123.148.245.140

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: China Network Communications Group Corporation

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	fail2ban honeypot	2019-12-23 16:49:08

Comments on same subnet:

IP	Type	Details	Datetime
123.148.245.100	attack	Bad_requests	2020-03-20 16:30:46
123.148.245.217	attackbotsspam	Automatic report - XMLRPC Attack	2020-03-18 16:39:28
123.148.245.30	attackspambots	Bad_requests	2020-03-09 14:08:28
123.148.245.211	attack	Wordpress_xmlrpc_attack	2020-03-06 23:58:15
123.148.245.49	attack	123.148.245.49 - - [21/Dec/2019:00:37:30 +0000] "POST /xmlrpc.php HTTP/1.1" 301 596 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36" 123.148.245.49 - - [21/Dec/2019:00:37:30 +0000] "POST /xmlrpc.php HTTP/1.1" 301 596 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36" ...	2020-03-03 23:49:22
123.148.245.29	attack	xmlrpc attack	2020-02-22 13:12:28
123.148.245.5	attackbotsspam	Wordpress_xmlrpc_attack	2020-01-31 16:26:48
123.148.245.200	attack	WordPress brute force	2019-12-17 05:48:22
123.148.245.77	attackspambots	WordPress brute force	2019-12-17 05:45:29
123.148.245.121	attackbotsspam	Automatic report generated by Wazuh	2019-09-11 11:31:44
123.148.245.143	attackbotsspam	[Sat Aug 03 05:44:04.426691 2019] [access_compat:error] [pid 1120] [client 123.148.245.143:61185] AH01797: client denied by server configuration: /var/www/html/luke/wp-login.php ...	2019-08-03 19:05:22

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 123.148.245.140
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 3227
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;123.148.245.140.		IN	A

;; AUTHORITY SECTION:
.			570	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019122300 1800 900 604800 86400

;; Query time: 62 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Dec 23 16:49:05 CST 2019
;; MSG SIZE  rcvd: 119

Host info

Host 140.245.148.123.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 140.245.148.123.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
1.34.128.245	attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-15 09:37:08
51.178.49.23	attackbotsspam	Feb 15 02:44:49 vps691689 sshd[19491]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.178.49.23 Feb 15 02:44:50 vps691689 sshd[19491]: Failed password for invalid user julio from 51.178.49.23 port 58664 ssh2 ...	2020-02-15 10:01:21
115.159.101.174	attack	Feb 15 03:35:48 pkdns2 sshd\[18558\]: Invalid user luat from 115.159.101.174Feb 15 03:35:50 pkdns2 sshd\[18558\]: Failed password for invalid user luat from 115.159.101.174 port 42648 ssh2Feb 15 03:40:03 pkdns2 sshd\[18685\]: Invalid user solr from 115.159.101.174Feb 15 03:40:05 pkdns2 sshd\[18685\]: Failed password for invalid user solr from 115.159.101.174 port 58351 ssh2Feb 15 03:44:40 pkdns2 sshd\[18869\]: Invalid user fc from 115.159.101.174Feb 15 03:44:41 pkdns2 sshd\[18869\]: Failed password for invalid user fc from 115.159.101.174 port 45830 ssh2 ...	2020-02-15 10:07:18
125.25.91.170	attackspam	Honeypot attack, port: 81, PTR: node-i3u.pool-125-25.dynamic.totinternet.net.	2020-02-15 09:59:32
35.208.201.252	attackbotsspam	Sql/code injection probe	2020-02-15 09:43:44
94.179.129.93	attack	fraudulent SSH attempt	2020-02-15 10:18:39
95.84.157.24	attackspambots	fraudulent SSH attempt	2020-02-15 09:55:41
192.99.212.202	attack	Brute forcing email accounts	2020-02-15 09:47:45
222.186.31.83	attack	Feb 15 02:32:10 rotator sshd\[23260\]: Failed password for root from 222.186.31.83 port 59769 ssh2Feb 15 02:32:12 rotator sshd\[23260\]: Failed password for root from 222.186.31.83 port 59769 ssh2Feb 15 02:32:14 rotator sshd\[23260\]: Failed password for root from 222.186.31.83 port 59769 ssh2Feb 15 02:33:15 rotator sshd\[23270\]: Failed password for root from 222.186.31.83 port 31016 ssh2Feb 15 02:33:17 rotator sshd\[23270\]: Failed password for root from 222.186.31.83 port 31016 ssh2Feb 15 02:33:18 rotator sshd\[23270\]: Failed password for root from 222.186.31.83 port 31016 ssh2 ...	2020-02-15 09:45:29
222.186.3.249	attack	Feb 15 02:16:24 minden010 sshd[19373]: Failed password for root from 222.186.3.249 port 47678 ssh2 Feb 15 02:16:27 minden010 sshd[19373]: Failed password for root from 222.186.3.249 port 47678 ssh2 Feb 15 02:16:29 minden010 sshd[19373]: Failed password for root from 222.186.3.249 port 47678 ssh2 ...	2020-02-15 09:39:52
42.119.239.200	attack	1581718930 - 02/14/2020 23:22:10 Host: 42.119.239.200/42.119.239.200 Port: 445 TCP Blocked	2020-02-15 10:03:21
1.20.85.208	attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-15 10:04:59
91.144.135.133	attackbots	Honeypot attack, port: 81, PTR: 91x144x135x133.static-business.chel.ertelecom.ru.	2020-02-15 09:43:30
94.254.109.128	attackspambots	Feb 14 23:53:03 vserver sshd\[13439\]: Failed password for root from 94.254.109.128 port 51336 ssh2Feb 14 23:55:23 vserver sshd\[13462\]: Invalid user service from 94.254.109.128Feb 14 23:55:25 vserver sshd\[13462\]: Failed password for invalid user service from 94.254.109.128 port 37176 ssh2Feb 14 23:57:43 vserver sshd\[13470\]: Invalid user guest from 94.254.109.128 ...	2020-02-15 10:00:42
111.68.98.152	attack	Feb 14 23:48:13 legacy sshd[11281]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.68.98.152 Feb 14 23:48:14 legacy sshd[11281]: Failed password for invalid user albert from 111.68.98.152 port 38072 ssh2 Feb 14 23:51:56 legacy sshd[11444]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.68.98.152 ...	2020-02-15 09:42:55

Recently Reported IPs

197.38.140.67	189.27.15.99	156.213.122.136	119.165.25.122
218.4.8.18	156.196.188.149	197.58.239.240	156.203.168.209
185.94.213.218	41.239.41.131	132.255.171.131	156.206.12.138
115.88.201.13	41.235.41.117	117.97.180.91	171.253.56.27
156.197.122.163	1.10.133.120	104.168.141.84	156.211.108.204