134.209.20.2 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United Kingdom

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	DATE:2019-07-20_03:37:16, IP:134.209.20.2, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2019-07-20 10:44:59

相同子网IP讨论:

IP	类型	评论内容	时间
134.209.207.188	spambotsattack	ET DROP Dshield Block Listed Source group 1 - port: 8080 proto: tcp cat: Misc Attackbytes: 60	2023-02-18 16:14:41
134.209.204.124	attackbots	SSH Bruteforce attack	2020-08-23 07:56:22
134.209.208.159	attackbots	Port scan: Attack repeated for 24 hours	2020-06-21 00:54:32
134.209.201.23	attack	3423/tcp 2974/tcp 726/tcp... [2020-06-01/19]44pkt,15pt.(tcp)	2020-06-20 05:41:48
134.209.208.159	attackspambots	TCP (SYN) 134.209.208.159:46179 -> port 7425, len 44	2020-06-15 15:37:35
134.209.208.159	attackbotsspam	firewall-block, port(s): 25804/tcp	2020-06-13 15:11:57
134.209.208.159	attackspam	May 29 22:50:47 debian-2gb-nbg1-2 kernel: \[13044230.816351\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=134.209.208.159 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=6339 PROTO=TCP SPT=58161 DPT=3540 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-30 05:16:17
134.209.208.159	attack	Port scan: Attack repeated for 24 hours	2020-05-03 01:12:31
134.209.208.159	attackbotsspam	firewall-block, port(s): 22225/tcp	2020-04-25 05:33:25
134.209.208.159	attack	Port scan(s) denied	2020-04-20 16:28:29
134.209.208.159	attackbotsspam	firewall-block, port(s): 15661/tcp	2020-04-13 06:33:44
134.209.203.34	attack	SSH/22 MH Probe, BF, Hack -	2020-02-12 23:47:18
134.209.203.238	attackbotsspam	WordPress wp-login brute force :: 134.209.203.238 0.112 BYPASS [17/Jan/2020:13:00:55 0000] [censored_2] "POST /wp-login.php HTTP/1.1" 200 2287 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-01-18 01:05:40
134.209.208.91	attack	IP: 134.209.208.91 Ports affected Simple Mail Transfer (25) Abuse Confidence rating 16% Found in DNSBL('s) ASN Details AS14061 DigitalOcean LLC United States (US) CIDR 134.209.0.0/16 Log Date: 16/01/2020 11:43:21 AM UTC	2020-01-16 20:09:58
134.209.205.254	attack	Jan 13 22:56:46 ArkNodeAT sshd\[12332\]: Invalid user dev from 134.209.205.254 Jan 13 22:56:46 ArkNodeAT sshd\[12332\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.205.254 Jan 13 22:56:47 ArkNodeAT sshd\[12332\]: Failed password for invalid user dev from 134.209.205.254 port 50846 ssh2	2020-01-14 06:03:56

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 134.209.20.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 8122
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;134.209.20.2.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019071902 1800 900 604800 86400

;; Query time: 4 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Jul 20 10:44:53 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 2.20.209.134.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 2.20.209.134.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
179.111.240.140	attackbots	Jul 12 23:52:38 MK-Soft-VM5 sshd\[30254\]: Invalid user android from 179.111.240.140 port 42671 Jul 12 23:52:38 MK-Soft-VM5 sshd\[30254\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.111.240.140 Jul 12 23:52:41 MK-Soft-VM5 sshd\[30254\]: Failed password for invalid user android from 179.111.240.140 port 42671 ssh2 ...	2019-07-13 07:53:24
62.234.72.154	attackbotsspam	Jul 12 23:39:23 localhost sshd\[12257\]: Invalid user somsak from 62.234.72.154 port 52228 Jul 12 23:39:23 localhost sshd\[12257\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.72.154 Jul 12 23:39:25 localhost sshd\[12257\]: Failed password for invalid user somsak from 62.234.72.154 port 52228 ssh2 Jul 12 23:41:57 localhost sshd\[12364\]: Invalid user test from 62.234.72.154 port 50402 Jul 12 23:41:57 localhost sshd\[12364\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.72.154 ...	2019-07-13 07:58:34
83.55.220.88	attackspam	Jul 13 01:38:49 vmd17057 sshd\[16735\]: Invalid user mao from 83.55.220.88 port 58922 Jul 13 01:38:49 vmd17057 sshd\[16735\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=83.55.220.88 Jul 13 01:38:50 vmd17057 sshd\[16735\]: Failed password for invalid user mao from 83.55.220.88 port 58922 ssh2 ...	2019-07-13 07:54:29
186.64.120.96	attack	2019-07-10T21:30:02.912979matrix.arvenenaske.de sshd[11381]: Invalid user administrateur from 186.64.120.96 port 34624 2019-07-10T21:30:02.916443matrix.arvenenaske.de sshd[11381]: pam_sss(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.64.120.96 user=administrateur 2019-07-10T21:30:02.917131matrix.arvenenaske.de sshd[11381]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.64.120.96 2019-07-10T21:30:02.912979matrix.arvenenaske.de sshd[11381]: Invalid user administrateur from 186.64.120.96 port 34624 2019-07-10T21:30:05.078431matrix.arvenenaske.de sshd[11381]: Failed password for invalid user administrateur from 186.64.120.96 port 34624 ssh2 2019-07-10T21:33:08.110446matrix.arvenenaske.de sshd[11390]: Invalid user og from 186.64.120.96 port 33082 2019-07-10T21:33:08.113824matrix.arvenenaske.de sshd[11390]: pam_sss(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=186........ ------------------------------	2019-07-13 07:52:18
66.70.130.155	attackbots	Jul 12 04:44:01 * sshd[30937]: Failed password for invalid user git from 66.70.130.155 port 47186 ssh2 Jul 12 04:52:47 * sshd[31067]: Failed password for invalid user cheryl from 66.70.130.155 port 57946 ssh2 Jul 12 05:01:03 * sshd[31159]: Failed password for invalid user bash from 66.70.130.155 port 58738 ssh2 Jul 12 05:08:42 * sshd[31305]: Failed password for invalid user elasticsearch from 66.70.130.155 port 59540 ssh2 Jul 12 05:16:42 * sshd[31458]: Failed password for invalid user jenkins from 66.70.130.155 port 60334 ssh2 Jul 12 05:24:40 * sshd[31586]: Failed password for invalid user cmb from 66.70.130.155 port 32898 ssh2 Jul 12 05:32:19 * sshd[31661]: Failed password for invalid user yan from 66.70.130.155 port 33696 ssh2 Jul 12 05:40:08 * sshd[31793]: Failed password for invalid user windows from 66.70.130.155 port 34492 ssh2 Jul 12 05:48:05 * sshd[31957]: Failed password for invalid user geng from 66.70.130.155 port 35290 ssh2 Jul 12 05:55:44 * sshd[32031]: Failed password for inv	2019-07-13 07:57:05
188.166.70.245	attackbotsspam	Jul 12 21:04:10 mail sshd\[25696\]: Invalid user mike from 188.166.70.245 port 57710 Jul 12 21:04:10 mail sshd\[25696\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.70.245 ...	2019-07-13 07:47:01
220.120.106.254	attack	Jul 12 21:58:55 dev0-dcde-rnet sshd[3915]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.120.106.254 Jul 12 21:58:57 dev0-dcde-rnet sshd[3915]: Failed password for invalid user admin from 220.120.106.254 port 46738 ssh2 Jul 12 22:05:01 dev0-dcde-rnet sshd[3966]: Failed password for root from 220.120.106.254 port 52656 ssh2	2019-07-13 07:27:37
112.85.42.186	attackspam	Jul 12 23:04:41 MK-Soft-VM3 sshd\[18443\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.186 user=root Jul 12 23:04:43 MK-Soft-VM3 sshd\[18443\]: Failed password for root from 112.85.42.186 port 62953 ssh2 Jul 12 23:04:45 MK-Soft-VM3 sshd\[18443\]: Failed password for root from 112.85.42.186 port 62953 ssh2 ...	2019-07-13 08:03:18
166.111.7.104	attackbotsspam	Invalid user inactive from 166.111.7.104 port 38271 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=166.111.7.104 Failed password for invalid user inactive from 166.111.7.104 port 38271 ssh2 Invalid user oracle from 166.111.7.104 port 58308 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=166.111.7.104	2019-07-13 07:45:10
95.138.65.166	attack	TCP port 23 (Telnet) attempt blocked by firewall. [2019-07-12 22:03:19]	2019-07-13 07:29:04
151.236.32.126	attack	Jul 13 00:24:32 ubuntu-2gb-nbg1-dc3-1 sshd[8578]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=151.236.32.126 Jul 13 00:24:34 ubuntu-2gb-nbg1-dc3-1 sshd[8578]: Failed password for invalid user sylvestre from 151.236.32.126 port 49998 ssh2 ...	2019-07-13 07:21:24
129.213.63.120	attack	Jul 12 22:00:15 eventyay sshd[32033]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.63.120 Jul 12 22:00:17 eventyay sshd[32033]: Failed password for invalid user fa from 129.213.63.120 port 48260 ssh2 Jul 12 22:05:11 eventyay sshd[858]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.63.120 ...	2019-07-13 07:23:34
14.116.35.25	attackbots	Lines containing failures of 14.116.35.25 Jul 13 00:59:49 shared11 sshd[5480]: Invalid user support from 14.116.35.25 port 58786 Jul 13 00:59:49 shared11 sshd[5480]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.116.35.25 Jul 13 00:59:51 shared11 sshd[5480]: Failed password for invalid user support from 14.116.35.25 port 58786 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=14.116.35.25	2019-07-13 07:49:01
72.75.217.132	attackspam	Jul 12 20:14:17 XXX sshd[57697]: Invalid user user from 72.75.217.132 port 35662	2019-07-13 07:20:04
204.48.19.178	attackspambots	Jul 13 02:12:38 srv-4 sshd\[18951\]: Invalid user pick from 204.48.19.178 Jul 13 02:12:38 srv-4 sshd\[18951\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=204.48.19.178 Jul 13 02:12:40 srv-4 sshd\[18951\]: Failed password for invalid user pick from 204.48.19.178 port 60152 ssh2 ...	2019-07-13 07:25:23

最近上报的IP列表

171.101.241.142	117.240.211.122	138.197.73.156	134.73.161.163
186.202.136.245	209.235.35.125	151.54.165.182	52.15.52.143
138.197.213.180	77.35.3.74	52.172.40.62	177.37.199.46
154.117.159.218	46.21.198.180	103.205.68.2	99.255.149.190
15.230.182.145	174.89.107.73	206.189.208.157	193.31.119.174