconnect from unknown[165.22.130.168] Oct 21 06:56:35 nirvana postfix/smtpd[21609]: connect from unknown[165.22.130.168] Oct 21 06:56:36 nirvana postfix/smtpd[21609]: warning: unknown[165.22.130.168]: SASL LOGIN authentication failed: authentication failure Oct 21 06:56:36 nirvana postfix/smtpd[21609]: disconnect from unknown[165.22.130.168] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=165.22	2019-10-26 15:48:43
106.13.99.245	attackbots	2019-10-26T05:29:20.883600abusebot-5.cloudsearch.cf sshd\[13364\]: Invalid user heng from 106.13.99.245 port 47122	2019-10-26 15:45:48
113.199.30.147	attackbots	83/tcp [2019-10-26]1pkt	2019-10-26 15:53:38
112.91.150.123	attackbots	Oct 25 18:30:16 wbs sshd\[12448\]: Invalid user testuser from 112.91.150.123 Oct 25 18:30:16 wbs sshd\[12448\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.91.150.123 Oct 25 18:30:17 wbs sshd\[12448\]: Failed password for invalid user testuser from 112.91.150.123 port 60020 ssh2 Oct 25 18:35:21 wbs sshd\[12880\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.91.150.123 user=root Oct 25 18:35:22 wbs sshd\[12880\]: Failed password for root from 112.91.150.123 port 48679 ssh2	2019-10-26 16:01:37
92.53.90.143	attackspam	Port scan: Attack repeated for 24 hours	2019-10-26 15:47:34
175.211.112.254	attack	2019-10-26T06:49:12.272365abusebot-5.cloudsearch.cf sshd\[14231\]: Invalid user robert from 175.211.112.254 port 55372	2019-10-26 15:49:09
95.85.60.251	attackspam	2019-10-26T09:02:39.718762tmaserv sshd\[9318\]: Failed password for root from 95.85.60.251 port 35580 ssh2 2019-10-26T10:05:25.992477tmaserv sshd\[12058\]: Invalid user 12345678 from 95.85.60.251 port 60548 2019-10-26T10:05:25.997808tmaserv sshd\[12058\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.85.60.251 2019-10-26T10:05:28.028745tmaserv sshd\[12058\]: Failed password for invalid user 12345678 from 95.85.60.251 port 60548 ssh2 2019-10-26T10:10:13.124073tmaserv sshd\[12273\]: Invalid user stacey from 95.85.60.251 port 42932 2019-10-26T10:10:13.129639tmaserv sshd\[12273\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.85.60.251 ...	2019-10-26 15:47:06
191.96.25.217	attack	DATE:2019-10-26 05:48:30, IP:191.96.25.217, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2019-10-26 16:21:41
52.192.154.52	attack	slow and persistent scanner	2019-10-26 16:18:33

最近上报的IP列表

151.172.56.178	99.239.212.42	215.44.212.218	123.16.154.51
85.27.103.232	193.184.1.30	77.40.34.190	42.3.152.109
124.65.136.134	154.111.172.73	27.193.195.225	2.228.149.174
120.62.202.85	185.234.219.95	186.123.60.136	212.247.232.166
176.112.240.122	42.116.121.7	54.37.80.160	36.71.34.100