134.209.165.242

Basic Info

City: unknown

Region: unknown

Country: None

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
134.209.165.92	attackbotsspam	134.209.165.92 - - [25/Sep/2020:00:10:40 +0100] "POST /wp-login.php HTTP/1.1" 200 2265 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 134.209.165.92 - - [25/Sep/2020:00:10:46 +0100] "POST /wp-login.php HTTP/1.1" 200 2196 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 134.209.165.92 - - [25/Sep/2020:00:10:46 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-25 07:48:16
134.209.165.92	attack	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-08-28 17:12:47
134.209.165.92	attackspambots	www.handydirektreparatur.de 134.209.165.92 [21/Aug/2020:05:57:30 +0200] "POST /wp-login.php HTTP/1.1" 200 6641 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" www.handydirektreparatur.de 134.209.165.92 [21/Aug/2020:05:57:30 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4081 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-08-21 14:16:00
134.209.165.92	attackspambots	134.209.165.92 - - [09/Aug/2020:19:25:11 +0100] "POST /wp-login.php HTTP/1.1" 200 2046 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 134.209.165.92 - - [09/Aug/2020:19:25:12 +0100] "POST /wp-login.php HTTP/1.1" 200 2040 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 134.209.165.92 - - [09/Aug/2020:19:25:24 +0100] "POST /wp-login.php HTTP/1.1" 200 2037 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-10 03:10:19
134.209.165.47	attackspambots	Failed password for root from 134.209.165.47 port 42848 ssh2	2020-04-29 23:40:30
134.209.165.47	attackspambots	2020-04-15T07:10:22.558360 sshd[21813]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.165.47 user=root 2020-04-15T07:10:24.606852 sshd[21813]: Failed password for root from 134.209.165.47 port 47178 ssh2 2020-04-15T07:10:38.559400 sshd[21815]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.165.47 user=root 2020-04-15T07:10:40.803641 sshd[21815]: Failed password for root from 134.209.165.47 port 46202 ssh2 ...	2020-04-15 13:17:17
134.209.165.41	attackbotsspam	Jan 16 06:14:44 srv-ubuntu-dev3 postfix/smtpd[117878]: warning: unknown[134.209.165.41]: SASL LOGIN authentication failed: authentication failure Jan 16 06:14:45 srv-ubuntu-dev3 postfix/smtpd[117878]: warning: unknown[134.209.165.41]: SASL LOGIN authentication failed: authentication failure Jan 16 06:14:45 srv-ubuntu-dev3 postfix/smtpd[117878]: warning: unknown[134.209.165.41]: SASL LOGIN authentication failed: authentication failure Jan 16 06:14:46 srv-ubuntu-dev3 postfix/smtpd[117878]: warning: unknown[134.209.165.41]: SASL LOGIN authentication failed: authentication failure Jan 16 06:14:47 srv-ubuntu-dev3 postfix/smtpd[117878]: warning: unknown[134.209.165.41]: SASL LOGIN authentication failed: authentication failure ...	2020-01-16 13:56:33
134.209.165.41	attackspam	Unauthorized connection attempt detected from IP address 134.209.165.41 to port 25	2020-01-10 17:28:21
134.209.165.41	attackbotsspam	Rude login attack (5 tries in 1d)	2019-12-27 18:30:34
134.209.165.41	attackspambots	Dec 24 06:02:00 srv-ubuntu-dev3 postfix/smtpd[49550]: warning: unknown[134.209.165.41]: SASL LOGIN authentication failed: authentication failure Dec 24 06:02:02 srv-ubuntu-dev3 postfix/smtpd[49550]: warning: unknown[134.209.165.41]: SASL LOGIN authentication failed: authentication failure Dec 24 06:02:03 srv-ubuntu-dev3 postfix/smtpd[49550]: warning: unknown[134.209.165.41]: SASL LOGIN authentication failed: authentication failure Dec 24 06:02:04 srv-ubuntu-dev3 postfix/smtpd[49550]: warning: unknown[134.209.165.41]: SASL LOGIN authentication failed: authentication failure Dec 24 06:02:06 srv-ubuntu-dev3 postfix/smtpd[49550]: warning: unknown[134.209.165.41]: SASL LOGIN authentication failed: authentication failure ...	2019-12-24 13:31:46
134.209.165.3	attackspambots	WordPress login Brute force / Web App Attack on client site.	2019-10-19 06:11:54
134.209.165.3	attack	www.geburtshaus-fulda.de 134.209.165.3 \[12/Oct/2019:08:03:29 +0200\] "POST /wp-login.php HTTP/1.1" 200 5786 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" www.geburtshaus-fulda.de 134.209.165.3 \[12/Oct/2019:08:03:31 +0200\] "POST /wp-login.php HTTP/1.1" 200 5790 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-10-12 15:05:36
134.209.165.98	attackspam	Brute force SMTP login attempted. ...	2019-08-10 05:44:19
134.209.165.31	attackbots	Detected by ModSecurity. Request URI: /wp-login.php	2019-07-14 22:44:15
134.209.165.1	attackbots	" "	2019-07-10 12:20:18

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 134.209.165.242
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57133
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;134.209.165.242.		IN	A

;; AUTHORITY SECTION:
.			136	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022030802 1800 900 604800 86400

;; Query time: 20 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Mar 09 05:55:46 CST 2022
;; MSG SIZE  rcvd: 108

Host info

Host 242.165.209.134.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 242.165.209.134.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
187.22.184.153	attackbots	Sending SPAM email	2020-10-11 03:38:25
85.172.162.204	attackspambots	Icarus honeypot on github	2020-10-11 03:48:01
162.142.125.43	attackbotsspam	Oct 9 23:44:33 baraca inetd[34221]: refused connection from scanner-04.ch1.censys-scanner.com, service sshd (tcp) Oct 9 23:44:35 baraca inetd[34222]: refused connection from scanner-04.ch1.censys-scanner.com, service sshd (tcp) Oct 9 23:44:36 baraca inetd[34225]: refused connection from scanner-04.ch1.censys-scanner.com, service sshd (tcp) ...	2020-10-11 04:00:57
106.75.67.6	attackbots	2020-10-10T22:35:49.063814paragon sshd[838327]: Failed password for invalid user download from 106.75.67.6 port 41938 ssh2 2020-10-10T22:39:36.380611paragon sshd[838460]: Invalid user kevin from 106.75.67.6 port 42828 2020-10-10T22:39:36.384111paragon sshd[838460]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.67.6 2020-10-10T22:39:36.380611paragon sshd[838460]: Invalid user kevin from 106.75.67.6 port 42828 2020-10-10T22:39:38.690908paragon sshd[838460]: Failed password for invalid user kevin from 106.75.67.6 port 42828 ssh2 ...	2020-10-11 03:40:13
190.202.109.244	attack	2020-10-11T02:21:20.723367billing sshd[22440]: Invalid user cricket from 190.202.109.244 port 41626 2020-10-11T02:21:22.784970billing sshd[22440]: Failed password for invalid user cricket from 190.202.109.244 port 41626 ssh2 2020-10-11T02:25:56.631354billing sshd[32766]: Invalid user internet from 190.202.109.244 port 32780 ...	2020-10-11 03:34:33
81.192.87.130	attackspambots	Brute-force attempt banned	2020-10-11 03:44:52
137.74.41.119	attack	Oct 10 21:23:15 hell sshd[29153]: Failed password for root from 137.74.41.119 port 49998 ssh2 Oct 10 21:27:30 hell sshd[30247]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=137.74.41.119 ...	2020-10-11 03:39:41
162.142.125.41	attackspam	Oct 9 23:44:33 baraca inetd[34221]: refused connection from scanner-04.ch1.censys-scanner.com, service sshd (tcp) Oct 9 23:44:35 baraca inetd[34222]: refused connection from scanner-04.ch1.censys-scanner.com, service sshd (tcp) Oct 9 23:44:36 baraca inetd[34225]: refused connection from scanner-04.ch1.censys-scanner.com, service sshd (tcp) ...	2020-10-11 04:04:38
89.134.126.89	attackbots	SSH BruteForce Attack	2020-10-11 03:45:56
106.12.193.6	attackspam	Oct 10 19:01:01 prod4 sshd\[11205\]: Invalid user azureuser from 106.12.193.6 Oct 10 19:01:03 prod4 sshd\[11205\]: Failed password for invalid user azureuser from 106.12.193.6 port 37762 ssh2 Oct 10 19:09:14 prod4 sshd\[14196\]: Failed password for root from 106.12.193.6 port 52658 ssh2 ...	2020-10-11 03:35:50
87.17.7.168	attackspam	20/10/9@16:44:50: FAIL: Alarm-Network address from=87.17.7.168 ...	2020-10-11 03:56:41
190.64.141.18	attackspambots	Oct 10 19:53:13 vps639187 sshd\[12864\]: Invalid user br from 190.64.141.18 port 47587 Oct 10 19:53:13 vps639187 sshd\[12864\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.64.141.18 Oct 10 19:53:15 vps639187 sshd\[12864\]: Failed password for invalid user br from 190.64.141.18 port 47587 ssh2 ...	2020-10-11 03:31:24
61.177.172.54	attack	Oct 10 21:22:49 dev0-dcde-rnet sshd[2480]: Failed password for root from 61.177.172.54 port 1287 ssh2 Oct 10 21:48:10 dev0-dcde-rnet sshd[4379]: Failed password for root from 61.177.172.54 port 44160 ssh2 Oct 10 21:48:23 dev0-dcde-rnet sshd[4379]: error: maximum authentication attempts exceeded for root from 61.177.172.54 port 44160 ssh2 [preauth]	2020-10-11 03:51:17
188.166.77.159	attackbots	Fail2Ban Ban Triggered	2020-10-11 03:30:38
192.241.239.143	attackspam	ET DROP Dshield Block Listed Source group 1 - port: 88 proto: tcp cat: Misc Attackbytes: 60	2020-10-11 03:33:09

Recently Reported IPs

118.173.116.17	134.209.165.200	134.209.165.187	134.209.165.65
134.209.165.209	134.209.165.60	134.209.166.124	134.209.165.235
134.209.165.215	134.209.165.72	134.209.166.122	134.209.166.156
118.173.116.174	134.209.166.203	134.209.166.218	134.209.166.242
134.209.166.35	134.209.166.78	134.209.167.171	134.209.166.42