134.209.70.103

基本信息:

城市(city): North Bergen

省份(region): New Jersey

国家(country): United States

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	LAMP,DEF GET /wp-login.php	2019-09-26 01:45:58

相同子网IP讨论:

IP	类型	评论内容	时间
134.209.70.255	attackspam	Invalid user http from 134.209.70.255 port 56304	2019-12-31 17:32:49
134.209.70.255	attackspam	Dec 22 07:44:28 server sshd\[855\]: Invalid user holeman from 134.209.70.255 Dec 22 07:44:28 server sshd\[855\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.70.255 Dec 22 07:44:30 server sshd\[855\]: Failed password for invalid user holeman from 134.209.70.255 port 50716 ssh2 Dec 22 07:54:41 server sshd\[3537\]: Invalid user robuck from 134.209.70.255 Dec 22 07:54:41 server sshd\[3537\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.70.255 ...	2019-12-22 14:00:48
134.209.70.255	attackspam	SSH login attempts.	2019-12-15 06:09:04
134.209.70.255	attackbotsspam	2019-12-13T08:31:18.494273shield sshd\[2597\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.70.255 user=root 2019-12-13T08:31:19.936492shield sshd\[2597\]: Failed password for root from 134.209.70.255 port 55408 ssh2 2019-12-13T08:37:01.243410shield sshd\[4516\]: Invalid user lauren from 134.209.70.255 port 40026 2019-12-13T08:37:01.247693shield sshd\[4516\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.70.255 2019-12-13T08:37:03.111985shield sshd\[4516\]: Failed password for invalid user lauren from 134.209.70.255 port 40026 ssh2	2019-12-13 16:55:56
134.209.70.255	attackspam	Dec 6 14:46:12 [host] sshd[10125]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.70.255 user=root Dec 6 14:46:14 [host] sshd[10125]: Failed password for root from 134.209.70.255 port 51140 ssh2 Dec 6 14:52:05 [host] sshd[10210]: Invalid user offill from 134.209.70.255	2019-12-06 22:36:21
134.209.70.255	attack	Dec 6 00:22:13 TORMINT sshd\[9605\]: Invalid user mangue from 134.209.70.255 Dec 6 00:22:13 TORMINT sshd\[9605\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.70.255 Dec 6 00:22:15 TORMINT sshd\[9605\]: Failed password for invalid user mangue from 134.209.70.255 port 38896 ssh2 ...	2019-12-06 13:26:35
134.209.70.255	attackbotsspam	Dec 2 12:39:31 Ubuntu-1404-trusty-64-minimal sshd\[29104\]: Invalid user mysql from 134.209.70.255 Dec 2 12:39:31 Ubuntu-1404-trusty-64-minimal sshd\[29104\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.70.255 Dec 2 12:39:33 Ubuntu-1404-trusty-64-minimal sshd\[29104\]: Failed password for invalid user mysql from 134.209.70.255 port 60170 ssh2 Dec 2 12:46:03 Ubuntu-1404-trusty-64-minimal sshd\[4869\]: Invalid user bitch from 134.209.70.255 Dec 2 12:46:03 Ubuntu-1404-trusty-64-minimal sshd\[4869\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.70.255	2019-12-02 20:35:45
134.209.70.2	attack	SSH login attempts with user root.	2019-11-30 06:31:48
134.209.70.255	attack	Nov 29 05:52:21 ns3042688 sshd\[653\]: Invalid user ben from 134.209.70.255 Nov 29 05:52:21 ns3042688 sshd\[653\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.70.255 Nov 29 05:52:24 ns3042688 sshd\[653\]: Failed password for invalid user ben from 134.209.70.255 port 51390 ssh2 Nov 29 05:55:36 ns3042688 sshd\[1949\]: Invalid user taildeman from 134.209.70.255 Nov 29 05:55:36 ns3042688 sshd\[1949\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.70.255 ...	2019-11-29 14:14:40
134.209.70.255	attackbotsspam	Sep 20 02:43:08 web8 sshd\[4342\]: Invalid user PS from 134.209.70.255 Sep 20 02:43:08 web8 sshd\[4342\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.70.255 Sep 20 02:43:10 web8 sshd\[4342\]: Failed password for invalid user PS from 134.209.70.255 port 35710 ssh2 Sep 20 02:47:34 web8 sshd\[6311\]: Invalid user admin from 134.209.70.255 Sep 20 02:47:34 web8 sshd\[6311\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.70.255	2019-09-20 10:52:22
134.209.70.255	attack	Sep 10 09:39:27 nextcloud sshd\[7185\]: Invalid user user from 134.209.70.255 Sep 10 09:39:27 nextcloud sshd\[7185\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.70.255 Sep 10 09:39:29 nextcloud sshd\[7185\]: Failed password for invalid user user from 134.209.70.255 port 46928 ssh2 ...	2019-09-10 16:15:21
134.209.70.255	attackspambots	Sep 9 15:50:09 xtremcommunity sshd\[152008\]: Invalid user 13 from 134.209.70.255 port 55224 Sep 9 15:50:09 xtremcommunity sshd\[152008\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.70.255 Sep 9 15:50:11 xtremcommunity sshd\[152008\]: Failed password for invalid user 13 from 134.209.70.255 port 55224 ssh2 Sep 9 15:56:12 xtremcommunity sshd\[152167\]: Invalid user 97 from 134.209.70.255 port 37312 Sep 9 15:56:12 xtremcommunity sshd\[152167\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.70.255 ...	2019-09-10 04:28:55
134.209.70.255	attackbotsspam	2019-09-05T22:35:09.658527abusebot-8.cloudsearch.cf sshd\[26857\]: Invalid user postgres from 134.209.70.255 port 56136	2019-09-06 11:14:06
134.209.70.255	attack	Aug 27 20:32:12 hanapaa sshd\[16472\]: Invalid user no1 from 134.209.70.255 Aug 27 20:32:12 hanapaa sshd\[16472\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.70.255 Aug 27 20:32:14 hanapaa sshd\[16472\]: Failed password for invalid user no1 from 134.209.70.255 port 42782 ssh2 Aug 27 20:36:17 hanapaa sshd\[16838\]: Invalid user suporte from 134.209.70.255 Aug 27 20:36:17 hanapaa sshd\[16838\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.70.255	2019-08-28 14:41:30
134.209.70.255	attackspam	Invalid user user1 from 134.209.70.255 port 42210	2019-08-23 16:36:27

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 134.209.70.103
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63823
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;134.209.70.103.			IN	A

;; AUTHORITY SECTION:
.			598	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019092500 1800 900 604800 86400

;; Query time: 151 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Sep 26 01:45:55 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 103.70.209.134.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 103.70.209.134.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
189.1.132.75	attackspambots	189.1.132.75 (BR/Brazil/-), 6 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 16 05:45:01 server2 sshd[24477]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=161.35.135.185 user=root Sep 16 05:45:03 server2 sshd[24477]: Failed password for root from 161.35.135.185 port 57412 ssh2 Sep 16 05:44:29 server2 sshd[24391]: Failed password for root from 91.134.135.95 port 52858 ssh2 Sep 16 05:43:59 server2 sshd[23969]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.32.192.85 user=root Sep 16 05:44:00 server2 sshd[23969]: Failed password for root from 178.32.192.85 port 45333 ssh2 Sep 16 05:45:28 server2 sshd[24909]: Failed password for root from 189.1.132.75 port 51790 ssh2 IP Addresses Blocked: 161.35.135.185 (US/United States/-) 91.134.135.95 (FR/France/-) 178.32.192.85 (FR/France/-)	2020-09-16 20:26:46
138.197.25.187	attackbotsspam	Sep 16 17:26:39 gw1 sshd[24516]: Failed password for root from 138.197.25.187 port 56890 ssh2 ...	2020-09-16 20:34:14
106.54.111.75	attackspambots	(sshd) Failed SSH login from 106.54.111.75 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 16 07:39:14 jbs1 sshd[21766]: Invalid user unison from 106.54.111.75 Sep 16 07:39:14 jbs1 sshd[21766]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.111.75 Sep 16 07:39:16 jbs1 sshd[21766]: Failed password for invalid user unison from 106.54.111.75 port 36034 ssh2 Sep 16 07:53:50 jbs1 sshd[28703]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.111.75 user=root Sep 16 07:53:53 jbs1 sshd[28703]: Failed password for root from 106.54.111.75 port 45156 ssh2	2020-09-16 20:05:19
138.68.82.194	attack	Cowrie Honeypot: 2 unauthorised SSH/Telnet login attempts between 2020-09-16T12:20:50Z and 2020-09-16T12:20:50Z	2020-09-16 20:33:42
203.176.74.228	attackbots	Sep 16 11:37:56 master sshd[6583]: Failed password for root from 203.176.74.228 port 41734 ssh2 Sep 16 11:44:14 master sshd[6765]: Failed password for root from 203.176.74.228 port 42740 ssh2 Sep 16 11:48:51 master sshd[6870]: Failed password for root from 203.176.74.228 port 36329 ssh2 Sep 16 11:57:42 master sshd[7083]: Failed password for root from 203.176.74.228 port 51744 ssh2 Sep 16 12:01:59 master sshd[7581]: Failed password for root from 203.176.74.228 port 45333 ssh2 Sep 16 12:06:12 master sshd[7669]: Failed password for root from 203.176.74.228 port 38922 ssh2 Sep 16 12:10:23 master sshd[7827]: Failed password for root from 203.176.74.228 port 60746 ssh2 Sep 16 12:14:46 master sshd[7861]: Failed password for root from 203.176.74.228 port 54335 ssh2 Sep 16 12:18:59 master sshd[7954]: Failed password for root from 203.176.74.228 port 47924 ssh2 Sep 16 12:23:15 master sshd[8078]: Failed password for root from 203.176.74.228 port 41516 ssh2	2020-09-16 20:05:53
91.108.30.116	attackspambots	Unauthorized admin access - /admin/	2020-09-16 20:38:13
218.92.0.211	attackbots	Sep 16 17:49:54 mx sshd[726363]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.211 user=root Sep 16 17:49:57 mx sshd[726363]: Failed password for root from 218.92.0.211 port 52867 ssh2 Sep 16 17:49:54 mx sshd[726363]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.211 user=root Sep 16 17:49:57 mx sshd[726363]: Failed password for root from 218.92.0.211 port 52867 ssh2 Sep 16 17:49:59 mx sshd[726363]: Failed password for root from 218.92.0.211 port 52867 ssh2 ...	2020-09-16 20:33:12
122.100.186.68	attack	Sep 16 12:02:43 vps639187 sshd\[21974\]: Invalid user pi from 122.100.186.68 port 46984 Sep 16 12:02:43 vps639187 sshd\[21974\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.100.186.68 Sep 16 12:02:45 vps639187 sshd\[21974\]: Failed password for invalid user pi from 122.100.186.68 port 46984 ssh2 ...	2020-09-16 20:22:55
78.29.32.19	attackspambots	Unauthorized connection attempt from IP address 78.29.32.19 on Port 445(SMB)	2020-09-16 20:36:46
112.85.42.102	attackbotsspam	Sep 16 12:08:23 vps-51d81928 sshd[108950]: Failed password for root from 112.85.42.102 port 22556 ssh2 Sep 16 12:08:28 vps-51d81928 sshd[108950]: Failed password for root from 112.85.42.102 port 22556 ssh2 Sep 16 12:08:31 vps-51d81928 sshd[108950]: Failed password for root from 112.85.42.102 port 22556 ssh2 Sep 16 12:09:34 vps-51d81928 sshd[108960]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.102 user=root Sep 16 12:09:36 vps-51d81928 sshd[108960]: Failed password for root from 112.85.42.102 port 27432 ssh2 ...	2020-09-16 20:11:36
112.85.42.67	attackbotsspam	Sep 16 08:34:07 plusreed sshd[24197]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.67 user=root Sep 16 08:34:09 plusreed sshd[24197]: Failed password for root from 112.85.42.67 port 41661 ssh2 ...	2020-09-16 20:49:47
177.200.93.166	attackbotsspam	Automatic report - Port Scan Attack	2020-09-16 20:43:57
51.75.19.175	attack	(sshd) Failed SSH login from 51.75.19.175 (FR/France/175.ip-51-75-19.eu): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 16 12:34:03 amsweb01 sshd[4883]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.19.175 user=root Sep 16 12:34:05 amsweb01 sshd[4883]: Failed password for root from 51.75.19.175 port 48546 ssh2 Sep 16 12:49:05 amsweb01 sshd[7235]: Invalid user squid from 51.75.19.175 port 55654 Sep 16 12:49:07 amsweb01 sshd[7235]: Failed password for invalid user squid from 51.75.19.175 port 55654 ssh2 Sep 16 12:52:45 amsweb01 sshd[7751]: Invalid user mariana from 51.75.19.175 port 45924	2020-09-16 20:41:18
62.234.193.119	attackspambots	Sep 16 10:03:56 localhost sshd[936881]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.193.119 Sep 16 10:03:56 localhost sshd[936881]: Invalid user oracle from 62.234.193.119 port 49198 Sep 16 10:03:58 localhost sshd[936881]: Failed password for invalid user oracle from 62.234.193.119 port 49198 ssh2 Sep 16 10:04:48 localhost sshd[938654]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.193.119 user=root Sep 16 10:04:50 localhost sshd[938654]: Failed password for root from 62.234.193.119 port 59016 ssh2 ...	2020-09-16 20:22:43
212.64.95.187	attack	Sep 16 07:15:02 Tower sshd[6429]: Connection from 212.64.95.187 port 40004 on 192.168.10.220 port 22 rdomain "" Sep 16 07:15:03 Tower sshd[6429]: Failed password for root from 212.64.95.187 port 40004 ssh2 Sep 16 07:15:04 Tower sshd[6429]: Received disconnect from 212.64.95.187 port 40004:11: Bye Bye [preauth] Sep 16 07:15:04 Tower sshd[6429]: Disconnected from authenticating user root 212.64.95.187 port 40004 [preauth]	2020-09-16 20:35:20

最近上报的IP列表

118.144.2.117	176.55.55.90	217.239.204.150	75.14.251.131
24.11.123.170	27.68.131.150	110.85.60.218	47.153.36.189
74.246.142.197	91.248.23.4	159.203.201.183	200.56.95.199
75.53.90.124	166.239.164.236	168.179.208.230	189.118.181.172
179.229.232.105	66.21.89.10	109.208.221.255	84.219.191.187