134.209.44.13 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Brute force SMTP login attempted. ...	2019-08-10 05:22:33

相同子网IP讨论:

IP	类型	评论内容	时间
134.209.44.17	attackspam	May 16 02:42:56 ns382633 sshd\[27294\]: Invalid user rails from 134.209.44.17 port 40592 May 16 02:42:56 ns382633 sshd\[27294\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.44.17 May 16 02:42:59 ns382633 sshd\[27294\]: Failed password for invalid user rails from 134.209.44.17 port 40592 ssh2 May 16 02:48:30 ns382633 sshd\[28258\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.44.17 user=root May 16 02:48:32 ns382633 sshd\[28258\]: Failed password for root from 134.209.44.17 port 45156 ssh2	2020-05-16 21:49:03
134.209.44.17	attack	May 15 13:09:21 NPSTNNYC01T sshd[24119]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.44.17 May 15 13:09:23 NPSTNNYC01T sshd[24119]: Failed password for invalid user cloud from 134.209.44.17 port 42098 ssh2 May 15 13:12:55 NPSTNNYC01T sshd[26209]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.44.17 ...	2020-05-16 01:26:48
134.209.44.17	attack	May 15 01:54:43 Host-KLAX-C sshd[10766]: Invalid user FTP from 134.209.44.17 port 53988 ...	2020-05-15 15:54:45
134.209.44.17	attackbotsspam	May 7 14:30:27 home sshd[9368]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.44.17 May 7 14:30:29 home sshd[9368]: Failed password for invalid user user from 134.209.44.17 port 44292 ssh2 May 7 14:33:30 home sshd[9761]: Failed password for root from 134.209.44.17 port 40208 ssh2 ...	2020-05-07 23:20:54
134.209.44.17	attackspam	Bruteforce detected by fail2ban	2020-05-04 23:24:14
134.209.44.17	attackspam	Apr 15 22:25:40 jane sshd[12762]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.44.17 Apr 15 22:25:42 jane sshd[12762]: Failed password for invalid user test from 134.209.44.17 port 35388 ssh2 ...	2020-04-16 05:09:29
134.209.44.17	attackspam	Invalid user osboxes from 134.209.44.17 port 46208	2020-04-15 07:19:40
134.209.44.17	attack	Apr 14 06:19:02 legacy sshd[11270]: Failed password for root from 134.209.44.17 port 33998 ssh2 Apr 14 06:22:27 legacy sshd[11373]: Failed password for root from 134.209.44.17 port 41864 ssh2 ...	2020-04-14 12:36:42
134.209.44.17	attackspam	SSH / Telnet Brute Force Attempts on Honeypot	2020-03-31 09:29:38
134.209.44.17	attack	Mar 29 16:46:44 pornomens sshd\[27630\]: Invalid user blo from 134.209.44.17 port 47312 Mar 29 16:46:44 pornomens sshd\[27630\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.44.17 Mar 29 16:46:46 pornomens sshd\[27630\]: Failed password for invalid user blo from 134.209.44.17 port 47312 ssh2 ...	2020-03-30 01:42:01
134.209.44.17	attackspam	Mar 24 03:19:37 XXX sshd[41396]: Invalid user openstack from 134.209.44.17 port 37572	2020-03-24 12:07:06
134.209.44.17	attack	Mar 20 13:23:43 vps sshd[24309]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.44.17 Mar 20 13:23:45 vps sshd[24309]: Failed password for invalid user www from 134.209.44.17 port 55108 ssh2 Mar 20 13:32:12 vps sshd[24674]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.44.17 ...	2020-03-20 20:38:13
134.209.44.17	attackbots	$f2bV_matches	2020-03-20 01:09:08
134.209.44.143	attackbots	134.209.44.143 - - [14/Dec/2019:14:41:13 +0000] "POST /wp-login.php HTTP/1.1" 200 6393 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 134.209.44.143 - - [14/Dec/2019:14:41:14 +0000] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-12-15 04:37:47
134.209.44.143	attackbots	134.209.44.143 - - [13/Dec/2019:21:59:13 +0000] "POST /wp-login.php HTTP/1.1" 200 6393 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 134.209.44.143 - - [13/Dec/2019:21:59:13 +0000] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-12-14 06:49:09

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 134.209.44.13
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 50486
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;134.209.44.13.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019052901 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu May 30 01:43:55 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 13.44.209.134.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 13.44.209.134.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
61.220.213.106	attack	Fail2Ban Ban Triggered	2019-12-17 03:29:03
180.76.187.94	attackspam	Dec 16 17:47:43 server sshd\[11215\]: Invalid user lita from 180.76.187.94 Dec 16 17:47:43 server sshd\[11215\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.187.94 Dec 16 17:47:45 server sshd\[11215\]: Failed password for invalid user lita from 180.76.187.94 port 59936 ssh2 Dec 16 18:22:29 server sshd\[21441\]: Invalid user gradulewski from 180.76.187.94 Dec 16 18:22:29 server sshd\[21441\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.187.94 ...	2019-12-17 02:57:31
218.92.0.134	attack	Dec 16 19:58:40 vps691689 sshd[3822]: Failed password for root from 218.92.0.134 port 28714 ssh2 Dec 16 19:58:53 vps691689 sshd[3822]: error: maximum authentication attempts exceeded for root from 218.92.0.134 port 28714 ssh2 [preauth] ...	2019-12-17 02:59:53
52.17.115.194	attack	Dec 16 09:11:12 newdogma sshd[25174]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.17.115.194 user=r.r Dec 16 09:11:14 newdogma sshd[25174]: Failed password for r.r from 52.17.115.194 port 57652 ssh2 Dec 16 09:11:14 newdogma sshd[25174]: Received disconnect from 52.17.115.194 port 57652:11: Bye Bye [preauth] Dec 16 09:11:14 newdogma sshd[25174]: Disconnected from 52.17.115.194 port 57652 [preauth] Dec 16 09:21:31 newdogma sshd[25369]: Invalid user fp from 52.17.115.194 port 40662 Dec 16 09:21:31 newdogma sshd[25369]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.17.115.194 Dec 16 09:21:34 newdogma sshd[25369]: Failed password for invalid user fp from 52.17.115.194 port 40662 ssh2 Dec 16 09:21:34 newdogma sshd[25369]: Received disconnect from 52.17.115.194 port 40662:11: Bye Bye [preauth] Dec 16 09:21:34 newdogma sshd[25369]: Disconnected from 52.17.115.194 port 40662 [preauth] De........ -------------------------------	2019-12-17 03:13:32
180.168.36.86	attack	Dec 16 12:54:58 linuxvps sshd\[18706\]: Invalid user s880 from 180.168.36.86 Dec 16 12:54:58 linuxvps sshd\[18706\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.168.36.86 Dec 16 12:55:00 linuxvps sshd\[18706\]: Failed password for invalid user s880 from 180.168.36.86 port 2602 ssh2 Dec 16 13:01:40 linuxvps sshd\[23084\]: Invalid user lisa from 180.168.36.86 Dec 16 13:01:40 linuxvps sshd\[23084\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.168.36.86	2019-12-17 03:32:10
115.239.239.98	attack	Dec 16 11:54:47 plusreed sshd[19196]: Invalid user prueba from 115.239.239.98 ...	2019-12-17 02:58:17
190.246.228.193	attack	Dec 16 15:23:14 mail1 postfix/smtpd[31356]: warning: hostname 193-228-246-190.fibertel.com.ar does not resolve to address 190.246.228.193: Name or service not known Dec 16 15:23:14 mail1 postfix/smtpd[31356]: connect from unknown[190.246.228.193] Dec 16 15:23:15 mail1 postgrey[1113]: action=greylist, reason=new, client_name=unknown, client_address=190.246.228.193, sender=x@x recipient=x@x Dec 16 15:23:15 mail1 postgrey[1113]: action=greylist, reason=new, client_name=unknown, client_address=190.246.228.193, sender=x@x recipient=x@x Dec 16 15:23:15 mail1 postfix/smtpd[31356]: lost connection after DATA from unknown[190.246.228.193] Dec 16 15:23:15 mail1 postfix/smtpd[31356]: disconnect from unknown[190.246.228.193] ehlo=1 mail=1 rcpt=0/2 data=0/1 commands=2/5 Dec 16 15:23:38 mail1 postfix/smtpd[31356]: warning: hostname 193-228-246-190.fibertel.com.ar does not resolve to address 190.246.228.193: Name or service not known Dec 16 15:23:38 mail1 postfix/smtpd[31356]: connect........ -------------------------------	2019-12-17 03:05:50
51.77.212.124	attackspambots	Dec 16 08:29:29 wbs sshd\[19079\]: Invalid user kuehler from 51.77.212.124 Dec 16 08:29:29 wbs sshd\[19079\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.ip-51-77-212.eu Dec 16 08:29:31 wbs sshd\[19079\]: Failed password for invalid user kuehler from 51.77.212.124 port 33814 ssh2 Dec 16 08:36:31 wbs sshd\[19848\]: Invalid user paquin from 51.77.212.124 Dec 16 08:36:31 wbs sshd\[19848\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.ip-51-77-212.eu	2019-12-17 03:09:16
107.150.112.25	attack	Dec 16 09:22:37 foo sshd[17836]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.150.112.25 user=r.r Dec 16 09:22:39 foo sshd[17836]: Failed password for r.r from 107.150.112.25 port 58908 ssh2 Dec 16 09:22:39 foo sshd[17836]: Connection closed by 107.150.112.25 [preauth] Dec 16 09:22:42 foo sshd[17840]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.150.112.25 user=r.r Dec 16 09:22:44 foo sshd[17840]: Failed password for r.r from 107.150.112.25 port 59056 ssh2 Dec 16 09:22:45 foo sshd[17840]: Connection closed by 107.150.112.25 [preauth] Dec 16 09:22:53 foo sshd[17844]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.150.112.25 user=r.r Dec 16 09:22:56 foo sshd[17844]: Failed password for r.r from 107.150.112.25 port 59206 ssh2 Dec 16 09:22:58 foo sshd[17844]: Connection closed by 107.150.112.25 [preauth] Dec 16 09:23:05 foo sshd[17858........ -------------------------------	2019-12-17 03:09:32
51.75.17.122	attackspam	Dec 14 02:18:12 microserver sshd[21116]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.17.122 Dec 14 02:18:14 microserver sshd[21116]: Failed password for invalid user http from 51.75.17.122 port 57092 ssh2 Dec 14 02:23:22 microserver sshd[21892]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.17.122 user=nobody Dec 14 02:23:24 microserver sshd[21892]: Failed password for nobody from 51.75.17.122 port 37774 ssh2 Dec 14 02:33:35 microserver sshd[23547]: Invalid user lorence from 51.75.17.122 port 55100 Dec 14 02:33:35 microserver sshd[23547]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.17.122 Dec 14 02:33:37 microserver sshd[23547]: Failed password for invalid user lorence from 51.75.17.122 port 55100 ssh2 Dec 14 02:38:51 microserver sshd[24306]: Invalid user katsuo from 51.75.17.122 port 35712 Dec 14 02:38:51 microserver sshd[24306]: pam_unix(sshd:auth): authenticat	2019-12-17 02:58:38
218.92.0.192	attackbots	Dec 16 19:41:46 legacy sshd[10987]: Failed password for root from 218.92.0.192 port 25260 ssh2 Dec 16 19:43:59 legacy sshd[11034]: Failed password for root from 218.92.0.192 port 23374 ssh2 ...	2019-12-17 02:57:12
200.205.202.35	attack	fraudulent SSH attempt	2019-12-17 03:16:40
49.234.189.19	attackbots	Dec 16 16:20:27 sd-53420 sshd\[21665\]: User root from 49.234.189.19 not allowed because none of user's groups are listed in AllowGroups Dec 16 16:20:28 sd-53420 sshd\[21665\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.189.19 user=root Dec 16 16:20:29 sd-53420 sshd\[21665\]: Failed password for invalid user root from 49.234.189.19 port 43466 ssh2 Dec 16 16:28:48 sd-53420 sshd\[24783\]: Invalid user kymane from 49.234.189.19 Dec 16 16:28:48 sd-53420 sshd\[24783\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.189.19 ...	2019-12-17 03:14:00
40.92.41.67	attackspam	Dec 16 17:42:06 debian-2gb-vpn-nbg1-1 kernel: [885695.255066] [UFW BLOCK] IN=eth0 OUT= MAC=96:00:00:38:96:44:d2:74:7f:6e:37:e3:08:00 SRC=40.92.41.67 DST=78.46.192.101 LEN=52 TOS=0x02 PREC=0x00 TTL=104 ID=23341 DF PROTO=TCP SPT=55233 DPT=25 WINDOW=8192 RES=0x00 CWR ECE SYN URGP=0	2019-12-17 03:29:40
104.238.110.156	attackbotsspam	Dec 16 16:49:32 web8 sshd\[20301\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.238.110.156 user=root Dec 16 16:49:34 web8 sshd\[20301\]: Failed password for root from 104.238.110.156 port 59008 ssh2 Dec 16 16:55:40 web8 sshd\[23377\]: Invalid user guest from 104.238.110.156 Dec 16 16:55:40 web8 sshd\[23377\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.238.110.156 Dec 16 16:55:42 web8 sshd\[23377\]: Failed password for invalid user guest from 104.238.110.156 port 38104 ssh2	2019-12-17 03:11:02

最近上报的IP列表

39.122.169.206	66.244.213.87	115.75.249.202	232.241.166.251
204.181.43.133	169.159.157.174	46.32.124.217	144.187.93.187
104.214.12.90	96.224.52.100	35.222.160.240	88.157.74.95
228.192.245.166	172.188.100.114	36.84.55.23	146.170.201.235
141.15.94.17	195.9.3.198	190.186.110.115	74.82.47.18