134.209.70.103

基本信息:

城市(city): North Bergen

省份(region): New Jersey

国家(country): United States

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	LAMP,DEF GET /wp-login.php	2019-09-26 01:45:58

相同子网IP讨论:

IP	类型	评论内容	时间
134.209.70.255	attackspam	Invalid user http from 134.209.70.255 port 56304	2019-12-31 17:32:49
134.209.70.255	attackspam	Dec 22 07:44:28 server sshd\[855\]: Invalid user holeman from 134.209.70.255 Dec 22 07:44:28 server sshd\[855\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.70.255 Dec 22 07:44:30 server sshd\[855\]: Failed password for invalid user holeman from 134.209.70.255 port 50716 ssh2 Dec 22 07:54:41 server sshd\[3537\]: Invalid user robuck from 134.209.70.255 Dec 22 07:54:41 server sshd\[3537\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.70.255 ...	2019-12-22 14:00:48
134.209.70.255	attackspam	SSH login attempts.	2019-12-15 06:09:04
134.209.70.255	attackbotsspam	2019-12-13T08:31:18.494273shield sshd\[2597\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.70.255 user=root 2019-12-13T08:31:19.936492shield sshd\[2597\]: Failed password for root from 134.209.70.255 port 55408 ssh2 2019-12-13T08:37:01.243410shield sshd\[4516\]: Invalid user lauren from 134.209.70.255 port 40026 2019-12-13T08:37:01.247693shield sshd\[4516\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.70.255 2019-12-13T08:37:03.111985shield sshd\[4516\]: Failed password for invalid user lauren from 134.209.70.255 port 40026 ssh2	2019-12-13 16:55:56
134.209.70.255	attackspam	Dec 6 14:46:12 [host] sshd[10125]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.70.255 user=root Dec 6 14:46:14 [host] sshd[10125]: Failed password for root from 134.209.70.255 port 51140 ssh2 Dec 6 14:52:05 [host] sshd[10210]: Invalid user offill from 134.209.70.255	2019-12-06 22:36:21
134.209.70.255	attack	Dec 6 00:22:13 TORMINT sshd\[9605\]: Invalid user mangue from 134.209.70.255 Dec 6 00:22:13 TORMINT sshd\[9605\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.70.255 Dec 6 00:22:15 TORMINT sshd\[9605\]: Failed password for invalid user mangue from 134.209.70.255 port 38896 ssh2 ...	2019-12-06 13:26:35
134.209.70.255	attackbotsspam	Dec 2 12:39:31 Ubuntu-1404-trusty-64-minimal sshd\[29104\]: Invalid user mysql from 134.209.70.255 Dec 2 12:39:31 Ubuntu-1404-trusty-64-minimal sshd\[29104\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.70.255 Dec 2 12:39:33 Ubuntu-1404-trusty-64-minimal sshd\[29104\]: Failed password for invalid user mysql from 134.209.70.255 port 60170 ssh2 Dec 2 12:46:03 Ubuntu-1404-trusty-64-minimal sshd\[4869\]: Invalid user bitch from 134.209.70.255 Dec 2 12:46:03 Ubuntu-1404-trusty-64-minimal sshd\[4869\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.70.255	2019-12-02 20:35:45
134.209.70.2	attack	SSH login attempts with user root.	2019-11-30 06:31:48
134.209.70.255	attack	Nov 29 05:52:21 ns3042688 sshd\[653\]: Invalid user ben from 134.209.70.255 Nov 29 05:52:21 ns3042688 sshd\[653\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.70.255 Nov 29 05:52:24 ns3042688 sshd\[653\]: Failed password for invalid user ben from 134.209.70.255 port 51390 ssh2 Nov 29 05:55:36 ns3042688 sshd\[1949\]: Invalid user taildeman from 134.209.70.255 Nov 29 05:55:36 ns3042688 sshd\[1949\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.70.255 ...	2019-11-29 14:14:40
134.209.70.255	attackbotsspam	Sep 20 02:43:08 web8 sshd\[4342\]: Invalid user PS from 134.209.70.255 Sep 20 02:43:08 web8 sshd\[4342\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.70.255 Sep 20 02:43:10 web8 sshd\[4342\]: Failed password for invalid user PS from 134.209.70.255 port 35710 ssh2 Sep 20 02:47:34 web8 sshd\[6311\]: Invalid user admin from 134.209.70.255 Sep 20 02:47:34 web8 sshd\[6311\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.70.255	2019-09-20 10:52:22
134.209.70.255	attack	Sep 10 09:39:27 nextcloud sshd\[7185\]: Invalid user user from 134.209.70.255 Sep 10 09:39:27 nextcloud sshd\[7185\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.70.255 Sep 10 09:39:29 nextcloud sshd\[7185\]: Failed password for invalid user user from 134.209.70.255 port 46928 ssh2 ...	2019-09-10 16:15:21
134.209.70.255	attackspambots	Sep 9 15:50:09 xtremcommunity sshd\[152008\]: Invalid user 13 from 134.209.70.255 port 55224 Sep 9 15:50:09 xtremcommunity sshd\[152008\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.70.255 Sep 9 15:50:11 xtremcommunity sshd\[152008\]: Failed password for invalid user 13 from 134.209.70.255 port 55224 ssh2 Sep 9 15:56:12 xtremcommunity sshd\[152167\]: Invalid user 97 from 134.209.70.255 port 37312 Sep 9 15:56:12 xtremcommunity sshd\[152167\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.70.255 ...	2019-09-10 04:28:55
134.209.70.255	attackbotsspam	2019-09-05T22:35:09.658527abusebot-8.cloudsearch.cf sshd\[26857\]: Invalid user postgres from 134.209.70.255 port 56136	2019-09-06 11:14:06
134.209.70.255	attack	Aug 27 20:32:12 hanapaa sshd\[16472\]: Invalid user no1 from 134.209.70.255 Aug 27 20:32:12 hanapaa sshd\[16472\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.70.255 Aug 27 20:32:14 hanapaa sshd\[16472\]: Failed password for invalid user no1 from 134.209.70.255 port 42782 ssh2 Aug 27 20:36:17 hanapaa sshd\[16838\]: Invalid user suporte from 134.209.70.255 Aug 27 20:36:17 hanapaa sshd\[16838\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.70.255	2019-08-28 14:41:30
134.209.70.255	attackspam	Invalid user user1 from 134.209.70.255 port 42210	2019-08-23 16:36:27

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 134.209.70.103
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63823
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;134.209.70.103.			IN	A

;; AUTHORITY SECTION:
.			598	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019092500 1800 900 604800 86400

;; Query time: 151 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Sep 26 01:45:55 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 103.70.209.134.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 103.70.209.134.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
200.44.200.149	attackbots	Honeypot attack, port: 445, PTR: 200.44.200-149.dyn.dsl.cantv.net.	2020-09-07 16:20:20
180.76.109.16	attack	Sep 7 06:26:11 jumpserver sshd[37168]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.109.16 Sep 7 06:26:11 jumpserver sshd[37168]: Invalid user default from 180.76.109.16 port 38252 Sep 7 06:26:14 jumpserver sshd[37168]: Failed password for invalid user default from 180.76.109.16 port 38252 ssh2 ...	2020-09-07 16:22:56
218.92.0.168	attackbots	Sep 7 09:20:53 db sshd[24361]: User root from 218.92.0.168 not allowed because none of user's groups are listed in AllowGroups ...	2020-09-07 15:47:36
104.225.154.136	attackspam	$f2bV_matches	2020-09-07 16:01:32
176.12.23.26	attackbots	Telnet Honeypot -> Telnet Bruteforce / Login	2020-09-07 15:49:56
106.13.177.53	attackbots	Brute-force attempt banned	2020-09-07 16:19:21
120.92.45.102	attackbotsspam	$f2bV_matches	2020-09-07 16:20:34
194.26.27.142	attack	TCP (SYN) 194.26.27.142:55871 -> port 3389, len 44	2020-09-07 16:12:19
122.51.68.119	attackspambots	bruteforce detected	2020-09-07 15:52:04
95.255.60.110	attackspambots	Port scan denied	2020-09-07 16:04:43
34.126.118.178	attack	2020-09-07T06:30:24+0000 Failed SSH Authentication/Brute Force Attack. (Server 6)	2020-09-07 15:59:53
91.229.112.12	attackbots	Persistent port scanning [21 denied]	2020-09-07 16:25:12
117.107.213.244	attack	$f2bV_matches	2020-09-07 16:20:58
119.29.89.190	attack	...	2020-09-07 16:02:48
111.160.216.147	attackbots	Sep 7 07:44:09 prod4 sshd\[7272\]: Failed password for root from 111.160.216.147 port 56503 ssh2 Sep 7 07:47:44 prod4 sshd\[8519\]: Failed password for root from 111.160.216.147 port 36507 ssh2 Sep 7 07:50:41 prod4 sshd\[9793\]: Invalid user linaro from 111.160.216.147 ...	2020-09-07 15:46:22

最近上报的IP列表

118.144.2.117	176.55.55.90	217.239.204.150	75.14.251.131
24.11.123.170	27.68.131.150	110.85.60.218	47.153.36.189
74.246.142.197	91.248.23.4	159.203.201.183	200.56.95.199
75.53.90.124	166.239.164.236	168.179.208.230	189.118.181.172
179.229.232.105	66.21.89.10	109.208.221.255	84.219.191.187