134.209.70.103

基本信息:

城市(city): North Bergen

省份(region): New Jersey

国家(country): United States

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	LAMP,DEF GET /wp-login.php	2019-09-26 01:45:58

相同子网IP讨论:

IP	类型	评论内容	时间
134.209.70.255	attackspam	Invalid user http from 134.209.70.255 port 56304	2019-12-31 17:32:49
134.209.70.255	attackspam	Dec 22 07:44:28 server sshd\[855\]: Invalid user holeman from 134.209.70.255 Dec 22 07:44:28 server sshd\[855\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.70.255 Dec 22 07:44:30 server sshd\[855\]: Failed password for invalid user holeman from 134.209.70.255 port 50716 ssh2 Dec 22 07:54:41 server sshd\[3537\]: Invalid user robuck from 134.209.70.255 Dec 22 07:54:41 server sshd\[3537\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.70.255 ...	2019-12-22 14:00:48
134.209.70.255	attackspam	SSH login attempts.	2019-12-15 06:09:04
134.209.70.255	attackbotsspam	2019-12-13T08:31:18.494273shield sshd\[2597\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.70.255 user=root 2019-12-13T08:31:19.936492shield sshd\[2597\]: Failed password for root from 134.209.70.255 port 55408 ssh2 2019-12-13T08:37:01.243410shield sshd\[4516\]: Invalid user lauren from 134.209.70.255 port 40026 2019-12-13T08:37:01.247693shield sshd\[4516\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.70.255 2019-12-13T08:37:03.111985shield sshd\[4516\]: Failed password for invalid user lauren from 134.209.70.255 port 40026 ssh2	2019-12-13 16:55:56
134.209.70.255	attackspam	Dec 6 14:46:12 [host] sshd[10125]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.70.255 user=root Dec 6 14:46:14 [host] sshd[10125]: Failed password for root from 134.209.70.255 port 51140 ssh2 Dec 6 14:52:05 [host] sshd[10210]: Invalid user offill from 134.209.70.255	2019-12-06 22:36:21
134.209.70.255	attack	Dec 6 00:22:13 TORMINT sshd\[9605\]: Invalid user mangue from 134.209.70.255 Dec 6 00:22:13 TORMINT sshd\[9605\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.70.255 Dec 6 00:22:15 TORMINT sshd\[9605\]: Failed password for invalid user mangue from 134.209.70.255 port 38896 ssh2 ...	2019-12-06 13:26:35
134.209.70.255	attackbotsspam	Dec 2 12:39:31 Ubuntu-1404-trusty-64-minimal sshd\[29104\]: Invalid user mysql from 134.209.70.255 Dec 2 12:39:31 Ubuntu-1404-trusty-64-minimal sshd\[29104\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.70.255 Dec 2 12:39:33 Ubuntu-1404-trusty-64-minimal sshd\[29104\]: Failed password for invalid user mysql from 134.209.70.255 port 60170 ssh2 Dec 2 12:46:03 Ubuntu-1404-trusty-64-minimal sshd\[4869\]: Invalid user bitch from 134.209.70.255 Dec 2 12:46:03 Ubuntu-1404-trusty-64-minimal sshd\[4869\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.70.255	2019-12-02 20:35:45
134.209.70.2	attack	SSH login attempts with user root.	2019-11-30 06:31:48
134.209.70.255	attack	Nov 29 05:52:21 ns3042688 sshd\[653\]: Invalid user ben from 134.209.70.255 Nov 29 05:52:21 ns3042688 sshd\[653\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.70.255 Nov 29 05:52:24 ns3042688 sshd\[653\]: Failed password for invalid user ben from 134.209.70.255 port 51390 ssh2 Nov 29 05:55:36 ns3042688 sshd\[1949\]: Invalid user taildeman from 134.209.70.255 Nov 29 05:55:36 ns3042688 sshd\[1949\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.70.255 ...	2019-11-29 14:14:40
134.209.70.255	attackbotsspam	Sep 20 02:43:08 web8 sshd\[4342\]: Invalid user PS from 134.209.70.255 Sep 20 02:43:08 web8 sshd\[4342\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.70.255 Sep 20 02:43:10 web8 sshd\[4342\]: Failed password for invalid user PS from 134.209.70.255 port 35710 ssh2 Sep 20 02:47:34 web8 sshd\[6311\]: Invalid user admin from 134.209.70.255 Sep 20 02:47:34 web8 sshd\[6311\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.70.255	2019-09-20 10:52:22
134.209.70.255	attack	Sep 10 09:39:27 nextcloud sshd\[7185\]: Invalid user user from 134.209.70.255 Sep 10 09:39:27 nextcloud sshd\[7185\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.70.255 Sep 10 09:39:29 nextcloud sshd\[7185\]: Failed password for invalid user user from 134.209.70.255 port 46928 ssh2 ...	2019-09-10 16:15:21
134.209.70.255	attackspambots	Sep 9 15:50:09 xtremcommunity sshd\[152008\]: Invalid user 13 from 134.209.70.255 port 55224 Sep 9 15:50:09 xtremcommunity sshd\[152008\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.70.255 Sep 9 15:50:11 xtremcommunity sshd\[152008\]: Failed password for invalid user 13 from 134.209.70.255 port 55224 ssh2 Sep 9 15:56:12 xtremcommunity sshd\[152167\]: Invalid user 97 from 134.209.70.255 port 37312 Sep 9 15:56:12 xtremcommunity sshd\[152167\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.70.255 ...	2019-09-10 04:28:55
134.209.70.255	attackbotsspam	2019-09-05T22:35:09.658527abusebot-8.cloudsearch.cf sshd\[26857\]: Invalid user postgres from 134.209.70.255 port 56136	2019-09-06 11:14:06
134.209.70.255	attack	Aug 27 20:32:12 hanapaa sshd\[16472\]: Invalid user no1 from 134.209.70.255 Aug 27 20:32:12 hanapaa sshd\[16472\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.70.255 Aug 27 20:32:14 hanapaa sshd\[16472\]: Failed password for invalid user no1 from 134.209.70.255 port 42782 ssh2 Aug 27 20:36:17 hanapaa sshd\[16838\]: Invalid user suporte from 134.209.70.255 Aug 27 20:36:17 hanapaa sshd\[16838\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.70.255	2019-08-28 14:41:30
134.209.70.255	attackspam	Invalid user user1 from 134.209.70.255 port 42210	2019-08-23 16:36:27

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 134.209.70.103
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63823
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;134.209.70.103.			IN	A

;; AUTHORITY SECTION:
.			598	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019092500 1800 900 604800 86400

;; Query time: 151 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Sep 26 01:45:55 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 103.70.209.134.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 103.70.209.134.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
36.155.115.72	attackspam	Invalid user admin from 36.155.115.72 port 56365	2020-04-24 06:28:12
139.217.96.76	attack	Invalid user ew from 139.217.96.76 port 39808	2020-04-24 06:16:18
120.132.66.117	attack	Invalid user qp from 120.132.66.117 port 48865	2020-04-24 06:19:52
152.136.165.226	attackbotsspam	Port scan(s) denied	2020-04-24 06:22:47
113.21.96.63	attack	(imapd) Failed IMAP login from 113.21.96.63 (NC/New Caledonia/host-113-21-96-63.canl.nc): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Apr 23 21:10:21 ir1 dovecot[264309]: imap-login: Disconnected (auth failed, 1 attempts in 6 secs): user=, method=PLAIN, rip=113.21.96.63, lip=5.63.12.44, TLS, session=<+kg55/ejHuxxFWA/>	2020-04-24 06:13:11
49.233.216.158	attackbots	Apr 22 11:14:22 cloud sshd[27987]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.216.158 Apr 22 11:14:23 cloud sshd[27987]: Failed password for invalid user td from 49.233.216.158 port 50864 ssh2	2020-04-24 05:56:29
171.239.126.15	attackbotsspam	firewall-block, port(s): 9530/tcp	2020-04-24 06:21:57
222.186.15.158	attackspam	The IP address [222.186.15.158] experienced 10 failed attempts when attempting to log into SSH running on NAS within 5 minutes, and was blocked at Thu Apr 23 23:14:‪39 2020‬.	2020-04-24 06:05:47
183.16.103.30	attack	Spam_report	2020-04-24 05:56:00
72.205.37.52	attackspam	Repeated brute force against a port	2020-04-24 06:21:32
49.233.136.245	attackspam	SSH Invalid Login	2020-04-24 06:11:02
185.202.1.27	attackbots	RDPBrutePLe	2020-04-24 06:15:48
129.211.99.254	attackbots	SSH Brute-Force Attack	2020-04-24 05:59:57
40.71.199.120	attackbotsspam	Repeated RDP login failures. Last user: administrator	2020-04-24 06:06:34
1.255.153.167	attackbots	Invalid user admin from 1.255.153.167 port 36538	2020-04-24 06:08:19

最近上报的IP列表

118.144.2.117	176.55.55.90	217.239.204.150	75.14.251.131
24.11.123.170	27.68.131.150	110.85.60.218	47.153.36.189
74.246.142.197	91.248.23.4	159.203.201.183	200.56.95.199
75.53.90.124	166.239.164.236	168.179.208.230	189.118.181.172
179.229.232.105	66.21.89.10	109.208.221.255	84.219.191.187