159.203.34.134

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
159.203.34.76	attack	firewall-block, port(s): 726/tcp	2020-08-12 02:40:34
159.203.34.76	attackbots	Aug 9 05:29:00 roki sshd[14124]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.34.76 user=root Aug 9 05:29:02 roki sshd[14124]: Failed password for root from 159.203.34.76 port 33650 ssh2 Aug 9 05:40:24 roki sshd[14951]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.34.76 user=root Aug 9 05:40:26 roki sshd[14951]: Failed password for root from 159.203.34.76 port 57971 ssh2 Aug 9 05:49:43 roki sshd[15592]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.34.76 user=root ...	2020-08-09 17:20:07
159.203.34.76	attackspam	" "	2020-08-09 02:38:09
159.203.34.76	attackbotsspam	159.203.34.76 (CA/Canada/-), 12 distributed sshd attacks on account [root] in the last 3600 secs	2020-08-07 13:44:04
159.203.34.76	attackspambots	Aug 6 17:28:36 debian-2gb-nbg1-2 kernel: \[18986172.083391\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=159.203.34.76 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=239 ID=39171 PROTO=TCP SPT=58738 DPT=19840 WINDOW=1024 RES=0x00 SYN URGP=0	2020-08-07 00:33:50
159.203.34.76	attack	SSH authentication failure x 6 reported by Fail2Ban ...	2020-08-06 02:53:01
159.203.34.76	attackspambots	$f2bV_matches	2020-08-02 05:52:41
159.203.34.76	attack	24901/tcp 15996/tcp 22558/tcp... [2020-05-23/07-23]63pkt,24pt.(tcp)	2020-07-23 14:30:13
159.203.34.76	attackbotsspam	Jul 19 19:45:10 vm1 sshd[19791]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.34.76 Jul 19 19:45:12 vm1 sshd[19791]: Failed password for invalid user superman from 159.203.34.76 port 43923 ssh2 ...	2020-07-20 01:54:38
159.203.34.76	attackspambots	scans once in preceeding hours on the ports (in chronological order) 30675 resulting in total of 4 scans from 159.203.0.0/16 block.	2020-07-13 23:01:55
159.203.34.76	attackbots	Jul 12 14:35:52 debian-2gb-nbg1-2 kernel: \[16815931.140681\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=159.203.34.76 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=232 ID=16771 PROTO=TCP SPT=59952 DPT=27958 WINDOW=1024 RES=0x00 SYN URGP=0	2020-07-12 21:12:41
159.203.34.76	attack	Jun 30 16:18:02 scw-tender-jepsen sshd[16457]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.34.76 Jun 30 16:18:04 scw-tender-jepsen sshd[16457]: Failed password for invalid user san from 159.203.34.76 port 33095 ssh2	2020-07-01 12:44:38
159.203.34.76	attackspam	Jun 20 11:09:45 vmd26974 sshd[24502]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.34.76 Jun 20 11:09:47 vmd26974 sshd[24502]: Failed password for invalid user scan from 159.203.34.76 port 49602 ssh2 ...	2020-06-20 19:14:08
159.203.34.76	attackspam	22886/tcp 25516/tcp 1288/tcp... [2020-04-21/06-18]64pkt,23pt.(tcp)	2020-06-20 00:43:26
159.203.34.100	attackbots	DATE:2020-05-23 22:13:34, IP:159.203.34.100, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2020-05-24 06:40:23

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 159.203.34.134
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 27729
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;159.203.34.134.			IN	A

;; AUTHORITY SECTION:
.			247	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022701 1800 900 604800 86400

;; Query time: 20 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 28 05:10:00 CST 2022
;; MSG SIZE  rcvd: 107

Host info

Host 134.34.203.159.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 134.34.203.159.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
159.89.123.66	attack	CMS (WordPress or Joomla) login attempt.	2020-08-02 13:28:54
47.74.44.224	attackbots	Invalid user goga from 47.74.44.224 port 33420	2020-08-02 14:03:26
49.234.96.210	attackbots	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-08-02T04:09:41Z and 2020-08-02T04:35:34Z	2020-08-02 13:54:30
129.204.205.231	attackbots	Aug 2 07:22:46 OPSO sshd\[9660\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.205.231 user=root Aug 2 07:22:49 OPSO sshd\[9660\]: Failed password for root from 129.204.205.231 port 57950 ssh2 Aug 2 07:26:02 OPSO sshd\[10126\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.205.231 user=root Aug 2 07:26:04 OPSO sshd\[10126\]: Failed password for root from 129.204.205.231 port 35648 ssh2 Aug 2 07:29:13 OPSO sshd\[10369\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.205.231 user=root	2020-08-02 13:58:50
104.244.77.95	attackspambots	Aug 2 05:54:22 hell sshd[31005]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.244.77.95 Aug 2 05:54:24 hell sshd[31005]: Failed password for invalid user admin from 104.244.77.95 port 41727 ssh2 ...	2020-08-02 13:28:31
187.107.67.41	attackbots	Lines containing failures of 187.107.67.41 Aug 1 05:15:24 shared01 sshd[12239]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.107.67.41 user=r.r Aug 1 05:15:26 shared01 sshd[12239]: Failed password for r.r from 187.107.67.41 port 46266 ssh2 Aug 1 05:15:26 shared01 sshd[12239]: Received disconnect from 187.107.67.41 port 46266:11: Bye Bye [preauth] Aug 1 05:15:26 shared01 sshd[12239]: Disconnected from authenticating user r.r 187.107.67.41 port 46266 [preauth] Aug 1 05:23:01 shared01 sshd[14998]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.107.67.41 user=r.r Aug 1 05:23:03 shared01 sshd[14998]: Failed password for r.r from 187.107.67.41 port 55432 ssh2 Aug 1 05:23:03 shared01 sshd[14998]: Received disconnect from 187.107.67.41 port 55432:11: Bye Bye [preauth] Aug 1 05:23:03 shared01 sshd[14998]: Disconnected from authenticating user r.r 187.107.67.41 port 55432 [preauth........ ------------------------------	2020-08-02 13:47:17
118.27.31.145	attackbots	2020-08-02T04:56:16.607778shield sshd\[19990\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=v118-27-31-145.hkbx.static.cnode.io user=root 2020-08-02T04:56:18.321205shield sshd\[19990\]: Failed password for root from 118.27.31.145 port 59764 ssh2 2020-08-02T04:59:42.252349shield sshd\[20534\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=v118-27-31-145.hkbx.static.cnode.io user=root 2020-08-02T04:59:44.234378shield sshd\[20534\]: Failed password for root from 118.27.31.145 port 56624 ssh2 2020-08-02T05:03:09.869869shield sshd\[21078\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=v118-27-31-145.hkbx.static.cnode.io user=root	2020-08-02 13:21:12
175.193.13.3	attackspambots	Repeated brute force against a port	2020-08-02 14:01:14
103.248.33.51	attackbotsspam	Aug 2 01:27:28 vps46666688 sshd[19564]: Failed password for root from 103.248.33.51 port 58650 ssh2 ...	2020-08-02 13:16:02
89.248.174.3	attackspam	08/01/2020-23:54:24.202131 89.248.174.3 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2020-08-02 13:29:49
189.163.24.102	attackspam	Aug 2 04:59:46 jumpserver sshd[352124]: Failed password for root from 189.163.24.102 port 52106 ssh2 Aug 2 05:03:19 jumpserver sshd[352133]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.163.24.102 user=root Aug 2 05:03:21 jumpserver sshd[352133]: Failed password for root from 189.163.24.102 port 46888 ssh2 ...	2020-08-02 13:57:04
181.21.106.161	attackbotsspam	Aug 2 07:50:54 debian-2gb-nbg1-2 kernel: \[18605931.917433\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=181.21.106.161 DST=195.201.40.59 LEN=44 TOS=0x00 PREC=0x20 TTL=48 ID=54447 PROTO=TCP SPT=33696 DPT=23 WINDOW=12071 RES=0x00 SYN URGP=0	2020-08-02 13:59:44
88.132.66.26	attack	Aug 1 21:53:51 Host-KLAX-C sshd[15298]: User root from 88.132.66.26 not allowed because not listed in AllowUsers ...	2020-08-02 13:52:08
192.35.168.197	attack	"Found User-Agent associated with security scanner - Matched Data: zgrab found within REQUEST_HEADERS:User-Agent: mozilla/5.0 zgrab/0.x"	2020-08-02 13:50:36
132.232.21.175	attackbotsspam	Aug 2 07:00:06 vps647732 sshd[2970]: Failed password for root from 132.232.21.175 port 17202 ssh2 ...	2020-08-02 13:18:01

Recently Reported IPs

159.203.37.167	159.203.37.70	159.203.34.186	159.203.38.131
159.223.139.136	159.223.13.21	159.223.136.106	159.223.134.211
159.223.132.255	159.223.139.212	159.223.131.173	159.223.135.5
159.223.131.250	159.223.131.163	159.223.135.84	159.223.130.128
159.223.140.37	159.223.139.250	159.223.141.11	159.223.143.131