134.255.234.104

Basic Info

City: unknown

Region: unknown

Country: Germany

Internet Service Provider: ACTIVE-SERVERS.COM

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	CloudCIX Reconnaissance Scan Detected, PTR: rs-zap440620-1.zap-srv.com.	2019-11-06 20:38:49
attackbots	CloudCIX Reconnaissance Scan Detected, PTR: rs-zap440620-1.zap-srv.com.	2019-09-30 19:18:07
attackspambots	Sep 21 06:20:54 game-panel sshd[22677]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.255.234.104 Sep 21 06:20:57 game-panel sshd[22677]: Failed password for invalid user oracle from 134.255.234.104 port 39560 ssh2 Sep 21 06:23:14 game-panel sshd[22753]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.255.234.104	2019-09-21 14:38:08
attack	[Aegis] @ 2019-09-09 16:19:18 0100 -> Attempted Administrator Privilege Gain: ET SCAN LibSSH Based Frequent SSH Connections Likely BruteForce Attack	2019-09-10 08:12:49
attack	Sep 7 14:32:31 s64-1 sshd[23637]: Failed password for mysql from 134.255.234.104 port 48712 ssh2 Sep 7 14:33:00 s64-1 sshd[23640]: Failed password for mysql from 134.255.234.104 port 40298 ssh2 ...	2019-09-07 23:54:24
attackbotsspam	Aug 23 19:44:55 minden010 sshd[22677]: Failed password for root from 134.255.234.104 port 58670 ssh2 Aug 23 19:48:21 minden010 sshd[23924]: Failed password for root from 134.255.234.104 port 54252 ssh2 ...	2019-08-24 01:57:32
attack	Invalid user root1 from 134.255.234.104 port 35186	2019-08-23 14:32:09

Comments on same subnet:

IP	Type	Details	Datetime
134.255.234.21	attackspam	Failed password for invalid user blake from 134.255.234.21 port 39890 ssh2	2020-06-30 13:28:58
134.255.234.21	attack	SSH Login Bruteforce	2020-06-17 23:12:51
134.255.234.161	attack	Attempted connection to ports 80, 8080.	2020-05-07 21:38:35
134.255.234.21	attackbotsspam	Tried sshing with brute force.	2020-05-04 23:06:09
134.255.234.125	attackbots	[Wed Mar 11 09:03:35 2020 GMT] Support xxxx.com [URIBL_INV], Subject: xxxx.com #err3/11/2020 9:03:32 - Mail Quota Full. Purge Notice	2020-03-12 02:29:30
134.255.234.21	attackspambots	2020-03-08T08:18:40.767672linuxbox-skyline sshd[41199]: Invalid user finance from 134.255.234.21 port 52630 ...	2020-03-09 00:38:16
134.255.234.21	attack	Dec 23 10:35:17 microserver sshd[37855]: Invalid user abdulrahma from 134.255.234.21 port 50510 Dec 23 10:35:17 microserver sshd[37855]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.255.234.21 Dec 23 10:35:19 microserver sshd[37855]: Failed password for invalid user abdulrahma from 134.255.234.21 port 50510 ssh2 Dec 23 10:41:09 microserver sshd[38648]: Invalid user research from 134.255.234.21 port 35530 Dec 23 10:41:09 microserver sshd[38648]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.255.234.21 Dec 23 10:52:50 microserver sshd[40244]: Invalid user nfs from 134.255.234.21 port 60472 Dec 23 10:52:50 microserver sshd[40244]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.255.234.21 Dec 23 10:52:52 microserver sshd[40244]: Failed password for invalid user nfs from 134.255.234.21 port 60472 ssh2 Dec 23 10:57:49 microserver sshd[40998]: Invalid user schroeder from 134.255.2	2019-12-23 19:10:24
134.255.234.103	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-12-14 01:11:16

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 134.255.234.104
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 46019
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;134.255.234.104.		IN	A

;; AUTHORITY SECTION:
.			2994	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019082300 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Aug 23 14:31:44 CST 2019
;; MSG SIZE  rcvd: 119

Host info

104.234.255.134.in-addr.arpa domain name pointer rs-zap440620-1.zap-srv.com.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
104.234.255.134.in-addr.arpa	name = rs-zap440620-1.zap-srv.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
87.242.15.123	attack	Aug 26 09:42:19 server6 sshd[18724]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=host-87-242-15-123.prtelecom.hu Aug 26 09:42:21 server6 sshd[18724]: Failed password for invalid user amp from 87.242.15.123 port 49954 ssh2 Aug 26 09:42:21 server6 sshd[18724]: Received disconnect from 87.242.15.123: 11: Bye Bye [preauth] Aug 26 09:53:26 server6 sshd[27309]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=host-87-242-15-123.prtelecom.hu Aug 26 09:53:28 server6 sshd[27309]: Failed password for invalid user tt from 87.242.15.123 port 44930 ssh2 Aug 26 09:53:28 server6 sshd[27309]: Received disconnect from 87.242.15.123: 11: Bye Bye [preauth] Aug 26 09:57:53 server6 sshd[30660]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=host-87-242-15-123.prtelecom.hu Aug 26 09:57:55 server6 sshd[30660]: Failed password for invalid user nie from 87.242.15.123 port ........ -------------------------------	2019-08-27 06:35:02
43.226.40.41	attack	Aug 26 17:39:31 MK-Soft-VM7 sshd\[26813\]: Invalid user webuser from 43.226.40.41 port 56126 Aug 26 17:39:31 MK-Soft-VM7 sshd\[26813\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.226.40.41 Aug 26 17:39:34 MK-Soft-VM7 sshd\[26813\]: Failed password for invalid user webuser from 43.226.40.41 port 56126 ssh2 ...	2019-08-27 07:09:23
27.117.163.21	attack	Aug 26 16:05:45 hcbbdb sshd\[17525\]: Invalid user aan from 27.117.163.21 Aug 26 16:05:45 hcbbdb sshd\[17525\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.117.163.21 Aug 26 16:05:47 hcbbdb sshd\[17525\]: Failed password for invalid user aan from 27.117.163.21 port 50616 ssh2 Aug 26 16:11:54 hcbbdb sshd\[18134\]: Invalid user applmgr from 27.117.163.21 Aug 26 16:11:55 hcbbdb sshd\[18134\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.117.163.21	2019-08-27 06:51:20
192.42.116.16	attack	Aug 26 12:51:45 lcprod sshd\[13446\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.42.116.16 user=sshd Aug 26 12:51:46 lcprod sshd\[13446\]: Failed password for sshd from 192.42.116.16 port 60184 ssh2 Aug 26 12:51:47 lcprod sshd\[13446\]: Failed password for sshd from 192.42.116.16 port 60184 ssh2 Aug 26 12:51:49 lcprod sshd\[13446\]: Failed password for sshd from 192.42.116.16 port 60184 ssh2 Aug 26 12:51:51 lcprod sshd\[13446\]: Failed password for sshd from 192.42.116.16 port 60184 ssh2	2019-08-27 07:11:09
123.207.86.68	attackspam	Aug 26 22:30:28 eventyay sshd[6793]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.207.86.68 Aug 26 22:30:29 eventyay sshd[6793]: Failed password for invalid user soporte from 123.207.86.68 port 40377 ssh2 Aug 26 22:35:09 eventyay sshd[6883]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.207.86.68 ...	2019-08-27 06:59:13
81.22.45.215	attackspambots	Aug 27 01:07:20 lumpi kernel: INPUT:DROP:SPAMHAUS_EDROP:IN=eth0 OUT= MAC=52:54:a2:01:a5:04:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.215 DST=172.31.1.100 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=45361 PROTO=TCP SPT=54732 DPT=752 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-08-27 07:15:43
217.174.183.70	attackspam	[2019-08-2623:19:04 0200]info[cpaneld]217.174.183.70-trasloch"POST/login/\?login_only=1HTTP/1.1"FAILEDLOGINcpaneld:invalidcpanelusertrasloch\(has_cpuser_filefailed\)[2019-08-2623:19:05 0200]info[cpaneld]217.174.183.70-trasloch"POST/login/\?login_only=1HTTP/1.1"FAILEDLOGINcpaneld:invalidcpanelusertrasloch\(has_cpuser_filefailed\)[2019-08-2623:19:05 0200]info[cpaneld]217.174.183.70-trasloch"POST/login/\?login_only=1HTTP/1.1"FAILEDLOGINcpaneld:invalidcpanelusertrasloch\(has_cpuser_filefailed\)[2019-08-2623:19:05 0200]info[cpaneld]217.174.183.70-trasloch"POST/login/\?login_only=1HTTP/1.1"FAILEDLOGINcpaneld:invalidcpanelusertrasloch\(has_cpuser_filefailed\)[2019-08-2623:19:05 0200]info[cpaneld]217.174.183.70-trasloch"POST/login/\?login_only=1HTTP/1.1"FAILEDLOGINcpaneld:invalidcpanelusertrasloch\(has_cpuser_filefailed\)	2019-08-27 07:18:22
159.69.67.177	attack	probing --- 159.69.67.177 - - [25/Aug/2019:23:59:00 -0700] "GET /user//CHANGELOG.txt HTTP/1.1" 404	2019-08-27 06:49:57
27.72.105.157	attackbotsspam	Aug 26 23:41:08 localhost sshd\[30834\]: Invalid user salman from 27.72.105.157 port 51082 Aug 26 23:41:08 localhost sshd\[30834\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.72.105.157 Aug 26 23:41:10 localhost sshd\[30834\]: Failed password for invalid user salman from 27.72.105.157 port 51082 ssh2	2019-08-27 06:48:40
103.234.41.237	attackspambots	DATE:2019-08-26 15:29:10, IP:103.234.41.237, PORT:telnet - Telnet brute force auth on a honeypot server (epe-dc)	2019-08-27 06:45:14
80.82.77.18	attack	Aug 27 00:50:19 relay postfix/smtpd\[17931\]: warning: unknown\[80.82.77.18\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 27 00:50:38 relay postfix/smtpd\[32032\]: warning: unknown\[80.82.77.18\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 27 00:50:55 relay postfix/smtpd\[26237\]: warning: unknown\[80.82.77.18\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 27 00:51:13 relay postfix/smtpd\[26087\]: warning: unknown\[80.82.77.18\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 27 00:51:30 relay postfix/smtpd\[25455\]: warning: unknown\[80.82.77.18\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-08-27 06:59:29
60.12.18.6	attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2019-08-27 06:58:48
119.178.175.73	attackbotsspam	Aug 26 12:25:48 linuxrulz sshd[7768]: Invalid user 111 from 119.178.175.73 port 59454 Aug 26 12:25:48 linuxrulz sshd[7768]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.178.175.73 Aug 26 12:25:50 linuxrulz sshd[7768]: Failed password for invalid user 111 from 119.178.175.73 port 59454 ssh2 Aug 26 12:25:51 linuxrulz sshd[7768]: Received disconnect from 119.178.175.73 port 59454:11: Bye Bye [preauth] Aug 26 12:25:51 linuxrulz sshd[7768]: Disconnected from 119.178.175.73 port 59454 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=119.178.175.73	2019-08-27 06:52:42
134.209.126.154	attack	Aug 26 12:56:22 tdfoods sshd\[17780\]: Invalid user anastacia from 134.209.126.154 Aug 26 12:56:22 tdfoods sshd\[17780\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.126.154 Aug 26 12:56:24 tdfoods sshd\[17780\]: Failed password for invalid user anastacia from 134.209.126.154 port 36886 ssh2 Aug 26 13:00:26 tdfoods sshd\[18128\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.126.154 user=root Aug 26 13:00:28 tdfoods sshd\[18128\]: Failed password for root from 134.209.126.154 port 54320 ssh2	2019-08-27 07:10:06
209.235.67.48	attack	Aug 26 05:55:04 hcbb sshd\[24778\]: Invalid user nelson from 209.235.67.48 Aug 26 05:55:04 hcbb sshd\[24778\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=209.235.67.48 Aug 26 05:55:06 hcbb sshd\[24778\]: Failed password for invalid user nelson from 209.235.67.48 port 34043 ssh2 Aug 26 05:59:20 hcbb sshd\[25124\]: Invalid user amazon from 209.235.67.48 Aug 26 05:59:20 hcbb sshd\[25124\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=209.235.67.48	2019-08-27 07:03:47

Recently Reported IPs

105.127.249.0	140.40.226.18	147.26.80.194	167.71.99.248
165.22.30.235	140.143.241.79	140.45.12.3	96.191.88.162
63.116.77.181	39.130.13.77	82.34.110.251	49.157.7.124
99.251.251.135	69.175.87.87	160.41.206.187	138.204.250.106
202.197.102.60	65.72.157.219	93.174.231.5	177.98.7.235