123.148.242.134

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: China Network Communications Group Corporation

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Automatic report - XMLRPC Attack	2019-12-18 13:01:48

Comments on same subnet:

IP	Type	Details	Datetime
123.148.242.122	attackbotsspam	Wordpress_xmlrpc_attack	2020-02-28 07:03:39
123.148.242.153	attack	(mod_security) mod_security (id:240335) triggered by 123.148.242.153 (CN/China/-): 5 in the last 3600 secs	2020-01-23 21:49:06
123.148.242.167	attackspambots	Wordpress_xmlrpc_attack	2020-01-15 20:59:05
123.148.242.127	attackspam	China government hacker	2020-01-10 03:29:10
123.148.242.232	attack	miraklein.com 123.148.242.232 \[09/Nov/2019:05:54:47 +0100\] "POST /xmlrpc.php HTTP/1.1" 301 494 "-" "Mozilla/5.0 $Windows NT 10.0\; Win64\; x64$ AppleWebKit/537.36 $KHTML, like Gecko$ Chrome/63.0.3239.132 Safari/537.36" miraklein.com 123.148.242.232 \[09/Nov/2019:05:54:48 +0100\] "POST /xmlrpc.php HTTP/1.1" 301 494 "-" "Mozilla/5.0 $Windows NT 10.0\; Win64\; x64$ AppleWebKit/537.36 $KHTML, like Gecko$ Chrome/63.0.3239.132 Safari/537.36"	2019-11-09 13:47:02
123.148.242.39	attackbots	Wordpress attack	2019-10-14 07:58:20
123.148.242.206	attack	Wordpress attack	2019-08-30 05:53:42
123.148.242.221	attackbotsspam	Attack to wordpress xmlrpc	2019-08-25 15:36:08
123.148.242.241	attackbotsspam	REQUESTED PAGE: /wp-login.php	2019-07-31 07:12:59
123.148.242.62	attackbotsspam	Wordpress attack	2019-07-13 04:32:37

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 123.148.242.134
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 32740
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;123.148.242.134.		IN	A

;; AUTHORITY SECTION:
.			524	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121702 1800 900 604800 86400

;; Query time: 120 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Dec 18 13:01:45 CST 2019
;; MSG SIZE  rcvd: 119

Host info

Host 134.242.148.123.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 134.242.148.123.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
114.67.98.243	attack	Nov 13 16:52:48 vps691689 sshd[29206]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.67.98.243 Nov 13 16:52:50 vps691689 sshd[29206]: Failed password for invalid user healer from 114.67.98.243 port 43073 ssh2 ...	2019-11-14 00:57:06
178.128.114.248	attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-11-14 00:27:50
103.125.251.140	attack	Nov 13 16:51:52 MK-Soft-VM6 sshd[30599]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.125.251.140 Nov 13 16:51:54 MK-Soft-VM6 sshd[30599]: Failed password for invalid user wwwadmin from 103.125.251.140 port 53503 ssh2 ...	2019-11-14 00:24:28
217.46.233.121	attackbotsspam	2019-11-13T16:15:42.033268shield sshd\[9454\]: Invalid user aynsley from 217.46.233.121 port 57917 2019-11-13T16:15:42.038049shield sshd\[9454\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=host217-46-233-121.in-addr.btopenworld.com 2019-11-13T16:15:43.606082shield sshd\[9454\]: Failed password for invalid user aynsley from 217.46.233.121 port 57917 ssh2 2019-11-13T16:23:04.796950shield sshd\[10051\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=host217-46-233-121.in-addr.btopenworld.com user=root 2019-11-13T16:23:06.712670shield sshd\[10051\]: Failed password for root from 217.46.233.121 port 42046 ssh2	2019-11-14 00:32:58
109.61.53.22	attack	firewall-block, port(s): 5555/tcp	2019-11-14 00:25:57
115.49.192.70	attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-11-14 00:38:07
14.63.223.226	attackspambots	Nov 13 16:20:53 eventyay sshd[23566]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.63.223.226 Nov 13 16:20:55 eventyay sshd[23566]: Failed password for invalid user vaimedia from 14.63.223.226 port 38912 ssh2 Nov 13 16:25:26 eventyay sshd[23641]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.63.223.226 ...	2019-11-14 00:57:41
119.7.15.253	attackspambots	firewall-block, port(s): 3389/tcp	2019-11-14 00:21:34
45.79.48.151	attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-11-14 00:45:58
77.6.1.110	attackspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/77.6.1.110/ DE - 1H : (52) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : DE NAME ASN : ASN6805 IP : 77.6.1.110 CIDR : 77.0.0.0/12 PREFIX COUNT : 42 UNIQUE IP COUNT : 7555584 ATTACKS DETECTED ASN6805 : 1H - 2 3H - 2 6H - 2 12H - 3 24H - 5 DateTime : 2019-11-13 15:49:33 INFO : Port SSH 22 Scan Detected and Blocked by ADMIN - data recovery	2019-11-14 01:05:01
79.172.214.169	attack	Nov 13 17:03:09 taivassalofi sshd[87290]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=79.172.214.169 Nov 13 17:03:11 taivassalofi sshd[87290]: Failed password for invalid user zantis from 79.172.214.169 port 47919 ssh2 ...	2019-11-14 00:41:00
79.137.72.98	attack	$f2bV_matches	2019-11-14 00:48:19
106.12.111.201	attack	ssh failed login	2019-11-14 00:54:01
103.233.118.226	attackbots	Sending SPAM email	2019-11-14 00:31:56
171.100.252.140	attackspambots	Chat Spam	2019-11-14 00:33:22

Recently Reported IPs

118.68.165.99	36.67.120.37	103.43.121.53	40.92.253.57
40.92.74.102	14.186.237.192	66.175.238.144	201.150.149.87
113.190.245.58	104.131.97.47	123.25.21.149	91.239.158.51
188.120.36.223	67.173.62.44	37.143.147.211	170.106.36.63
154.92.16.51	2.144.243.13	40.92.74.89	40.92.74.66