134.122.134.253

Basic Info

City: unknown

Region: unknown

Country: Singapore

Internet Service Provider: RackIP Consultancy Pte. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	SSH / Telnet Brute Force Attempts on Honeypot	2020-07-05 08:30:18
attackbotsspam	Jul 3 14:43:15 ajax sshd[3883]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.122.134.253 Jul 3 14:43:17 ajax sshd[3883]: Failed password for invalid user zhangyong from 134.122.134.253 port 57924 ssh2	2020-07-03 22:20:33
attackbotsspam	Failed password for invalid user work from 134.122.134.253 port 40192 ssh2	2020-06-25 04:23:31

Type

Details

Datetime

attack

SSH / Telnet Brute Force Attempts on Honeypot

2020-07-05 08:30:18

attackbotsspam

Jul  3 14:43:15 ajax sshd[3883]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.122.134.253 
Jul  3 14:43:17 ajax sshd[3883]: Failed password for invalid user zhangyong from 134.122.134.253 port 57924 ssh2

2020-07-03 22:20:33

attackbotsspam

Failed password for invalid user work from 134.122.134.253 port 40192 ssh2

2020-06-25 04:23:31

Comments on same subnet:

IP	Type	Details	Datetime
134.122.134.228	attackspambots	Invalid user admin from 134.122.134.228 port 44610	2020-08-21 06:26:29
134.122.134.228	attackspambots	(sshd) Failed SSH login from 134.122.134.228 (SG/Singapore/-): 12 in the last 3600 secs	2020-08-17 06:29:05
134.122.134.228	attack	Banned for a week because repeated abuses, for example SSH, but not only	2020-08-10 18:04:24
134.122.134.228	attack	2020-08-07T05:52:52.209523amanda2.illicoweb.com sshd\[3066\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.122.134.228 user=root 2020-08-07T05:52:54.426276amanda2.illicoweb.com sshd\[3066\]: Failed password for root from 134.122.134.228 port 52500 ssh2 2020-08-07T05:56:42.508268amanda2.illicoweb.com sshd\[3775\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.122.134.228 user=root 2020-08-07T05:56:43.967018amanda2.illicoweb.com sshd\[3775\]: Failed password for root from 134.122.134.228 port 9982 ssh2 2020-08-07T05:58:32.850937amanda2.illicoweb.com sshd\[4112\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.122.134.228 user=root ...	2020-08-07 12:30:48
134.122.134.228	attackbotsspam	2020-08-05T17:57:01.778475ns385565 sshd[15691]: Connection closed by 134.122.134.228 port 2923 [preauth] 2020-08-06T00:56:52.716092ns385565 sshd[18059]: Connection closed by 134.122.134.228 port 13827 [preauth] 2020-08-06T10:52:22.252610ns385565 sshd[3047]: Connection closed by 134.122.134.228 port 18441 [preauth] ...	2020-08-06 20:21:56
134.122.134.228	attackbotsspam	SSH Brute Force	2020-08-01 01:10:40
134.122.134.228	attackbotsspam	'Fail2Ban'	2020-07-10 23:22:23
134.122.134.228	attackbotsspam	2020-06-28T03:28:57 t 22d[41549]: pam_unix(22d:auth): authentication failure, logname= uid=0 euid=0 tty=22 ruser= rhost=134.122.134.228 ", "Jun 28 03:29:00 t 22d[41549]: Failed password for invalid user admin from 134.122.134.228 port 59453 222"], "failures": 3, "mlfid": " t 22d[41549]: ", "user": "admin", "ip4": "134.122.134.228"}	2020-06-29 23:47:58
134.122.134.228	attackspambots	Bruteforce detected by fail2ban	2020-06-29 16:45:26

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 134.122.134.253
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 16880
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;134.122.134.253.		IN	A

;; AUTHORITY SECTION:
.			211	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020062401 1800 900 604800 86400

;; Query time: 55 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jun 25 04:23:28 CST 2020
;; MSG SIZE  rcvd: 119

Host info

Host 253.134.122.134.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 253.134.122.134.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
200.196.90.200	attack	Aug 17 22:45:22 tux-35-217 sshd\[21498\]: Invalid user richard from 200.196.90.200 port 44434 Aug 17 22:45:22 tux-35-217 sshd\[21498\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.196.90.200 Aug 17 22:45:24 tux-35-217 sshd\[21498\]: Failed password for invalid user richard from 200.196.90.200 port 44434 ssh2 Aug 17 22:50:23 tux-35-217 sshd\[21544\]: Invalid user festival from 200.196.90.200 port 35432 Aug 17 22:50:23 tux-35-217 sshd\[21544\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.196.90.200 ...	2019-08-18 05:26:01
84.121.98.249	attack	Automatic report	2019-08-18 05:55:08
129.158.72.141	attackbotsspam	Automatic report - Banned IP Access	2019-08-18 05:39:08
174.138.29.53	attackbots	SSH/22 MH Probe, BF, Hack -	2019-08-18 05:17:50
217.138.29.194	attackspam	2019-08-17T19:58:33.048638abusebot-7.cloudsearch.cf sshd\[3660\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.138.29.194 user=root	2019-08-18 05:45:10
65.204.25.2	attack	Unauthorized connection attempt from IP address 65.204.25.2 on Port 445(SMB)	2019-08-18 05:24:04
184.64.13.67	attack	Aug 17 22:42:42 tux-35-217 sshd\[21496\]: Invalid user hw from 184.64.13.67 port 44996 Aug 17 22:42:42 tux-35-217 sshd\[21496\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=184.64.13.67 Aug 17 22:42:43 tux-35-217 sshd\[21496\]: Failed password for invalid user hw from 184.64.13.67 port 44996 ssh2 Aug 17 22:47:10 tux-35-217 sshd\[21513\]: Invalid user ltgame from 184.64.13.67 port 36476 Aug 17 22:47:10 tux-35-217 sshd\[21513\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=184.64.13.67 ...	2019-08-18 05:31:38
12.146.53.98	attack	RDP Brute-Force (Grieskirchen RZ2)	2019-08-18 05:49:07
159.89.10.77	attack	Aug 17 10:49:05 friendsofhawaii sshd\[26079\]: Invalid user oracle from 159.89.10.77 Aug 17 10:49:05 friendsofhawaii sshd\[26079\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.10.77 Aug 17 10:49:07 friendsofhawaii sshd\[26079\]: Failed password for invalid user oracle from 159.89.10.77 port 40298 ssh2 Aug 17 10:53:14 friendsofhawaii sshd\[26487\]: Invalid user quegen from 159.89.10.77 Aug 17 10:53:14 friendsofhawaii sshd\[26487\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.10.77	2019-08-18 05:19:42
181.164.107.226	attackbots	Aug 17 11:35:51 web1 sshd\[23318\]: Invalid user insurgency from 181.164.107.226 Aug 17 11:35:51 web1 sshd\[23318\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.164.107.226 Aug 17 11:35:53 web1 sshd\[23318\]: Failed password for invalid user insurgency from 181.164.107.226 port 56307 ssh2 Aug 17 11:40:59 web1 sshd\[23880\]: Invalid user li from 181.164.107.226 Aug 17 11:40:59 web1 sshd\[23880\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.164.107.226	2019-08-18 05:41:42
58.87.91.158	attackspam	Aug 18 00:34:34 yabzik sshd[17456]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.87.91.158 Aug 18 00:34:36 yabzik sshd[17456]: Failed password for invalid user db2admin from 58.87.91.158 port 59882 ssh2 Aug 18 00:39:14 yabzik sshd[19324]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.87.91.158	2019-08-18 05:51:52
109.202.0.14	attackspam	2019-08-17T21:41:38.666613abusebot-7.cloudsearch.cf sshd\[4210\]: Invalid user teamspeak2 from 109.202.0.14 port 57522	2019-08-18 05:54:37
139.59.87.250	attackbots	Aug 17 11:41:39 aiointranet sshd\[19840\]: Invalid user password from 139.59.87.250 Aug 17 11:41:39 aiointranet sshd\[19840\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.87.250 Aug 17 11:41:42 aiointranet sshd\[19840\]: Failed password for invalid user password from 139.59.87.250 port 58258 ssh2 Aug 17 11:46:34 aiointranet sshd\[20348\]: Invalid user dreams from 139.59.87.250 Aug 17 11:46:34 aiointranet sshd\[20348\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.87.250	2019-08-18 05:51:10
129.204.65.101	attack	Aug 17 10:18:49 aiointranet sshd\[11647\]: Invalid user deploy from 129.204.65.101 Aug 17 10:18:49 aiointranet sshd\[11647\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.65.101 Aug 17 10:18:52 aiointranet sshd\[11647\]: Failed password for invalid user deploy from 129.204.65.101 port 47010 ssh2 Aug 17 10:23:42 aiointranet sshd\[12069\]: Invalid user eddie from 129.204.65.101 Aug 17 10:23:42 aiointranet sshd\[12069\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.65.101	2019-08-18 05:19:15
36.152.65.196	attackspambots	Automatic report - Port Scan Attack	2019-08-18 05:40:18

Recently Reported IPs

200.93.82.115	191.101.22.124	106.54.182.137	54.196.112.125
70.37.59.176	195.123.233.140	111.72.197.224	182.68.53.113
231.35.83.43	62.234.78.233	235.195.90.136	44.1.180.205
78.97.176.87	94.8.58.231	89.13.254.46	232.151.16.86
143.4.20.71	96.213.186.94	49.223.45.251	48.190.255.70