134.236.242.45

Basic Info

City: unknown

Region: unknown

Country: None

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
134.236.242.170	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-03 23:08:18,818 INFO [shellcode_manager] (134.236.242.170) no match, writing hexdump (66f865ded83928538416dc7773637bd4 :2170720) - MS17010 (EternalBlue)	2019-07-06 06:11:58

Type

Details

Datetime

134.236.242.170

attack

@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-03 23:08:18,818 INFO [shellcode_manager] (134.236.242.170) no match, writing hexdump (66f865ded83928538416dc7773637bd4 :2170720) - MS17010 (EternalBlue)

2019-07-06 06:11:58

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 134.236.242.45
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 4661
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;134.236.242.45.			IN	A

;; AUTHORITY SECTION:
.			600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022030803 1800 900 604800 86400

;; Query time: 15 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Mar 09 06:05:10 CST 2022
;; MSG SIZE  rcvd: 107

Host info

Host 45.242.236.134.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 45.242.236.134.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
176.31.250.171	attackbots	Dec 14 10:19:56 microserver sshd[33259]: Invalid user akselsen from 176.31.250.171 port 52341 Dec 14 10:19:56 microserver sshd[33259]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=176.31.250.171 Dec 14 10:19:59 microserver sshd[33259]: Failed password for invalid user akselsen from 176.31.250.171 port 52341 ssh2 Dec 14 10:26:39 microserver sshd[34533]: Invalid user killey from 176.31.250.171 port 56242 Dec 14 10:26:39 microserver sshd[34533]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=176.31.250.171 Dec 14 10:39:43 microserver sshd[36269]: Invalid user alten from 176.31.250.171 port 35789 Dec 14 10:39:43 microserver sshd[36269]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=176.31.250.171 Dec 14 10:39:46 microserver sshd[36269]: Failed password for invalid user alten from 176.31.250.171 port 35789 ssh2 Dec 14 10:46:24 microserver sshd[37555]: Invalid user sapura from 176.31.250.171	2019-12-14 17:43:00
23.247.6.178	attackspambots	Dec 11 16:25:39 clarabelen sshd[15969]: Address 23.247.6.178 maps to 01436.club, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Dec 11 16:25:39 clarabelen sshd[15969]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=23.247.6.178 user=r.r Dec 11 16:25:42 clarabelen sshd[15969]: Failed password for r.r from 23.247.6.178 port 56768 ssh2 Dec 11 16:25:42 clarabelen sshd[15969]: Received disconnect from 23.247.6.178: 11: Bye Bye [preauth] Dec 11 16:36:48 clarabelen sshd[16738]: Address 23.247.6.178 maps to 01436.club, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Dec 11 16:36:48 clarabelen sshd[16738]: Invalid user sarumino from 23.247.6.178 Dec 11 16:36:48 clarabelen sshd[16738]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=23.247.6.178 Dec 11 16:36:51 clarabelen sshd[16738]: Failed password for invalid user sarumino from 23.247.6.178 port 554........ -------------------------------	2019-12-14 17:47:20
216.189.145.128	attack	Dec 12 09:02:38 km20725 sshd[5700]: Address 216.189.145.128 maps to seekanet.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Dec 12 09:02:38 km20725 sshd[5700]: Invalid user mooder from 216.189.145.128 Dec 12 09:02:38 km20725 sshd[5700]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=216.189.145.128 Dec 12 09:02:40 km20725 sshd[5700]: Failed password for invalid user mooder from 216.189.145.128 port 34384 ssh2 Dec 12 09:02:40 km20725 sshd[5700]: Received disconnect from 216.189.145.128: 11: Bye Bye [preauth] Dec 12 09:11:14 km20725 sshd[6369]: Address 216.189.145.128 maps to seekanet.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Dec 12 09:11:14 km20725 sshd[6369]: Invalid user bogus from 216.189.145.128 Dec 12 09:11:14 km20725 sshd[6369]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=216.189.145.128 ........ ----------------------------------------------- https://www.b	2019-12-14 18:12:56
177.47.236.34	attack	postfix (unknown user, SPF fail or relay access denied)	2019-12-14 17:53:33
79.137.84.144	attack	2019-12-14T10:00:33.271085shield sshd\[7930\]: Invalid user nyson from 79.137.84.144 port 46150 2019-12-14T10:00:33.275321shield sshd\[7930\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.ip-79-137-84.eu 2019-12-14T10:00:35.085894shield sshd\[7930\]: Failed password for invalid user nyson from 79.137.84.144 port 46150 ssh2 2019-12-14T10:05:38.672692shield sshd\[9572\]: Invalid user river from 79.137.84.144 port 54382 2019-12-14T10:05:38.677044shield sshd\[9572\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.ip-79-137-84.eu	2019-12-14 18:10:24
124.205.90.106	attack	Dec 14 04:18:03 plusreed sshd[17563]: Invalid user vcsa from 124.205.90.106 ...	2019-12-14 18:09:39
71.6.158.166	attack	71.6.158.166 was recorded 9 times by 9 hosts attempting to connect to the following ports: 8081,9944,81,9295,20547,465,9443,84,80. Incident counter (4h, 24h, all-time): 9, 52, 1738	2019-12-14 18:23:24
112.85.42.94	attack	2019-12-14T06:26:25.778432abusebot-7.cloudsearch.cf sshd\[11041\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.94 user=root 2019-12-14T06:26:28.110006abusebot-7.cloudsearch.cf sshd\[11041\]: Failed password for root from 112.85.42.94 port 55310 ssh2 2019-12-14T06:26:31.759450abusebot-7.cloudsearch.cf sshd\[11041\]: Failed password for root from 112.85.42.94 port 55310 ssh2 2019-12-14T06:26:34.384509abusebot-7.cloudsearch.cf sshd\[11041\]: Failed password for root from 112.85.42.94 port 55310 ssh2	2019-12-14 17:49:53
36.67.32.245	attack	10 attempts against mh_ha-misc-ban on heat.magehost.pro	2019-12-14 18:20:18
14.215.165.131	attackspam	Invalid user hanley from 14.215.165.131 port 59784	2019-12-14 18:06:09
103.54.28.244	attack	[ssh] SSH attack	2019-12-14 17:45:42
60.120.166.153	attackspam	[portscan] Port scan	2019-12-14 17:45:05
146.242.56.21	attackspam	Host Scan	2019-12-14 17:48:03
61.92.169.178	attack	Dec 14 10:57:21 MK-Soft-Root1 sshd[19850]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.92.169.178 Dec 14 10:57:23 MK-Soft-Root1 sshd[19850]: Failed password for invalid user mysql from 61.92.169.178 port 52688 ssh2 ...	2019-12-14 18:01:42
131.108.186.231	attackbotsspam	19/12/14@01:26:18: FAIL: IoT-Telnet address from=131.108.186.231 ...	2019-12-14 18:07:09

Recently Reported IPs

118.173.153.68	134.236.242.4	134.236.242.59	118.173.153.69
134.236.242.6	134.236.242.66	134.236.242.9	134.236.242.95
134.236.242.90	134.236.242.96	134.236.242.99	134.236.243.2
134.236.243.43	134.236.243.45	134.236.243.50	134.236.243.53
118.173.159.121	134.236.243.56	134.236.243.75	134.236.244.102