134.209.29.116

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United Kingdom

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Honeypot attack, port: 23, PTR: PTR record not found	2019-10-23 04:30:46

相同子网IP讨论:

IP	类型	评论内容	时间
134.209.29.245	attackbots	Lines containing failures of 134.209.29.245 Jul 26 22:47:49 kmh-wmh-001-nbg01 sshd[310]: Did not receive identification string from 134.209.29.245 port 46478 Jul 26 22:48:05 kmh-wmh-001-nbg01 sshd[383]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.29.245 user=r.r Jul 26 22:48:08 kmh-wmh-001-nbg01 sshd[383]: Failed password for r.r from 134.209.29.245 port 46292 ssh2 Jul 26 22:48:10 kmh-wmh-001-nbg01 sshd[383]: Received disconnect from 134.209.29.245 port 46292:11: Normal Shutdown, Thank you for playing [preauth] Jul 26 22:48:10 kmh-wmh-001-nbg01 sshd[383]: Disconnected from authenticating user r.r 134.209.29.245 port 46292 [preauth] Jul 26 22:48:40 kmh-wmh-001-nbg01 sshd[385]: Invalid user test from 134.209.29.245 port 43272 Jul 26 22:48:40 kmh-wmh-001-nbg01 sshd[385]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.29.245 Jul 26 22:48:42 kmh-wmh-001-nbg01 sshd[385]: Fail........ ------------------------------	2020-07-27 06:11:32
134.209.29.118	attack	134.209.29.118 was recorded 6 times by 6 hosts attempting to connect to the following ports: 5900. Incident counter (4h, 24h, all-time): 6, 9, 9	2019-11-07 19:23:45
134.209.29.183	attackspambots	[portscan] tcp/23 [TELNET] in spfbl.net:'listed' *(RWIN=65535)(10151156)	2019-10-16 02:26:29
134.209.29.180	attackspam	Sep 29 03:48:33 plusreed sshd[23480]: Invalid user oracle from 134.209.29.180 ...	2019-09-29 17:08:35
134.209.29.180	attackbots	F2B jail: sshd. Time: 2019-09-29 01:44:25, Reported by: VKReport	2019-09-29 08:53:31
134.209.29.180	attackspam	Sep 9 11:33:33 php1 sshd\[21585\]: Invalid user webmaster from 134.209.29.180 Sep 9 11:33:33 php1 sshd\[21585\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.29.180 Sep 9 11:33:35 php1 sshd\[21585\]: Failed password for invalid user webmaster from 134.209.29.180 port 57977 ssh2 Sep 9 11:39:15 php1 sshd\[22382\]: Invalid user nextcloud from 134.209.29.180 Sep 9 11:39:15 php1 sshd\[22382\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.29.180	2019-09-10 05:51:03
134.209.29.180	attackbots	2019-07-25T12:12:13.675254enmeeting.mahidol.ac.th sshd\[14708\]: Invalid user mqm from 134.209.29.180 port 36475 2019-07-25T12:12:13.694436enmeeting.mahidol.ac.th sshd\[14708\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.29.180 2019-07-25T12:12:15.954920enmeeting.mahidol.ac.th sshd\[14708\]: Failed password for invalid user mqm from 134.209.29.180 port 36475 ssh2 ...	2019-07-25 14:11:09

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 134.209.29.116
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 30892
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;134.209.29.116.			IN	A

;; AUTHORITY SECTION:
.			452	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019102201 1800 900 604800 86400

;; Query time: 102 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Oct 23 04:30:43 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 116.29.209.134.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 116.29.209.134.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
86.57.168.223	attackspambots	Autoban 86.57.168.223 ABORTED AUTH	2019-07-05 14:40:55
180.183.247.237	attackbotsspam	Automatic report - Web App Attack	2019-07-05 14:21:09
171.5.48.6	attackbots	Jul 5 01:42:34 srv-4 sshd\[19077\]: Invalid user admin from 171.5.48.6 Jul 5 01:42:34 srv-4 sshd\[19077\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.5.48.6 Jul 5 01:42:36 srv-4 sshd\[19077\]: Failed password for invalid user admin from 171.5.48.6 port 36135 ssh2 ...	2019-07-05 14:45:38
181.233.204.133	attackspam	2019-07-04 22:31:15 H=([181.233.204.133]) [181.233.204.133]:18024 I=[10.100.18.25]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=181.233.204.133) 2019-07-04 22:31:15 unexpected disconnection while reading SMTP command from ([181.233.204.133]) [181.233.204.133]:18024 I=[10.100.18.25]:25 (error: Connection reset by peer) 2019-07-05 00:27:24 H=([181.233.204.133]) [181.233.204.133]:60594 I=[10.100.18.25]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=181.233.204.133) ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=181.233.204.133	2019-07-05 14:36:06
197.50.45.114	attackbotsspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-03 15:21:30,722 INFO [shellcode_manager] (197.50.45.114) no match, writing hexdump (cfb324d8f927273a627f62285042ab8a :2124231) - MS17010 (EternalBlue)	2019-07-05 14:20:50
185.255.46.72	attack	Jul 5 00:32:11 pl1server postfix/smtpd[4258]: connect from unknown[185.255.46.72] Jul 5 00:32:12 pl1server postfix/smtpd[4258]: warning: unknown[185.255.46.72]: SASL CRAM-MD5 authentication failed: authentication failure Jul 5 00:32:12 pl1server postfix/smtpd[4258]: warning: unknown[185.255.46.72]: SASL PLAIN authentication failed: authentication failure Jul 5 00:32:13 pl1server postfix/smtpd[4258]: warning: unknown[185.255.46.72]: SASL LOGIN authentication failed: authentication failure Jul 5 00:32:13 pl1server postfix/smtpd[4258]: lost connection after AUTH from unknown[185.255.46.72] Jul 5 00:32:13 pl1server postfix/smtpd[4258]: disconnect from unknown[185.255.46.72] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=185.255.46.72	2019-07-05 14:50:38
103.139.12.24	attackspam	Jul 5 00:39:39 vps691689 sshd[22051]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.139.12.24 Jul 5 00:39:41 vps691689 sshd[22051]: Failed password for invalid user labuser from 103.139.12.24 port 51662 ssh2 ...	2019-07-05 14:49:46
194.100.22.66	attackbotsspam	2019-07-05 00:36:05 unexpected disconnection while reading SMTP command from ([194.100.22.66]) [194.100.22.66]:41190 I=[10.100.18.25]:25 (error: Connection reset by peer) 2019-07-05 00:36:39 unexpected disconnection while reading SMTP command from ([194.100.22.66]) [194.100.22.66]:46379 I=[10.100.18.25]:25 (error: Connection reset by peer) 2019-07-05 00:37:03 unexpected disconnection while reading SMTP command from ([194.100.22.66]) [194.100.22.66]:13631 I=[10.100.18.25]:25 (error: Connection reset by peer) ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=194.100.22.66	2019-07-05 15:05:15
177.226.247.118	attackbotsspam	2019-07-05 00:33:11 unexpected disconnection while reading SMTP command from (customer-PUE-247-118.megared.net.mx) [177.226.247.118]:61670 I=[10.100.18.23]:25 (error: Connection reset by peer) 2019-07-05 00:33:35 unexpected disconnection while reading SMTP command from (customer-PUE-247-118.megared.net.mx) [177.226.247.118]:6369 I=[10.100.18.23]:25 (error: Connection reset by peer) 2019-07-05 00:34:21 unexpected disconnection while reading SMTP command from (customer-PUE-247-118.megared.net.mx) [177.226.247.118]:37767 I=[10.100.18.23]:25 (error: Connection reset by peer) ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=177.226.247.118	2019-07-05 14:54:27
156.222.108.244	attack	Jul 5 00:24:06 mailserver sshd[13759]: Invalid user admin from 156.222.108.244 Jul 5 00:24:06 mailserver sshd[13759]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=156.222.108.244 Jul 5 00:24:08 mailserver sshd[13759]: Failed password for invalid user admin from 156.222.108.244 port 55343 ssh2 Jul 5 00:24:09 mailserver sshd[13759]: Connection closed by 156.222.108.244 port 55343 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=156.222.108.244	2019-07-05 14:23:28
201.216.193.65	attackbots	Jul 5 08:46:14 tuxlinux sshd[49988]: Invalid user amon from 201.216.193.65 port 56129 Jul 5 08:46:14 tuxlinux sshd[49988]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.216.193.65 Jul 5 08:46:14 tuxlinux sshd[49988]: Invalid user amon from 201.216.193.65 port 56129 Jul 5 08:46:14 tuxlinux sshd[49988]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.216.193.65 Jul 5 08:46:14 tuxlinux sshd[49988]: Invalid user amon from 201.216.193.65 port 56129 Jul 5 08:46:14 tuxlinux sshd[49988]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.216.193.65 Jul 5 08:46:16 tuxlinux sshd[49988]: Failed password for invalid user amon from 201.216.193.65 port 56129 ssh2 ...	2019-07-05 15:06:44
222.186.15.28	attackbots	Jul 5 08:55:19 vps691689 sshd[27663]: Failed password for root from 222.186.15.28 port 33191 ssh2 Jul 5 08:55:21 vps691689 sshd[27663]: Failed password for root from 222.186.15.28 port 33191 ssh2 Jul 5 08:55:23 vps691689 sshd[27663]: Failed password for root from 222.186.15.28 port 33191 ssh2 ...	2019-07-05 14:58:03
191.53.57.115	attackspam	failed_logins	2019-07-05 14:51:28
159.89.166.115	attack	2019-07-05T06:21:15.532687cavecanem sshd[13732]: Invalid user deploy from 159.89.166.115 port 37698 2019-07-05T06:21:15.535147cavecanem sshd[13732]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.166.115 2019-07-05T06:21:15.532687cavecanem sshd[13732]: Invalid user deploy from 159.89.166.115 port 37698 2019-07-05T06:21:18.012228cavecanem sshd[13732]: Failed password for invalid user deploy from 159.89.166.115 port 37698 ssh2 2019-07-05T06:23:50.742878cavecanem sshd[14385]: Invalid user admin from 159.89.166.115 port 34974 2019-07-05T06:23:50.745237cavecanem sshd[14385]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.166.115 2019-07-05T06:23:50.742878cavecanem sshd[14385]: Invalid user admin from 159.89.166.115 port 34974 2019-07-05T06:23:52.835674cavecanem sshd[14385]: Failed password for invalid user admin from 159.89.166.115 port 34974 ssh2 2019-07-05T06:26:26.050897cavecanem sshd[15034]: ...	2019-07-05 14:55:29
158.69.198.5	attackbots	Jul 5 08:04:29 MK-Soft-Root2 sshd\[22158\]: Invalid user miner from 158.69.198.5 port 54820 Jul 5 08:04:29 MK-Soft-Root2 sshd\[22158\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=158.69.198.5 Jul 5 08:04:32 MK-Soft-Root2 sshd\[22158\]: Failed password for invalid user miner from 158.69.198.5 port 54820 ssh2 ...	2019-07-05 14:29:56

最近上报的IP列表

138.6.235.157	238.70.91.229	6.178.1.219	211.75.214.59
68.183.186.62	185.25.206.130	77.122.17.211	133.123.4.170
51.158.181.29	61.83.55.1	117.114.144.162	104.92.102.82
115.124.124.19	106.13.8.103	94.176.207.66	86.108.13.195
191.252.204.14	45.252.249.240	109.160.108.147	194.187.175.68