134.122.73.25 - IPInfo

Basic Info

City: Frankfurt am Main

Region: Hesse

Country: Germany

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	(sshd) Failed SSH login from 134.122.73.25 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jun 8 06:56:42 s1 sshd[15232]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.122.73.25 user=root Jun 8 06:56:44 s1 sshd[15232]: Failed password for root from 134.122.73.25 port 38922 ssh2 Jun 8 07:09:25 s1 sshd[15573]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.122.73.25 user=root Jun 8 07:09:27 s1 sshd[15573]: Failed password for root from 134.122.73.25 port 58482 ssh2 Jun 8 07:12:35 s1 sshd[15674]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.122.73.25 user=root	2020-06-08 14:16:00
attack	May 24 22:10:46 localhost sshd[3194747]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.122.73.25 user=root May 24 22:10:48 localhost sshd[3194747]: Failed password for root from 134.122.73.25 port 32898 ssh2 ...	2020-05-25 00:57:10
attackspam	$f2bV_matches	2020-05-15 21:09:16
attackspam	SSH Invalid Login	2020-05-14 05:45:53
attack	May 5 20:57:44 pixelmemory sshd[718377]: Failed password for invalid user karma from 134.122.73.25 port 54374 ssh2 May 5 21:09:36 pixelmemory sshd[720524]: Invalid user gitblit from 134.122.73.25 port 45956 May 5 21:09:36 pixelmemory sshd[720524]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.122.73.25 May 5 21:09:36 pixelmemory sshd[720524]: Invalid user gitblit from 134.122.73.25 port 45956 May 5 21:09:38 pixelmemory sshd[720524]: Failed password for invalid user gitblit from 134.122.73.25 port 45956 ssh2 ...	2020-05-06 16:36:49
attack	May 5 18:42:27 localhost sshd\[27919\]: Invalid user kenneth from 134.122.73.25 May 5 18:42:27 localhost sshd\[27919\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.122.73.25 May 5 18:42:29 localhost sshd\[27919\]: Failed password for invalid user kenneth from 134.122.73.25 port 42266 ssh2 May 5 18:48:25 localhost sshd\[28252\]: Invalid user admin from 134.122.73.25 May 5 18:48:25 localhost sshd\[28252\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.122.73.25 ...	2020-05-06 01:02:40
attack	Apr 23 01:34:36 vps sshd[803163]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.122.73.25 Apr 23 01:34:39 vps sshd[803163]: Failed password for invalid user wq from 134.122.73.25 port 41274 ssh2 Apr 23 01:38:00 vps sshd[821307]: Invalid user zh from 134.122.73.25 port 44508 Apr 23 01:38:00 vps sshd[821307]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.122.73.25 Apr 23 01:38:02 vps sshd[821307]: Failed password for invalid user zh from 134.122.73.25 port 44508 ssh2 ...	2020-04-23 07:42:54

Comments on same subnet:

IP	Type	Details	Datetime
134.122.73.64	attack	Sep 19 16:16:27 mail.srvfarm.net postfix/smtpd[1505471]: warning: unknown[134.122.73.64]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 19 16:16:27 mail.srvfarm.net postfix/smtpd[1505471]: lost connection after AUTH from unknown[134.122.73.64] Sep 19 16:16:48 mail.srvfarm.net postfix/smtpd[1490388]: warning: unknown[134.122.73.64]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 19 16:16:48 mail.srvfarm.net postfix/smtpd[1490388]: lost connection after AUTH from unknown[134.122.73.64] Sep 19 16:17:57 mail.srvfarm.net postfix/smtpd[1490388]: warning: unknown[134.122.73.64]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 19 16:17:57 mail.srvfarm.net postfix/smtpd[1490388]: lost connection after AUTH from unknown[134.122.73.64]	2020-09-20 00:59:38
134.122.73.64	attack	Sep 19 09:48:20 mail.srvfarm.net postfix/smtpd[1352725]: warning: unknown[134.122.73.64]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 19 09:48:20 mail.srvfarm.net postfix/smtpd[1352725]: lost connection after AUTH from unknown[134.122.73.64] Sep 19 09:49:23 mail.srvfarm.net postfix/smtpd[1350470]: warning: unknown[134.122.73.64]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 19 09:49:23 mail.srvfarm.net postfix/smtpd[1350470]: lost connection after AUTH from unknown[134.122.73.64] Sep 19 09:52:28 mail.srvfarm.net postfix/smtpd[1352190]: warning: unknown[134.122.73.64]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2020-09-19 16:47:47
134.122.73.64	attack	Sep 16 18:38:40 srv1 postfix/smtpd[22138]: warning: unknown[134.122.73.64]: SASL LOGIN authentication failed: authentication failure Sep 16 18:40:43 srv1 postfix/smtpd[23094]: warning: unknown[134.122.73.64]: SASL LOGIN authentication failed: authentication failure Sep 16 18:42:49 srv1 postfix/smtpd[23094]: warning: unknown[134.122.73.64]: SASL LOGIN authentication failed: authentication failure Sep 16 18:47:59 srv1 postfix/smtpd[23478]: warning: unknown[134.122.73.64]: SASL LOGIN authentication failed: authentication failure Sep 16 19:05:59 srv1 postfix/smtpd[28783]: warning: unknown[134.122.73.64]: SASL LOGIN authentication failed: authentication failure ...	2020-09-17 01:49:54
134.122.73.64	attackbotsspam	Sep 16 10:35:13 mail.srvfarm.net postfix/smtpd[3376000]: warning: unknown[134.122.73.64]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 16 10:35:13 mail.srvfarm.net postfix/smtpd[3376000]: lost connection after AUTH from unknown[134.122.73.64] Sep 16 10:35:35 mail.srvfarm.net postfix/smtpd[3375987]: warning: unknown[134.122.73.64]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 16 10:35:35 mail.srvfarm.net postfix/smtpd[3375987]: lost connection after AUTH from unknown[134.122.73.64] Sep 16 10:36:43 mail.srvfarm.net postfix/smtpd[3379743]: warning: unknown[134.122.73.64]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 16 10:36:43 mail.srvfarm.net postfix/smtpd[3379743]: lost connection after AUTH from unknown[134.122.73.64]	2020-09-16 18:06:31
134.122.73.4	attackspambots	Lines containing failures of 134.122.73.4 Apr 29 07:40:38 box sshd[12990]: Did not receive identification string from 134.122.73.4 port 44256 Apr 29 07:41:56 box sshd[12991]: Did not receive identification string from 134.122.73.4 port 46478 Apr 29 07:42:42 box sshd[12994]: Invalid user ftpuser from 134.122.73.4 port 33056 Apr 29 07:42:42 box sshd[12994]: Received disconnect from 134.122.73.4 port 33056:11: Normal Shutdown, Thank you for playing [preauth] Apr 29 07:42:42 box sshd[12994]: Disconnected from invalid user ftpuser 134.122.73.4 port 33056 [preauth] Apr 29 07:43:25 box sshd[13007]: Invalid user ghostname from 134.122.73.4 port 47626 Apr 29 07:43:25 box sshd[13007]: Received disconnect from 134.122.73.4 port 47626:11: Normal Shutdown, Thank you for playing [preauth] Apr 29 07:43:25 box sshd[13007]: Disconnected from invalid user ghostname 134.122.73.4 port 47626 [preauth] Apr 29 07:44:09 box sshd[13010]: Invalid user oracle from 134.122.73.4 port 33966 Apr 29 07........ ------------------------------	2020-04-29 22:00:38

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 134.122.73.25
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 61641
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;134.122.73.25.			IN	A

;; AUTHORITY SECTION:
.			468	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020042201 1800 900 604800 86400

;; Query time: 145 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Apr 23 07:42:50 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 25.73.122.134.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 25.73.122.134.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
12.118.121.162	attackspam	Jan 20 04:34:50 neweola sshd[1493]: Invalid user pi from 12.118.121.162 port 40717 Jan 20 04:34:50 neweola sshd[1491]: Invalid user pi from 12.118.121.162 port 53046 Jan 20 04:34:50 neweola sshd[1493]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=12.118.121.162 Jan 20 04:34:50 neweola sshd[1491]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=12.118.121.162 Jan 20 04:34:53 neweola sshd[1493]: Failed password for invalid user pi from 12.118.121.162 port 40717 ssh2 Jan 20 04:34:53 neweola sshd[1491]: Failed password for invalid user pi from 12.118.121.162 port 53046 ssh2 Jan 20 04:34:55 neweola sshd[1493]: Connection closed by invalid user pi 12.118.121.162 port 40717 [preauth] Jan 20 04:34:55 neweola sshd[1491]: Connection closed by invalid user pi 12.118.121.162 port 53046 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=12.118.121.162	2020-01-20 19:45:35
62.210.205.155	attackspam	Unauthorized connection attempt detected from IP address 62.210.205.155 to port 2220 [J]	2020-01-20 19:41:24
41.139.132.173	attackspambots	Unauthorized connection attempt detected from IP address 41.139.132.173 to port 85 [J]	2020-01-20 19:44:16
200.29.99.30	attack	Unauthorized connection attempt detected from IP address 200.29.99.30 to port 82 [J]	2020-01-20 19:23:51
51.223.109.20	attackspam	Unauthorized connection attempt detected from IP address 51.223.109.20 to port 88 [J]	2020-01-20 19:42:06
93.51.51.36	attack	Unauthorized connection attempt detected from IP address 93.51.51.36 to port 8000 [J]	2020-01-20 19:39:26
213.222.37.230	attackspam	Unauthorized connection attempt detected from IP address 213.222.37.230 to port 4899 [J]	2020-01-20 19:21:18
103.215.200.80	attackspam	Unauthorized connection attempt detected from IP address 103.215.200.80 to port 23 [J]	2020-01-20 19:36:37
115.87.108.34	attackspam	Unauthorized connection attempt detected from IP address 115.87.108.34 to port 23 [J]	2020-01-20 19:34:28
189.165.135.188	attackbotsspam	SSH Scan	2020-01-20 19:26:08
120.1.163.70	attackbots	Unauthorized connection attempt detected from IP address 120.1.163.70 to port 83 [J]	2020-01-20 19:32:27
49.234.48.150	attack	SSH/22 MH Probe, BF, Hack -	2020-01-20 19:42:25
118.91.184.213	attackspam	Unauthorized connection attempt detected from IP address 118.91.184.213 to port 80 [J]	2020-01-20 19:33:19
220.233.114.211	attackbots	Unauthorized connection attempt detected from IP address 220.233.114.211 to port 23 [J]	2020-01-20 19:20:13
201.184.228.82	attackbots	Unauthorized connection attempt detected from IP address 201.184.228.82 to port 8080 [J]	2020-01-20 19:22:09

Recently Reported IPs

14.126.242.173	129.122.237.68	151.83.13.74	213.111.245.224
180.76.173.191	120.2.202.111	126.19.8.208	67.22.192.130
83.22.208.61	191.171.110.5	62.228.191.219	108.115.83.246
45.141.87.31	44.245.214.143	69.92.206.98	90.117.232.118
172.56.37.120	97.66.5.176	37.20.16.182	126.59.7.223