134.3.140.153 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Germany

Internet Service Provider: Unitymedia BW GmbH

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Invalid user family from 134.3.140.153 port 56362	2020-02-20 20:19:16
attackbots	Feb 8 07:37:24 web8 sshd\[19785\]: Invalid user dsd from 134.3.140.153 Feb 8 07:37:24 web8 sshd\[19785\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.3.140.153 Feb 8 07:37:26 web8 sshd\[19785\]: Failed password for invalid user dsd from 134.3.140.153 port 49231 ssh2 Feb 8 07:39:54 web8 sshd\[20978\]: Invalid user zew from 134.3.140.153 Feb 8 07:39:54 web8 sshd\[20978\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.3.140.153	2020-02-08 15:46:04
attackbotsspam	no	2020-02-03 21:36:12

Type

Details

Datetime

attackbots

Invalid user family from 134.3.140.153 port 56362

2020-02-20 20:19:16

attackbots

Feb  8 07:37:24 web8 sshd\[19785\]: Invalid user dsd from 134.3.140.153
Feb  8 07:37:24 web8 sshd\[19785\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.3.140.153
Feb  8 07:37:26 web8 sshd\[19785\]: Failed password for invalid user dsd from 134.3.140.153 port 49231 ssh2
Feb  8 07:39:54 web8 sshd\[20978\]: Invalid user zew from 134.3.140.153
Feb  8 07:39:54 web8 sshd\[20978\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.3.140.153

2020-02-08 15:46:04

attackbotsspam

no

2020-02-03 21:36:12

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 134.3.140.153
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 5547
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;134.3.140.153.			IN	A

;; AUTHORITY SECTION:
.			416	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020020300 1800 900 604800 86400

;; Query time: 91 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 03 21:36:05 CST 2020
;; MSG SIZE  rcvd: 117

Host info

153.140.3.134.in-addr.arpa domain name pointer HSI-KBW-134-3-140-153.hsi14.kabel-badenwuerttemberg.de.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
153.140.3.134.in-addr.arpa	name = HSI-KBW-134-3-140-153.hsi14.kabel-badenwuerttemberg.de.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
106.54.184.153	attackspam	2020-04-03T13:43:56.599047abusebot-8.cloudsearch.cf sshd[18446]: Invalid user mac from 106.54.184.153 port 53132 2020-04-03T13:43:56.609875abusebot-8.cloudsearch.cf sshd[18446]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.184.153 2020-04-03T13:43:56.599047abusebot-8.cloudsearch.cf sshd[18446]: Invalid user mac from 106.54.184.153 port 53132 2020-04-03T13:43:58.967252abusebot-8.cloudsearch.cf sshd[18446]: Failed password for invalid user mac from 106.54.184.153 port 53132 ssh2 2020-04-03T13:53:07.606148abusebot-8.cloudsearch.cf sshd[18964]: Invalid user guest3 from 106.54.184.153 port 44326 2020-04-03T13:53:07.615078abusebot-8.cloudsearch.cf sshd[18964]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.184.153 2020-04-03T13:53:07.606148abusebot-8.cloudsearch.cf sshd[18964]: Invalid user guest3 from 106.54.184.153 port 44326 2020-04-03T13:53:08.948599abusebot-8.cloudsearch.cf sshd[18964]: Fai ...	2020-04-04 02:58:21
106.12.106.232	attackspam	fail2ban	2020-04-04 03:00:39
59.148.173.231	attackspam	Brute force attempt	2020-04-04 03:08:29
190.113.157.155	attackspambots	(sshd) Failed SSH login from 190.113.157.155 (AR/Argentina/190-113-157-155.supercanal.com.ar): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Apr 3 17:25:41 amsweb01 sshd[18630]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.113.157.155 user=root Apr 3 17:25:43 amsweb01 sshd[18630]: Failed password for root from 190.113.157.155 port 47362 ssh2 Apr 3 17:38:19 amsweb01 sshd[20238]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.113.157.155 user=root Apr 3 17:38:21 amsweb01 sshd[20238]: Failed password for root from 190.113.157.155 port 42730 ssh2 Apr 3 17:43:37 amsweb01 sshd[20946]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.113.157.155 user=root	2020-04-04 02:37:24
144.91.69.193	attack	Invalid user admin from 144.91.69.193 port 33774	2020-04-04 02:45:11
129.204.181.48	attackspambots	2020-04-03T15:19:42.922103abusebot-3.cloudsearch.cf sshd[5823]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.181.48 user=root 2020-04-03T15:19:45.439405abusebot-3.cloudsearch.cf sshd[5823]: Failed password for root from 129.204.181.48 port 39274 ssh2 2020-04-03T15:25:42.699865abusebot-3.cloudsearch.cf sshd[6281]: Invalid user lishuoguo from 129.204.181.48 port 41244 2020-04-03T15:25:42.707838abusebot-3.cloudsearch.cf sshd[6281]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.181.48 2020-04-03T15:25:42.699865abusebot-3.cloudsearch.cf sshd[6281]: Invalid user lishuoguo from 129.204.181.48 port 41244 2020-04-03T15:25:44.647666abusebot-3.cloudsearch.cf sshd[6281]: Failed password for invalid user lishuoguo from 129.204.181.48 port 41244 ssh2 2020-04-03T15:28:07.556071abusebot-3.cloudsearch.cf sshd[6467]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost ...	2020-04-04 02:48:29
180.76.167.9	attack	Apr 3 20:33:57 OPSO sshd\[30399\]: Invalid user mapp from 180.76.167.9 port 51818 Apr 3 20:33:57 OPSO sshd\[30399\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.167.9 Apr 3 20:33:59 OPSO sshd\[30399\]: Failed password for invalid user mapp from 180.76.167.9 port 51818 ssh2 Apr 3 20:39:37 OPSO sshd\[31698\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.167.9 user=root Apr 3 20:39:39 OPSO sshd\[31698\]: Failed password for root from 180.76.167.9 port 48656 ssh2	2020-04-04 02:39:57
59.36.142.180	attackspam	Apr 3 18:29:42 *** sshd[4050]: User root from 59.36.142.180 not allowed because not listed in AllowUsers	2020-04-04 03:08:43
195.69.222.169	attackspam	Apr 3 17:21:42 srv206 sshd[27583]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.69.222.169 user=root Apr 3 17:21:45 srv206 sshd[27583]: Failed password for root from 195.69.222.169 port 34756 ssh2 Apr 3 17:30:48 srv206 sshd[27616]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.69.222.169 user=root Apr 3 17:30:51 srv206 sshd[27616]: Failed password for root from 195.69.222.169 port 41992 ssh2 ...	2020-04-04 02:33:43
168.90.89.35	attack	(sshd) Failed SSH login from 168.90.89.35 (BR/Brazil/168.90.89.35.megalinkpi.net.br): 5 in the last 3600 secs	2020-04-04 02:42:24
162.252.57.211	attackbots	Mar 31 08:19:18 our-server-hostname sshd[3188]: Address 162.252.57.211 maps to nxxxxxxx.miami-servers.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Mar 31 08:19:18 our-server-hostname sshd[3188]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.252.57.211 user=r.r Mar 31 08:19:19 our-server-hostname sshd[3188]: Failed password for r.r from 162.252.57.211 port 59868 ssh2 Mar 31 08:26:10 our-server-hostname sshd[4810]: Address 162.252.57.211 maps to nxxxxxxx.miami-servers.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Mar 31 08:26:10 our-server-hostname sshd[4810]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.252.57.211 user=r.r Mar 31 08:26:11 our-server-hostname sshd[4810]: Failed password for r.r from 162.252.57.211 port 57262 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=162.252.57.211	2020-04-04 02:43:33
104.236.142.200	attack	fail2ban	2020-04-04 03:01:25
64.225.105.247	attackbots	Apr 3 21:01:17 gw1 sshd[17979]: Failed password for root from 64.225.105.247 port 56738 ssh2 ...	2020-04-04 03:07:08
106.53.19.186	attackbots	$f2bV_matches	2020-04-04 02:58:53
123.31.45.35	attackbots	Apr 3 15:17:53 ip-172-31-62-245 sshd\[3693\]: Failed password for root from 123.31.45.35 port 16394 ssh2\ Apr 3 15:21:54 ip-172-31-62-245 sshd\[3718\]: Failed password for root from 123.31.45.35 port 59482 ssh2\ Apr 3 15:23:22 ip-172-31-62-245 sshd\[3734\]: Invalid user ty from 123.31.45.35\ Apr 3 15:23:24 ip-172-31-62-245 sshd\[3734\]: Failed password for invalid user ty from 123.31.45.35 port 13282 ssh2\ Apr 3 15:24:55 ip-172-31-62-245 sshd\[3770\]: Invalid user ty from 123.31.45.35\	2020-04-04 02:51:09

Recently Reported IPs

201.161.58.149	190.230.15.199	156.21.79.62	152.22.143.65
11.31.85.103	84.37.24.133	123.111.226.167	125.178.252.201
179.18.142.102	197.104.98.238	181.60.217.32	97.107.57.2
12.55.141.109	64.126.128.6	211.2.227.83	37.49.226.111
19.221.26.176	161.125.232.90	12.3.77.182	139.183.27.100