134.209.39.104

Basic Info

City: Clifton

Region: New Jersey

Country: United States

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	8x Failed Password	2019-11-06 20:47:56

Comments on same subnet:

IP	Type	Details	Datetime
134.209.39.249	attackbots	Invalid user fake from 134.209.39.249 port 50348	2020-04-04 01:23:15
134.209.39.98	attackbots	134.209.39.98 - - \[01/Feb/2020:05:55:09 +0100\] "POST /wp-login.php HTTP/1.0" 200 6673 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 134.209.39.98 - - \[01/Feb/2020:05:55:15 +0100\] "POST /wp-login.php HTTP/1.0" 200 6673 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 134.209.39.98 - - \[01/Feb/2020:05:55:21 +0100\] "POST /wp-login.php HTTP/1.0" 200 6671 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2020-02-01 15:24:14
134.209.39.98	attackspam	WordPress login Brute force / Web App Attack on client site.	2020-01-02 18:55:58
134.209.39.98	attack	GET /web/wp-login.php	2019-12-27 00:22:21
134.209.39.158	attack	WordPress login Brute force / Web App Attack on client site.	2019-11-25 18:37:13
134.209.39.185	attackbots	Invalid user admin from 134.209.39.185 port 50434	2019-08-02 22:51:50
134.209.39.185	attackbotsspam	rain	2019-07-30 18:48:08
134.209.39.185	attackbotsspam	port scan and connect, tcp 22 (ssh)	2019-07-29 10:13:52
134.209.39.229	attackspambots	Attack targeted DMZ device outside firewall	2019-07-15 19:06:52

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 134.209.39.104
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 52184
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;134.209.39.104.			IN	A

;; AUTHORITY SECTION:
.			552	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019110600 1800 900 604800 86400

;; Query time: 104 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Nov 06 20:47:51 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 104.39.209.134.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 104.39.209.134.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
185.220.101.13	attack	Jul 29 22:28:03 123flo sshd[32112]: Invalid user administrator from 185.220.101.13 Jul 29 22:28:03 123flo sshd[32112]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.220.101.13 Jul 29 22:28:03 123flo sshd[32112]: Invalid user administrator from 185.220.101.13 Jul 29 22:28:05 123flo sshd[32112]: Failed password for invalid user administrator from 185.220.101.13 port 38633 ssh2 Jul 29 22:28:15 123flo sshd[32198]: Invalid user NetLinx from 185.220.101.13	2019-07-30 11:11:03
78.21.251.3	attack	st-nyc1-01 recorded 3 login violations from 78.21.251.3 and was blocked at 2019-07-30 02:28:31. 78.21.251.3 has been blocked on 2 previous occasions. 78.21.251.3's first attempt was recorded at 2019-01-13 18:11:54	2019-07-30 10:58:32
89.163.209.26	attack	Jul 30 03:21:17 localhost sshd\[6820\]: Invalid user administrator from 89.163.209.26 port 51568 Jul 30 03:21:17 localhost sshd\[6820\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.163.209.26 Jul 30 03:21:19 localhost sshd\[6820\]: Failed password for invalid user administrator from 89.163.209.26 port 51568 ssh2 Jul 30 03:28:58 localhost sshd\[6848\]: Invalid user gp from 89.163.209.26 port 54738	2019-07-30 10:39:03
148.244.76.45	attackspam	445/tcp 445/tcp 445/tcp... [2019-06-11/07-28]15pkt,1pt.(tcp)	2019-07-30 11:14:08
36.110.94.50	attack	DATE:2019-07-30 04:28:57, IP:36.110.94.50, PORT:1433 - MSSQL brute force auth on a honeypot server (epe-dc)	2019-07-30 10:40:39
185.176.27.42	attackspambots	30.07.2019 02:30:00 Connection to port 40282 blocked by firewall	2019-07-30 10:36:35
114.237.109.77	attackbots	[Aegis] @ 2019-07-30 03:28:53 0100 -> Sendmail rejected message.	2019-07-30 10:34:22
178.62.251.11	attackbots	Jul 30 09:24:57 webhost01 sshd[26572]: Failed password for root from 178.62.251.11 port 60840 ssh2 ...	2019-07-30 10:54:30
201.20.107.34	attackbots	445/tcp 445/tcp 445/tcp... [2019-06-18/07-29]5pkt,1pt.(tcp)	2019-07-30 11:17:22
153.36.240.126	attackspambots	Too many connections or unauthorized access detected from Arctic banned ip	2019-07-30 10:52:43
80.153.59.180	attackbotsspam	Jul 30 05:45:06 www4 sshd\[18360\]: Invalid user prey from 80.153.59.180 Jul 30 05:45:06 www4 sshd\[18360\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.153.59.180 Jul 30 05:45:08 www4 sshd\[18360\]: Failed password for invalid user prey from 80.153.59.180 port 57198 ssh2 Jul 30 05:52:03 www4 sshd\[19178\]: Invalid user hj from 80.153.59.180 Jul 30 05:52:03 www4 sshd\[19178\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.153.59.180 ...	2019-07-30 11:02:03
143.137.144.86	attackbots	445/tcp 445/tcp 445/tcp... [2019-05-30/07-28]13pkt,1pt.(tcp)	2019-07-30 11:11:29
212.98.232.212	attackbots	445/tcp 445/tcp 445/tcp... [2019-07-08/28]5pkt,1pt.(tcp)	2019-07-30 11:10:17
198.108.66.43	attackbots	1911/tcp 102/tcp 16992/tcp... [2019-05-30/07-29]7pkt,7pt.(tcp)	2019-07-30 10:52:07
157.230.186.166	attack	SSH bruteforce (Triggered fail2ban)	2019-07-30 11:05:14

Recently Reported IPs

186.250.214.48	69.85.70.37	213.87.126.109	118.189.185.100
182.48.83.1	213.230.112.57	103.217.110.128	221.193.177.163
180.124.241.162	178.159.160.65	85.92.109.68	152.89.162.131
94.99.138.141	108.41.91.209	38.143.68.20	37.187.157.170
10.71.243.42	46.147.28.2	118.96.165.170	31.181.230.93