91.134.242.66 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: France

Internet Service Provider: OVH SAS

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	2020-10-12T14:01:08.663590yoshi.linuxbox.ninja sshd[3316122]: Invalid user stud from 91.134.242.66 port 58272 2020-10-12T14:01:11.106009yoshi.linuxbox.ninja sshd[3316122]: Failed password for invalid user stud from 91.134.242.66 port 58272 ssh2 2020-10-12T14:04:29.805815yoshi.linuxbox.ninja sshd[3318509]: Invalid user ed from 91.134.242.66 port 58736 ...	2020-10-13 03:16:30
attackspambots	fail2ban/Oct 12 12:31:23 h1962932 sshd[5576]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.ip-91-134-242.eu user=root Oct 12 12:31:25 h1962932 sshd[5576]: Failed password for root from 91.134.242.66 port 42094 ssh2 Oct 12 12:35:37 h1962932 sshd[6222]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.ip-91-134-242.eu user=root Oct 12 12:35:39 h1962932 sshd[6222]: Failed password for root from 91.134.242.66 port 47234 ssh2 Oct 12 12:39:36 h1962932 sshd[6749]: Invalid user nikoya from 91.134.242.66 port 52374	2020-10-12 18:44:28

Type

Details

Datetime

attackbotsspam

2020-10-12T14:01:08.663590yoshi.linuxbox.ninja sshd[3316122]: Invalid user stud from 91.134.242.66 port 58272
2020-10-12T14:01:11.106009yoshi.linuxbox.ninja sshd[3316122]: Failed password for invalid user stud from 91.134.242.66 port 58272 ssh2
2020-10-12T14:04:29.805815yoshi.linuxbox.ninja sshd[3318509]: Invalid user ed from 91.134.242.66 port 58736
...

2020-10-13 03:16:30

attackspambots

fail2ban/Oct 12 12:31:23 h1962932 sshd[5576]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.ip-91-134-242.eu  user=root
Oct 12 12:31:25 h1962932 sshd[5576]: Failed password for root from 91.134.242.66 port 42094 ssh2
Oct 12 12:35:37 h1962932 sshd[6222]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.ip-91-134-242.eu  user=root
Oct 12 12:35:39 h1962932 sshd[6222]: Failed password for root from 91.134.242.66 port 47234 ssh2
Oct 12 12:39:36 h1962932 sshd[6749]: Invalid user nikoya from 91.134.242.66 port 52374

2020-10-12 18:44:28

Comments on same subnet:

IP	Type	Details	Datetime
91.134.242.199	attackspambots	2020-10-10T12:04:46.6706641495-001 sshd[13675]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=199.ip-91-134-242.eu 2020-10-10T12:04:46.6672351495-001 sshd[13675]: Invalid user adam from 91.134.242.199 port 49314 2020-10-10T12:04:49.0628381495-001 sshd[13675]: Failed password for invalid user adam from 91.134.242.199 port 49314 ssh2 2020-10-10T12:08:13.5261141495-001 sshd[13897]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=199.ip-91-134-242.eu user=root 2020-10-10T12:08:15.5617061495-001 sshd[13897]: Failed password for root from 91.134.242.199 port 46816 ssh2 2020-10-10T12:11:19.3282301495-001 sshd[14153]: Invalid user admin from 91.134.242.199 port 44334 ...	2020-10-11 00:38:58
91.134.242.199	attackspam	2020-10-10T07:29:58.976823abusebot-6.cloudsearch.cf sshd[15320]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=199.ip-91-134-242.eu user=root 2020-10-10T07:30:01.545717abusebot-6.cloudsearch.cf sshd[15320]: Failed password for root from 91.134.242.199 port 33042 ssh2 2020-10-10T07:33:49.926157abusebot-6.cloudsearch.cf sshd[15445]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=199.ip-91-134-242.eu user=root 2020-10-10T07:33:51.542243abusebot-6.cloudsearch.cf sshd[15445]: Failed password for root from 91.134.242.199 port 37692 ssh2 2020-10-10T07:37:25.091213abusebot-6.cloudsearch.cf sshd[15557]: Invalid user ooki from 91.134.242.199 port 42338 2020-10-10T07:37:25.096924abusebot-6.cloudsearch.cf sshd[15557]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=199.ip-91-134-242.eu 2020-10-10T07:37:25.091213abusebot-6.cloudsearch.cf sshd[15557]: Invalid user ooki from 91 ...	2020-10-10 16:27:24
91.134.242.199	attack	Oct 1 22:13:56 ns382633 sshd\[23502\]: Invalid user contact from 91.134.242.199 port 33846 Oct 1 22:13:56 ns382633 sshd\[23502\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.134.242.199 Oct 1 22:13:58 ns382633 sshd\[23502\]: Failed password for invalid user contact from 91.134.242.199 port 33846 ssh2 Oct 1 22:18:37 ns382633 sshd\[24087\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.134.242.199 user=root Oct 1 22:18:39 ns382633 sshd\[24087\]: Failed password for root from 91.134.242.199 port 42082 ssh2	2020-10-02 04:22:51
91.134.242.199	attackbots	Invalid user joanne from 91.134.242.199 port 57334	2020-10-01 20:37:07
91.134.242.199	attackspam	Oct 1 06:32:00 OPSO sshd\[15200\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.134.242.199 user=root Oct 1 06:32:02 OPSO sshd\[15200\]: Failed password for root from 91.134.242.199 port 53110 ssh2 Oct 1 06:35:54 OPSO sshd\[16253\]: Invalid user test from 91.134.242.199 port 33690 Oct 1 06:35:54 OPSO sshd\[16253\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.134.242.199 Oct 1 06:35:55 OPSO sshd\[16253\]: Failed password for invalid user test from 91.134.242.199 port 33690 ssh2	2020-10-01 12:48:21
91.134.242.199	attack	Sep 28 14:37:29 sip sshd[22510]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.134.242.199 Sep 28 14:37:31 sip sshd[22510]: Failed password for invalid user admin from 91.134.242.199 port 34100 ssh2 Sep 28 14:52:24 sip sshd[26414]: Failed password for root from 91.134.242.199 port 45444 ssh2	2020-09-29 04:01:44
91.134.242.199	attackspam	2020-09-28T12:47:36.791878centos sshd[25654]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.134.242.199 2020-09-28T12:47:36.782636centos sshd[25654]: Invalid user pippo from 91.134.242.199 port 51292 2020-09-28T12:47:39.007909centos sshd[25654]: Failed password for invalid user pippo from 91.134.242.199 port 51292 ssh2 ...	2020-09-28 20:15:05
91.134.242.199	attackbotsspam	2020-09-08T07:39:16.340663linuxbox-skyline sshd[153327]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.134.242.199 user=root 2020-09-08T07:39:18.596967linuxbox-skyline sshd[153327]: Failed password for root from 91.134.242.199 port 54040 ssh2 ...	2020-09-09 01:44:21
91.134.242.199	attackbots	$f2bV_matches	2020-09-08 17:11:00
91.134.242.199	attackbotsspam	Aug 30 20:08:31 gospond sshd[6669]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.134.242.199 Aug 30 20:08:31 gospond sshd[6669]: Invalid user hasegawa from 91.134.242.199 port 45390 Aug 30 20:08:32 gospond sshd[6669]: Failed password for invalid user hasegawa from 91.134.242.199 port 45390 ssh2 ...	2020-08-31 03:46:37
91.134.242.199	attackbotsspam	Aug 24 06:52:28 OPSO sshd\[11581\]: Invalid user keith from 91.134.242.199 port 60178 Aug 24 06:52:28 OPSO sshd\[11581\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.134.242.199 Aug 24 06:52:31 OPSO sshd\[11581\]: Failed password for invalid user keith from 91.134.242.199 port 60178 ssh2 Aug 24 06:56:29 OPSO sshd\[12467\]: Invalid user bgs from 91.134.242.199 port 41268 Aug 24 06:56:29 OPSO sshd\[12467\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.134.242.199	2020-08-24 15:17:07
91.134.242.199	attack	Aug 19 09:26:35 sip sshd[12575]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.134.242.199 Aug 19 09:26:36 sip sshd[12575]: Failed password for invalid user prd from 91.134.242.199 port 38188 ssh2 Aug 19 09:33:59 sip sshd[14668]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.134.242.199	2020-08-19 17:48:04
91.134.242.199	attackspam	SSH Brute Force	2020-08-17 01:40:27
91.134.242.199	attackspambots	Aug 8 06:56:02 server sshd[8037]: Failed password for root from 91.134.242.199 port 58870 ssh2 Aug 8 07:00:03 server sshd[12805]: Failed password for root from 91.134.242.199 port 41226 ssh2 Aug 8 07:04:09 server sshd[17969]: Failed password for root from 91.134.242.199 port 51814 ssh2	2020-08-08 15:49:08
91.134.242.199	attackbots	Connection to SSH Honeypot - Detected by HoneypotDB	2020-08-07 18:00:05

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 91.134.242.66
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24454
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;91.134.242.66.			IN	A

;; AUTHORITY SECTION:
.			427	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020101200 1800 900 604800 86400

;; Query time: 59 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Oct 12 18:44:24 CST 2020
;; MSG SIZE  rcvd: 117

Host info

66.242.134.91.in-addr.arpa domain name pointer 66.ip-91-134-242.eu.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
66.242.134.91.in-addr.arpa	name = 66.ip-91-134-242.eu.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
193.188.22.216	attackbotsspam	(000003)11/18/2019 17:15:23 PM - (not logged in) (193.188.22.216)> Connected on port 20, sending welcome message... (000003)11/18/2019 17:15:23 PM - (not logged in) (193.188.22.216)> 220 You're connected. Welcome (000003)11/18/2019 17:15:23 PM - (not logged in) (193.188.22.216)> (000003)11/18/2019 17:15:23 PM - (not logged in) (193.188.22.216)> 500 Syntax error, command unrecognized. (000003)11/18/2019 17:15:23 PM - (not logged in) (193.188.22.216)> /*à (000003)11/18/2019 17:15:23 PM - (not logged in) (193.188.22.216)> 500 Syntax error, command unrecognized. (000003)11/18/2019 17:15:23 PM - (not logged in) (193.188.22.216)> Cookie: mstshash=Administr (000003)11/18/2019 17:15:23 PM - (not logged in) (193.188.22.216)> 500 Syntax error, command unrecognized. (000003)11/18/2019 17:15:23 PM - (not logged in) (193.188.22.216)> (000003)11/18/2019 17:15:23 PM - (not logged in) (193.188.22.216)> 500 Syntax error, command unrecognized. (000003)11/18/2019 17:15:23 PM - (not logged in) (193.188.22.216)>	2019-11-19 08:59:04
1.55.190.91	attackspam	port 23 attempt blocked	2019-11-19 08:58:29
181.31.207.229	attack	2019-11-17 09:23:25 181.31.207.229 agon@spoofmail.de newshosting@mydomain.com dnsbl reject RCPT: 550 5.7.1 Service unavailable; client [181.31.207.229] blocked using zen.spamhaus.org	2019-11-19 09:21:14
51.79.68.99	attackspambots	Trying ports that it shouldn't be.	2019-11-19 09:25:06
118.25.48.254	attackspam	Nov 19 02:11:17 mout sshd[11910]: Invalid user abcd1234!@#$g from 118.25.48.254 port 52278	2019-11-19 09:28:41
106.12.241.109	attackspam	Nov 18 22:04:07 firewall sshd[26583]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.241.109 Nov 18 22:04:07 firewall sshd[26583]: Invalid user maik from 106.12.241.109 Nov 18 22:04:09 firewall sshd[26583]: Failed password for invalid user maik from 106.12.241.109 port 44168 ssh2 ...	2019-11-19 09:28:18
92.12.154.145	attackspam	Nov 19 01:53:20 ns3367391 sshd[26435]: Invalid user pi from 92.12.154.145 port 51260 Nov 19 01:53:20 ns3367391 sshd[26437]: Invalid user pi from 92.12.154.145 port 51266 ...	2019-11-19 09:30:39
185.167.114.12	attackbotsspam	Shenzhen TV vulnerability scan, accessed by IP not domain: 185.167.114.12 - - [18/Nov/2019:22:46:32 +0000] "POST /editBlackAndWhiteList HTTP/1.1" 404 260 "-" "ApiTool"	2019-11-19 08:59:25
206.189.145.251	attackbotsspam	Nov 19 00:49:21 meumeu sshd[1091]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.145.251 Nov 19 00:49:22 meumeu sshd[1091]: Failed password for invalid user pcap from 206.189.145.251 port 35198 ssh2 Nov 19 00:53:13 meumeu sshd[1768]: Failed password for root from 206.189.145.251 port 42918 ssh2 ...	2019-11-19 09:11:08
157.245.199.127	attack	Nov 18 14:49:51 wbs sshd\[6204\]: Invalid user test from 157.245.199.127 Nov 18 14:49:51 wbs sshd\[6204\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.199.127 Nov 18 14:49:53 wbs sshd\[6204\]: Failed password for invalid user test from 157.245.199.127 port 47634 ssh2 Nov 18 14:53:59 wbs sshd\[6564\]: Invalid user frog from 157.245.199.127 Nov 18 14:53:59 wbs sshd\[6564\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.199.127	2019-11-19 08:57:49
222.186.30.59	attackspam	Nov 19 06:03:26 gw1 sshd[26616]: Failed password for root from 222.186.30.59 port 13770 ssh2 ...	2019-11-19 09:06:52
1.2.237.156	attack	port 23 attempt blocked	2019-11-19 09:02:07
218.78.54.80	attack	Automatic report - Banned IP Access	2019-11-19 09:26:00
139.59.84.55	attackbots	2019-11-19T00:33:24.193486abusebot.cloudsearch.cf sshd\[29650\]: Invalid user azureuser from 139.59.84.55 port 36610	2019-11-19 08:50:52
103.48.192.203	attackbots	[munged]::443 103.48.192.203 - - [19/Nov/2019:02:26:20 +0100] "POST /[munged]: HTTP/1.1" 200 9079 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 103.48.192.203 - - [19/Nov/2019:02:26:23 +0100] "POST /[munged]: HTTP/1.1" 200 9079 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 103.48.192.203 - - [19/Nov/2019:02:26:27 +0100] "POST /[munged]: HTTP/1.1" 200 9079 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 103.48.192.203 - - [19/Nov/2019:02:26:30 +0100] "POST /[munged]: HTTP/1.1" 200 9079 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 103.48.192.203 - - [19/Nov/2019:02:26:33 +0100] "POST /[munged]: HTTP/1.1" 200 9079 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 103.48.192.203 - - [19/Nov/2019:02:26:36 +0100] "POST /[munged]: HTTP/1.1" 200 9079 "-" "Mozilla/5.0 (X11	2019-11-19 09:30:00

Recently Reported IPs

51.15.199.138	45.173.205.136	222.84.255.33	192.99.178.39
73.170.250.28	188.40.210.20	103.116.202.10	124.156.146.87
99.84.108.138	185.244.39.133	185.244.39.29	84.154.26.53
181.191.240.10	180.183.128.242	72.167.190.206	195.154.250.127
64.225.115.75	223.112.137.131	209.50.50.34	122.116.98.219