134.209.55.7 - IPInfo

基本信息:

城市(city): Santa Clara

省份(region): California

国家(country): United States

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): DigitalOcean, LLC

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Jul 10 10:50:03 Ubuntu-1404-trusty-64-minimal sshd\[21663\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.55.7 user=root Jul 10 10:50:05 Ubuntu-1404-trusty-64-minimal sshd\[21663\]: Failed password for root from 134.209.55.7 port 50974 ssh2 Jul 10 10:52:37 Ubuntu-1404-trusty-64-minimal sshd\[24948\]: Invalid user document from 134.209.55.7 Jul 10 10:52:37 Ubuntu-1404-trusty-64-minimal sshd\[24948\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.55.7 Jul 10 10:52:39 Ubuntu-1404-trusty-64-minimal sshd\[24948\]: Failed password for invalid user document from 134.209.55.7 port 46152 ssh2	2019-07-10 20:21:30
attackspambots	Jul 7 18:17:06 minden010 sshd[8501]: Failed password for www-data from 134.209.55.7 port 38414 ssh2 Jul 7 18:19:29 minden010 sshd[9302]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.55.7 Jul 7 18:19:31 minden010 sshd[9302]: Failed password for invalid user bamboo from 134.209.55.7 port 33014 ssh2 ...	2019-07-08 00:25:59

类型

评论内容

时间

attackbotsspam

Jul 10 10:50:03 Ubuntu-1404-trusty-64-minimal sshd\[21663\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.55.7  user=root
Jul 10 10:50:05 Ubuntu-1404-trusty-64-minimal sshd\[21663\]: Failed password for root from 134.209.55.7 port 50974 ssh2
Jul 10 10:52:37 Ubuntu-1404-trusty-64-minimal sshd\[24948\]: Invalid user document from 134.209.55.7
Jul 10 10:52:37 Ubuntu-1404-trusty-64-minimal sshd\[24948\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.55.7
Jul 10 10:52:39 Ubuntu-1404-trusty-64-minimal sshd\[24948\]: Failed password for invalid user document from 134.209.55.7 port 46152 ssh2

2019-07-10 20:21:30

attackspambots

Jul  7 18:17:06 minden010 sshd[8501]: Failed password for www-data from 134.209.55.7 port 38414 ssh2
Jul  7 18:19:29 minden010 sshd[9302]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.55.7
Jul  7 18:19:31 minden010 sshd[9302]: Failed password for invalid user bamboo from 134.209.55.7 port 33014 ssh2
...

2019-07-08 00:25:59

相同子网IP讨论:

IP	类型	评论内容	时间
134.209.55.38	attack	2019-08-01 18:12:16 H=(harvard.edu) [134.209.55.38]:49243 I=[192.147.25.65]:25 sender verify fail for : Unrouteable address 2019-08-01 18:12:16 H=(harvard.edu) [134.209.55.38]:49243 I=[192.147.25.65]:25 F= rejected RCPT : Sender verify failed 2019-08-01 18:12:16 H=(harvard.edu) [134.209.55.38]:49243 I=[192.147.25.65]:25 sender verify fail for : Unrouteable address 2019-08-01 18:12:16 H=(harvard.edu) [134.209.55.38]:49243 I=[192.147.25.65]:25 F= rejected RCPT : Sender verify failed ...	2019-08-02 16:13:47
134.209.55.237	attackbotsspam	2019-08-01 18:20:49 H=(chesapeakefamily.com) [134.209.55.237]:38237 I=[192.147.25.65]:25 sender verify fail for : Unrouteable address 2019-08-01 18:20:49 H=(chesapeakefamily.com) [134.209.55.237]:38237 I=[192.147.25.65]:25 F= rejected RCPT : Sender verify failed 2019-08-01 18:20:50 H=(chesapeakefamily.com) [134.209.55.237]:38237 I=[192.147.25.65]:25 sender verify fail for : Unrouteable address 2019-08-01 18:20:50 H=(chesapeakefamily.com) [134.209.55.237]:38237 I=[192.147.25.65]:25 F= rejected RCPT : Sender verify failed ...	2019-08-02 11:19:37
134.209.55.107	attackbots	10s of requests to none existent pages - :443/app-ads.txt - typically bursts of 8 requests per second - undefined node-superagent/4.1.0	2019-07-11 00:39:15
134.209.55.88	spamattack	tried to send spam. blocked by filter	2019-06-27 14:26:05
134.209.55.48	attack	23.06.2019 12:03:49 Connection to port 8088 blocked by firewall	2019-06-23 20:07:11

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 134.209.55.7
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 18205
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;134.209.55.7.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019041500 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Mon Apr 15 15:14:45 +08 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 7.55.209.134.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 7.55.209.134.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
159.89.177.46	attackspambots	<6 unauthorized SSH connections	2020-03-19 17:39:13
89.64.148.176	attackbots	SSH login attempts.	2020-03-19 17:05:07
162.243.133.75	attackspam	Attempted connection to port 15694.	2020-03-19 17:03:25
132.232.44.27	attackspam	ThinkPHP Remote Command Execution Vulnerability	2020-03-19 17:30:01
87.251.74.8	attack	Port scan on 3 port(s): 256 391 886	2020-03-19 17:01:39
178.171.65.212	attackspambots	Chat Spam	2020-03-19 16:57:17
45.14.227.230	attackbotsspam	SQL Injection	2020-03-19 17:23:22
176.31.250.160	attackbots	Mar 19 02:35:14 NPSTNNYC01T sshd[17777]: Failed password for root from 176.31.250.160 port 33102 ssh2 Mar 19 02:38:55 NPSTNNYC01T sshd[17995]: Failed password for root from 176.31.250.160 port 43814 ssh2 ...	2020-03-19 17:32:15
118.24.149.173	attackspambots	Mar 19 06:49:42 ns37 sshd[23398]: Failed password for root from 118.24.149.173 port 57416 ssh2 Mar 19 06:49:42 ns37 sshd[23398]: Failed password for root from 118.24.149.173 port 57416 ssh2	2020-03-19 17:09:12
148.70.18.221	attackspambots	Invalid user list from 148.70.18.221 port 48182	2020-03-19 17:24:34
63.82.48.51	attack	Email Spam	2020-03-19 17:34:38
116.24.67.81	attackspam	SSH login attempts.	2020-03-19 17:25:04
124.171.11.216	attackbotsspam	Invalid user epiconf from 124.171.11.216 port 51868	2020-03-19 17:12:13
210.48.146.61	attackbotsspam	2020-03-19T04:46:54.151148mail.thespaminator.com sshd[13134]: Invalid user oracle from 210.48.146.61 port 50482 2020-03-19T04:46:55.652912mail.thespaminator.com sshd[13134]: Failed password for invalid user oracle from 210.48.146.61 port 50482 ssh2 ...	2020-03-19 16:56:38
203.192.204.168	attackbotsspam	Invalid user qq from 203.192.204.168 port 34984	2020-03-19 17:27:32

最近上报的IP列表

36.226.132.232	123.25.239.124	185.101.105.194	112.198.150.38
122.15.202.51	162.243.145.81	118.165.109.219	36.73.170.115
122.231.88.140	5.188.210.158	89.219.129.187	1.175.80.25
176.67.242.163	183.107.101.240	85.152.27.19	82.64.30.201
193.112.65.233	89.96.207.156	222.252.214.239	119.28.45.89