123.16.138.48 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Viet Nam

运营商(isp): Vietnam Posts and Telecommunications Group

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Brute force SMTP login attempted. ...	2020-05-30 16:26:27
attackbotsspam	May 14 11:34:37 scivo sshd[18830]: Address 123.16.138.48 maps to static.vnpt.vn, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! May 14 11:34:37 scivo sshd[18830]: Invalid user adriana from 123.16.138.48 May 14 11:34:37 scivo sshd[18830]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.16.138.48 May 14 11:34:39 scivo sshd[18830]: Failed password for invalid user adriana from 123.16.138.48 port 49030 ssh2 May 14 11:34:39 scivo sshd[18830]: Received disconnect from 123.16.138.48: 11: Bye Bye [preauth] May 14 11:47:59 scivo sshd[19655]: Address 123.16.138.48 maps to static.vnpt.vn, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! May 14 11:47:59 scivo sshd[19655]: Invalid user test from 123.16.138.48 May 14 11:47:59 scivo sshd[19655]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.16.138.48 May 14 11:48:01 scivo sshd[19655]: Failed passwor........ -------------------------------	2020-05-16 00:31:57
attack	May 14 11:34:37 scivo sshd[18830]: Address 123.16.138.48 maps to static.vnpt.vn, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! May 14 11:34:37 scivo sshd[18830]: Invalid user adriana from 123.16.138.48 May 14 11:34:37 scivo sshd[18830]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.16.138.48 May 14 11:34:39 scivo sshd[18830]: Failed password for invalid user adriana from 123.16.138.48 port 49030 ssh2 May 14 11:34:39 scivo sshd[18830]: Received disconnect from 123.16.138.48: 11: Bye Bye [preauth] May 14 11:47:59 scivo sshd[19655]: Address 123.16.138.48 maps to static.vnpt.vn, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! May 14 11:47:59 scivo sshd[19655]: Invalid user test from 123.16.138.48 May 14 11:47:59 scivo sshd[19655]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.16.138.48 May 14 11:48:01 scivo sshd[19655]: Failed passwor........ -------------------------------	2020-05-15 18:07:24
attack	May 14 11:34:37 scivo sshd[18830]: Address 123.16.138.48 maps to static.vnpt.vn, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! May 14 11:34:37 scivo sshd[18830]: Invalid user adriana from 123.16.138.48 May 14 11:34:37 scivo sshd[18830]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.16.138.48 May 14 11:34:39 scivo sshd[18830]: Failed password for invalid user adriana from 123.16.138.48 port 49030 ssh2 May 14 11:34:39 scivo sshd[18830]: Received disconnect from 123.16.138.48: 11: Bye Bye [preauth] May 14 11:47:59 scivo sshd[19655]: Address 123.16.138.48 maps to static.vnpt.vn, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! May 14 11:47:59 scivo sshd[19655]: Invalid user test from 123.16.138.48 May 14 11:47:59 scivo sshd[19655]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.16.138.48 May 14 11:48:01 scivo sshd[19655]: Failed passwor........ -------------------------------	2020-05-14 18:04:36

相同子网IP讨论:

IP	类型	评论内容	时间
123.16.138.187	attack	IP: 123.16.138.187 ASN: AS45899 VNPT Corp Port: Simple Mail Transfer 25 Found in one or more Blacklists Date: 14/12/2019 6:26:08 AM UTC	2019-12-14 18:14:59
123.16.138.235	attackbots	Unauthorized connection attempt from IP address 123.16.138.235 on Port 445(SMB)	2019-08-12 17:57:25

类型

评论内容

时间

123.16.138.187

attack

IP: 123.16.138.187
ASN: AS45899 VNPT Corp
Port: Simple Mail Transfer 25
Found in one or more Blacklists
Date: 14/12/2019 6:26:08 AM UTC

2019-12-14 18:14:59

123.16.138.235

attackbots

Unauthorized connection attempt from IP address 123.16.138.235 on Port 445(SMB)

2019-08-12 17:57:25

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 123.16.138.48
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 6935
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;123.16.138.48.			IN	A

;; AUTHORITY SECTION:
.			386	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020051400 1800 900 604800 86400

;; Query time: 67 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu May 14 18:04:33 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

48.138.16.123.in-addr.arpa domain name pointer static.vnpt.vn.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
48.138.16.123.in-addr.arpa	name = static.vnpt.vn.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
89.46.125.39	attack	Nov 27 05:20:34 hpm sshd\[24681\]: Invalid user ife from 89.46.125.39 Nov 27 05:20:34 hpm sshd\[24681\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=tor-relay.netshelter.de Nov 27 05:20:36 hpm sshd\[24681\]: Failed password for invalid user ife from 89.46.125.39 port 40512 ssh2 Nov 27 05:20:39 hpm sshd\[24681\]: Failed password for invalid user ife from 89.46.125.39 port 40512 ssh2 Nov 27 05:20:41 hpm sshd\[24681\]: Failed password for invalid user ife from 89.46.125.39 port 40512 ssh2	2019-11-28 01:17:31
103.76.252.6	attackspam	Nov 27 13:04:21 firewall sshd[1783]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.76.252.6 Nov 27 13:04:21 firewall sshd[1783]: Invalid user pcap from 103.76.252.6 Nov 27 13:04:23 firewall sshd[1783]: Failed password for invalid user pcap from 103.76.252.6 port 35713 ssh2 ...	2019-11-28 00:42:36
212.129.138.67	attackbots	Nov 27 15:43:46 root sshd[8694]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.129.138.67 Nov 27 15:43:48 root sshd[8694]: Failed password for invalid user hoea from 212.129.138.67 port 51110 ssh2 Nov 27 15:52:35 root sshd[8837]: Failed password for backup from 212.129.138.67 port 34356 ssh2 ...	2019-11-28 01:24:52
217.29.20.40	attack	Nov 27 17:59:34 nextcloud sshd\[3278\]: Invalid user new_paco from 217.29.20.40 Nov 27 17:59:34 nextcloud sshd\[3278\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.29.20.40 Nov 27 17:59:36 nextcloud sshd\[3278\]: Failed password for invalid user new_paco from 217.29.20.40 port 45292 ssh2 ...	2019-11-28 01:21:22
49.88.112.55	attack	Nov 27 17:54:51 tuxlinux sshd[41117]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.55 user=root Nov 27 17:54:53 tuxlinux sshd[41117]: Failed password for root from 49.88.112.55 port 56109 ssh2 Nov 27 17:54:51 tuxlinux sshd[41117]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.55 user=root Nov 27 17:54:53 tuxlinux sshd[41117]: Failed password for root from 49.88.112.55 port 56109 ssh2 ...	2019-11-28 00:56:22
218.92.0.139	attackbotsspam	F2B jail: sshd. Time: 2019-11-27 17:41:23, Reported by: VKReport	2019-11-28 00:43:13
138.94.166.160	attackbots	UTC: 2019-11-26 port: 23/tcp	2019-11-28 01:24:38
129.204.47.158	attackbots	Nov 27 16:11:16 vps666546 sshd\[6883\]: Invalid user auker from 129.204.47.158 port 36792 Nov 27 16:11:16 vps666546 sshd\[6883\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.47.158 Nov 27 16:11:19 vps666546 sshd\[6883\]: Failed password for invalid user auker from 129.204.47.158 port 36792 ssh2 Nov 27 16:20:25 vps666546 sshd\[7159\]: Invalid user Colt from 129.204.47.158 port 44704 Nov 27 16:20:25 vps666546 sshd\[7159\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.47.158 ...	2019-11-28 01:12:42
193.164.94.45	attackspambots	UTC: 2019-11-26 port: 23/tcp	2019-11-28 01:09:08
113.219.45.25	attack	UTC: 2019-11-26 port: 26/tcp	2019-11-28 01:16:55
210.213.148.176	attackspambots	ssh bruteforce or scan ...	2019-11-28 01:10:42
46.229.168.163	attackbots	The IP has triggered Cloudflare WAF. CF-Ray: 53c26976abbcf0b5 \| WAF_Rule_ID: asn \| WAF_Kind: firewall \| CF_Action: challenge \| Country: US \| CF_IPClass: unknown \| Protocol: HTTP/1.1 \| Method: GET \| Host: blog.skk.moe \| User-Agent: Mozilla/5.0 (compatible; SemrushBot/6~bl; +http://www.semrush.com/bot.html) \| CF_DC: IAD. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-11-28 01:18:05
91.121.86.62	attackbotsspam	Nov 27 17:57:48 meumeu sshd[19774]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.121.86.62 Nov 27 17:57:50 meumeu sshd[19774]: Failed password for invalid user alex from 91.121.86.62 port 51934 ssh2 Nov 27 18:03:51 meumeu sshd[20946]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.121.86.62 ...	2019-11-28 01:04:51
170.82.73.169	attack	UTC: 2019-11-26 port: 26/tcp	2019-11-28 00:48:15
162.144.51.90	attackspambots	Nov 27 16:54:42 SilenceServices sshd[30758]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.144.51.90 Nov 27 16:54:44 SilenceServices sshd[30758]: Failed password for invalid user elgie from 162.144.51.90 port 56706 ssh2 Nov 27 17:01:37 SilenceServices sshd[1845]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.144.51.90	2019-11-28 01:19:00

最近上报的IP列表

123.240.240.214	15.172.75.186	171.240.149.222	150.46.203.97
62.234.87.235	93.11.161.246	169.197.110.10	238.157.66.29
5.53.114.209	248.5.235.47	182.160.113.66	47.166.197.23
70.101.49.163	37.74.103.234	69.157.141.255	156.150.179.173
111.233.83.16	95.142.252.139	253.87.241.38	172.6.139.231