134.209.53.244

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Automatic report - Banned IP Access	2020-05-11 01:10:17
attack	CMS (WordPress or Joomla) login attempt.	2020-03-25 13:17:22
attackbots	134.209.53.244 - - [16/Mar/2020:09:29:07 +0100] "GET /wp-login.php HTTP/1.1" 200 5459 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 134.209.53.244 - - [16/Mar/2020:09:29:11 +0100] "POST /wp-login.php HTTP/1.1" 200 6358 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 134.209.53.244 - - [16/Mar/2020:09:29:14 +0100] "POST /xmlrpc.php HTTP/1.1" 200 438 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-03-16 17:47:31
attackbotsspam	134.209.53.244 - - [26/Feb/2020:22:28:26 +0300] "POST /wp-login.php HTTP/1.1" 200 2790 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-02-27 05:40:13
attack	[munged]::443 134.209.53.244 - - [13/Jan/2020:16:46:05 +0100] "POST /[munged]: HTTP/1.1" 200 9080 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 134.209.53.244 - - [13/Jan/2020:16:46:08 +0100] "POST /[munged]: HTTP/1.1" 200 9080 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 134.209.53.244 - - [13/Jan/2020:16:46:12 +0100] "POST /[munged]: HTTP/1.1" 200 9080 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 134.209.53.244 - - [13/Jan/2020:16:46:15 +0100] "POST /[munged]: HTTP/1.1" 200 9080 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 134.209.53.244 - - [13/Jan/2020:16:46:17 +0100] "POST /[munged]: HTTP/1.1" 200 9080 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 134.209.53.244 - - [13/Jan/2020:16:46:20 +0100] "POST /[munged]: HTTP/1.1" 200 9080 "-" "Mozilla/5.0 (X11	2020-01-14 03:19:20
attack	WordPress login Brute force / Web App Attack on client site.	2020-01-08 03:20:52
attack	php WP PHPmyadamin ABUSE blocked for 12h	2019-12-30 05:58:22
attackbots	WordPress login Brute force / Web App Attack on client site.	2019-12-07 18:04:35
attack	Automatic report - XMLRPC Attack	2019-10-26 16:19:30
attackspam	DirectAdmin Block	2019-09-04 10:59:50
attack	WordPress Login Attack Browser: Firefox version 62.0 running on Linux Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0	2019-08-19 08:02:05

相同子网IP讨论:

IP	类型	评论内容	时间
134.209.53.220	attack	WordPress login Brute force / Web App Attack on client site.	2019-07-25 05:11:32
134.209.53.220	attackbots	Automatic report - Banned IP Access	2019-07-24 22:58:36
134.209.53.220	attack	Automatic report - Web App Attack	2019-07-03 02:33:37

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 134.209.53.244
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 6623
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;134.209.53.244.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019072400 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Jul 24 17:11:16 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 244.53.209.134.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 244.53.209.134.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
92.50.105.150	attackbotsspam	Automatic report - XMLRPC Attack	2019-11-15 16:40:20
157.230.55.177	attack	www.eintrachtkultkellerfulda.de 157.230.55.177 \[15/Nov/2019:08:00:24 +0100\] "POST /wp-login.php HTTP/1.1" 200 2705 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" www.eintrachtkultkellerfulda.de 157.230.55.177 \[15/Nov/2019:08:00:24 +0100\] "POST /wp-login.php HTTP/1.1" 200 2670 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" www.eintrachtkultkellerfulda.de 157.230.55.177 \[15/Nov/2019:08:00:25 +0100\] "POST /xmlrpc.php HTTP/1.1" 200 426 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-11-15 16:34:30
210.210.175.63	attackspambots	Invalid user andy from 210.210.175.63 port 55584	2019-11-15 16:51:20
1.174.87.247	attack	Telnet Server BruteForce Attack	2019-11-15 16:32:13
106.12.197.119	attackbots	Nov 15 10:16:31 server sshd\[28736\]: Invalid user jacky from 106.12.197.119 port 34888 Nov 15 10:16:31 server sshd\[28736\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.197.119 Nov 15 10:16:33 server sshd\[28736\]: Failed password for invalid user jacky from 106.12.197.119 port 34888 ssh2 Nov 15 10:21:04 server sshd\[16171\]: Invalid user mcnicol from 106.12.197.119 port 42320 Nov 15 10:21:04 server sshd\[16171\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.197.119	2019-11-15 16:29:43
202.181.238.4	attackbots	Nov 15 09:41:05 markkoudstaal sshd[16382]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.181.238.4 Nov 15 09:41:06 markkoudstaal sshd[16382]: Failed password for invalid user trentadue from 202.181.238.4 port 41352 ssh2 Nov 15 09:49:27 markkoudstaal sshd[17047]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.181.238.4	2019-11-15 17:00:38
156.227.67.5	attack	Nov 15 09:59:33 sd-53420 sshd\[12226\]: Invalid user developers from 156.227.67.5 Nov 15 09:59:33 sd-53420 sshd\[12226\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=156.227.67.5 Nov 15 09:59:35 sd-53420 sshd\[12226\]: Failed password for invalid user developers from 156.227.67.5 port 55208 ssh2 Nov 15 10:04:12 sd-53420 sshd\[13592\]: Invalid user heidler from 156.227.67.5 Nov 15 10:04:12 sd-53420 sshd\[13592\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=156.227.67.5 ...	2019-11-15 17:07:02
103.225.99.36	attack	pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.225.99.36 Failed password for invalid user test from 103.225.99.36 port 56926 ssh2 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.225.99.36 user=root Failed password for root from 103.225.99.36 port 60937 ssh2 Invalid user topidc@com from 103.225.99.36 port 27565	2019-11-15 16:37:49
139.199.219.235	attackbots	Automatic report - SSH Brute-Force Attack	2019-11-15 16:41:40
104.192.0.58	attackbotsspam	fake referer, bad user-agent	2019-11-15 16:58:39
122.51.178.89	attackbotsspam	Nov 14 20:21:54 tdfoods sshd\[14642\]: Invalid user donnice from 122.51.178.89 Nov 14 20:21:54 tdfoods sshd\[14642\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.178.89 Nov 14 20:21:56 tdfoods sshd\[14642\]: Failed password for invalid user donnice from 122.51.178.89 port 60084 ssh2 Nov 14 20:27:25 tdfoods sshd\[15097\]: Invalid user smmsp from 122.51.178.89 Nov 14 20:27:25 tdfoods sshd\[15097\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.178.89	2019-11-15 16:56:04
139.155.118.190	attackbotsspam	Nov 14 20:57:01 auw2 sshd\[4484\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.118.190 user=root Nov 14 20:57:03 auw2 sshd\[4484\]: Failed password for root from 139.155.118.190 port 36597 ssh2 Nov 14 21:01:48 auw2 sshd\[4892\]: Invalid user divya from 139.155.118.190 Nov 14 21:01:48 auw2 sshd\[4892\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.118.190 Nov 14 21:01:50 auw2 sshd\[4892\]: Failed password for invalid user divya from 139.155.118.190 port 53663 ssh2	2019-11-15 16:38:59
45.55.42.17	attack	Invalid user ubuntu from 45.55.42.17 port 37912	2019-11-15 16:48:01
185.176.27.6	attackbotsspam	11/15/2019-09:46:22.172329 185.176.27.6 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-11-15 16:48:18
104.237.4.67	attackbotsspam	fake referer, bad user-agent	2019-11-15 16:51:49

最近上报的IP列表

209.48.55.224	124.218.127.97	88.99.61.195	150.221.146.22
134.17.65.166	19.95.147.185	252.26.51.147	178.167.111.210
33.18.18.146	78.137.242.121	235.13.113.73	88.213.252.35
170.53.192.93	59.89.65.25	68.183.83.89	170.68.46.166
17.67.122.24	248.56.58.48	204.25.5.81	65.20.123.91