134.209.34.195

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	2019-03-19 13:22:39 1h6DlO-0004cI-N0 SMTP connection from knowing.dakatco.com \(broad.equipopioneros.icu\) \[134.209.34.195\]:41760 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-03-19 13:23:53 1h6DmX-0004e6-Uo SMTP connection from knowing.dakatco.com \(phonology.equipopioneros.icu\) \[134.209.34.195\]:53441 I=\[193.107.90.29\]:25 closed by DROP in ACL 2019-03-19 13:25:30 1h6DoA-0004i4-PN SMTP connection from knowing.dakatco.com \(sulky.equipopioneros.icu\) \[134.209.34.195\]:39449 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-03-22 14:35:09 1h7KKA-0001K9-Uh SMTP connection from knowing.dakatco.com \(include.equipopioneros.icu\) \[134.209.34.195\]:46744 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-03-22 14:37:51 1h7KMp-0001Nq-78 SMTP connection from knowing.dakatco.com \(juggle.equipopioneros.icu\) \[134.209.34.195\]:59953 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-03-22 14:37:54 1h7KMs-0001Nx-7h SMTP connection from knowing.dakatco.com \(alligator.equipopioneros ...	2020-02-05 03:06:25

类型

评论内容

时间

attackbotsspam

2019-03-19 13:22:39 1h6DlO-0004cI-N0 SMTP connection from knowing.dakatco.com \(broad.equipopioneros.icu\) \[134.209.34.195\]:41760 I=\[193.107.88.166\]:25 closed by DROP in ACL
2019-03-19 13:23:53 1h6DmX-0004e6-Uo SMTP connection from knowing.dakatco.com \(phonology.equipopioneros.icu\) \[134.209.34.195\]:53441 I=\[193.107.90.29\]:25 closed by DROP in ACL
2019-03-19 13:25:30 1h6DoA-0004i4-PN SMTP connection from knowing.dakatco.com \(sulky.equipopioneros.icu\) \[134.209.34.195\]:39449 I=\[193.107.88.166\]:25 closed by DROP in ACL
2019-03-22 14:35:09 1h7KKA-0001K9-Uh SMTP connection from knowing.dakatco.com \(include.equipopioneros.icu\) \[134.209.34.195\]:46744 I=\[193.107.88.166\]:25 closed by DROP in ACL
2019-03-22 14:37:51 1h7KMp-0001Nq-78 SMTP connection from knowing.dakatco.com \(juggle.equipopioneros.icu\) \[134.209.34.195\]:59953 I=\[193.107.88.166\]:25 closed by DROP in ACL
2019-03-22 14:37:54 1h7KMs-0001Nx-7h SMTP connection from knowing.dakatco.com \(alligator.equipopioneros
...

2020-02-05 03:06:25

相同子网IP讨论:

IP	类型	评论内容	时间
134.209.34.185	attackbotsspam	Jun 30 14:15:39 PorscheCustomer sshd[9157]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.34.185 Jun 30 14:15:41 PorscheCustomer sshd[9157]: Failed password for invalid user hyq from 134.209.34.185 port 37212 ssh2 Jun 30 14:18:51 PorscheCustomer sshd[9250]: Failed password for root from 134.209.34.185 port 36788 ssh2 ...	2020-07-01 03:21:38
134.209.34.185	attackbotsspam	Jun 18 14:06:07 ns382633 sshd\[10481\]: Invalid user administrador from 134.209.34.185 port 59414 Jun 18 14:06:07 ns382633 sshd\[10481\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.34.185 Jun 18 14:06:09 ns382633 sshd\[10481\]: Failed password for invalid user administrador from 134.209.34.185 port 59414 ssh2 Jun 18 14:09:56 ns382633 sshd\[10846\]: Invalid user bikegate from 134.209.34.185 port 52544 Jun 18 14:09:56 ns382633 sshd\[10846\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.34.185	2020-06-18 20:24:26
134.209.34.185	attack	Jun 16 17:58:10 django-0 sshd\[2683\]: Invalid user zhanglin from 134.209.34.185Jun 16 17:58:12 django-0 sshd\[2683\]: Failed password for invalid user zhanglin from 134.209.34.185 port 38980 ssh2Jun 16 18:03:09 django-0 sshd\[2770\]: Invalid user sin from 134.209.34.185 ...	2020-06-17 02:05:30
134.209.34.246	attackbotsspam	2019-11-20T04:56:46Z - RDP login failed multiple times. (134.209.34.246)	2019-11-20 13:42:22
134.209.34.30	attackspam	$f2bV_matches	2019-09-15 12:44:33
134.209.34.30	attack	Sep 11 13:54:50 hpm sshd\[8086\]: Invalid user password from 134.209.34.30 Sep 11 13:54:50 hpm sshd\[8086\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.34.30 Sep 11 13:54:52 hpm sshd\[8086\]: Failed password for invalid user password from 134.209.34.30 port 48072 ssh2 Sep 11 14:00:10 hpm sshd\[8590\]: Invalid user bot123 from 134.209.34.30 Sep 11 14:00:10 hpm sshd\[8590\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.34.30	2019-09-12 08:51:09
134.209.34.30	attackbotsspam	Automatic report - Banned IP Access	2019-09-08 22:14:49
134.209.34.30	attack	Aug 31 09:12:52 dedicated sshd[21480]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.34.30 user=root Aug 31 09:12:54 dedicated sshd[21480]: Failed password for root from 134.209.34.30 port 42464 ssh2	2019-08-31 19:25:45
134.209.34.30	attackspam	Aug 28 02:07:11 ncomp sshd[4125]: Invalid user master from 134.209.34.30 Aug 28 02:07:11 ncomp sshd[4125]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.34.30 Aug 28 02:07:11 ncomp sshd[4125]: Invalid user master from 134.209.34.30 Aug 28 02:07:12 ncomp sshd[4125]: Failed password for invalid user master from 134.209.34.30 port 41816 ssh2	2019-08-28 10:19:28
134.209.34.30	attack	SSH Brute-Force attacks	2019-08-25 14:50:25
134.209.34.30	attackspam	Aug 24 11:29:04 fv15 sshd[27771]: Failed password for invalid user teste from 134.209.34.30 port 45764 ssh2 Aug 24 11:29:04 fv15 sshd[27771]: Received disconnect from 134.209.34.30: 11: Bye Bye [preauth] Aug 24 11:36:56 fv15 sshd[16535]: Failed password for invalid user ftpadmin from 134.209.34.30 port 51384 ssh2 Aug 24 11:36:56 fv15 sshd[16535]: Received disconnect from 134.209.34.30: 11: Bye Bye [preauth] Aug 24 11:40:47 fv15 sshd[20393]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.34.30 user=r.r Aug 24 11:40:49 fv15 sshd[20393]: Failed password for r.r from 134.209.34.30 port 46402 ssh2 Aug 24 11:40:49 fv15 sshd[20393]: Received disconnect from 134.209.34.30: 11: Bye Bye [preauth] Aug 24 11:44:42 fv15 sshd[2435]: Failed password for invalid user av from 134.209.34.30 port 41362 ssh2 Aug 24 11:44:42 fv15 sshd[2435]: Received disconnect from 134.209.34.30: 11: Bye Bye [preauth] Aug 24 11:48:34 fv15 sshd[18967]: Faile........ -------------------------------	2019-08-24 20:57:13
134.209.34.170	attackbotsspam	Brute forcing Wordpress login	2019-08-13 15:06:21
134.209.34.209	attackspam	schuetzenmusikanten.de 134.209.34.209 \[25/Jun/2019:09:01:31 +0200\] "POST /wp-login.php HTTP/1.1" 200 5681 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" schuetzenmusikanten.de 134.209.34.209 \[25/Jun/2019:09:01:33 +0200\] "POST /wp-login.php HTTP/1.1" 200 5718 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2019-06-25 17:46:41

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 134.209.34.195
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 47031
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;134.209.34.195.			IN	A

;; AUTHORITY SECTION:
.			151	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020020401 1800 900 604800 86400

;; Query time: 36 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Feb 05 03:06:22 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

195.34.209.134.in-addr.arpa domain name pointer usnydopx18p.apicasystem.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
195.34.209.134.in-addr.arpa	name = usnydopx18p.apicasystem.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
84.228.102.175	attack	81/tcp [2020-06-22]1pkt	2020-06-23 05:39:59
101.89.182.232	attackbotsspam	445/tcp 445/tcp [2020-06-22]2pkt	2020-06-23 05:55:06
87.26.157.144	attack	The IP 87.26.157.144 has just been banned by Fail2Ban after 6 attempts against Zimbra-audit.	2020-06-23 05:35:04
83.97.20.35	attack	Jun 22 22:36:30 debian-2gb-nbg1-2 kernel: \[15116864.118715\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=83.97.20.35 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=54321 PROTO=TCP SPT=57194 DPT=14147 WINDOW=65535 RES=0x00 SYN URGP=0	2020-06-23 05:33:26
213.61.215.54	attackbotsspam	CMS (WordPress or Joomla) login attempt.	2020-06-23 06:05:32
190.29.13.110	attack	23/tcp [2020-06-22]1pkt	2020-06-23 06:06:59
37.152.177.66	attackbots	Brute force attempt	2020-06-23 05:42:35
95.81.249.6	attackspam	23/tcp [2020-06-22]1pkt	2020-06-23 05:53:30
218.92.0.145	attack	Jun 22 21:41:26 localhost sshd[4751]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.145 user=root Jun 22 21:41:27 localhost sshd[4751]: Failed password for root from 218.92.0.145 port 52049 ssh2 Jun 22 21:41:31 localhost sshd[4751]: Failed password for root from 218.92.0.145 port 52049 ssh2 Jun 22 21:41:26 localhost sshd[4751]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.145 user=root Jun 22 21:41:27 localhost sshd[4751]: Failed password for root from 218.92.0.145 port 52049 ssh2 Jun 22 21:41:31 localhost sshd[4751]: Failed password for root from 218.92.0.145 port 52049 ssh2 Jun 22 21:41:26 localhost sshd[4751]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.145 user=root Jun 22 21:41:27 localhost sshd[4751]: Failed password for root from 218.92.0.145 port 52049 ssh2 Jun 22 21:41:31 localhost sshd[4751]: Failed password for root fr ...	2020-06-23 05:52:43
27.15.155.48	attack	23/tcp [2020-06-22]1pkt	2020-06-23 05:42:48
164.163.134.154	attackbotsspam	23/tcp [2020-06-22]1pkt	2020-06-23 05:32:15
118.24.6.69	attackbots	2020-06-22T21:06:02+0000 Failed SSH Authentication/Brute Force Attack. (Server 6)	2020-06-23 05:34:41
185.143.75.81	attackbotsspam	Jun 22 23:43:43 srv01 postfix/smtpd\[27976\]: warning: unknown\[185.143.75.81\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 22 23:43:54 srv01 postfix/smtpd\[27872\]: warning: unknown\[185.143.75.81\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 22 23:43:59 srv01 postfix/smtpd\[30515\]: warning: unknown\[185.143.75.81\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 22 23:44:19 srv01 postfix/smtpd\[30514\]: warning: unknown\[185.143.75.81\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 22 23:44:37 srv01 postfix/smtpd\[27872\]: warning: unknown\[185.143.75.81\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-06-23 05:49:00
89.248.160.167	attackbots	1592860971 - 06/22/2020 23:22:51 Host: no-reverse-dns-configured.com/89.248.160.167 Port: 389 UDP Blocked	2020-06-23 05:28:05
54.39.138.251	attack	Jun 23 00:36:50 lukav-desktop sshd\[1829\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.138.251 user=root Jun 23 00:36:52 lukav-desktop sshd\[1829\]: Failed password for root from 54.39.138.251 port 52632 ssh2 Jun 23 00:39:52 lukav-desktop sshd\[1979\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.138.251 user=root Jun 23 00:39:54 lukav-desktop sshd\[1979\]: Failed password for root from 54.39.138.251 port 52000 ssh2 Jun 23 00:42:54 lukav-desktop sshd\[2039\]: Invalid user test1 from 54.39.138.251	2020-06-23 05:50:02

最近上报的IP列表

134.209.27.203	134.209.27.20	134.209.26.88	101.161.27.87
107.115.179.84	46.176.134.167	134.209.26.78	134.209.26.76
92.118.38.57	134.209.26.178	134.209.19.73	81.17.246.102
42.113.4.172	134.209.19.184	134.209.19.132	220.255.105.75
176.118.43.74	134.209.18.238	172.69.68.163	18.187.53.197