134.119.225.130

Basic Info

City: unknown

Region: unknown

Country: Germany

Internet Service Provider: domainfactory GmbH

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Automatic report - Web App Attack	2019-07-04 23:35:49
attack	134.119.225.130 - - \[24/Jun/2019:06:45:40 +0200\] "GET /wp-login.php HTTP/1.1" 200 1301 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 134.119.225.130 - - \[24/Jun/2019:06:45:41 +0200\] "POST /wp-login.php HTTP/1.1" 200 1704 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 134.119.225.130 - - \[24/Jun/2019:06:46:12 +0200\] "POST /wp-login.php HTTP/1.1" 200 1439 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 134.119.225.130 - - \[24/Jun/2019:06:46:13 +0200\] "GET /wp-login.php HTTP/1.1" 200 1301 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 134.119.225.130 - - \[24/Jun/2019:06:46:13 +0200\] "POST /wp-login.php HTTP/1.1" 200 1710 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 134.119.225.130 - - \[24/Jun/2019:06:46:20 +0200\] "GET /wp-login.php HTTP/1.1" 200 1301 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\	2019-06-24 18:19:14
attackspam	134.119.225.130 - - \[23/Jun/2019:11:40:45 +0200\] "POST /wp-login.php HTTP/1.1" 200 1396 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 134.119.225.130 - - \[23/Jun/2019:11:40:47 +0200\] "GET /wp-login.php HTTP/1.1" 200 1237 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 134.119.225.130 - - \[23/Jun/2019:11:40:47 +0200\] "POST /wp-login.php HTTP/1.1" 200 1607 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 134.119.225.130 - - \[23/Jun/2019:11:41:50 +0200\] "GET /wp-login.php HTTP/1.1" 200 1237 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 134.119.225.130 - - \[23/Jun/2019:11:41:51 +0200\] "POST /wp-login.php HTTP/1.1" 200 1614 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 134.119.225.130 - - \[23/Jun/2019:11:41:51 +0200\] "GET /wp-login.php HTTP/1.1" 200 1237 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\	2019-06-24 03:42:54

Type

Details

Datetime

attackspambots

Automatic report - Web App Attack

2019-07-04 23:35:49

attack

134.119.225.130 - - \[24/Jun/2019:06:45:40 +0200\] "GET /wp-login.php HTTP/1.1" 200 1301 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
134.119.225.130 - - \[24/Jun/2019:06:45:41 +0200\] "POST /wp-login.php HTTP/1.1" 200 1704 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
134.119.225.130 - - \[24/Jun/2019:06:46:12 +0200\] "POST /wp-login.php HTTP/1.1" 200 1439 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
134.119.225.130 - - \[24/Jun/2019:06:46:13 +0200\] "GET /wp-login.php HTTP/1.1" 200 1301 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
134.119.225.130 - - \[24/Jun/2019:06:46:13 +0200\] "POST /wp-login.php HTTP/1.1" 200 1710 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
134.119.225.130 - - \[24/Jun/2019:06:46:20 +0200\] "GET /wp-login.php HTTP/1.1" 200 1301 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\

2019-06-24 18:19:14

attackspam

134.119.225.130 - - \[23/Jun/2019:11:40:45 +0200\] "POST /wp-login.php HTTP/1.1" 200 1396 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
134.119.225.130 - - \[23/Jun/2019:11:40:47 +0200\] "GET /wp-login.php HTTP/1.1" 200 1237 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
134.119.225.130 - - \[23/Jun/2019:11:40:47 +0200\] "POST /wp-login.php HTTP/1.1" 200 1607 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
134.119.225.130 - - \[23/Jun/2019:11:41:50 +0200\] "GET /wp-login.php HTTP/1.1" 200 1237 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
134.119.225.130 - - \[23/Jun/2019:11:41:51 +0200\] "POST /wp-login.php HTTP/1.1" 200 1614 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
134.119.225.130 - - \[23/Jun/2019:11:41:51 +0200\] "GET /wp-login.php HTTP/1.1" 200 1237 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\

2019-06-24 03:42:54

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 134.119.225.130
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 7344
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;134.119.225.130.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019062301 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Jun 24 03:42:49 CST 2019
;; MSG SIZE  rcvd: 119

Host info

130.225.119.134.in-addr.arpa domain name pointer gn2-host26.de.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
130.225.119.134.in-addr.arpa	name = gn2-host26.de.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
222.186.175.217	attackspambots	Feb 2 13:30:27 php1 sshd\[2658\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.217 user=root Feb 2 13:30:29 php1 sshd\[2658\]: Failed password for root from 222.186.175.217 port 3052 ssh2 Feb 2 13:30:38 php1 sshd\[2658\]: Failed password for root from 222.186.175.217 port 3052 ssh2 Feb 2 13:30:41 php1 sshd\[2658\]: Failed password for root from 222.186.175.217 port 3052 ssh2 Feb 2 13:30:44 php1 sshd\[2673\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.217 user=root	2020-02-03 07:32:42
106.12.200.14	attack	Feb 3 00:30:33 MK-Soft-VM7 sshd[16693]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.200.14 Feb 3 00:30:35 MK-Soft-VM7 sshd[16693]: Failed password for invalid user eppc from 106.12.200.14 port 47570 ssh2 ...	2020-02-03 07:35:15
14.230.161.127	attackspam	Attempt to attack host OS, exploiting network vulnerabilities, on 02-02-2020 15:05:23.	2020-02-03 07:22:29
83.43.110.226	attackspam	Unauthorized connection attempt from IP address 83.43.110.226 on Port 445(SMB)	2020-02-03 07:36:36
177.72.88.71	attack	Automatic report - Port Scan Attack	2020-02-03 07:43:04
156.223.103.47	attackbotsspam	Attempt to attack host OS, exploiting network vulnerabilities, on 02-02-2020 15:05:24.	2020-02-03 07:19:11
190.187.78.198	attackbotsspam	Feb 2 20:21:14 firewall sshd[4918]: Invalid user cvsuser from 190.187.78.198 Feb 2 20:21:16 firewall sshd[4918]: Failed password for invalid user cvsuser from 190.187.78.198 port 32823 ssh2 Feb 2 20:30:31 firewall sshd[5377]: Invalid user amy from 190.187.78.198 ...	2020-02-03 07:46:11
172.247.123.99	attackbotsspam	Unauthorized connection attempt detected from IP address 172.247.123.99 to port 2220 [J]	2020-02-03 07:45:28
45.143.223.8	attackbots	$f2bV_matches	2020-02-03 07:50:25
124.123.151.113	attackspam	Attempt to attack host OS, exploiting network vulnerabilities, on 02-02-2020 15:05:22.	2020-02-03 07:23:57
106.75.141.205	attackspambots	Feb 3 00:21:23 server sshd[2210]: Failed password for invalid user smbuser from 106.75.141.205 port 37859 ssh2 Feb 3 00:27:48 server sshd[2506]: Failed password for invalid user tanaka from 106.75.141.205 port 57179 ssh2 Feb 3 00:30:37 server sshd[2682]: Failed password for invalid user melev from 106.75.141.205 port 39073 ssh2	2020-02-03 07:40:15
216.244.66.229	attackspam	Automated report (2020-02-02T23:30:30+00:00). Misbehaving bot detected at this address.	2020-02-03 07:48:11
192.81.216.31	attack	Jun 5 20:38:20 ms-srv sshd[52321]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.81.216.31 Jun 5 20:38:21 ms-srv sshd[52321]: Failed password for invalid user redis from 192.81.216.31 port 52672 ssh2	2020-02-03 07:26:52
197.44.14.250	attack	Telnet Server BruteForce Attack	2020-02-03 07:26:09
188.53.141.8	attackspambots	Attempt to attack host OS, exploiting network vulnerabilities, on 02-02-2020 15:05:26.	2020-02-03 07:14:33

Recently Reported IPs

45.32.238.223	188.187.0.171	190.73.231.120	195.70.126.11
176.108.57.191	123.12.73.171	181.226.75.22	111.242.234.37
191.53.117.159	119.145.27.16	62.221.250.207	46.178.110.9
122.167.105.0	36.78.206.17	189.124.134.49	157.230.113.87
78.38.114.84	113.180.62.66	174.92.216.135	207.154.243.255