134.209.55.7 - IPInfo

基本信息:

城市(city): Santa Clara

省份(region): California

国家(country): United States

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): DigitalOcean, LLC

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Jul 10 10:50:03 Ubuntu-1404-trusty-64-minimal sshd\[21663\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.55.7 user=root Jul 10 10:50:05 Ubuntu-1404-trusty-64-minimal sshd\[21663\]: Failed password for root from 134.209.55.7 port 50974 ssh2 Jul 10 10:52:37 Ubuntu-1404-trusty-64-minimal sshd\[24948\]: Invalid user document from 134.209.55.7 Jul 10 10:52:37 Ubuntu-1404-trusty-64-minimal sshd\[24948\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.55.7 Jul 10 10:52:39 Ubuntu-1404-trusty-64-minimal sshd\[24948\]: Failed password for invalid user document from 134.209.55.7 port 46152 ssh2	2019-07-10 20:21:30
attackspambots	Jul 7 18:17:06 minden010 sshd[8501]: Failed password for www-data from 134.209.55.7 port 38414 ssh2 Jul 7 18:19:29 minden010 sshd[9302]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.55.7 Jul 7 18:19:31 minden010 sshd[9302]: Failed password for invalid user bamboo from 134.209.55.7 port 33014 ssh2 ...	2019-07-08 00:25:59

类型

评论内容

时间

attackbotsspam

Jul 10 10:50:03 Ubuntu-1404-trusty-64-minimal sshd\[21663\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.55.7  user=root
Jul 10 10:50:05 Ubuntu-1404-trusty-64-minimal sshd\[21663\]: Failed password for root from 134.209.55.7 port 50974 ssh2
Jul 10 10:52:37 Ubuntu-1404-trusty-64-minimal sshd\[24948\]: Invalid user document from 134.209.55.7
Jul 10 10:52:37 Ubuntu-1404-trusty-64-minimal sshd\[24948\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.55.7
Jul 10 10:52:39 Ubuntu-1404-trusty-64-minimal sshd\[24948\]: Failed password for invalid user document from 134.209.55.7 port 46152 ssh2

2019-07-10 20:21:30

attackspambots

Jul  7 18:17:06 minden010 sshd[8501]: Failed password for www-data from 134.209.55.7 port 38414 ssh2
Jul  7 18:19:29 minden010 sshd[9302]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.55.7
Jul  7 18:19:31 minden010 sshd[9302]: Failed password for invalid user bamboo from 134.209.55.7 port 33014 ssh2
...

2019-07-08 00:25:59

相同子网IP讨论:

IP	类型	评论内容	时间
134.209.55.38	attack	2019-08-01 18:12:16 H=(harvard.edu) [134.209.55.38]:49243 I=[192.147.25.65]:25 sender verify fail for : Unrouteable address 2019-08-01 18:12:16 H=(harvard.edu) [134.209.55.38]:49243 I=[192.147.25.65]:25 F= rejected RCPT : Sender verify failed 2019-08-01 18:12:16 H=(harvard.edu) [134.209.55.38]:49243 I=[192.147.25.65]:25 sender verify fail for : Unrouteable address 2019-08-01 18:12:16 H=(harvard.edu) [134.209.55.38]:49243 I=[192.147.25.65]:25 F= rejected RCPT : Sender verify failed ...	2019-08-02 16:13:47
134.209.55.237	attackbotsspam	2019-08-01 18:20:49 H=(chesapeakefamily.com) [134.209.55.237]:38237 I=[192.147.25.65]:25 sender verify fail for : Unrouteable address 2019-08-01 18:20:49 H=(chesapeakefamily.com) [134.209.55.237]:38237 I=[192.147.25.65]:25 F= rejected RCPT : Sender verify failed 2019-08-01 18:20:50 H=(chesapeakefamily.com) [134.209.55.237]:38237 I=[192.147.25.65]:25 sender verify fail for : Unrouteable address 2019-08-01 18:20:50 H=(chesapeakefamily.com) [134.209.55.237]:38237 I=[192.147.25.65]:25 F= rejected RCPT : Sender verify failed ...	2019-08-02 11:19:37
134.209.55.107	attackbots	10s of requests to none existent pages - :443/app-ads.txt - typically bursts of 8 requests per second - undefined node-superagent/4.1.0	2019-07-11 00:39:15
134.209.55.88	spamattack	tried to send spam. blocked by filter	2019-06-27 14:26:05
134.209.55.48	attack	23.06.2019 12:03:49 Connection to port 8088 blocked by firewall	2019-06-23 20:07:11

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 134.209.55.7
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 18205
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;134.209.55.7.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019041500 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Mon Apr 15 15:14:45 +08 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 7.55.209.134.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 7.55.209.134.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
64.225.61.147	attack	May 6 01:27:31 gw1 sshd[24928]: Failed password for root from 64.225.61.147 port 45394 ssh2 ...	2020-05-06 04:42:55
222.186.15.62	attackspambots	May 5 16:52:23 plusreed sshd[14760]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.15.62 user=root May 5 16:52:25 plusreed sshd[14760]: Failed password for root from 222.186.15.62 port 52680 ssh2 ...	2020-05-06 04:57:06
42.191.108.218	attack	05/05/2020-13:54:46.291458 42.191.108.218 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2020-05-06 05:15:19
77.222.54.40	attackspambots	2020-05-05T20:51:33.177171abusebot-7.cloudsearch.cf sshd[10743]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=77-222-54-40.vps-ptr.clients.spaceweb.ru user=root 2020-05-05T20:51:36.020147abusebot-7.cloudsearch.cf sshd[10743]: Failed password for root from 77.222.54.40 port 52724 ssh2 2020-05-05T20:55:35.817698abusebot-7.cloudsearch.cf sshd[10992]: Invalid user cpp from 77.222.54.40 port 39098 2020-05-05T20:55:35.826973abusebot-7.cloudsearch.cf sshd[10992]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=77-222-54-40.vps-ptr.clients.spaceweb.ru 2020-05-05T20:55:35.817698abusebot-7.cloudsearch.cf sshd[10992]: Invalid user cpp from 77.222.54.40 port 39098 2020-05-05T20:55:37.890609abusebot-7.cloudsearch.cf sshd[10992]: Failed password for invalid user cpp from 77.222.54.40 port 39098 ssh2 2020-05-05T20:59:11.103042abusebot-7.cloudsearch.cf sshd[11182]: Invalid user weblogic from 77.222.54.40 port 49368 ...	2020-05-06 05:17:14
162.243.135.221	attackbotsspam	Port Scan detected from 162.243.135.221 (US/United States/California/San Francisco/zg-0428c-40.stretchoid.com). 4 hits in the last 146 seconds	2020-05-06 04:58:29
128.199.85.251	attackbots	Unauthorized access or intrusion attempt detected from Thor banned IP	2020-05-06 05:03:10
222.186.175.215	attackspambots	2020-05-05T16:56:44.374472xentho-1 sshd[129451]: Failed password for root from 222.186.175.215 port 26012 ssh2 2020-05-05T16:56:37.694528xentho-1 sshd[129451]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.215 user=root 2020-05-05T16:56:40.267959xentho-1 sshd[129451]: Failed password for root from 222.186.175.215 port 26012 ssh2 2020-05-05T16:56:44.374472xentho-1 sshd[129451]: Failed password for root from 222.186.175.215 port 26012 ssh2 2020-05-05T16:56:48.679824xentho-1 sshd[129451]: Failed password for root from 222.186.175.215 port 26012 ssh2 2020-05-05T16:56:37.694528xentho-1 sshd[129451]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.215 user=root 2020-05-05T16:56:40.267959xentho-1 sshd[129451]: Failed password for root from 222.186.175.215 port 26012 ssh2 2020-05-05T16:56:44.374472xentho-1 sshd[129451]: Failed password for root from 222.186.175.215 port 26012 ssh2 2020-0 ...	2020-05-06 05:04:34
202.188.101.106	attack	May 5 21:38:45 mail sshd\[19395\]: Invalid user bruce from 202.188.101.106 May 5 21:38:45 mail sshd\[19395\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.188.101.106 May 5 21:38:48 mail sshd\[19395\]: Failed password for invalid user bruce from 202.188.101.106 port 45761 ssh2 ...	2020-05-06 05:16:30
150.136.248.154	attackbotsspam	May 5 22:35:23 host sshd[30011]: Invalid user t24uat1 from 150.136.248.154 port 12808 ...	2020-05-06 05:09:25
113.101.253.147	attackbots	Apr 10 04:02:01 WHD8 postfix/smtpd\[22631\]: warning: unknown\[113.101.253.147\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 10 04:02:07 WHD8 postfix/smtpd\[22631\]: warning: unknown\[113.101.253.147\]: SASL PLAIN authentication failed: UGFzc3dvcmQ6 Apr 10 04:02:19 WHD8 postfix/smtpd\[22631\]: warning: unknown\[113.101.253.147\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-05-06 04:40:39
36.77.95.230	attackbots	1588701282 - 05/05/2020 19:54:42 Host: 36.77.95.230/36.77.95.230 Port: 445 TCP Blocked	2020-05-06 05:14:24
121.229.20.84	attack	May 5 21:55:30 jane sshd[21852]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.229.20.84 May 5 21:55:32 jane sshd[21852]: Failed password for invalid user house from 121.229.20.84 port 56764 ssh2 ...	2020-05-06 04:55:28
49.88.112.115	attack	2020-05-06T05:34:51.398347vivaldi2.tree2.info sshd[5496]: refused connect from 49.88.112.115 (49.88.112.115) 2020-05-06T05:35:55.823655vivaldi2.tree2.info sshd[5512]: refused connect from 49.88.112.115 (49.88.112.115) 2020-05-06T05:36:59.094583vivaldi2.tree2.info sshd[5571]: refused connect from 49.88.112.115 (49.88.112.115) 2020-05-06T05:38:02.316247vivaldi2.tree2.info sshd[5589]: refused connect from 49.88.112.115 (49.88.112.115) 2020-05-06T05:39:04.501524vivaldi2.tree2.info sshd[5621]: refused connect from 49.88.112.115 (49.88.112.115) ...	2020-05-06 04:53:09
118.179.205.83	attackspam	Lines containing failures of 118.179.205.83 May 4 19:16:56 dns01 sshd[31394]: Invalid user adminixxxr from 118.179.205.83 port 60937 May 4 19:16:56 dns01 sshd[31394]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.179.205.83 May 4 19:16:58 dns01 sshd[31394]: Failed password for invalid user adminixxxr from 118.179.205.83 port 60937 ssh2 May 4 19:16:58 dns01 sshd[31394]: Connection closed by invalid user adminixxxr 118.179.205.83 port 60937 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=118.179.205.83	2020-05-06 05:00:41
106.75.7.123	attack	May 6 03:24:38 web1 sshd[26655]: Invalid user majid from 106.75.7.123 port 27814 May 6 03:24:38 web1 sshd[26655]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.7.123 May 6 03:24:38 web1 sshd[26655]: Invalid user majid from 106.75.7.123 port 27814 May 6 03:24:41 web1 sshd[26655]: Failed password for invalid user majid from 106.75.7.123 port 27814 ssh2 May 6 03:45:16 web1 sshd[14746]: Invalid user test1 from 106.75.7.123 port 18095 May 6 03:45:16 web1 sshd[14746]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.7.123 May 6 03:45:16 web1 sshd[14746]: Invalid user test1 from 106.75.7.123 port 18095 May 6 03:45:18 web1 sshd[14746]: Failed password for invalid user test1 from 106.75.7.123 port 18095 ssh2 May 6 03:54:53 web1 sshd[17037]: Invalid user wcs from 106.75.7.123 port 27979 ...	2020-05-06 05:08:37

最近上报的IP列表

36.226.132.232	123.25.239.124	185.101.105.194	112.198.150.38
122.15.202.51	162.243.145.81	118.165.109.219	36.73.170.115
122.231.88.140	5.188.210.158	89.219.129.187	1.175.80.25
176.67.242.163	183.107.101.240	85.152.27.19	82.64.30.201
193.112.65.233	89.96.207.156	222.252.214.239	119.28.45.89