123.148.245.143

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: China Network Communications Group Corporation

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	[Sat Aug 03 05:44:04.426691 2019] [access_compat:error] [pid 1120] [client 123.148.245.143:61185] AH01797: client denied by server configuration: /var/www/html/luke/wp-login.php ...	2019-08-03 19:05:22

Comments on same subnet:

IP	Type	Details	Datetime
123.148.245.100	attack	Bad_requests	2020-03-20 16:30:46
123.148.245.217	attackbotsspam	Automatic report - XMLRPC Attack	2020-03-18 16:39:28
123.148.245.30	attackspambots	Bad_requests	2020-03-09 14:08:28
123.148.245.211	attack	Wordpress_xmlrpc_attack	2020-03-06 23:58:15
123.148.245.49	attack	123.148.245.49 - - [21/Dec/2019:00:37:30 +0000] "POST /xmlrpc.php HTTP/1.1" 301 596 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36" 123.148.245.49 - - [21/Dec/2019:00:37:30 +0000] "POST /xmlrpc.php HTTP/1.1" 301 596 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36" ...	2020-03-03 23:49:22
123.148.245.29	attack	xmlrpc attack	2020-02-22 13:12:28
123.148.245.5	attackbotsspam	Wordpress_xmlrpc_attack	2020-01-31 16:26:48
123.148.245.140	attackbots	fail2ban honeypot	2019-12-23 16:49:08
123.148.245.200	attack	WordPress brute force	2019-12-17 05:48:22
123.148.245.77	attackspambots	WordPress brute force	2019-12-17 05:45:29
123.148.245.121	attackbotsspam	Automatic report generated by Wazuh	2019-09-11 11:31:44

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 123.148.245.143
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 34371
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;123.148.245.143.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019080300 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Aug 03 19:05:15 CST 2019
;; MSG SIZE  rcvd: 119

Host info

Host 143.245.148.123.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 143.245.148.123.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
216.6.201.3	attack	Mar 1 15:26:33 h2177944 sshd\[616\]: Invalid user pi from 216.6.201.3 port 34615 Mar 1 15:26:33 h2177944 sshd\[616\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=216.6.201.3 Mar 1 15:26:35 h2177944 sshd\[616\]: Failed password for invalid user pi from 216.6.201.3 port 34615 ssh2 Mar 1 15:29:09 h2177944 sshd\[677\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=216.6.201.3 user=root ...	2020-03-01 22:29:16
104.238.59.136	attackbotsspam	[portscan] Port scan	2020-03-01 22:18:37
195.181.166.145	attack	(From chazdear14@hotmail.co.uk) LАZY wаy fоr $200 in 20 mins: http://dfylxoggi.justinlist.org/bd692b23	2020-03-01 22:22:54
115.152.56.204	attackspambots	Honeypot attack, port: 5555, PTR: PTR record not found	2020-03-01 22:38:55
141.98.10.137	attackbotsspam	Rude login attack (76 tries in 1d)	2020-03-01 22:36:31
222.186.173.142	attackspam	pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.142 user=root Failed password for root from 222.186.173.142 port 61748 ssh2 Failed password for root from 222.186.173.142 port 61748 ssh2 Failed password for root from 222.186.173.142 port 61748 ssh2 Failed password for root from 222.186.173.142 port 61748 ssh2	2020-03-01 22:22:16
222.186.30.218	attack	Fail2Ban Ban Triggered (2)	2020-03-01 22:24:48
103.40.226.168	attackbotsspam	Mar 1 04:52:32 our-server-hostname postfix/smtpd[14087]: connect from unknown[103.40.226.168] Mar x@x Mar 1 04:52:33 our-server-hostname postfix/smtpd[14087]: disconnect from unknown[103.40.226.168] Mar 1 04:52:36 our-server-hostname postfix/smtpd[13397]: connect from unknown[103.40.226.168] Mar x@x Mar 1 04:52:37 our-server-hostname postfix/smtpd[13397]: disconnect from unknown[103.40.226.168] Mar 1 04:53:13 our-server-hostname postfix/smtpd[14084]: connect from unknown[103.40.226.168] Mar x@x Mar 1 04:53:14 our-server-hostname postfix/smtpd[14084]: disconnect from unknown[103.40.226.168] Mar 1 04:55:01 our-server-hostname postfix/smtpd[13397]: connect from unknown[103.40.226.168] Mar x@x Mar 1 04:55:02 our-server-hostname postfix/smtpd[13397]: disconnect from unknown[103.40.226.168] Mar 1 04:57:16 our-server-hostname postfix/smtpd[13355]: connect from unknown[103.40.226.168] Mar x@x Mar 1 04:57:17 our-server-hostname postfix/smtpd[13355]: disconnect from unk........ -------------------------------	2020-03-01 22:44:18
1.245.61.144	attack	Mar 1 15:30:45 localhost sshd\[6380\]: Invalid user alma from 1.245.61.144 port 12788 Mar 1 15:30:45 localhost sshd\[6380\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.245.61.144 Mar 1 15:30:47 localhost sshd\[6380\]: Failed password for invalid user alma from 1.245.61.144 port 12788 ssh2	2020-03-01 22:35:41
1.1.129.240	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-03-01 22:39:18
142.93.130.58	attackbotsspam	Mar 1 04:31:05 wbs sshd\[16416\]: Invalid user ts from 142.93.130.58 Mar 1 04:31:05 wbs sshd\[16416\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.130.58 Mar 1 04:31:07 wbs sshd\[16416\]: Failed password for invalid user ts from 142.93.130.58 port 59294 ssh2 Mar 1 04:39:21 wbs sshd\[17123\]: Invalid user kafka from 142.93.130.58 Mar 1 04:39:21 wbs sshd\[17123\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.130.58	2020-03-01 22:48:03
195.208.185.27	attackspambots	Mar 1 14:51:16 xeon sshd[24977]: Failed password for invalid user nathan from 195.208.185.27 port 59933 ssh2	2020-03-01 22:22:35
218.250.245.238	attackbots	Port probing on unauthorized port 5555	2020-03-01 22:31:02
49.235.133.208	attackspambots	Mar 1 10:08:58 server sshd\[27441\]: Failed password for invalid user tom from 49.235.133.208 port 27211 ssh2 Mar 1 16:14:49 server sshd\[28508\]: Invalid user musicbot from 49.235.133.208 Mar 1 16:14:49 server sshd\[28508\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.133.208 Mar 1 16:14:51 server sshd\[28508\]: Failed password for invalid user musicbot from 49.235.133.208 port 22453 ssh2 Mar 1 16:26:03 server sshd\[30960\]: Invalid user opensource from 49.235.133.208 Mar 1 16:26:03 server sshd\[30960\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.133.208 ...	2020-03-01 22:04:02
91.121.211.34	attackspambots	Mar 1 15:26:26 vps647732 sshd[26094]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.121.211.34 Mar 1 15:26:27 vps647732 sshd[26094]: Failed password for invalid user mattermos from 91.121.211.34 port 32892 ssh2 ...	2020-03-01 22:48:33

Recently Reported IPs

45.4.219.156	156.221.155.184	117.10.29.231	72.200.56.121
104.223.79.39	194.61.24.123	82.102.14.38	184.148.249.38
185.143.221.103	42.87.2.161	125.84.236.38	176.42.189.229
188.106.43.213	133.242.17.9	101.108.119.252	69.27.180.222
157.25.160.75	39.169.212.140	80.70.105.194	128.164.252.59