134.209.102.95

Basic Info

City: unknown

Region: unknown

Country: Singapore

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	<6 unauthorized SSH connections	2020-03-24 15:42:10
attackspam	SSH brute-force: detected 8 distinct usernames within a 24-hour window.	2020-03-21 07:08:48
attackspam	Mar 19 19:34:48 pornomens sshd\[21724\]: Invalid user gmod from 134.209.102.95 port 46114 Mar 19 19:34:48 pornomens sshd\[21724\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.102.95 Mar 19 19:34:50 pornomens sshd\[21724\]: Failed password for invalid user gmod from 134.209.102.95 port 46114 ssh2 ...	2020-03-20 04:28:49
attackbotsspam	Mar 9 08:54:51 vpn01 sshd[31170]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.102.95 Mar 9 08:54:54 vpn01 sshd[31170]: Failed password for invalid user teamspeak3 from 134.209.102.95 port 43698 ssh2 ...	2020-03-09 16:55:19
attack	Mar 7 00:59:55 plusreed sshd[10203]: Invalid user hduser from 134.209.102.95 ...	2020-03-07 14:10:27
attackspambots	Mar 1 00:18:40 serwer sshd\[29190\]: Invalid user tanghao from 134.209.102.95 port 59082 Mar 1 00:18:40 serwer sshd\[29190\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.102.95 Mar 1 00:18:42 serwer sshd\[29190\]: Failed password for invalid user tanghao from 134.209.102.95 port 59082 ssh2 ...	2020-03-01 08:47:35
attackbotsspam	Feb 19 20:26:03 ws22vmsma01 sshd[186674]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.102.95 Feb 19 20:26:05 ws22vmsma01 sshd[186674]: Failed password for invalid user bruno from 134.209.102.95 port 57034 ssh2 ...	2020-02-20 09:33:30

Comments on same subnet:

IP	Type	Details	Datetime
134.209.102.122	botsattackproxynormal	A	2022-05-21 11:19:18
134.209.102.130	attackbots	TCP port : 28022	2020-08-05 18:36:53
134.209.102.130	attackbotsspam	Aug 3 14:20:37 debian-2gb-nbg1-2 kernel: \[18715708.698407\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=134.209.102.130 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x40 TTL=242 ID=14318 PROTO=TCP SPT=57050 DPT=7203 WINDOW=1024 RES=0x00 SYN URGP=0	2020-08-04 02:55:14
134.209.102.130	attackspam	Hits on port : 6000 30022	2020-08-02 17:09:25
134.209.102.196	attack	$f2bV_matches	2020-07-24 12:36:30
134.209.102.196	attack	Jul 16 15:39:58 OPSO sshd\[20598\]: Invalid user guest from 134.209.102.196 port 33780 Jul 16 15:39:58 OPSO sshd\[20598\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.102.196 Jul 16 15:40:00 OPSO sshd\[20598\]: Failed password for invalid user guest from 134.209.102.196 port 33780 ssh2 Jul 16 15:43:39 OPSO sshd\[21861\]: Invalid user csgo from 134.209.102.196 port 58374 Jul 16 15:43:39 OPSO sshd\[21861\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.102.196	2020-07-17 05:08:37
134.209.102.196	attackspam	Jul 14 15:14:20 jane sshd[32021]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.102.196 Jul 14 15:14:22 jane sshd[32021]: Failed password for invalid user postgres from 134.209.102.196 port 59372 ssh2 ...	2020-07-14 23:01:56
134.209.102.196	attackbots	Invalid user tsbot from 134.209.102.196 port 43134	2020-07-12 05:37:45
134.209.102.196	attackbotsspam	Jun 30 18:01:28 gw1 sshd[5984]: Failed password for root from 134.209.102.196 port 50066 ssh2 Jun 30 18:04:56 gw1 sshd[6148]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.102.196 ...	2020-07-01 03:35:50
134.209.102.196	attackbots	Jun 19 05:58:12 vmd48417 sshd[27819]: Failed password for root from 134.209.102.196 port 55742 ssh2	2020-06-19 12:16:59
134.209.102.196	attack	Jun 14 17:26:49 ws22vmsma01 sshd[56487]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.102.196 Jun 14 17:26:51 ws22vmsma01 sshd[56487]: Failed password for invalid user uftp from 134.209.102.196 port 38892 ssh2 ...	2020-06-15 04:29:12
134.209.102.196	attackspam	Jun 14 10:36:18 gestao sshd[10391]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.102.196 Jun 14 10:36:20 gestao sshd[10391]: Failed password for invalid user stephan from 134.209.102.196 port 60794 ssh2 Jun 14 10:40:04 gestao sshd[10574]: Failed password for root from 134.209.102.196 port 34020 ssh2 ...	2020-06-14 17:54:52
134.209.102.196	attackbotsspam	Jun 12 18:58:10 kapalua sshd\[520\]: Invalid user usuario from 134.209.102.196 Jun 12 18:58:10 kapalua sshd\[520\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.102.196 Jun 12 18:58:12 kapalua sshd\[520\]: Failed password for invalid user usuario from 134.209.102.196 port 49552 ssh2 Jun 12 19:02:14 kapalua sshd\[855\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.102.196 user=root Jun 12 19:02:17 kapalua sshd\[855\]: Failed password for root from 134.209.102.196 port 52176 ssh2	2020-06-13 18:37:50
134.209.102.196	attackbotsspam	Jun 7 14:03:29 serwer sshd\[19589\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.102.196 user=root Jun 7 14:03:31 serwer sshd\[19589\]: Failed password for root from 134.209.102.196 port 47380 ssh2 Jun 7 14:07:19 serwer sshd\[20029\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.102.196 user=root ...	2020-06-07 22:21:47
134.209.102.93	attackspam	Invalid user agx from 134.209.102.93 port 54402	2020-05-23 18:59:38

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 134.209.102.95
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 13865
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;134.209.102.95.			IN	A

;; AUTHORITY SECTION:
.			345	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020021901 1800 900 604800 86400

;; Query time: 58 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Feb 20 09:33:28 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 95.102.209.134.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 95.102.209.134.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
188.11.67.165	attack	Unauthorized connection attempt detected from IP address 188.11.67.165 to port 2220 [J]	2020-01-15 21:02:13
85.113.15.106	attack	Automatic report - Port Scan Attack	2020-01-15 21:04:05
104.168.104.41	attack	Jan 14 17:57:16 h2570396 sshd[24434]: reveeclipse mapping checking getaddrinfo for 104-168-104-41-host.colocrossing.com [104.168.104.41] failed - POSSIBLE BREAK-IN ATTEMPT! Jan 14 17:57:16 h2570396 sshd[24434]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.168.104.41 user=r.r Jan 14 17:57:18 h2570396 sshd[24434]: Failed password for r.r from 104.168.104.41 port 53231 ssh2 Jan 14 17:57:18 h2570396 sshd[24434]: Received disconnect from 104.168.104.41: 11: Bye Bye [preauth] Jan 14 18:07:46 h2570396 sshd[25705]: reveeclipse mapping checking getaddrinfo for 104-168-104-41-host.colocrossing.com [104.168.104.41] failed - POSSIBLE BREAK-IN ATTEMPT! Jan 14 18:07:47 h2570396 sshd[25705]: Failed password for invalid user sysbin from 104.168.104.41 port 51558 ssh2 Jan 14 18:07:47 h2570396 sshd[25705]: Received disconnect from 104.168.104.41: 11: Bye Bye [preauth] Jan 14 18:13:34 h2570396 sshd[25778]: reveeclipse mapping checking getadd........ -------------------------------	2020-01-15 21:15:56
123.148.242.167	attackspambots	Wordpress_xmlrpc_attack	2020-01-15 20:59:05
46.38.144.32	attack	2020-01-15 00:00:23 -> 2020-01-15 06:00:42 : [46.38.144.32]:6836 connection denied (globally) - 4 login attempts	2020-01-15 20:54:53
58.247.18.242	attack	Unauthorized connection attempt detected from IP address 58.247.18.242 to port 80 [J]	2020-01-15 20:44:34
159.203.201.5	attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-01-15 21:15:41
31.173.87.218	attackspambots	Unauthorized connection attempt from IP address 31.173.87.218 on Port 445(SMB)	2020-01-15 20:39:29
104.140.183.31	attackspambots	104.140.183.31 - - [15/Jan/2020:08:04:17 -0500] "GET /?page=../../../../../etc/passwd&action=list&linkID=10224 HTTP/1.1" 200 16749 "https://newportbrassfaucets.com/?page=../../../../../etc/passwd&action=list&linkID=10224" "Mozilla/5.0 (Windows NT 10.0; WOW64; Rv:50.0) Gecko/20100101 Firefox/50.0" ...	2020-01-15 21:10:52
154.113.16.226	attackspambots	Unauthorized connection attempt detected from IP address 154.113.16.226 to port 80 [J]	2020-01-15 20:47:34
89.36.213.179	attackspambots	[2020-01-15 07:11:52] NOTICE[2175] chan_sip.c: Registration from '"1061" ' failed for '89.36.213.179:5062' - Wrong password [2020-01-15 07:11:52] SECURITY[2212] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-01-15T07:11:52.650-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="1061",SessionID="0x7f5ac4c6fb48",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/89.36.213.179/5062",Challenge="69abe5d4",ReceivedChallenge="69abe5d4",ReceivedHash="009221b570a7a2762b5ed80097b3e294" [2020-01-15 07:13:25] NOTICE[2175] chan_sip.c: Registration from '"60006" ' failed for '89.36.213.179:5068' - Wrong password [2020-01-15 07:13:25] SECURITY[2212] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-01-15T07:13:25.340-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="60006",SessionID="0x7f5ac48ee978",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP ...	2020-01-15 20:41:57
157.245.74.38	attack	2020-01-15T04:45:06Z - RDP login failed multiple times. (157.245.74.38)	2020-01-15 20:47:03
49.235.116.15	attackspam	SSH/22 MH Probe, BF, Hack -	2020-01-15 20:57:48
113.186.3.161	attackbots	20/1/14@23:44:36: FAIL: Alarm-Network address from=113.186.3.161 20/1/14@23:44:36: FAIL: Alarm-Network address from=113.186.3.161 ...	2020-01-15 21:01:40
94.121.14.218	attackspam	20/1/15@08:09:22: FAIL: Alarm-Network address from=94.121.14.218 ...	2020-01-15 21:19:43

Recently Reported IPs

100.0.240.94	120.23.101.84	121.139.139.48	78.56.46.91
43.249.224.149	162.243.134.144	42.189.188.212	46.12.254.166
119.195.82.187	179.191.238.216	46.47.106.63	178.169.87.223
139.129.59.91	151.63.212.22	46.219.113.59	151.250.213.35
93.90.43.230	49.151.105.118	154.202.56.163	188.26.42.159