123.149.137.230

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
123.149.137.105	attackspambots	Sep 1 13:29:22 shivevps sshd[28985]: Did not receive identification string from 123.149.137.105 port 35294 ...	2020-09-02 02:39:20
123.149.137.150	attackbotsspam	Sep 1 13:30:30 shivevps sshd[29993]: Did not receive identification string from 123.149.137.150 port 58782 ...	2020-09-02 01:23:35
123.149.137.120	attackbots	Aug 26 04:40:51 shivevps sshd[24711]: Bad protocol version identification '\024' from 123.149.137.120 port 48668 Aug 26 04:41:00 shivevps sshd[24825]: Bad protocol version identification '\024' from 123.149.137.120 port 48734 Aug 26 04:41:06 shivevps sshd[25092]: Bad protocol version identification '\024' from 123.149.137.120 port 48814 Aug 26 04:41:16 shivevps sshd[25457]: Bad protocol version identification '\024' from 123.149.137.120 port 49028 ...	2020-08-26 15:16:12
123.149.137.88	attack	[Mon Feb 10 14:38:25.501730 2020] [evasive20:error] [pid 11907] [client 123.149.137.88:56224] client denied by server configuration: /var/www/html/webadmin [Mon Feb 10 14:38:26.887926 2020] [evasive20:error] [pid 13619] [client 123.149.137.88:56220] client denied by server configuration: /var/www/html/webadmin [Mon Feb 10 14:38:27.705328 2020] [evasive20:error] [pid 13660] [client 123.149.137.88:56208] client denied by server configuration: /var/www/html/webadmin [Mon Feb 10 14:38:27.955381 2020] [evasive20:error] [pid 13660] [client 123.149.137.88:56208] client denied by server configuration: /var/www/html/webadmin [Mon Feb 10 14:38:28.723840 2020] [evasive20:error] [pid 13660] [client 123.149.137.88:56208] client denied by server configuration: /var/www/html/webadmin ...	2020-02-11 02:50:07

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 123.149.137.230
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 28460
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;123.149.137.230.		IN	A

;; AUTHORITY SECTION:
.			519	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022030901 1800 900 604800 86400

;; Query time: 19 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Mar 10 05:59:24 CST 2022
;; MSG SIZE  rcvd: 108

Host info

Host 230.137.149.123.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 230.137.149.123.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
116.196.101.168	attackbots	Aug 8 02:21:38 fhem-rasp sshd[26871]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.101.168 user=root Aug 8 02:21:40 fhem-rasp sshd[26871]: Failed password for root from 116.196.101.168 port 50456 ssh2 ...	2020-08-08 08:31:45
222.186.190.17	attack	Aug 8 02:16:10 alpha sshd[13291]: Unable to negotiate with 222.186.190.17 port 40262: no matching host key type found. Their offer: ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-rsa,ssh-dss [preauth] Aug 8 02:17:14 alpha sshd[13300]: Unable to negotiate with 222.186.190.17 port 41553: no matching host key type found. Their offer: ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-rsa,ssh-dss [preauth] Aug 8 02:18:23 alpha sshd[13302]: Unable to negotiate with 222.186.190.17 port 45643: no matching host key type found. Their offer: ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-rsa,ssh-dss [preauth]	2020-08-08 08:30:12
191.33.170.162	attack	Automated report (2020-08-08T04:24:02+08:00). Referrer spam originating from this address detected (anti-crisis-seo.com).	2020-08-08 08:06:52
212.129.59.36	attack	212.129.59.36 - - [07/Aug/2020:23:13:33 +0100] "POST /wp-login.php HTTP/1.1" 200 2091 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 212.129.59.36 - - [07/Aug/2020:23:13:34 +0100] "POST /wp-login.php HTTP/1.1" 200 2092 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 212.129.59.36 - - [07/Aug/2020:23:13:34 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-08 08:14:46
182.61.6.64	attack	Aug 8 01:03:25 host sshd[12609]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.6.64 user=root Aug 8 01:03:28 host sshd[12609]: Failed password for root from 182.61.6.64 port 57264 ssh2 ...	2020-08-08 08:13:58
113.161.144.254	attackbots	Lines containing failures of 113.161.144.254 Aug 6 03:31:04 jarvis sshd[7253]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.161.144.254 user=r.r Aug 6 03:31:06 jarvis sshd[7253]: Failed password for r.r from 113.161.144.254 port 37814 ssh2 Aug 6 03:31:08 jarvis sshd[7253]: Received disconnect from 113.161.144.254 port 37814:11: Bye Bye [preauth] Aug 6 03:31:08 jarvis sshd[7253]: Disconnected from authenticating user r.r 113.161.144.254 port 37814 [preauth] Aug 6 03:44:36 jarvis sshd[8041]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.161.144.254 user=r.r Aug 6 03:44:38 jarvis sshd[8041]: Failed password for r.r from 113.161.144.254 port 35830 ssh2 Aug 6 03:44:39 jarvis sshd[8041]: Received disconnect from 113.161.144.254 port 35830:11: Bye Bye [preauth] Aug 6 03:44:39 jarvis sshd[8041]: Disconnected from authenticating user r.r 113.161.144.254 port 35830 [preauth] Aug ........ ------------------------------	2020-08-08 08:11:15
114.143.139.222	attack	Aug 8 00:58:57 root sshd[1849]: Failed password for root from 114.143.139.222 port 56056 ssh2 Aug 8 01:08:28 root sshd[3174]: Failed password for root from 114.143.139.222 port 44870 ssh2 ...	2020-08-08 08:09:32
106.51.113.15	attack	Aug 7 22:33:43 sshd\[22951\]: User root from 106.51.113.15 not allowed because not listed in AllowUsersAug 7 22:33:46 sshd\[22951\]: Failed password for invalid user root from 106.51.113.15 port 39723 ssh2 ...	2020-08-08 08:26:18
62.210.149.30	attackspambots	[2020-08-07 23:54:06] NOTICE[1248][C-00004bd2] chan_sip.c: Call from '' (62.210.149.30:60427) to extension '007441301715509' rejected because extension not found in context 'public'. [2020-08-07 23:54:06] SECURITY[1275] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-08-07T23:54:06.568-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="007441301715509",SessionID="0x7f272021cc58",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/62.210.149.30/60427",ACLName="no_extension_match" [2020-08-07 23:59:21] NOTICE[1248][C-00004bd4] chan_sip.c: Call from '' (62.210.149.30:62833) to extension '002441301715509' rejected because extension not found in context 'public'. [2020-08-07 23:59:21] SECURITY[1275] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-08-07T23:59:21.664-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="002441301715509",SessionID="0x7f2720259e98",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/ ...	2020-08-08 12:08:01
222.186.173.142	attackspam	Aug 8 02:21:15 Ubuntu-1404-trusty-64-minimal sshd\[7568\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.142 user=root Aug 8 02:21:17 Ubuntu-1404-trusty-64-minimal sshd\[7568\]: Failed password for root from 222.186.173.142 port 18832 ssh2 Aug 8 02:21:33 Ubuntu-1404-trusty-64-minimal sshd\[7668\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.142 user=root Aug 8 02:21:35 Ubuntu-1404-trusty-64-minimal sshd\[7668\]: Failed password for root from 222.186.173.142 port 23690 ssh2 Aug 8 02:21:55 Ubuntu-1404-trusty-64-minimal sshd\[7755\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.142 user=root	2020-08-08 08:23:11
106.55.37.132	attackbots	IP blocked	2020-08-08 08:31:27
128.199.65.185	attack	Lines containing failures of 128.199.65.185 Aug 6 10:56:47 jarvis sshd[445]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.65.185 user=r.r Aug 6 10:56:49 jarvis sshd[445]: Failed password for r.r from 128.199.65.185 port 34106 ssh2 Aug 6 10:56:51 jarvis sshd[445]: Received disconnect from 128.199.65.185 port 34106:11: Bye Bye [preauth] Aug 6 10:56:51 jarvis sshd[445]: Disconnected from authenticating user r.r 128.199.65.185 port 34106 [preauth] Aug 6 11:02:04 jarvis sshd[706]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.65.185 user=r.r Aug 6 11:02:07 jarvis sshd[706]: Failed password for r.r from 128.199.65.185 port 45968 ssh2 Aug 6 11:02:08 jarvis sshd[706]: Received disconnect from 128.199.65.185 port 45968:11: Bye Bye [preauth] Aug 6 11:02:08 jarvis sshd[706]: Disconnected from authenticating user r.r 128.199.65.185 port 45968 [preauth] Aug 6 11:04:39 jarvi........ ------------------------------	2020-08-08 08:18:14
79.54.18.135	attack	Aug 8 06:03:03 cosmoit sshd[15472]: Failed password for root from 79.54.18.135 port 60434 ssh2	2020-08-08 12:07:39
202.155.228.207	attackspam	2020-08-07T22:17:24.775449amanda2.illicoweb.com sshd\[28318\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.155.228.207 user=root 2020-08-07T22:17:26.216802amanda2.illicoweb.com sshd\[28318\]: Failed password for root from 202.155.228.207 port 58550 ssh2 2020-08-07T22:20:32.398492amanda2.illicoweb.com sshd\[28808\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.155.228.207 user=root 2020-08-07T22:20:34.646953amanda2.illicoweb.com sshd\[28808\]: Failed password for root from 202.155.228.207 port 34510 ssh2 2020-08-07T22:23:55.805097amanda2.illicoweb.com sshd\[29397\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.155.228.207 user=root ...	2020-08-08 08:09:51
112.172.147.34	attackbots	Aug 8 05:56:25 piServer sshd[8577]: Failed password for root from 112.172.147.34 port 41350 ssh2 Aug 8 05:57:52 piServer sshd[8721]: Failed password for root from 112.172.147.34 port 62006 ssh2 ...	2020-08-08 12:10:48

Recently Reported IPs

123.149.137.229	123.149.137.235	123.149.137.237	123.149.137.239
233.149.233.175	123.149.137.24	28.234.101.125	123.149.137.241
123.149.137.243	123.149.137.244	123.149.137.247	123.149.137.249
123.149.137.250	123.149.137.252	123.149.137.254	123.149.137.27
123.149.137.28	123.149.137.35	123.149.137.36	123.149.137.38