123.145.3.124 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
123.145.30.23	attack	Unauthorized connection attempt detected from IP address 123.145.30.23 to port 123	2020-06-13 07:50:00
123.145.3.91	attack	Web Server Scan. RayID: 58f1c6f6aaad77b2, UA: Mozilla/4.047745454 Mozilla/4.0 (compatible; MSIE 5.00; Windows 98), Country: CN	2020-05-21 04:02:28
123.145.30.4	attackspambots	Unauthorized connection attempt detected from IP address 123.145.30.4 to port 8082 [J]	2020-03-02 19:58:54
123.145.32.233	attackbotsspam	Unauthorized connection attempt detected from IP address 123.145.32.233 to port 8118 [J]	2020-03-02 15:00:33
123.145.33.41	attackspambots	unauthorized connection attempt	2020-02-16 21:04:47
123.145.37.225	attackbots	Unauthorized connection attempt detected from IP address 123.145.37.225 to port 8081 [J]	2020-01-27 00:18:03
123.145.36.201	attackspam	Unauthorized connection attempt detected from IP address 123.145.36.201 to port 443 [J]	2020-01-16 08:00:20
123.145.38.177	attackspam	Unauthorized connection attempt detected from IP address 123.145.38.177 to port 8118 [T]	2020-01-10 08:20:46
123.145.34.88	attack	Unauthorized connection attempt detected from IP address 123.145.34.88 to port 8888	2020-01-04 08:58:49
123.145.30.125	attack	Unauthorized connection attempt detected from IP address 123.145.30.125 to port 8090	2020-01-01 21:56:18
123.145.33.181	attack	HTTP/80/443 Probe, BF, WP, Hack -	2019-12-26 04:17:52
123.145.39.53	attack	The IP has triggered Cloudflare WAF. CF-Ray: 5430f60b6b49e7bd \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: d.skk.moe \| User-Agent: Mozilla/5.084743666 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/17.17134 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 07:35:06
123.145.33.130	attackbots	The IP has triggered Cloudflare WAF. CF-Ray: 5433a96dbb9d77e8 \| WAF_Rule_ID: 1112825 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: ip.skk.moe \| User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Mobile Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 03:04:05
123.145.37.17	attackbotsspam	The IP has triggered Cloudflare WAF. CF-Ray: 54163cd0dc70eaf8 \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: api.skk.moe \| User-Agent: Mozilla/5.096783921 Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 05:17:26
123.145.37.197	attackspam	The IP has triggered Cloudflare WAF. CF-Ray: 5411e7afac829629 \| WAF_Rule_ID: 1112825 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: blog.skk.moe \| User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Mobile Safari/537.36 \| CF_DC: SJC. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 03:32:45

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 123.145.3.124
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 9043
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;123.145.3.124.			IN	A

;; AUTHORITY SECTION:
.			298	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022601 1800 900 604800 86400

;; Query time: 54 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 27 11:33:37 CST 2022
;; MSG SIZE  rcvd: 106

Host info

Host 124.3.145.123.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 124.3.145.123.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
84.101.59.202	attack	Nov 8 16:21:20 master sshd[23013]: Failed password for invalid user pi from 84.101.59.202 port 53662 ssh2 Nov 8 16:21:20 master sshd[23011]: Failed password for invalid user pi from 84.101.59.202 port 53656 ssh2	2019-11-09 02:10:31
191.109.60.120	attackspam	Automatic report - Port Scan Attack	2019-11-09 01:57:33
3.86.204.193	attack	2019-11-08 08:37:01 H=ec2-3-86-204-193.compute-1.amazonaws.com (phylobago.mysecuritycamera.org) [3.86.204.193]:43430 I=[192.147.25.65]:25 sender verify fail for : Unrouteable address 2019-11-08 08:37:01 H=ec2-3-86-204-193.compute-1.amazonaws.com (phylobago.mysecuritycamera.org) [3.86.204.193]:43430 I=[192.147.25.65]:25 F= rejected RCPT : Sender verify failed 2019-11-08 08:37:05 H=ec2-3-86-204-193.compute-1.amazonaws.com (phylobago.mysecuritycamera.org) [3.86.204.193]:35616 I=[192.147.25.65]:25 sender verify fail for : Unrouteable address 2019-11-08 08:37:05 H=ec2-3-86-204-193.compute-1.amazonaws.com (phylobago.mysecuritycamera.org) [3.86.204.193]:35616 I=[192.147.25.65]:25 F= rejected RCPT : Sender verify failed ...	2019-11-09 02:05:48
201.179.153.61	attackbotsspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/201.179.153.61/ AR - 1H : (46) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : AR NAME ASN : ASN22927 IP : 201.179.153.61 CIDR : 201.178.0.0/15 PREFIX COUNT : 244 UNIQUE IP COUNT : 4001024 ATTACKS DETECTED ASN22927 : 1H - 3 3H - 6 6H - 9 12H - 12 24H - 20 DateTime : 2019-11-08 15:36:48 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-11-09 02:13:28
62.167.15.204	attackbots	Nov815:47:17server2dovecot:imap-login:Abortedlogin\(authfailed\,1attemptsin2secs\):user=\\,method=PLAIN\,rip=62.167.15.204\,lip=81.17.25.230\,session=\Nov815:47:23server2dovecot:imap-login:Abortedlogin\(authfailed\,1attemptsin6secs\):user=\\,method=PLAIN\,rip=62.167.15.204\,lip=81.17.25.230\,session=\Nov815:47:34server2dovecot:imap-login:Abortedlogin\(authfailed\,1attemptsin6secs\):user=\\,method=PLAIN\,rip=62.167.15.204\,lip=81.17.25.230\,session=\Nov815:47:36server2dovecot:imap-login:Abortedlogin\(authfailed\,1attemptsin2secs\):user=\\,method=PLAIN\,rip=62.167.15.204\,lip=81.17.25.230\,session=\Nov815:52:21server2dovecot:imap-login:Abortedlogin\(authfailed\,1attemptsin2secs\):user=\\,method=PLAIN\,rip=62.167.15.204\,lip=81.17.25.230\,session=\Nov815:52:27server2dovecot:imap-login:Abortedlogin\(authfailed\,1attemptsin6secs\):user=\\	2019-11-09 01:56:45
5.189.170.13	attack	Automatic report - SSH Brute-Force Attack	2019-11-09 02:03:34
52.141.36.143	attack	2019-11-08T18:59:34.069273mail01 postfix/smtpd[10095]: warning: unknown[52.141.36.143]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-11-08T19:00:06.402646mail01 postfix/smtpd[10095]: warning: unknown[52.141.36.143]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-11-08T19:00:14.128366mail01 postfix/smtpd[3437]: warning: unknown[52.141.36.143]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2019-11-09 02:19:45
123.6.5.106	attack	Nov 8 18:51:54 MK-Soft-VM3 sshd[3291]: Failed password for root from 123.6.5.106 port 54801 ssh2 ...	2019-11-09 02:19:16
109.94.82.149	attack	2019-10-11 22:40:08,916 fail2ban.actions [843]: NOTICE [sshd] Ban 109.94.82.149 2019-10-12 01:48:57,349 fail2ban.actions [843]: NOTICE [sshd] Ban 109.94.82.149 2019-10-12 04:55:50,548 fail2ban.actions [843]: NOTICE [sshd] Ban 109.94.82.149 ...	2019-11-09 02:09:18
27.155.99.161	attack	Nov 8 18:13:29 SilenceServices sshd[12934]: Failed password for root from 27.155.99.161 port 39932 ssh2 Nov 8 18:19:38 SilenceServices sshd[17008]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.155.99.161 Nov 8 18:19:40 SilenceServices sshd[17008]: Failed password for invalid user nancys from 27.155.99.161 port 58566 ssh2	2019-11-09 02:26:17
119.193.27.90	attackspambots	Lines containing failures of 119.193.27.90 Nov 7 13:39:21 shared10 sshd[31236]: Invalid user admin from 119.193.27.90 port 54025 Nov 7 13:39:21 shared10 sshd[31236]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.193.27.90 Nov 7 13:39:24 shared10 sshd[31236]: Failed password for invalid user admin from 119.193.27.90 port 54025 ssh2 Nov 7 13:39:24 shared10 sshd[31236]: Connection closed by invalid user admin 119.193.27.90 port 54025 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=119.193.27.90	2019-11-09 02:08:55
58.248.254.124	attackbots	Nov 8 18:54:21 nextcloud sshd\[13327\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.248.254.124 user=root Nov 8 18:54:23 nextcloud sshd\[13327\]: Failed password for root from 58.248.254.124 port 57421 ssh2 Nov 8 19:04:15 nextcloud sshd\[27608\]: Invalid user yg from 58.248.254.124 Nov 8 19:04:15 nextcloud sshd\[27608\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.248.254.124 ...	2019-11-09 02:18:19
89.248.168.202	attack	11/08/2019-17:13:42.804188 89.248.168.202 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-11-09 01:51:57
188.35.187.50	attackbots	Nov 8 18:25:03 sd-53420 sshd\[1316\]: User root from 188.35.187.50 not allowed because none of user's groups are listed in AllowGroups Nov 8 18:25:03 sd-53420 sshd\[1316\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.35.187.50 user=root Nov 8 18:25:05 sd-53420 sshd\[1316\]: Failed password for invalid user root from 188.35.187.50 port 52076 ssh2 Nov 8 18:29:08 sd-53420 sshd\[2537\]: Invalid user comdd from 188.35.187.50 Nov 8 18:29:08 sd-53420 sshd\[2537\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.35.187.50 ...	2019-11-09 02:00:28
121.140.165.67	attack	Telnetd brute force attack detected by fail2ban	2019-11-09 01:59:54

Recently Reported IPs

123.145.28.242	123.145.29.162	123.145.3.149	123.145.30.181
123.145.32.185	123.145.31.102	123.145.35.144	123.145.3.219
123.145.38.110	123.145.30.97	123.145.38.178	123.145.38.195
123.145.39.232	123.145.4.199	123.145.6.132	123.145.4.72
123.145.6.134	123.145.7.226	123.145.7.44	123.145.7.250