134.209.156.48

Basic Info

City: unknown

Region: unknown

Country: United States of America

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Hitting firewall all weekend, non stop, seconds apart.	2020-04-06 07:49:22
attack	detected by Fail2Ban	2020-03-18 14:48:26

Comments on same subnet:

IP	Type	Details	Datetime
134.209.156.57	attackspambots	Invalid user default from 134.209.156.57 port 51170	2020-03-13 19:07:33
134.209.156.57	attackbotsspam	Feb 27 21:58:06 tdfoods sshd\[10438\]: Invalid user bot from 134.209.156.57 Feb 27 21:58:06 tdfoods sshd\[10438\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.156.57 Feb 27 21:58:08 tdfoods sshd\[10438\]: Failed password for invalid user bot from 134.209.156.57 port 38924 ssh2 Feb 27 22:04:36 tdfoods sshd\[11073\]: Invalid user hadoop from 134.209.156.57 Feb 27 22:04:36 tdfoods sshd\[11073\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.156.57	2020-02-28 16:18:41
134.209.156.57	attackbots	Feb 18 09:59:30 server sshd[1178840]: Failed password for invalid user admin from 134.209.156.57 port 42490 ssh2 Feb 18 10:11:19 server sshd[1182469]: Failed password for invalid user smoke from 134.209.156.57 port 55486 ssh2 Feb 18 10:14:38 server sshd[1183626]: Failed password for invalid user testtest from 134.209.156.57 port 56122 ssh2	2020-02-18 17:42:08
134.209.156.239	attackbots	2019-04-18 10:14:09 1hH2BN-00031F-2c SMTP connection from staking.viethungseafood.com $placid.sadrehonar.icu$ \[134.209.156.239\]:34633 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-04-18 10:16:56 1hH2E4-00036H-23 SMTP connection from staking.viethungseafood.com $rations.sadrehonar.icu$ \[134.209.156.239\]:51013 I=\[193.107.90.29\]:25 closed by DROP in ACL 2019-04-18 10:17:30 1hH2Ec-00037B-N6 SMTP connection from staking.viethungseafood.com $vest.sadrehonar.icu$ \[134.209.156.239\]:55740 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-04-19 16:43:10 1hHUjO-00089Q-8D SMTP connection from staking.viethungseafood.com $placid.sadrehonar.icu$ \[134.209.156.239\]:37554 I=\[193.107.90.29\]:25 closed by DROP in ACL 2019-04-19 16:43:38 1hHUjp-00089x-Pp SMTP connection from staking.viethungseafood.com $placid.sadrehonar.icu$ \[134.209.156.239\]:52871 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-04-19 16:45:38 1hHUlm-0008Dk-JW SMTP connection from staking.viethungseafood.c ...	2020-02-05 03:38:52
134.209.156.240	attackspam	2019-04-18 11:25:13 1hH3I9-0005HE-KY SMTP connection from yummy.viethungseafood.com $week.djcdub.icu$ \[134.209.156.240\]:49450 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-04-18 11:28:01 1hH3Kr-0005Kf-7v SMTP connection from yummy.viethungseafood.com $sock.djcdub.icu$ \[134.209.156.240\]:36387 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-04-18 11:28:17 1hH3L7-0005Li-KM SMTP connection from yummy.viethungseafood.com $toes.djcdub.icu$ \[134.209.156.240\]:52183 I=\[193.107.88.166\]:25 closed by DROP in ACL ...	2020-02-05 03:36:04
134.209.156.57	attackspam	Unauthorized connection attempt detected from IP address 134.209.156.57 to port 2220 [J]	2020-01-17 00:55:39
134.209.156.57	attack	Unauthorized connection attempt detected from IP address 134.209.156.57 to port 2220 [J]	2020-01-12 01:03:56
134.209.156.57	attack	Jan 5 22:51:36 localhost sshd\[31240\]: Invalid user wkf from 134.209.156.57 port 54756 Jan 5 22:51:36 localhost sshd\[31240\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.156.57 Jan 5 22:51:38 localhost sshd\[31240\]: Failed password for invalid user wkf from 134.209.156.57 port 54756 ssh2	2020-01-06 05:58:39
134.209.156.57	attackspam	Dec 30 20:42:53 zeus sshd[11865]: Failed password for root from 134.209.156.57 port 38006 ssh2 Dec 30 20:46:31 zeus sshd[11971]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.156.57 Dec 30 20:46:33 zeus sshd[11971]: Failed password for invalid user gormley from 134.209.156.57 port 41612 ssh2	2019-12-31 05:07:19
134.209.156.57	attackspambots	$f2bV_matches	2019-12-29 20:52:03
134.209.156.57	attack	Invalid user nagios from 134.209.156.57 port 51518	2019-12-27 19:10:31
134.209.156.57	attack	Dec 8 13:40:13 yesfletchmain sshd\[18830\]: Invalid user hsiung from 134.209.156.57 port 57316 Dec 8 13:40:13 yesfletchmain sshd\[18830\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.156.57 Dec 8 13:40:15 yesfletchmain sshd\[18830\]: Failed password for invalid user hsiung from 134.209.156.57 port 57316 ssh2 Dec 8 13:46:26 yesfletchmain sshd\[18971\]: Invalid user jelem from 134.209.156.57 port 39616 Dec 8 13:46:26 yesfletchmain sshd\[18971\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.156.57 ...	2019-12-24 02:37:24
134.209.156.57	attackspam	Dec 22 07:53:28 vps647732 sshd[29214]: Failed password for root from 134.209.156.57 port 51180 ssh2 ...	2019-12-22 15:21:49
134.209.156.57	attackspam	Dec 18 22:05:26 ns3042688 sshd\[8300\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.156.57 user=root Dec 18 22:05:28 ns3042688 sshd\[8300\]: Failed password for root from 134.209.156.57 port 44364 ssh2 Dec 18 22:11:09 ns3042688 sshd\[10638\]: Invalid user chartrand from 134.209.156.57 Dec 18 22:11:09 ns3042688 sshd\[10638\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.156.57 Dec 18 22:11:11 ns3042688 sshd\[10638\]: Failed password for invalid user chartrand from 134.209.156.57 port 51744 ssh2 ...	2019-12-19 05:13:33
134.209.156.57	attackspam	Dec 17 00:59:36 sso sshd[30235]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.156.57 Dec 17 00:59:37 sso sshd[30235]: Failed password for invalid user sanfransico from 134.209.156.57 port 49758 ssh2 ...	2019-12-17 08:53:16

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 134.209.156.48
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57519
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;134.209.156.48.			IN	A

;; AUTHORITY SECTION:
.			552	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020031800 1800 900 604800 86400

;; Query time: 91 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Mar 18 14:48:18 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 48.156.209.134.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 48.156.209.134.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
222.186.180.17	attackspambots	2019-10-19T22:33:34.960115abusebot-7.cloudsearch.cf sshd\[20896\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.17 user=root	2019-10-20 06:37:04
40.129.118.233	attack	Automatic report - Port Scan Attack	2019-10-20 06:54:45
116.236.180.211	attackbots	Automatic report - Banned IP Access	2019-10-20 07:02:36
51.15.190.180	attackspam	$f2bV_matches	2019-10-20 06:26:58
151.80.61.103	attackspambots	2019-10-05T11:23:58.528482homeassistant sshd[23255]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=151.80.61.103 user=root 2019-10-05T11:24:00.370229homeassistant sshd[23255]: Failed password for root from 151.80.61.103 port 60450 ssh2 ...	2019-10-20 06:55:03
121.240.227.66	attackbots	Automatic report - Banned IP Access	2019-10-20 06:52:09
81.242.114.175	attackbots	Automatic report - Port Scan Attack	2019-10-20 06:38:09
88.202.190.153	attackspambots	10/19/2019-22:14:05.962935 88.202.190.153 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-10-20 06:59:40
123.204.85.45	attack	Fail2Ban Ban Triggered	2019-10-20 06:32:34
125.62.213.94	attackbots	postfix (unknown user, SPF fail or relay access denied)	2019-10-20 06:41:23
157.245.135.74	attackspam	MYH,DEF GET /news/wp-login.php	2019-10-20 07:02:09
58.221.49.157	attackbots	10/19/2019-18:05:23.647432 58.221.49.157 Protocol: 6 ET SCAN Suspicious inbound to mySQL port 3306	2019-10-20 06:56:08
128.199.158.182	attackspambots	php WP PHPmyadamin ABUSE blocked for 12h	2019-10-20 06:46:14
177.74.190.7	attack	186,46-02/01 [bc00/m38] PostRequest-Spammer scoring: madrid	2019-10-20 06:47:17
49.234.24.108	attack	Oct 18 19:36:07 pl2server sshd[21512]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.24.108 user=r.r Oct 18 19:36:09 pl2server sshd[21512]: Failed password for r.r from 49.234.24.108 port 56682 ssh2 Oct 18 19:36:10 pl2server sshd[21512]: Received disconnect from 49.234.24.108: 11: Bye Bye [preauth] Oct 18 19:47:49 pl2server sshd[23313]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.24.108 user=r.r Oct 18 19:47:51 pl2server sshd[23313]: Failed password for r.r from 49.234.24.108 port 48016 ssh2 Oct 18 19:47:51 pl2server sshd[23313]: Received disconnect from 49.234.24.108: 11: Bye Bye [preauth] Oct 18 19:52:26 pl2server sshd[24096]: Invalid user olivia from 49.234.24.108 Oct 18 19:52:26 pl2server sshd[24096]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.24.108 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=49.23	2019-10-20 06:34:28

Recently Reported IPs

106.13.47.66	186.7.184.163	185.116.93.209	175.142.61.95
111.205.235.25	92.240.204.148	2.58.228.199	118.27.37.223
27.3.73.79	4.98.35.236	103.233.170.92	175.24.75.215
88.215.33.141	49.234.105.119	35.240.151.107	158.140.186.27
134.209.100.103	45.225.67.177	46.153.85.94	185.59.46.215