123.138.111.239

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): XianCity IPAddressPool

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2019-12-24 06:03:36
attackspam	Dec 20 16:17:32 vmd46246 kernel: [766436.039853] [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:fb:88:28:99:3a:4d:30:af:08:00 SRC=123.138.111.239 DST=144.91.112.181 LEN=52 TOS=0x00 PREC=0x00 TTL=239 ID=51931 PROTO=TCP SPT=3132 DPT=11211 WINDOW=8192 RES=0x00 SYN URGP=0 Dec 20 16:17:33 vmd46246 kernel: [766436.693748] [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:fb:88:28:99:3a:4d:30:af:08:00 SRC=123.138.111.239 DST=144.91.112.181 LEN=52 TOS=0x00 PREC=0x00 TTL=239 ID=45865 PROTO=TCP SPT=3132 DPT=11211 WINDOW=8192 RES=0x00 SYN URGP=0 Dec 20 16:17:33 vmd46246 kernel: [766437.344518] [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:fb:88:28:99:3a:4d:30:af:08:00 SRC=123.138.111.239 DST=144.91.112.181 LEN=52 TOS=0x00 PREC=0x00 TTL=239 ID=36648 PROTO=TCP SPT=3132 DPT=11211 WINDOW=8192 RES=0x00 SYN URGP=0 ...	2019-12-21 02:09:41

类型

评论内容

时间

attackspambots

MultiHost/MultiPort Probe, Scan, Hack -

2019-12-24 06:03:36

attackspam

Dec 20 16:17:32 vmd46246 kernel: [766436.039853] [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:fb:88:28:99:3a:4d:30:af:08:00 SRC=123.138.111.239 DST=144.91.112.181 LEN=52 TOS=0x00 PREC=0x00 TTL=239 ID=51931 PROTO=TCP SPT=3132 DPT=11211 WINDOW=8192 RES=0x00 SYN URGP=0 
Dec 20 16:17:33 vmd46246 kernel: [766436.693748] [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:fb:88:28:99:3a:4d:30:af:08:00 SRC=123.138.111.239 DST=144.91.112.181 LEN=52 TOS=0x00 PREC=0x00 TTL=239 ID=45865 PROTO=TCP SPT=3132 DPT=11211 WINDOW=8192 RES=0x00 SYN URGP=0 
Dec 20 16:17:33 vmd46246 kernel: [766437.344518] [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:fb:88:28:99:3a:4d:30:af:08:00 SRC=123.138.111.239 DST=144.91.112.181 LEN=52 TOS=0x00 PREC=0x00 TTL=239 ID=36648 PROTO=TCP SPT=3132 DPT=11211 WINDOW=8192 RES=0x00 SYN URGP=0 
...

2019-12-21 02:09:41

相同子网IP讨论:

IP	类型	评论内容	时间
123.138.111.244	attack	SIP/5060 Probe, BF, Hack -	2019-12-28 00:07:37
123.138.111.247	attackbotsspam	SIP/5060 Probe, BF, Hack -	2019-12-28 00:05:18
123.138.111.246	attackspam	Automatic report - Port Scan	2019-12-25 20:18:08
123.138.111.247	attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-12-25 18:05:29
123.138.111.240	attackbots	MultiHost/MultiPort Probe, Scan, Hack -	2019-12-24 05:56:59
123.138.111.247	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-12-24 05:39:55
123.138.111.241	attackspambots	Unauthorized connection attempt from IP address 123.138.111.241 on Port 3389(RDP)	2019-12-21 05:56:43
123.138.111.243	attackbots	Scanning	2019-12-20 18:01:43
123.138.111.249	attackbots	Scanning	2019-12-20 17:33:15
123.138.111.241	attackbots	Host Scan	2019-12-20 15:19:11

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 123.138.111.239
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 20397
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;123.138.111.239.		IN	A

;; AUTHORITY SECTION:
.			337	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019122001 1800 900 604800 86400

;; Query time: 67 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Dec 21 02:09:33 CST 2019
;; MSG SIZE  rcvd: 119

HOST信息:

Host 239.111.138.123.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 239.111.138.123.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
120.92.149.231	attackbotsspam	Invalid user prueba from 120.92.149.231 port 45938	2020-07-24 03:14:41
122.51.79.83	attackbots	Jul 23 13:01:51 jumpserver sshd[207949]: Invalid user gpadmin from 122.51.79.83 port 60554 Jul 23 13:01:53 jumpserver sshd[207949]: Failed password for invalid user gpadmin from 122.51.79.83 port 60554 ssh2 Jul 23 13:09:48 jumpserver sshd[208049]: Invalid user sammy from 122.51.79.83 port 58114 ...	2020-07-24 03:49:57
35.136.132.64	attack	Invalid user admin from 35.136.132.64 port 39419	2020-07-24 03:39:16
51.91.109.220	attackbots	2020-07-23T10:22:58.033189mail.thespaminator.com sshd[26514]: Invalid user bn from 51.91.109.220 port 49616 2020-07-23T10:23:02.337186mail.thespaminator.com sshd[26514]: Failed password for invalid user bn from 51.91.109.220 port 49616 ssh2 ...	2020-07-24 03:19:12
51.38.238.165	attackspam	Jul 23 17:13:08 ws26vmsma01 sshd[149277]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.238.165 Jul 23 17:13:09 ws26vmsma01 sshd[149277]: Failed password for invalid user ravi from 51.38.238.165 port 55790 ssh2 ...	2020-07-24 03:35:40
14.162.176.206	attackspambots	Invalid user avanthi from 14.162.176.206 port 56731	2020-07-24 03:39:49
189.206.160.153	attackbots	SSH authentication failure x 6 reported by Fail2Ban ...	2020-07-24 03:25:20
199.231.185.120	attack	2020-07-23T20:52:43+0200 Failed SSH Authentication/Brute Force Attack. (Server 10)	2020-07-24 03:43:00
51.38.83.164	attackspam	2020-07-23T17:15:40.152507abusebot.cloudsearch.cf sshd[1184]: Invalid user test from 51.38.83.164 port 45164 2020-07-23T17:15:40.158219abusebot.cloudsearch.cf sshd[1184]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.ip-51-38-83.eu 2020-07-23T17:15:40.152507abusebot.cloudsearch.cf sshd[1184]: Invalid user test from 51.38.83.164 port 45164 2020-07-23T17:15:42.444896abusebot.cloudsearch.cf sshd[1184]: Failed password for invalid user test from 51.38.83.164 port 45164 ssh2 2020-07-23T17:25:35.411164abusebot.cloudsearch.cf sshd[1298]: Invalid user renz from 51.38.83.164 port 47782 2020-07-23T17:25:35.418728abusebot.cloudsearch.cf sshd[1298]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.ip-51-38-83.eu 2020-07-23T17:25:35.411164abusebot.cloudsearch.cf sshd[1298]: Invalid user renz from 51.38.83.164 port 47782 2020-07-23T17:25:37.054214abusebot.cloudsearch.cf sshd[1298]: Failed password for invalid us ...	2020-07-24 03:19:32
46.101.224.184	attackspam	Banned for a week because repeated abuses, for example SSH, but not only	2020-07-24 03:38:07
119.45.50.17	attackbots	"$f2bV_matches"	2020-07-24 03:14:58
51.15.241.102	attackspambots	Jul 23 13:11:02 server1 sshd\[26795\]: Failed password for invalid user upload from 51.15.241.102 port 52018 ssh2 Jul 23 13:14:48 server1 sshd\[27924\]: Invalid user kal from 51.15.241.102 Jul 23 13:14:48 server1 sshd\[27924\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.15.241.102 Jul 23 13:14:50 server1 sshd\[27924\]: Failed password for invalid user kal from 51.15.241.102 port 39586 ssh2 Jul 23 13:18:38 server1 sshd\[29083\]: Invalid user git from 51.15.241.102 ...	2020-07-24 03:19:56
159.203.87.95	attack	Jul 23 18:44:59 XXX sshd[29308]: Invalid user tim from 159.203.87.95 port 52754	2020-07-24 03:47:24
49.233.180.38	attackbotsspam	SSH Brute-Forcing (server2)	2020-07-24 03:21:04
115.236.167.108	attackbots	Invalid user nagios from 115.236.167.108 port 51716	2020-07-24 03:50:59

最近上报的IP列表

94.102.63.65	31.13.191.71	183.83.154.84	46.162.108.12
43.255.39.107	40.92.69.43	95.179.232.29	41.66.217.10
168.197.157.67	128.199.142.148	36.227.180.210	49.213.27.19
49.206.212.180	49.149.78.163	56.172.131.115	49.145.197.64
46.101.202.5	213.234.209.186	84.22.34.133	46.255.99.75