134.209.22.22 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	134.209.22.22 - - [21/Jun/2019:11:19:43 +0200] "POST [munged]wp-login.php HTTP/1.1" 444 0 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 0.000	2019-06-21 19:44:29

相同子网IP讨论:

IP	类型	评论内容	时间
134.209.223.106	attackbots	Port Scan ...	2020-09-18 22:20:33
134.209.223.106	attack	Port Scan ...	2020-09-18 14:35:44
134.209.223.106	attack	Auto Detect Rule! proto TCP (SYN), 134.209.223.106:59985->gjan.info:21, len 40	2020-09-18 04:52:34
134.209.22.239	attack	" "	2020-08-31 17:07:10
134.209.22.239	attackspam	Port Scan detected! ...	2020-08-30 13:07:36
134.209.228.253	attack	Aug 20 08:08:50 cho sshd[1119932]: Failed password for root from 134.209.228.253 port 38796 ssh2 Aug 20 08:12:38 cho sshd[1120324]: Invalid user andrea from 134.209.228.253 port 46516 Aug 20 08:12:38 cho sshd[1120324]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.228.253 Aug 20 08:12:38 cho sshd[1120324]: Invalid user andrea from 134.209.228.253 port 46516 Aug 20 08:12:40 cho sshd[1120324]: Failed password for invalid user andrea from 134.209.228.253 port 46516 ssh2 ...	2020-08-20 15:26:20
134.209.228.253	attack	Aug 19 00:47:09 vpn01 sshd[10467]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.228.253 Aug 19 00:47:11 vpn01 sshd[10467]: Failed password for invalid user sb from 134.209.228.253 port 43792 ssh2 ...	2020-08-19 07:57:25
134.209.228.253	attackspambots	Aug 14 02:10:15 web1 sshd\[28661\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.228.253 user=root Aug 14 02:10:18 web1 sshd\[28661\]: Failed password for root from 134.209.228.253 port 42812 ssh2 Aug 14 02:14:05 web1 sshd\[28971\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.228.253 user=root Aug 14 02:14:07 web1 sshd\[28971\]: Failed password for root from 134.209.228.253 port 52650 ssh2 Aug 14 02:18:00 web1 sshd\[29275\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.228.253 user=root	2020-08-15 04:39:46
134.209.228.253	attack	Aug 3 20:48:36 localhost sshd[9499]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.228.253 user=root Aug 3 20:48:38 localhost sshd[9499]: Failed password for root from 134.209.228.253 port 55766 ssh2 Aug 3 20:52:16 localhost sshd[9909]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.228.253 user=root Aug 3 20:52:18 localhost sshd[9909]: Failed password for root from 134.209.228.253 port 39082 ssh2 Aug 3 20:55:59 localhost sshd[10333]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.228.253 user=root Aug 3 20:56:01 localhost sshd[10333]: Failed password for root from 134.209.228.253 port 50628 ssh2 ...	2020-08-04 07:56:19
134.209.228.253	attackbots	Jul 31 14:11:16 fhem-rasp sshd[14346]: Failed password for root from 134.209.228.253 port 33920 ssh2 Jul 31 14:11:16 fhem-rasp sshd[14346]: Disconnected from authenticating user root 134.209.228.253 port 33920 [preauth] ...	2020-07-31 20:34:52
134.209.220.69	attack	Exploited Host.	2020-07-26 03:18:21
134.209.228.253	attackspam	Invalid user yyh from 134.209.228.253 port 59744	2020-07-24 15:17:31
134.209.228.253	attack	Banned for a week because repeated abuses, for example SSH, but not only	2020-07-20 05:20:21
134.209.228.253	attackbotsspam	Jul 16 17:43:20 vps-51d81928 sshd[5171]: Invalid user aayush from 134.209.228.253 port 37602 Jul 16 17:43:20 vps-51d81928 sshd[5171]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.228.253 Jul 16 17:43:20 vps-51d81928 sshd[5171]: Invalid user aayush from 134.209.228.253 port 37602 Jul 16 17:43:23 vps-51d81928 sshd[5171]: Failed password for invalid user aayush from 134.209.228.253 port 37602 ssh2 Jul 16 17:47:01 vps-51d81928 sshd[5232]: Invalid user atm from 134.209.228.253 port 52324 ...	2020-07-17 04:39:28
134.209.228.253	attack	Several Attack	2020-07-17 00:49:41

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 134.209.22.22
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 55349
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;134.209.22.22.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019062100 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Jun 21 19:44:21 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 22.22.209.134.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 22.22.209.134.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
178.128.61.101	attack	Unauthorized SSH login attempts	2020-09-15 22:47:38
45.165.215.100	attackspambots	Unauthorized SMTP/IMAP/POP3 connection attempt	2020-09-15 23:11:16
5.188.84.119	attack	0,17-02/03 [bc01/m09] PostRequest-Spammer scoring: essen	2020-09-15 22:41:16
61.177.172.168	attackspambots	prod11 ...	2020-09-15 22:58:02
178.62.244.247	attack	Sep 15 16:58:15 root sshd[31963]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.62.244.247 user=root Sep 15 16:58:17 root sshd[31963]: Failed password for root from 178.62.244.247 port 35458 ssh2 ...	2020-09-15 22:45:06
218.92.0.138	attackbotsspam	2020-09-15T16:02:22.787282ns386461 sshd\[27997\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.138 user=root 2020-09-15T16:02:24.486328ns386461 sshd\[27997\]: Failed password for root from 218.92.0.138 port 16342 ssh2 2020-09-15T16:02:27.513123ns386461 sshd\[27997\]: Failed password for root from 218.92.0.138 port 16342 ssh2 2020-09-15T16:02:30.950511ns386461 sshd\[27997\]: Failed password for root from 218.92.0.138 port 16342 ssh2 2020-09-15T16:02:35.451617ns386461 sshd\[27997\]: Failed password for root from 218.92.0.138 port 16342 ssh2 ...	2020-09-15 22:44:07
103.109.178.189	attack	Sep 14 18:22:56 mail.srvfarm.net postfix/smtpd[2073486]: warning: unknown[103.109.178.189]: SASL PLAIN authentication failed: Sep 14 18:22:57 mail.srvfarm.net postfix/smtpd[2073486]: lost connection after AUTH from unknown[103.109.178.189] Sep 14 18:23:24 mail.srvfarm.net postfix/smtps/smtpd[2073110]: warning: unknown[103.109.178.189]: SASL PLAIN authentication failed: Sep 14 18:23:24 mail.srvfarm.net postfix/smtps/smtpd[2073110]: lost connection after AUTH from unknown[103.109.178.189] Sep 14 18:25:43 mail.srvfarm.net postfix/smtps/smtpd[2073813]: warning: unknown[103.109.178.189]: SASL PLAIN authentication failed:	2020-09-15 23:23:05
89.186.24.150	attack	Sep 14 18:19:37 mail.srvfarm.net postfix/smtpd[2073585]: warning: ip-89-186-24-150.static.vip-net.pl[89.186.24.150]: SASL PLAIN authentication failed: Sep 14 18:19:37 mail.srvfarm.net postfix/smtpd[2073585]: lost connection after AUTH from ip-89-186-24-150.static.vip-net.pl[89.186.24.150] Sep 14 18:23:31 mail.srvfarm.net postfix/smtps/smtpd[2072918]: warning: ip-89-186-24-150.static.vip-net.pl[89.186.24.150]: SASL PLAIN authentication failed: Sep 14 18:23:31 mail.srvfarm.net postfix/smtps/smtpd[2072918]: lost connection after AUTH from ip-89-186-24-150.static.vip-net.pl[89.186.24.150] Sep 14 18:26:52 mail.srvfarm.net postfix/smtpd[2071658]: warning: ip-89-186-24-150.static.vip-net.pl[89.186.24.150]: SASL PLAIN authentication failed:	2020-09-15 23:23:44
212.70.149.20	attackspambots	Sep 15 17:07:51 srv01 postfix/smtpd\[17122\]: warning: unknown\[212.70.149.20\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 15 17:07:53 srv01 postfix/smtpd\[11576\]: warning: unknown\[212.70.149.20\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 15 17:07:53 srv01 postfix/smtpd\[17715\]: warning: unknown\[212.70.149.20\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 15 17:07:56 srv01 postfix/smtpd\[17726\]: warning: unknown\[212.70.149.20\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 15 17:08:17 srv01 postfix/smtpd\[17726\]: warning: unknown\[212.70.149.20\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-09-15 23:16:31
188.92.213.183	attack	Unauthorized SMTP/IMAP/POP3 connection attempt	2020-09-15 23:01:43
94.102.54.199	attack	Sep 15 16:53:34 web01.agentur-b-2.de dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=94.102.54.199, lip=185.118.198.210, session= Sep 15 16:54:36 web01.agentur-b-2.de dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=94.102.54.199, lip=185.118.198.210, session= Sep 15 16:54:57 web01.agentur-b-2.de dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=94.102.54.199, lip=185.118.198.210, session= Sep 15 16:55:40 web01.agentur-b-2.de dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=94.102.54.199, lip=185.118.198.210, session=<4m0WWFuvSPJeZjbH> Sep 15 16:55:45 web01.agentur-b-2.de dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 6 secs): user=	2020-09-15 23:08:39
89.248.171.89	attack	Sep 15 16:17:09 web01.agentur-b-2.de postfix/smtps/smtpd[165751]: warning: unknown[89.248.171.89]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 15 16:18:34 web01.agentur-b-2.de postfix/smtps/smtpd[165751]: warning: unknown[89.248.171.89]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 15 16:19:41 web01.agentur-b-2.de postfix/smtps/smtpd[165925]: warning: unknown[89.248.171.89]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 15 16:23:11 web01.agentur-b-2.de postfix/smtps/smtpd[166774]: warning: unknown[89.248.171.89]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 15 16:24:02 web01.agentur-b-2.de postfix/smtps/smtpd[166774]: warning: unknown[89.248.171.89]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2020-09-15 23:23:28
95.163.196.191	attackbotsspam	2020-09-15T14:30:00.369288Z eb29c47cc7f8 New connection: 95.163.196.191:60336 (172.17.0.2:2222) [session: eb29c47cc7f8] 2020-09-15T14:53:53.159734Z c0612de3b942 New connection: 95.163.196.191:36770 (172.17.0.2:2222) [session: c0612de3b942]	2020-09-15 22:56:26
177.130.160.245	attackbots	Sep 14 18:29:40 mail.srvfarm.net postfix/smtpd[2073486]: warning: unknown[177.130.160.245]: SASL PLAIN authentication failed: Sep 14 18:29:40 mail.srvfarm.net postfix/smtpd[2073486]: lost connection after AUTH from unknown[177.130.160.245] Sep 14 18:31:44 mail.srvfarm.net postfix/smtps/smtpd[2075240]: warning: unknown[177.130.160.245]: SASL PLAIN authentication failed: Sep 14 18:31:44 mail.srvfarm.net postfix/smtps/smtpd[2075240]: lost connection after AUTH from unknown[177.130.160.245] Sep 14 18:34:56 mail.srvfarm.net postfix/smtpd[2073941]: warning: unknown[177.130.160.245]: SASL PLAIN authentication failed:	2020-09-15 23:19:10
191.240.117.232	attackbotsspam	smtp probe/invalid login attempt	2020-09-15 23:17:38

最近上报的IP列表

5.11.59.84	109.194.166.197	235.193.78.87	67.25.7.26
58.22.105.97	142.187.89.136	182.74.38.250	133.161.111.45
220.247.174.162	41.254.9.128	183.24.213.125	60.169.94.134
178.165.73.87	49.69.155.127	149.210.107.197	79.99.188.17
111.83.162.132	57.166.76.49	192.42.116.27	89.238.139.205