123.138.111.239

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): XianCity IPAddressPool

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2019-12-24 06:03:36
attackspam	Dec 20 16:17:32 vmd46246 kernel: [766436.039853] [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:fb:88:28:99:3a:4d:30:af:08:00 SRC=123.138.111.239 DST=144.91.112.181 LEN=52 TOS=0x00 PREC=0x00 TTL=239 ID=51931 PROTO=TCP SPT=3132 DPT=11211 WINDOW=8192 RES=0x00 SYN URGP=0 Dec 20 16:17:33 vmd46246 kernel: [766436.693748] [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:fb:88:28:99:3a:4d:30:af:08:00 SRC=123.138.111.239 DST=144.91.112.181 LEN=52 TOS=0x00 PREC=0x00 TTL=239 ID=45865 PROTO=TCP SPT=3132 DPT=11211 WINDOW=8192 RES=0x00 SYN URGP=0 Dec 20 16:17:33 vmd46246 kernel: [766437.344518] [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:fb:88:28:99:3a:4d:30:af:08:00 SRC=123.138.111.239 DST=144.91.112.181 LEN=52 TOS=0x00 PREC=0x00 TTL=239 ID=36648 PROTO=TCP SPT=3132 DPT=11211 WINDOW=8192 RES=0x00 SYN URGP=0 ...	2019-12-21 02:09:41

类型

评论内容

时间

attackspambots

MultiHost/MultiPort Probe, Scan, Hack -

2019-12-24 06:03:36

attackspam

Dec 20 16:17:32 vmd46246 kernel: [766436.039853] [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:fb:88:28:99:3a:4d:30:af:08:00 SRC=123.138.111.239 DST=144.91.112.181 LEN=52 TOS=0x00 PREC=0x00 TTL=239 ID=51931 PROTO=TCP SPT=3132 DPT=11211 WINDOW=8192 RES=0x00 SYN URGP=0 
Dec 20 16:17:33 vmd46246 kernel: [766436.693748] [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:fb:88:28:99:3a:4d:30:af:08:00 SRC=123.138.111.239 DST=144.91.112.181 LEN=52 TOS=0x00 PREC=0x00 TTL=239 ID=45865 PROTO=TCP SPT=3132 DPT=11211 WINDOW=8192 RES=0x00 SYN URGP=0 
Dec 20 16:17:33 vmd46246 kernel: [766437.344518] [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:fb:88:28:99:3a:4d:30:af:08:00 SRC=123.138.111.239 DST=144.91.112.181 LEN=52 TOS=0x00 PREC=0x00 TTL=239 ID=36648 PROTO=TCP SPT=3132 DPT=11211 WINDOW=8192 RES=0x00 SYN URGP=0 
...

2019-12-21 02:09:41

相同子网IP讨论:

IP	类型	评论内容	时间
123.138.111.244	attack	SIP/5060 Probe, BF, Hack -	2019-12-28 00:07:37
123.138.111.247	attackbotsspam	SIP/5060 Probe, BF, Hack -	2019-12-28 00:05:18
123.138.111.246	attackspam	Automatic report - Port Scan	2019-12-25 20:18:08
123.138.111.247	attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-12-25 18:05:29
123.138.111.240	attackbots	MultiHost/MultiPort Probe, Scan, Hack -	2019-12-24 05:56:59
123.138.111.247	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-12-24 05:39:55
123.138.111.241	attackspambots	Unauthorized connection attempt from IP address 123.138.111.241 on Port 3389(RDP)	2019-12-21 05:56:43
123.138.111.243	attackbots	Scanning	2019-12-20 18:01:43
123.138.111.249	attackbots	Scanning	2019-12-20 17:33:15
123.138.111.241	attackbots	Host Scan	2019-12-20 15:19:11

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 123.138.111.239
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 20397
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;123.138.111.239.		IN	A

;; AUTHORITY SECTION:
.			337	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019122001 1800 900 604800 86400

;; Query time: 67 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Dec 21 02:09:33 CST 2019
;; MSG SIZE  rcvd: 119

HOST信息:

Host 239.111.138.123.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 239.111.138.123.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
200.27.79.170	attackbots	Unauthorized connection attempt from IP address 200.27.79.170 on Port 445(SMB)	2020-06-03 02:13:21
103.10.66.13	attackbotsspam	Unauthorized connection attempt from IP address 103.10.66.13 on Port 445(SMB)	2020-06-03 02:03:38
129.145.21.172	attackbots	From bounce@info.sgs.com Tue Jun 02 09:02:02 2020 Received: from mail01.info.sgs.com ([129.145.21.172]:28331)	2020-06-03 02:17:47
2.50.154.242	attackspam	Unauthorized connection attempt from IP address 2.50.154.242 on Port 445(SMB)	2020-06-03 02:02:30
89.151.186.173	attackspambots	Automatic report - Port Scan Attack	2020-06-03 02:14:58
201.23.103.218	attack	Jun 2 14:01:45 SRV001 postfix/smtpd[17292]: NOQUEUE: reject: RCPT from 201.23.103.218.dedicated.neoviatelecom.com.br[201.23.103.218]: 504 5.5.2 : Helo command rejected: need fully-qualified hostname; from= to= proto=ESMTP helo= ...	2020-06-03 02:29:23
177.152.124.21	attackbotsspam	Jun 2 07:53:14 NPSTNNYC01T sshd[7064]: Failed password for root from 177.152.124.21 port 50950 ssh2 Jun 2 07:57:45 NPSTNNYC01T sshd[7426]: Failed password for root from 177.152.124.21 port 56784 ssh2 ...	2020-06-03 02:05:01
14.242.3.203	attack	Jun 2 18:53:24 cdc sshd[26948]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.242.3.203 user=root Jun 2 18:53:26 cdc sshd[26948]: Failed password for invalid user root from 14.242.3.203 port 59595 ssh2	2020-06-03 02:01:08
61.216.132.176	attack	Unauthorized connection attempt from IP address 61.216.132.176 on Port 445(SMB)	2020-06-03 02:07:11
68.183.48.172	attack	May 31 00:19:10 v2202003116398111542 sshd[1233913]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.48.172 May 31 00:19:12 v2202003116398111542 sshd[1233913]: Failed password for invalid user admin from 68.183.48.172 port 58242 ssh2 May 31 00:19:12 v2202003116398111542 sshd[1233913]: Disconnected from invalid user admin 68.183.48.172 port 58242 [preauth] May 31 00:21:36 v2202003116398111542 sshd[1238370]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.48.172 user=root May 31 00:21:37 v2202003116398111542 sshd[1238370]: Failed password for root from 68.183.48.172 port 45350 ssh2 May 31 00:23:59 v2202003116398111542 sshd[1242701]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.48.172 user=root May 31 00:24:01 v2202003116398111542 sshd[1242701]: Failed password for root from 68.183.48.172 port 60691 ssh2 May 31 00:26:25 v2202003116398111542 sshd[1247128]: Invalid user	2020-06-03 02:00:11
193.107.98.185	attackbots	port scan and connect, tcp 23 (telnet)	2020-06-03 02:02:50
220.102.43.235	attackspambots	May 27 00:13:54 v2202003116398111542 sshd[13551]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.102.43.235	2020-06-03 01:55:12
106.12.88.95	attackspam	Jun 2 15:38:44 home sshd[4184]: Failed password for root from 106.12.88.95 port 48700 ssh2 Jun 2 15:43:25 home sshd[4666]: Failed password for root from 106.12.88.95 port 43682 ssh2 ...	2020-06-03 02:05:18
182.254.145.29	attackbotsspam	3x Failed Password	2020-06-03 02:15:24
94.29.126.76	attack	Unauthorized connection attempt from IP address 94.29.126.76 on Port 445(SMB)	2020-06-03 02:10:54

最近上报的IP列表

94.102.63.65	31.13.191.71	183.83.154.84	46.162.108.12
43.255.39.107	40.92.69.43	95.179.232.29	41.66.217.10
168.197.157.67	128.199.142.148	36.227.180.210	49.213.27.19
49.206.212.180	49.149.78.163	56.172.131.115	49.145.197.64
46.101.202.5	213.234.209.186	84.22.34.133	46.255.99.75