134.209.34.195

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	2019-03-19 13:22:39 1h6DlO-0004cI-N0 SMTP connection from knowing.dakatco.com \(broad.equipopioneros.icu\) \[134.209.34.195\]:41760 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-03-19 13:23:53 1h6DmX-0004e6-Uo SMTP connection from knowing.dakatco.com \(phonology.equipopioneros.icu\) \[134.209.34.195\]:53441 I=\[193.107.90.29\]:25 closed by DROP in ACL 2019-03-19 13:25:30 1h6DoA-0004i4-PN SMTP connection from knowing.dakatco.com \(sulky.equipopioneros.icu\) \[134.209.34.195\]:39449 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-03-22 14:35:09 1h7KKA-0001K9-Uh SMTP connection from knowing.dakatco.com \(include.equipopioneros.icu\) \[134.209.34.195\]:46744 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-03-22 14:37:51 1h7KMp-0001Nq-78 SMTP connection from knowing.dakatco.com \(juggle.equipopioneros.icu\) \[134.209.34.195\]:59953 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-03-22 14:37:54 1h7KMs-0001Nx-7h SMTP connection from knowing.dakatco.com \(alligator.equipopioneros ...	2020-02-05 03:06:25

类型

评论内容

时间

attackbotsspam

2019-03-19 13:22:39 1h6DlO-0004cI-N0 SMTP connection from knowing.dakatco.com \(broad.equipopioneros.icu\) \[134.209.34.195\]:41760 I=\[193.107.88.166\]:25 closed by DROP in ACL
2019-03-19 13:23:53 1h6DmX-0004e6-Uo SMTP connection from knowing.dakatco.com \(phonology.equipopioneros.icu\) \[134.209.34.195\]:53441 I=\[193.107.90.29\]:25 closed by DROP in ACL
2019-03-19 13:25:30 1h6DoA-0004i4-PN SMTP connection from knowing.dakatco.com \(sulky.equipopioneros.icu\) \[134.209.34.195\]:39449 I=\[193.107.88.166\]:25 closed by DROP in ACL
2019-03-22 14:35:09 1h7KKA-0001K9-Uh SMTP connection from knowing.dakatco.com \(include.equipopioneros.icu\) \[134.209.34.195\]:46744 I=\[193.107.88.166\]:25 closed by DROP in ACL
2019-03-22 14:37:51 1h7KMp-0001Nq-78 SMTP connection from knowing.dakatco.com \(juggle.equipopioneros.icu\) \[134.209.34.195\]:59953 I=\[193.107.88.166\]:25 closed by DROP in ACL
2019-03-22 14:37:54 1h7KMs-0001Nx-7h SMTP connection from knowing.dakatco.com \(alligator.equipopioneros
...

2020-02-05 03:06:25

相同子网IP讨论:

IP	类型	评论内容	时间
134.209.34.185	attackbotsspam	Jun 30 14:15:39 PorscheCustomer sshd[9157]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.34.185 Jun 30 14:15:41 PorscheCustomer sshd[9157]: Failed password for invalid user hyq from 134.209.34.185 port 37212 ssh2 Jun 30 14:18:51 PorscheCustomer sshd[9250]: Failed password for root from 134.209.34.185 port 36788 ssh2 ...	2020-07-01 03:21:38
134.209.34.185	attackbotsspam	Jun 18 14:06:07 ns382633 sshd\[10481\]: Invalid user administrador from 134.209.34.185 port 59414 Jun 18 14:06:07 ns382633 sshd\[10481\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.34.185 Jun 18 14:06:09 ns382633 sshd\[10481\]: Failed password for invalid user administrador from 134.209.34.185 port 59414 ssh2 Jun 18 14:09:56 ns382633 sshd\[10846\]: Invalid user bikegate from 134.209.34.185 port 52544 Jun 18 14:09:56 ns382633 sshd\[10846\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.34.185	2020-06-18 20:24:26
134.209.34.185	attack	Jun 16 17:58:10 django-0 sshd\[2683\]: Invalid user zhanglin from 134.209.34.185Jun 16 17:58:12 django-0 sshd\[2683\]: Failed password for invalid user zhanglin from 134.209.34.185 port 38980 ssh2Jun 16 18:03:09 django-0 sshd\[2770\]: Invalid user sin from 134.209.34.185 ...	2020-06-17 02:05:30
134.209.34.246	attackbotsspam	2019-11-20T04:56:46Z - RDP login failed multiple times. (134.209.34.246)	2019-11-20 13:42:22
134.209.34.30	attackspam	$f2bV_matches	2019-09-15 12:44:33
134.209.34.30	attack	Sep 11 13:54:50 hpm sshd\[8086\]: Invalid user password from 134.209.34.30 Sep 11 13:54:50 hpm sshd\[8086\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.34.30 Sep 11 13:54:52 hpm sshd\[8086\]: Failed password for invalid user password from 134.209.34.30 port 48072 ssh2 Sep 11 14:00:10 hpm sshd\[8590\]: Invalid user bot123 from 134.209.34.30 Sep 11 14:00:10 hpm sshd\[8590\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.34.30	2019-09-12 08:51:09
134.209.34.30	attackbotsspam	Automatic report - Banned IP Access	2019-09-08 22:14:49
134.209.34.30	attack	Aug 31 09:12:52 dedicated sshd[21480]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.34.30 user=root Aug 31 09:12:54 dedicated sshd[21480]: Failed password for root from 134.209.34.30 port 42464 ssh2	2019-08-31 19:25:45
134.209.34.30	attackspam	Aug 28 02:07:11 ncomp sshd[4125]: Invalid user master from 134.209.34.30 Aug 28 02:07:11 ncomp sshd[4125]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.34.30 Aug 28 02:07:11 ncomp sshd[4125]: Invalid user master from 134.209.34.30 Aug 28 02:07:12 ncomp sshd[4125]: Failed password for invalid user master from 134.209.34.30 port 41816 ssh2	2019-08-28 10:19:28
134.209.34.30	attack	SSH Brute-Force attacks	2019-08-25 14:50:25
134.209.34.30	attackspam	Aug 24 11:29:04 fv15 sshd[27771]: Failed password for invalid user teste from 134.209.34.30 port 45764 ssh2 Aug 24 11:29:04 fv15 sshd[27771]: Received disconnect from 134.209.34.30: 11: Bye Bye [preauth] Aug 24 11:36:56 fv15 sshd[16535]: Failed password for invalid user ftpadmin from 134.209.34.30 port 51384 ssh2 Aug 24 11:36:56 fv15 sshd[16535]: Received disconnect from 134.209.34.30: 11: Bye Bye [preauth] Aug 24 11:40:47 fv15 sshd[20393]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.34.30 user=r.r Aug 24 11:40:49 fv15 sshd[20393]: Failed password for r.r from 134.209.34.30 port 46402 ssh2 Aug 24 11:40:49 fv15 sshd[20393]: Received disconnect from 134.209.34.30: 11: Bye Bye [preauth] Aug 24 11:44:42 fv15 sshd[2435]: Failed password for invalid user av from 134.209.34.30 port 41362 ssh2 Aug 24 11:44:42 fv15 sshd[2435]: Received disconnect from 134.209.34.30: 11: Bye Bye [preauth] Aug 24 11:48:34 fv15 sshd[18967]: Faile........ -------------------------------	2019-08-24 20:57:13
134.209.34.170	attackbotsspam	Brute forcing Wordpress login	2019-08-13 15:06:21
134.209.34.209	attackspam	schuetzenmusikanten.de 134.209.34.209 \[25/Jun/2019:09:01:31 +0200\] "POST /wp-login.php HTTP/1.1" 200 5681 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" schuetzenmusikanten.de 134.209.34.209 \[25/Jun/2019:09:01:33 +0200\] "POST /wp-login.php HTTP/1.1" 200 5718 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2019-06-25 17:46:41

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 134.209.34.195
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 47031
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;134.209.34.195.			IN	A

;; AUTHORITY SECTION:
.			151	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020020401 1800 900 604800 86400

;; Query time: 36 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Feb 05 03:06:22 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

195.34.209.134.in-addr.arpa domain name pointer usnydopx18p.apicasystem.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
195.34.209.134.in-addr.arpa	name = usnydopx18p.apicasystem.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
108.222.68.232	attack	Sep 15 09:33:51 lcdev sshd\[11067\]: Invalid user stan from 108.222.68.232 Sep 15 09:33:51 lcdev sshd\[11067\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=108-222-68-232.lightspeed.sntcca.sbcglobal.net Sep 15 09:33:54 lcdev sshd\[11067\]: Failed password for invalid user stan from 108.222.68.232 port 54128 ssh2 Sep 15 09:38:29 lcdev sshd\[11438\]: Invalid user ts3server from 108.222.68.232 Sep 15 09:38:29 lcdev sshd\[11438\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=108-222-68-232.lightspeed.sntcca.sbcglobal.net	2019-09-16 03:43:03
217.182.68.146	attackbotsspam	Automatic report - Banned IP Access	2019-09-16 03:54:43
193.70.33.75	attack	Sep 15 21:45:29 dev0-dcfr-rnet sshd[2628]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.70.33.75 Sep 15 21:45:31 dev0-dcfr-rnet sshd[2628]: Failed password for invalid user P@ssw0rd from 193.70.33.75 port 53342 ssh2 Sep 15 21:49:14 dev0-dcfr-rnet sshd[2645]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.70.33.75	2019-09-16 03:56:41
139.155.89.27	attack	Sep 15 09:51:50 ny01 sshd[19395]: Failed password for sshd from 139.155.89.27 port 33660 ssh2 Sep 15 09:59:11 ny01 sshd[21091]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.89.27 Sep 15 09:59:13 ny01 sshd[21091]: Failed password for invalid user jqsong from 139.155.89.27 port 47944 ssh2	2019-09-16 03:33:16
191.19.21.112	attack	/var/log/messages:Sep 15 11:07:11 sanyalnet-cloud-vps audispd: node=sanyalnet-cloud-vps.freeddns.org type=CRYPTO_SESSION msg=audhostname(1568545631.847:163015): pid=26079 uid=0 auid=4294967295 ses=4294967295 msg='op=start direction=from-server cipher=aes256-ctr ksize=256 mac=hmac-sha1 pfs=ecdh-sha2-nistp256 spid=26080 suid=74 rport=51638 laddr=104.167.106.93 lport=22 exe="/usr/sbin/sshd" hostname=? addr=191.19.21.112 terminal=? res=success' /var/log/messages:Sep 15 11:07:11 sanyalnet-cloud-vps audispd: node=sanyalnet-cloud-vps.freeddns.org type=CRYPTO_SESSION msg=audhostname(1568545631.851:163016): pid=26079 uid=0 auid=4294967295 ses=4294967295 msg='op=start direction=from-client cipher=aes256-ctr ksize=256 mac=hmac-sha1 pfs=ecdh-sha2-nistp256 spid=26080 suid=74 rport=51638 laddr=104.167.106.93 lport=22 exe="/usr/sbin/sshd" hostname=? addr=191.19.21.112 terminal=? res=success' /var/log/messages:Sep 15 11:07:12 sanyalnet-cloud-vps fail2ban.filter[1478]: INFO [sshd] Fou........ -------------------------------	2019-09-16 03:47:15
103.3.226.228	attackspam	Sep 15 20:27:48 srv206 sshd[26171]: Invalid user f2 from 103.3.226.228 Sep 15 20:27:48 srv206 sshd[26171]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.3.226.228 Sep 15 20:27:48 srv206 sshd[26171]: Invalid user f2 from 103.3.226.228 Sep 15 20:27:50 srv206 sshd[26171]: Failed password for invalid user f2 from 103.3.226.228 port 54268 ssh2 ...	2019-09-16 03:59:08
157.230.163.6	attackspambots	Automatic report - Banned IP Access	2019-09-16 03:35:36
154.212.129.205	attackbots	Sep 15 13:48:50 xb3 sshd[1014]: Failed password for invalid user wi from 154.212.129.205 port 47366 ssh2 Sep 15 13:48:50 xb3 sshd[1014]: Received disconnect from 154.212.129.205: 11: Bye Bye [preauth] Sep 15 14:02:22 xb3 sshd[31174]: Failed password for invalid user nq from 154.212.129.205 port 47595 ssh2 Sep 15 14:02:22 xb3 sshd[31174]: Received disconnect from 154.212.129.205: 11: Bye Bye [preauth] Sep 15 14:07:45 xb3 sshd[31102]: Failed password for invalid user ismail from 154.212.129.205 port 40937 ssh2 Sep 15 14:07:46 xb3 sshd[31102]: Received disconnect from 154.212.129.205: 11: Bye Bye [preauth] Sep 15 14:12:32 xb3 sshd[32223]: Failed password for invalid user ghost from 154.212.129.205 port 34275 ssh2 Sep 15 14:12:33 xb3 sshd[32223]: Received disconnect from 154.212.129.205: 11: Bye Bye [preauth] Sep 15 14:17:08 xb3 sshd[30953]: Failed password for invalid user qj from 154.212.129.205 port 55848 ssh2 Sep 15 14:17:08 xb3 sshd[30953]: Received disconnect from 154........ -------------------------------	2019-09-16 03:22:57
134.209.126.196	attackbotsspam	Sep 15 21:01:08 server sshd[52643]: Failed password for invalid user sara from 134.209.126.196 port 60268 ssh2 Sep 15 21:07:41 server sshd[53924]: Failed password for invalid user rator from 134.209.126.196 port 42990 ssh2 Sep 15 21:11:07 server sshd[54647]: Failed password for invalid user sky from 134.209.126.196 port 56488 ssh2	2019-09-16 03:55:21
41.202.66.3	attackbots	Sep 15 08:40:32 web1 sshd\[30052\]: Invalid user opy from 41.202.66.3 Sep 15 08:40:32 web1 sshd\[30052\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.202.66.3 Sep 15 08:40:35 web1 sshd\[30052\]: Failed password for invalid user opy from 41.202.66.3 port 64326 ssh2 Sep 15 08:45:58 web1 sshd\[30497\]: Invalid user aj from 41.202.66.3 Sep 15 08:45:58 web1 sshd\[30497\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.202.66.3	2019-09-16 03:41:37
111.255.14.4	attack	Telnet Server BruteForce Attack	2019-09-16 03:36:59
185.234.219.193	attackbots	Sep 15 19:46:41 mail postfix/smtpd\[2818\]: warning: unknown\[185.234.219.193\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Sep 15 19:53:14 mail postfix/smtpd\[3068\]: warning: unknown\[185.234.219.193\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Sep 15 20:25:48 mail postfix/smtpd\[3509\]: warning: unknown\[185.234.219.193\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Sep 15 20:32:18 mail postfix/smtpd\[3710\]: warning: unknown\[185.234.219.193\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\	2019-09-16 03:42:08
178.62.244.194	attackbotsspam	Sep 15 20:37:44 vps01 sshd[24981]: Failed password for ubuntu from 178.62.244.194 port 42259 ssh2	2019-09-16 03:38:06
119.188.246.51	attack	Sep 15 22:24:37 www sshd\[81929\]: Invalid user layer from 119.188.246.51 Sep 15 22:24:37 www sshd\[81929\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.188.246.51 Sep 15 22:24:39 www sshd\[81929\]: Failed password for invalid user layer from 119.188.246.51 port 46443 ssh2 ...	2019-09-16 03:27:55
74.62.75.164	attackspam	Sep 15 03:52:07 zimbra sshd[10362]: Invalid user gulzar from 74.62.75.164 Sep 15 03:52:07 zimbra sshd[10362]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=74.62.75.164 Sep 15 03:52:09 zimbra sshd[10362]: Failed password for invalid user gulzar from 74.62.75.164 port 30228 ssh2 Sep 15 03:52:09 zimbra sshd[10362]: Received disconnect from 74.62.75.164 port 30228:11: Bye Bye [preauth] Sep 15 03:52:09 zimbra sshd[10362]: Disconnected from 74.62.75.164 port 30228 [preauth] Sep 15 04:30:33 zimbra sshd[1355]: Invalid user server from 74.62.75.164 Sep 15 04:30:33 zimbra sshd[1355]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=74.62.75.164 Sep 15 04:30:35 zimbra sshd[1355]: Failed password for invalid user server from 74.62.75.164 port 63889 ssh2 Sep 15 04:30:36 zimbra sshd[1355]: Received disconnect from 74.62.75.164 port 63889:11: Bye Bye [preauth] Sep 15 04:30:36 zimbra sshd[1355]: Disconnec........ -------------------------------	2019-09-16 03:27:22

最近上报的IP列表

134.209.27.203	134.209.27.20	134.209.26.88	101.161.27.87
107.115.179.84	46.176.134.167	134.209.26.78	134.209.26.76
92.118.38.57	134.209.26.178	134.209.19.73	81.17.246.102
42.113.4.172	134.209.19.184	134.209.19.132	220.255.105.75
176.118.43.74	134.209.18.238	172.69.68.163	18.187.53.197