134.209.5.241 - IPInfo

Basic Info

City: Santa Clara

Region: California

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
134.209.57.3	attackspambots	2020-10-12T03:45:26.084604hostname sshd[43664]: Failed password for root from 134.209.57.3 port 35410 ssh2 ...	2020-10-13 02:20:12
134.209.57.3	attackbotsspam	(sshd) Failed SSH login from 134.209.57.3 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 12 04:38:53 optimus sshd[16215]: Invalid user ashlyn from 134.209.57.3 Oct 12 04:38:53 optimus sshd[16215]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.57.3 Oct 12 04:38:55 optimus sshd[16215]: Failed password for invalid user ashlyn from 134.209.57.3 port 56552 ssh2 Oct 12 04:42:27 optimus sshd[17449]: Invalid user svn from 134.209.57.3 Oct 12 04:42:27 optimus sshd[17449]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.57.3	2020-10-12 17:45:39
134.209.58.167	attackbots	134.209.58.167 - - [23/Sep/2020:15:07:23 +0200] "POST /xmlrpc.php HTTP/1.1" 403 613 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 134.209.58.167 - - [23/Sep/2020:15:18:57 +0200] "POST /xmlrpc.php HTTP/1.1" 403 613 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-23 22:44:29
134.209.58.167	attack	134.209.58.167 - - [23/Sep/2020:06:53:32 +0100] "POST /wp-login.php HTTP/1.1" 200 2346 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 134.209.58.167 - - [23/Sep/2020:06:53:39 +0100] "POST /wp-login.php HTTP/1.1" 200 2325 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 134.209.58.167 - - [23/Sep/2020:06:53:44 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-23 15:01:10
134.209.58.167	attackspambots	134.209.58.167 - - [22/Sep/2020:19:17:55 +0100] "POST /wp-login.php HTTP/1.1" 200 2252 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 134.209.58.167 - - [22/Sep/2020:19:18:07 +0100] "POST /wp-login.php HTTP/1.1" 200 2183 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 134.209.58.167 - - [22/Sep/2020:19:18:13 +0100] "POST /xmlrpc.php HTTP/1.1" 200 247 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-23 06:53:12
134.209.57.3	attackbotsspam	2020-09-19T10:47:58.4387311495-001 sshd[18664]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.57.3 user=root 2020-09-19T10:48:00.6047531495-001 sshd[18664]: Failed password for root from 134.209.57.3 port 43112 ssh2 2020-09-19T10:50:26.0007301495-001 sshd[18775]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.57.3 user=root 2020-09-19T10:50:28.0133451495-001 sshd[18775]: Failed password for root from 134.209.57.3 port 54356 ssh2 2020-09-19T10:53:00.3549651495-001 sshd[18885]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.57.3 user=root 2020-09-19T10:53:01.9809031495-001 sshd[18885]: Failed password for root from 134.209.57.3 port 37378 ssh2 ...	2020-09-19 23:36:44
134.209.57.3	attackspambots	2020-09-19T01:26:02+0200 Failed SSH Authentication/Brute Force Attack. (Server 5)	2020-09-19 15:26:49
134.209.57.3	attack	Failed password for root from 134.209.57.3 port 44252	2020-09-19 07:00:34
134.209.57.3	attackbots	Repeated brute force against a port	2020-09-16 22:05:53
134.209.57.3	attackbots	2020-09-16T01:08:36.1587691495-001 sshd[43919]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.57.3 user=root 2020-09-16T01:08:37.7959481495-001 sshd[43919]: Failed password for root from 134.209.57.3 port 57974 ssh2 2020-09-16T01:12:52.1092581495-001 sshd[44120]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.57.3 user=root 2020-09-16T01:12:54.5591831495-001 sshd[44120]: Failed password for root from 134.209.57.3 port 42250 ssh2 2020-09-16T01:17:01.9618281495-001 sshd[44286]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.57.3 user=root 2020-09-16T01:17:03.2579031495-001 sshd[44286]: Failed password for root from 134.209.57.3 port 54748 ssh2 ...	2020-09-16 14:35:37
134.209.57.3	attackbots	Sep 15 22:06:40 [-] sshd[29290]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.57.3 user=root Sep 15 22:06:41 [-] sshd[29290]: Failed password for invalid user root from 134.209.57.3 port 54272 ssh2 Sep 15 22:11:33 [-] sshd[29604]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.57.3 user=root	2020-09-16 06:25:51
134.209.57.3	attackspam	Sep 15 13:01:41 ovpn sshd\[13295\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.57.3 user=root Sep 15 13:01:44 ovpn sshd\[13295\]: Failed password for root from 134.209.57.3 port 52710 ssh2 Sep 15 13:07:39 ovpn sshd\[14730\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.57.3 user=root Sep 15 13:07:41 ovpn sshd\[14730\]: Failed password for root from 134.209.57.3 port 50116 ssh2 Sep 15 13:12:27 ovpn sshd\[15900\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.57.3 user=root	2020-09-15 21:33:52
134.209.57.3	attack	pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.57.3 user=root Failed password for root from 134.209.57.3 port 59196 ssh2 pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.57.3 user=root Failed password for root from 134.209.57.3 port 41560 ssh2 Invalid user shiori from 134.209.57.3 port 52148	2020-09-15 13:31:59
134.209.57.3	attackspam	Sep 14 19:19:58 ip-172-31-16-56 sshd\[1326\]: Invalid user admin from 134.209.57.3\ Sep 14 19:20:00 ip-172-31-16-56 sshd\[1326\]: Failed password for invalid user admin from 134.209.57.3 port 34914 ssh2\ Sep 14 19:24:10 ip-172-31-16-56 sshd\[1448\]: Failed password for root from 134.209.57.3 port 49092 ssh2\ Sep 14 19:28:16 ip-172-31-16-56 sshd\[1536\]: Invalid user first from 134.209.57.3\ Sep 14 19:28:17 ip-172-31-16-56 sshd\[1536\]: Failed password for invalid user first from 134.209.57.3 port 35048 ssh2\	2020-09-15 05:44:07
134.209.57.3	attackbotsspam	134.209.57.3 (US/United States/-), 6 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 11 09:39:17 jbs1 sshd[27037]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.171.133.10 user=root Sep 11 09:22:32 jbs1 sshd[21317]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.57.3 user=root Sep 11 09:41:25 jbs1 sshd[27782]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.1.207 user=root Sep 11 09:28:36 jbs1 sshd[23550]: Failed password for root from 51.255.35.41 port 33340 ssh2 Sep 11 09:39:19 jbs1 sshd[27037]: Failed password for root from 190.171.133.10 port 36338 ssh2 Sep 11 09:22:34 jbs1 sshd[21317]: Failed password for root from 134.209.57.3 port 35080 ssh2 IP Addresses Blocked: 190.171.133.10 (CL/Chile/-)	2020-09-12 02:27:14

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 134.209.5.241
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 3935
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;134.209.5.241.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025061202 1800 900 604800 86400

;; Query time: 14 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jun 13 07:00:39 CST 2025
;; MSG SIZE  rcvd: 106

Host info

Host 241.5.209.134.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 241.5.209.134.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
103.59.165.189	attackspam	2019-08-01T10:18:26.555317enmeeting.mahidol.ac.th sshd\[18121\]: User root from 103.59.165.189 not allowed because not listed in AllowUsers 2019-08-01T10:18:26.678591enmeeting.mahidol.ac.th sshd\[18121\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.59.165.189 user=root 2019-08-01T10:18:28.549713enmeeting.mahidol.ac.th sshd\[18121\]: Failed password for invalid user root from 103.59.165.189 port 60332 ssh2 ...	2019-08-01 21:19:48
168.228.149.85	attackspam	failed_logins	2019-08-01 21:54:21
191.53.254.9	attack	failed_logins	2019-08-01 22:21:23
71.192.162.121	attackbots	Telnet brute force	2019-08-01 21:43:08
168.232.130.255	attackspam	2019-08-01T15:26:20.311721hz01.yumiweb.com sshd\[2212\]: error: maximum authentication attempts exceeded for root from 168.232.130.255 port 45022 ssh2 \[preauth\] 2019-08-01T15:26:26.424028hz01.yumiweb.com sshd\[2214\]: error: maximum authentication attempts exceeded for root from 168.232.130.255 port 45025 ssh2 \[preauth\] 2019-08-01T15:26:35.664208hz01.yumiweb.com sshd\[2218\]: Invalid user admin from 168.232.130.255 port 45033 ...	2019-08-01 22:19:10
91.185.6.94	attackspam	scan z	2019-08-01 21:21:58
202.69.66.130	attack	pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.69.66.130 Failed password for invalid user kms from 202.69.66.130 port 24460 ssh2 Invalid user police from 202.69.66.130 port 18240 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.69.66.130 Failed password for invalid user police from 202.69.66.130 port 18240 ssh2	2019-08-01 21:31:37
54.37.14.3	attack	Aug 1 13:27:16 MK-Soft-VM3 sshd\[23262\]: Invalid user ftpuser from 54.37.14.3 port 53722 Aug 1 13:27:16 MK-Soft-VM3 sshd\[23262\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.14.3 Aug 1 13:27:18 MK-Soft-VM3 sshd\[23262\]: Failed password for invalid user ftpuser from 54.37.14.3 port 53722 ssh2 ...	2019-08-01 21:47:39
187.85.210.47	attackbotsspam	$f2bV_matches	2019-08-01 21:25:16
164.77.188.109	attack	Aug 1 09:27:17 TORMINT sshd\[15330\]: Invalid user orion from 164.77.188.109 Aug 1 09:27:17 TORMINT sshd\[15330\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.77.188.109 Aug 1 09:27:19 TORMINT sshd\[15330\]: Failed password for invalid user orion from 164.77.188.109 port 51406 ssh2 ...	2019-08-01 21:44:08
81.133.189.239	attackspambots	Aug 1 15:20:10 eventyay sshd[27107]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.133.189.239 Aug 1 15:20:12 eventyay sshd[27107]: Failed password for invalid user jian from 81.133.189.239 port 55277 ssh2 Aug 1 15:27:47 eventyay sshd[28805]: Failed password for root from 81.133.189.239 port 39154 ssh2 ...	2019-08-01 21:32:07
160.153.234.236	attack	[Aegis] @ 2019-05-23 08:30:39 0100 -> Attempted Administrator Privilege Gain: ET SCAN LibSSH Based Frequent SSH Connections Likely BruteForce Attack	2019-08-01 21:16:41
211.229.34.218	attackspam	Invalid user tomas from 211.229.34.218 port 56150	2019-08-01 21:16:14
178.128.116.62	attackspambots	2019-08-01T13:27:15.326814abusebot-7.cloudsearch.cf sshd\[5783\]: Invalid user cgi from 178.128.116.62 port 24534	2019-08-01 21:49:01
119.27.189.222	attack	Aug 1 15:38:24 OPSO sshd\[27322\]: Invalid user saslauth from 119.27.189.222 port 52140 Aug 1 15:38:24 OPSO sshd\[27322\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.27.189.222 Aug 1 15:38:25 OPSO sshd\[27322\]: Failed password for invalid user saslauth from 119.27.189.222 port 52140 ssh2 Aug 1 15:44:11 OPSO sshd\[27916\]: Invalid user wesley from 119.27.189.222 port 43410 Aug 1 15:44:11 OPSO sshd\[27916\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.27.189.222	2019-08-01 22:05:32

Recently Reported IPs

59.82.83.130	113.215.189.21	34.79.135.67	20.83.150.53
162.216.149.235	147.185.132.98	125.139.205.171	125.139.205.80
125.139.205.75	60.23.232.212	167.99.100.2	64.227.57.104
100.69.50.81	65.30.42.69	206.168.34.68	159.65.190.199
20.168.120.44	185.247.137.54	138.197.208.6	58.61.160.86