122.138.112.124

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): China Unicom Jilin Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	(Sep 6) LEN=40 TTL=46 ID=8879 TCP DPT=8080 WINDOW=37603 SYN (Sep 6) LEN=40 TTL=46 ID=50411 TCP DPT=8080 WINDOW=37603 SYN (Sep 6) LEN=40 TTL=46 ID=65207 TCP DPT=8080 WINDOW=8004 SYN (Sep 5) LEN=40 TTL=46 ID=48205 TCP DPT=8080 WINDOW=20018 SYN (Sep 5) LEN=40 TTL=46 ID=50323 TCP DPT=8080 WINDOW=50743 SYN (Sep 5) LEN=40 TTL=46 ID=48465 TCP DPT=8080 WINDOW=18102 SYN (Sep 5) LEN=40 TTL=46 ID=34321 TCP DPT=8080 WINDOW=18102 SYN (Sep 4) LEN=40 TTL=46 ID=58656 TCP DPT=8080 WINDOW=50743 SYN (Sep 4) LEN=40 TTL=46 ID=50751 TCP DPT=8080 WINDOW=1451 SYN (Sep 4) LEN=40 TTL=46 ID=36006 TCP DPT=8080 WINDOW=18102 SYN (Sep 3) LEN=40 TTL=46 ID=25520 TCP DPT=8080 WINDOW=18102 SYN	2020-09-07 22:26:43
attackbots	(Sep 6) LEN=40 TTL=46 ID=8879 TCP DPT=8080 WINDOW=37603 SYN (Sep 6) LEN=40 TTL=46 ID=50411 TCP DPT=8080 WINDOW=37603 SYN (Sep 6) LEN=40 TTL=46 ID=65207 TCP DPT=8080 WINDOW=8004 SYN (Sep 5) LEN=40 TTL=46 ID=48205 TCP DPT=8080 WINDOW=20018 SYN (Sep 5) LEN=40 TTL=46 ID=50323 TCP DPT=8080 WINDOW=50743 SYN (Sep 5) LEN=40 TTL=46 ID=48465 TCP DPT=8080 WINDOW=18102 SYN (Sep 5) LEN=40 TTL=46 ID=34321 TCP DPT=8080 WINDOW=18102 SYN (Sep 4) LEN=40 TTL=46 ID=58656 TCP DPT=8080 WINDOW=50743 SYN (Sep 4) LEN=40 TTL=46 ID=50751 TCP DPT=8080 WINDOW=1451 SYN (Sep 4) LEN=40 TTL=46 ID=36006 TCP DPT=8080 WINDOW=18102 SYN (Sep 3) LEN=40 TTL=46 ID=25520 TCP DPT=8080 WINDOW=18102 SYN	2020-09-07 14:09:03
attack	(Sep 6) LEN=40 TTL=46 ID=8879 TCP DPT=8080 WINDOW=37603 SYN (Sep 6) LEN=40 TTL=46 ID=50411 TCP DPT=8080 WINDOW=37603 SYN (Sep 6) LEN=40 TTL=46 ID=65207 TCP DPT=8080 WINDOW=8004 SYN (Sep 5) LEN=40 TTL=46 ID=48205 TCP DPT=8080 WINDOW=20018 SYN (Sep 5) LEN=40 TTL=46 ID=50323 TCP DPT=8080 WINDOW=50743 SYN (Sep 5) LEN=40 TTL=46 ID=48465 TCP DPT=8080 WINDOW=18102 SYN (Sep 5) LEN=40 TTL=46 ID=34321 TCP DPT=8080 WINDOW=18102 SYN (Sep 4) LEN=40 TTL=46 ID=58656 TCP DPT=8080 WINDOW=50743 SYN (Sep 4) LEN=40 TTL=46 ID=50751 TCP DPT=8080 WINDOW=1451 SYN (Sep 4) LEN=40 TTL=46 ID=36006 TCP DPT=8080 WINDOW=18102 SYN (Sep 3) LEN=40 TTL=46 ID=25520 TCP DPT=8080 WINDOW=18102 SYN	2020-09-07 06:41:38

类型

评论内容

时间

attackspam

(Sep  6)  LEN=40 TTL=46 ID=8879 TCP DPT=8080 WINDOW=37603 SYN 
 (Sep  6)  LEN=40 TTL=46 ID=50411 TCP DPT=8080 WINDOW=37603 SYN 
 (Sep  6)  LEN=40 TTL=46 ID=65207 TCP DPT=8080 WINDOW=8004 SYN 
 (Sep  5)  LEN=40 TTL=46 ID=48205 TCP DPT=8080 WINDOW=20018 SYN 
 (Sep  5)  LEN=40 TTL=46 ID=50323 TCP DPT=8080 WINDOW=50743 SYN 
 (Sep  5)  LEN=40 TTL=46 ID=48465 TCP DPT=8080 WINDOW=18102 SYN 
 (Sep  5)  LEN=40 TTL=46 ID=34321 TCP DPT=8080 WINDOW=18102 SYN 
 (Sep  4)  LEN=40 TTL=46 ID=58656 TCP DPT=8080 WINDOW=50743 SYN 
 (Sep  4)  LEN=40 TTL=46 ID=50751 TCP DPT=8080 WINDOW=1451 SYN 
 (Sep  4)  LEN=40 TTL=46 ID=36006 TCP DPT=8080 WINDOW=18102 SYN 
 (Sep  3)  LEN=40 TTL=46 ID=25520 TCP DPT=8080 WINDOW=18102 SYN

2020-09-07 22:26:43

attackbots

(Sep  6)  LEN=40 TTL=46 ID=8879 TCP DPT=8080 WINDOW=37603 SYN 
 (Sep  6)  LEN=40 TTL=46 ID=50411 TCP DPT=8080 WINDOW=37603 SYN 
 (Sep  6)  LEN=40 TTL=46 ID=65207 TCP DPT=8080 WINDOW=8004 SYN 
 (Sep  5)  LEN=40 TTL=46 ID=48205 TCP DPT=8080 WINDOW=20018 SYN 
 (Sep  5)  LEN=40 TTL=46 ID=50323 TCP DPT=8080 WINDOW=50743 SYN 
 (Sep  5)  LEN=40 TTL=46 ID=48465 TCP DPT=8080 WINDOW=18102 SYN 
 (Sep  5)  LEN=40 TTL=46 ID=34321 TCP DPT=8080 WINDOW=18102 SYN 
 (Sep  4)  LEN=40 TTL=46 ID=58656 TCP DPT=8080 WINDOW=50743 SYN 
 (Sep  4)  LEN=40 TTL=46 ID=50751 TCP DPT=8080 WINDOW=1451 SYN 
 (Sep  4)  LEN=40 TTL=46 ID=36006 TCP DPT=8080 WINDOW=18102 SYN 
 (Sep  3)  LEN=40 TTL=46 ID=25520 TCP DPT=8080 WINDOW=18102 SYN

2020-09-07 14:09:03

attack

(Sep  6)  LEN=40 TTL=46 ID=8879 TCP DPT=8080 WINDOW=37603 SYN 
 (Sep  6)  LEN=40 TTL=46 ID=50411 TCP DPT=8080 WINDOW=37603 SYN 
 (Sep  6)  LEN=40 TTL=46 ID=65207 TCP DPT=8080 WINDOW=8004 SYN 
 (Sep  5)  LEN=40 TTL=46 ID=48205 TCP DPT=8080 WINDOW=20018 SYN 
 (Sep  5)  LEN=40 TTL=46 ID=50323 TCP DPT=8080 WINDOW=50743 SYN 
 (Sep  5)  LEN=40 TTL=46 ID=48465 TCP DPT=8080 WINDOW=18102 SYN 
 (Sep  5)  LEN=40 TTL=46 ID=34321 TCP DPT=8080 WINDOW=18102 SYN 
 (Sep  4)  LEN=40 TTL=46 ID=58656 TCP DPT=8080 WINDOW=50743 SYN 
 (Sep  4)  LEN=40 TTL=46 ID=50751 TCP DPT=8080 WINDOW=1451 SYN 
 (Sep  4)  LEN=40 TTL=46 ID=36006 TCP DPT=8080 WINDOW=18102 SYN 
 (Sep  3)  LEN=40 TTL=46 ID=25520 TCP DPT=8080 WINDOW=18102 SYN

2020-09-07 06:41:38

相同子网IP讨论:

IP	类型	评论内容	时间
122.138.112.147	attackspambots	TCP (SYN) 122.138.112.147:45339 -> port 8080, len 40	2020-10-10 06:08:13
122.138.112.147	attackbots	Unauthorised access (Oct 8) SRC=122.138.112.147 LEN=40 TTL=46 ID=30520 TCP DPT=8080 WINDOW=8004 SYN Unauthorised access (Oct 7) SRC=122.138.112.147 LEN=40 TTL=46 ID=22452 TCP DPT=8080 WINDOW=50338 SYN Unauthorised access (Oct 6) SRC=122.138.112.147 LEN=40 TTL=46 ID=57653 TCP DPT=8080 WINDOW=3154 SYN Unauthorised access (Oct 6) SRC=122.138.112.147 LEN=40 TTL=46 ID=48938 TCP DPT=8080 WINDOW=37603 SYN Unauthorised access (Oct 6) SRC=122.138.112.147 LEN=40 TTL=46 ID=25038 TCP DPT=8080 WINDOW=1451 SYN Unauthorised access (Oct 5) SRC=122.138.112.147 LEN=40 TTL=46 ID=49576 TCP DPT=8080 WINDOW=18102 SYN	2020-10-09 14:05:03

类型

评论内容

时间

122.138.112.147

attackspambots

 TCP (SYN) 122.138.112.147:45339 -> port 8080, len 40

2020-10-10 06:08:13

122.138.112.147

attackbots

Unauthorised access (Oct  8) SRC=122.138.112.147 LEN=40 TTL=46 ID=30520 TCP DPT=8080 WINDOW=8004 SYN 
Unauthorised access (Oct  7) SRC=122.138.112.147 LEN=40 TTL=46 ID=22452 TCP DPT=8080 WINDOW=50338 SYN 
Unauthorised access (Oct  6) SRC=122.138.112.147 LEN=40 TTL=46 ID=57653 TCP DPT=8080 WINDOW=3154 SYN 
Unauthorised access (Oct  6) SRC=122.138.112.147 LEN=40 TTL=46 ID=48938 TCP DPT=8080 WINDOW=37603 SYN 
Unauthorised access (Oct  6) SRC=122.138.112.147 LEN=40 TTL=46 ID=25038 TCP DPT=8080 WINDOW=1451 SYN 
Unauthorised access (Oct  5) SRC=122.138.112.147 LEN=40 TTL=46 ID=49576 TCP DPT=8080 WINDOW=18102 SYN

2020-10-09 14:05:03

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 122.138.112.124
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 35207
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;122.138.112.124.		IN	A

;; AUTHORITY SECTION:
.			548	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020090601 1800 900 604800 86400

;; Query time: 72 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Sep 07 06:41:35 CST 2020
;; MSG SIZE  rcvd: 119

HOST信息:

124.112.138.122.in-addr.arpa domain name pointer 124.112.138.122.adsl-pool.jlccptt.net.cn.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
124.112.138.122.in-addr.arpa	name = 124.112.138.122.adsl-pool.jlccptt.net.cn.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
46.151.210.60	attackbots	Oct 25 10:46:05 [host] sshd[8758]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.151.210.60 user=root Oct 25 10:46:07 [host] sshd[8758]: Failed password for root from 46.151.210.60 port 42428 ssh2 Oct 25 10:50:48 [host] sshd[8819]: Invalid user rv from 46.151.210.60	2019-10-25 19:02:12
51.75.202.218	attack	2019-10-25T10:15:46.072875hub.schaetter.us sshd\[22664\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.ip-51-75-202.eu user=root 2019-10-25T10:15:48.593600hub.schaetter.us sshd\[22664\]: Failed password for root from 51.75.202.218 port 44228 ssh2 2019-10-25T10:19:35.587229hub.schaetter.us sshd\[22688\]: Invalid user com from 51.75.202.218 port 53614 2019-10-25T10:19:35.599552hub.schaetter.us sshd\[22688\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.ip-51-75-202.eu 2019-10-25T10:19:37.455411hub.schaetter.us sshd\[22688\]: Failed password for invalid user com from 51.75.202.218 port 53614 ssh2 ...	2019-10-25 18:57:16
106.13.60.155	attack	Oct 25 08:59:02 OPSO sshd\[18982\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.60.155 user=root Oct 25 08:59:04 OPSO sshd\[18982\]: Failed password for root from 106.13.60.155 port 59100 ssh2 Oct 25 09:06:44 OPSO sshd\[20467\]: Invalid user test from 106.13.60.155 port 38284 Oct 25 09:06:44 OPSO sshd\[20467\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.60.155 Oct 25 09:06:46 OPSO sshd\[20467\]: Failed password for invalid user test from 106.13.60.155 port 38284 ssh2	2019-10-25 19:05:59
159.65.151.216	attack	Oct 25 09:35:02 ovpn sshd\[953\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.151.216 user=root Oct 25 09:35:04 ovpn sshd\[953\]: Failed password for root from 159.65.151.216 port 57616 ssh2 Oct 25 09:41:37 ovpn sshd\[2259\]: Invalid user ubnt from 159.65.151.216 Oct 25 09:41:37 ovpn sshd\[2259\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.151.216 Oct 25 09:41:39 ovpn sshd\[2259\]: Failed password for invalid user ubnt from 159.65.151.216 port 51472 ssh2	2019-10-25 19:18:12
49.73.235.149	attack	2019-10-25 08:01:43,199 fail2ban.actions \[1778\]: NOTICE \[sshd\] Ban 49.73.235.149 2019-10-25 08:33:20,699 fail2ban.actions \[1778\]: NOTICE \[sshd\] Ban 49.73.235.149 2019-10-25 09:06:01,755 fail2ban.actions \[1778\]: NOTICE \[sshd\] Ban 49.73.235.149 2019-10-25 09:36:06,824 fail2ban.actions \[1778\]: NOTICE \[sshd\] Ban 49.73.235.149 2019-10-25 10:06:14,768 fail2ban.actions \[1778\]: NOTICE \[sshd\] Ban 49.73.235.149 ...	2019-10-25 19:14:08
162.158.150.28	attackbotsspam	10/25/2019-11:57:06.399853 162.158.150.28 Protocol: 6 ET POLICY Cleartext WordPress Login	2019-10-25 19:05:41
132.232.58.52	attackbotsspam	Oct 25 10:40:44 DAAP sshd[10536]: Invalid user userftp from 132.232.58.52 port 22951 Oct 25 10:40:44 DAAP sshd[10536]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.58.52 Oct 25 10:40:44 DAAP sshd[10536]: Invalid user userftp from 132.232.58.52 port 22951 Oct 25 10:40:46 DAAP sshd[10536]: Failed password for invalid user userftp from 132.232.58.52 port 22951 ssh2 Oct 25 10:48:28 DAAP sshd[10625]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.58.52 user=root Oct 25 10:48:30 DAAP sshd[10625]: Failed password for root from 132.232.58.52 port 15394 ssh2 ...	2019-10-25 19:03:54
189.7.25.34	attackbots	Repeated brute force against a port	2019-10-25 18:56:37
51.79.132.226	attack	Oct 22 15:15:25 extapp sshd[21369]: Failed password for r.r from 51.79.132.226 port 37570 ssh2 Oct 22 15:20:06 extapp sshd[23603]: Failed password for r.r from 51.79.132.226 port 49854 ssh2 Oct 22 15:24:52 extapp sshd[25211]: Failed password for r.r from 51.79.132.226 port 33908 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=51.79.132.226	2019-10-25 19:04:24
200.29.216.141	attackbotsspam	Unauthorized connection attempt from IP address 200.29.216.141 on Port 445(SMB)	2019-10-25 19:00:18
95.110.198.219	attackspambots	Oct 23 12:44:32 h2421860 postfix/postscreen[24260]: CONNECT from [95.110.198.219]:51547 to [85.214.119.52]:25 Oct 23 12:44:32 h2421860 postfix/dnsblog[24263]: addr 95.110.198.219 listed by domain zen.spamhaus.org as 127.0.0.4 Oct 23 12:44:32 h2421860 postfix/dnsblog[24263]: addr 95.110.198.219 listed by domain Unknown.trblspam.com as 185.53.179.7 Oct 23 12:44:32 h2421860 postfix/dnsblog[24265]: addr 95.110.198.219 listed by domain b.barracudacentral.org as 127.0.0.2 Oct 23 12:44:32 h2421860 postfix/dnsblog[24269]: addr 95.110.198.219 listed by domain dnsbl.sorbs.net as 127.0.0.6 Oct 23 12:44:38 h2421860 postfix/postscreen[24260]: DNSBL rank 7 for [95.110.198.219]:51547 Oct x@x Oct 23 12:44:38 h2421860 postfix/postscreen[24260]: DISCONNECT [95.110.198.219]:51547 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=95.110.198.219	2019-10-25 19:27:11
71.6.146.185	attackspambots	Automatic report - Banned IP Access	2019-10-25 18:53:07
41.223.142.211	attackbots	Oct 25 12:50:34 dedicated sshd[16519]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.223.142.211 user=root Oct 25 12:50:36 dedicated sshd[16519]: Failed password for root from 41.223.142.211 port 53040 ssh2	2019-10-25 19:08:31
185.74.4.110	attackspam	Oct 25 13:34:55 server sshd\[1941\]: Invalid user 123qwe from 185.74.4.110 Oct 25 13:34:55 server sshd\[1941\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.74.4.110 Oct 25 13:34:57 server sshd\[1941\]: Failed password for invalid user 123qwe from 185.74.4.110 port 34089 ssh2 Oct 25 13:44:15 server sshd\[4070\]: Invalid user hp from 185.74.4.110 Oct 25 13:44:15 server sshd\[4070\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.74.4.110 ...	2019-10-25 19:09:21
163.172.26.73	attackbots	lfd: (sshd) Failed SSH login from 163.172.26.73 (FR/France/163-172-26-73.rev.poneytelecom.eu): 5 in the last 3600 secs - Fri Oct 25 11:48:37 2019	2019-10-25 19:08:53

最近上报的IP列表

190.27.104.203	103.90.226.35	41.129.41.34	40.124.48.111
177.84.41.34	186.155.140.218	192.241.137.149	37.139.59.87
180.249.183.191	187.163.70.129	45.249.184.34	142.93.127.173
103.66.78.27	5.102.4.181	115.60.168.180	222.254.63.193
117.6.211.41	194.190.67.209	221.8.12.143	113.88.192.97