123.21.146.248

Basic Info

City: unknown

Region: unknown

Country: Viet Nam

Internet Service Provider: Vietnam Posts and Telecommunications Group

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	[portscan] Port scan	2019-09-08 19:25:22

Comments on same subnet:

IP	Type	Details	Datetime
123.21.146.156	attackbotsspam	Brute force attempt	2020-02-20 07:59:23

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 123.21.146.248
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 56028
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;123.21.146.248.			IN	A

;; AUTHORITY SECTION:
.			2394	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019090800 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Sep 08 19:25:14 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 248.146.21.123.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 248.146.21.123.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
122.116.128.193	attack	Honeypot attack, port: 23, PTR: 122-116-128-193.HINET-IP.hinet.net.	2020-01-04 18:05:55
45.136.108.124	attackspambots	Jan 4 09:38:34 h2177944 kernel: \[1325706.139760\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.108.124 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=36078 PROTO=TCP SPT=41385 DPT=8432 WINDOW=1024 RES=0x00 SYN URGP=0 Jan 4 09:38:34 h2177944 kernel: \[1325706.139775\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.108.124 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=36078 PROTO=TCP SPT=41385 DPT=8432 WINDOW=1024 RES=0x00 SYN URGP=0 Jan 4 10:16:32 h2177944 kernel: \[1327983.640619\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.108.124 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=54377 PROTO=TCP SPT=41385 DPT=7408 WINDOW=1024 RES=0x00 SYN URGP=0 Jan 4 10:35:36 h2177944 kernel: \[1329127.277076\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.108.124 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=5062 PROTO=TCP SPT=41385 DPT=7791 WINDOW=1024 RES=0x00 SYN URGP=0 Jan 4 10:35:36 h2177944 kernel: \[1329127.277091\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.108.124 DST=85.214.1	2020-01-04 17:48:09
198.245.50.208	attack	Automatic report - XMLRPC Attack	2020-01-04 18:01:58
202.153.40.26	attackbots	Honeypot attack, port: 5555, PTR: PTR record not found	2020-01-04 17:45:06
13.64.18.44	attackspambots	Automatic report - SSH Brute-Force Attack	2020-01-04 17:39:19
106.12.36.21	attackbotsspam	Jan 4 10:42:51 lnxweb61 sshd[31826]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.36.21 Jan 4 10:42:51 lnxweb61 sshd[31826]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.36.21	2020-01-04 17:57:24
103.15.226.14	attackspam	103.15.226.14 - - \[04/Jan/2020:08:46:22 +0100\] "POST /wp-login.php HTTP/1.0" 200 4404 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 103.15.226.14 - - \[04/Jan/2020:08:46:26 +0100\] "POST /wp-login.php HTTP/1.0" 200 4236 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 103.15.226.14 - - \[04/Jan/2020:08:46:28 +0100\] "POST /xmlrpc.php HTTP/1.0" 200 736 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2020-01-04 17:42:59
35.195.198.163	attackspam	Unauthorized connection attempt detected from IP address 35.195.198.163 to port 23	2020-01-04 17:56:31
62.165.30.221	attackspambots	Jan 4 04:17:42 debian sshd[27780]: Unable to negotiate with 62.165.30.221 port 32718: no matching key exchange method found. Their offer: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 [preauth] Jan 4 04:20:46 debian sshd[27902]: Unable to negotiate with 62.165.30.221 port 51711: no matching key exchange method found. Their offer: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 [preauth] ...	2020-01-04 17:35:11
110.169.65.35	attack	Honeypot attack, port: 23, PTR: cm-110-169-65-35.revip16.asianet.co.th.	2020-01-04 17:23:57
52.143.140.24	attackbotsspam	Jan 3 20:30:08 php1 sshd\[9187\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.143.140.24 user=aiohawaii Jan 3 20:30:10 php1 sshd\[9187\]: Failed password for aiohawaii from 52.143.140.24 port 52518 ssh2 Jan 3 20:30:41 php1 sshd\[9212\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.143.140.24 user=aiohawaii Jan 3 20:30:43 php1 sshd\[9212\]: Failed password for aiohawaii from 52.143.140.24 port 59810 ssh2 Jan 3 20:30:54 php1 sshd\[9234\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.143.140.24 user=aiohawaii	2020-01-04 17:29:38
222.186.173.215	attack	Jan 4 14:42:14 gw1 sshd[4855]: Failed password for root from 222.186.173.215 port 4298 ssh2 Jan 4 14:42:28 gw1 sshd[4855]: error: maximum authentication attempts exceeded for root from 222.186.173.215 port 4298 ssh2 [preauth] ...	2020-01-04 17:50:48
42.117.244.163	attackbots	Unauthorized connection attempt detected from IP address 42.117.244.163 to port 23	2020-01-04 17:43:29
93.117.162.126	attack	Telnet/23 MH Probe, BF, Hack -	2020-01-04 18:04:17
86.188.246.2	attackbotsspam	Jan 4 07:02:10 plex sshd[32603]: Invalid user ow from 86.188.246.2 port 53956	2020-01-04 17:30:40

Recently Reported IPs

39.45.31.246	177.237.16.99	143.201.229.119	138.99.15.194
138.68.208.242	157.19.150.138	17.205.18.18	68.43.23.44
50.17.18.39	198.27.90.106	115.28.101.19	91.192.5.106
171.234.25.61	202.185.153.245	138.68.208.186	46.4.162.116
166.254.3.158	147.234.62.4	48.191.218.3	48.113.136.0