210.12.134.242

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Zhuhai Bluemax Development Co. Ltd

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Nov 15 12:32:53 www sshd\[54997\]: Invalid user hello from 210.12.134.242 Nov 15 12:32:53 www sshd\[54997\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.12.134.242 Nov 15 12:32:55 www sshd\[54997\]: Failed password for invalid user hello from 210.12.134.242 port 46324 ssh2 ...	2019-11-15 21:26:32

Type

Details

Datetime

attackbots

Nov 15 12:32:53 www sshd\[54997\]: Invalid user hello from 210.12.134.242
Nov 15 12:32:53 www sshd\[54997\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.12.134.242
Nov 15 12:32:55 www sshd\[54997\]: Failed password for invalid user hello from 210.12.134.242 port 46324 ssh2
...

2019-11-15 21:26:32

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 210.12.134.242
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 61127
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;210.12.134.242.			IN	A

;; AUTHORITY SECTION:
.			342	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019111500 1800 900 604800 86400

;; Query time: 91 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Nov 15 21:26:27 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 242.134.12.210.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

** server can't find 242.134.12.210.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
140.238.190.22	attackspam	140.238.190.22 - - [27/Apr/2020:13:54:14 +0200] "GET / HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0" 140.238.190.22 - - [27/Apr/2020:13:54:15 +0200] "GET /home.asp HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0" 140.238.190.22 - - [27/Apr/2020:13:54:16 +0200] "GET /login.cgi?uri= HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0" 140.238.190.22 - - [27/Apr/2020:13:54:17 +0200] "GET /vpn/index.html HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0" 140.238.190.22 - - [27/Apr/2020:13:54:18 +0200] "GET /cgi-bin/luci HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0"	2020-04-27 23:56:43
106.75.7.70	attack	Apr 27 17:19:00 rotator sshd\[25784\]: Failed password for root from 106.75.7.70 port 47096 ssh2Apr 27 17:21:13 rotator sshd\[26550\]: Invalid user ssp from 106.75.7.70Apr 27 17:21:15 rotator sshd\[26550\]: Failed password for invalid user ssp from 106.75.7.70 port 38840 ssh2Apr 27 17:23:33 rotator sshd\[26577\]: Invalid user dian from 106.75.7.70Apr 27 17:23:35 rotator sshd\[26577\]: Failed password for invalid user dian from 106.75.7.70 port 58814 ssh2Apr 27 17:25:40 rotator sshd\[27372\]: Failed password for root from 106.75.7.70 port 50556 ssh2 ...	2020-04-28 00:21:15
173.201.196.169	attack	Automatic report - XMLRPC Attack	2020-04-27 23:36:24
103.146.203.12	attackspam	Apr 27 16:44:16 pornomens sshd\[6907\]: Invalid user xr from 103.146.203.12 port 47614 Apr 27 16:44:16 pornomens sshd\[6907\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.146.203.12 Apr 27 16:44:17 pornomens sshd\[6907\]: Failed password for invalid user xr from 103.146.203.12 port 47614 ssh2 ...	2020-04-27 23:32:14
119.28.131.229	attack	SSH Brute-Forcing (server1)	2020-04-28 00:13:44
35.189.21.51	attackspambots	Automatic report - XMLRPC Attack	2020-04-27 23:42:31
171.228.251.22	attackbots	Bruteforce detected by fail2ban	2020-04-27 23:50:00
167.114.153.43	attack	SSH Bruteforce attack	2020-04-27 23:44:03
222.222.31.70	attackspam	2020-04-27T14:59:05.928004sd-86998 sshd[17498]: Invalid user ase from 222.222.31.70 port 35620 2020-04-27T14:59:05.930251sd-86998 sshd[17498]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.222.31.70 2020-04-27T14:59:05.928004sd-86998 sshd[17498]: Invalid user ase from 222.222.31.70 port 35620 2020-04-27T14:59:08.359675sd-86998 sshd[17498]: Failed password for invalid user ase from 222.222.31.70 port 35620 ssh2 2020-04-27T15:08:38.264413sd-86998 sshd[18353]: Invalid user admin from 222.222.31.70 port 53610 ...	2020-04-27 23:54:57
71.58.90.64	attackspambots	2020-04-27T15:26:32.772586shield sshd\[23338\]: Invalid user hans from 71.58.90.64 port 48684 2020-04-27T15:26:32.777455shield sshd\[23338\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=71.58.90.64 2020-04-27T15:26:34.744331shield sshd\[23338\]: Failed password for invalid user hans from 71.58.90.64 port 48684 ssh2 2020-04-27T15:35:29.138277shield sshd\[24518\]: Invalid user lisa from 71.58.90.64 port 44486 2020-04-27T15:35:29.142004shield sshd\[24518\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=71.58.90.64	2020-04-27 23:41:57
51.137.94.78	attackspambots	DATE:2020-04-27 13:54:02, IP:51.137.94.78, PORT:ssh SSH brute force auth (docker-dc)	2020-04-28 00:14:43
82.213.250.184	attackspambots	Automatic report - Port Scan Attack	2020-04-27 23:51:00
34.74.204.67	attackspam	[Mon Apr 27 18:53:59.930879 2020] [:error] [pid 5829:tid 140575014553344] [client 34.74.204.67:56799] [client 34.74.204.67] ModSecurity: Access denied with code 403 (phase 1). Match of "within %{tx.allowed_http_versions}" against "REQUEST_PROTOCOL" required. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "972"] [id "920430"] [msg "HTTP protocol version is not allowed by policy"] [data "HTTP/1.0"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/POLICY/PROTOCOL_NOT_ALLOWED"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A6"] [tag "PCI/6.5.10"] [hostname "staklim-malang.info"] [uri "/robots.txt"] [unique_id "XqbH1zsqLtpMvmFBdz70zQAAAhw"] ...	2020-04-28 00:16:13
128.71.111.32	attackspam	1587988485 - 04/27/2020 13:54:45 Host: 128.71.111.32/128.71.111.32 Port: 445 TCP Blocked	2020-04-27 23:35:05
82.146.42.66	attackspam	DATE:2020-04-27 16:19:26, IP:82.146.42.66, PORT:ssh SSH brute force auth (docker-dc)	2020-04-27 23:33:11

Recently Reported IPs

116.106.35.109	37.53.64.68	123.148.144.149	36.108.128.134
223.10.64.11	79.171.118.226	88.255.108.20	186.179.219.25
93.114.205.113	222.139.16.17	111.68.104.156	113.173.9.203
181.81.92.37	219.157.54.81	163.172.30.8	212.83.170.7
82.77.112.108	191.193.248.222	178.242.195.50	189.198.93.2