124.235.138.33

基本信息:

城市(city): unknown

省份(region): Beijing

国家(country): China

运营商(isp): Changchun Beijingpuruofeite Corp

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	The IP has triggered Cloudflare WAF. CF-Ray: 541033b66b8f9971 \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: d.skk.moe \| User-Agent: Mozilla/5.096783921 Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 03:31:07

类型

评论内容

时间

attack

The IP has triggered Cloudflare WAF. CF-Ray: 541033b66b8f9971 | WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 | WAF_Kind: firewall | CF_Action: challenge | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: d.skk.moe | User-Agent: Mozilla/5.096783921 Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko | CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-08 03:31:07

相同子网IP讨论:

IP	类型	评论内容	时间
124.235.138.34	attackbots	user not found%3a http%3a%2f%2f123.125.114.144%2f	2020-10-12 20:36:32
124.235.138.34	attackbots	user not found%3a http%3a%2f%2f123.125.114.144%2f	2020-10-12 12:05:19
124.235.138.202	attackbotsspam	Unauthorized connection attempt detected from IP address 124.235.138.202 to port 80	2020-05-31 03:01:01
124.235.138.41	attack	Unauthorized connection attempt detected from IP address 124.235.138.41 to port 999	2020-05-30 03:39:05
124.235.138.245	attackspam	Unauthorized connection attempt detected from IP address 124.235.138.245 to port 999	2020-05-30 03:38:37
124.235.138.145	attack	Web Server Scan. RayID: 5957efee79dbeb00, UA: Mozilla/5.067805899 Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36, Country: CN	2020-05-21 03:58:23
124.235.138.197	attackspam	Fail2Ban Ban Triggered	2020-03-25 15:46:09
124.235.138.94	attackspam	Unauthorized connection attempt detected from IP address 124.235.138.94 to port 8082 [J]	2020-03-02 19:58:02
124.235.138.238	attackspam	Unauthorized connection attempt detected from IP address 124.235.138.238 to port 8118 [J]	2020-03-02 19:57:36
124.235.138.55	attackspam	Unauthorized connection attempt detected from IP address 124.235.138.55 to port 8443 [J]	2020-03-02 17:10:39
124.235.138.151	attackspambots	Unauthorized connection attempt detected from IP address 124.235.138.151 to port 8081 [J]	2020-03-02 17:10:02
124.235.138.178	attackbots	Unauthorized connection attempt detected from IP address 124.235.138.178 to port 8081 [J]	2020-03-02 17:09:40
124.235.138.152	attackspam	Unauthorized connection attempt detected from IP address 124.235.138.152 to port 22 [J]	2020-03-02 16:40:18
124.235.138.171	attackspam	Unauthorized connection attempt detected from IP address 124.235.138.171 to port 22 [J]	2020-03-02 14:58:00
124.235.138.65	attack	Unauthorized connection attempt detected from IP address 124.235.138.65 to port 8123 [J]	2020-03-02 14:27:36

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 124.235.138.33
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1211
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;124.235.138.33.			IN	A

;; AUTHORITY SECTION:
.			296	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019120700 1800 900 604800 86400

;; Query time: 62 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Dec 08 03:31:04 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 33.138.235.124.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 33.138.235.124.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
190.144.45.108	attack	Sep 30 11:26:16 mail sshd\[10318\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.144.45.108 user=root Sep 30 11:26:18 mail sshd\[10318\]: Failed password for root from 190.144.45.108 port 49149 ssh2 Sep 30 11:31:55 mail sshd\[11341\]: Invalid user admin from 190.144.45.108 port 39028 Sep 30 11:31:55 mail sshd\[11341\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.144.45.108 Sep 30 11:31:57 mail sshd\[11341\]: Failed password for invalid user admin from 190.144.45.108 port 39028 ssh2	2019-09-30 18:07:44
178.128.42.36	attackspam	Sep 30 11:13:02 vmd17057 sshd\[6648\]: Invalid user clerk from 178.128.42.36 port 33010 Sep 30 11:13:02 vmd17057 sshd\[6648\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.42.36 Sep 30 11:13:04 vmd17057 sshd\[6648\]: Failed password for invalid user clerk from 178.128.42.36 port 33010 ssh2 ...	2019-09-30 17:42:44
89.46.125.39	attackbots	Sep 30 08:42:10 rotator sshd\[24562\]: Failed password for root from 89.46.125.39 port 53230 ssh2Sep 30 08:42:12 rotator sshd\[24562\]: Failed password for root from 89.46.125.39 port 53230 ssh2Sep 30 08:42:15 rotator sshd\[24562\]: Failed password for root from 89.46.125.39 port 53230 ssh2Sep 30 08:42:17 rotator sshd\[24562\]: Failed password for root from 89.46.125.39 port 53230 ssh2Sep 30 08:42:20 rotator sshd\[24562\]: Failed password for root from 89.46.125.39 port 53230 ssh2Sep 30 08:42:22 rotator sshd\[24562\]: Failed password for root from 89.46.125.39 port 53230 ssh2 ...	2019-09-30 17:52:34
77.238.120.22	attackbots	2019-09-30T03:29:41.1016351495-001 sshd\[20041\]: Invalid user if from 77.238.120.22 port 42124 2019-09-30T03:29:41.1096631495-001 sshd\[20041\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=77.238.120.22 2019-09-30T03:29:43.0958721495-001 sshd\[20041\]: Failed password for invalid user if from 77.238.120.22 port 42124 ssh2 2019-09-30T03:34:34.3299261495-001 sshd\[20301\]: Invalid user ghost from 77.238.120.22 port 54042 2019-09-30T03:34:34.3384521495-001 sshd\[20301\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=77.238.120.22 2019-09-30T03:34:36.2142181495-001 sshd\[20301\]: Failed password for invalid user ghost from 77.238.120.22 port 54042 ssh2 ...	2019-09-30 18:13:10
115.29.3.34	attackspam	Sep 30 07:10:06 anodpoucpklekan sshd[47994]: Invalid user Admin from 115.29.3.34 port 52264 ...	2019-09-30 18:09:28
51.77.156.223	attackbots	Sep 30 11:00:53 MK-Soft-VM5 sshd[1465]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.156.223 Sep 30 11:00:55 MK-Soft-VM5 sshd[1465]: Failed password for invalid user zhangpw from 51.77.156.223 port 39298 ssh2 ...	2019-09-30 17:51:33
192.228.100.118	attack	CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2019-09-30 17:57:50
139.199.168.184	attack	Sep 30 11:54:04 mail sshd\[15063\]: Invalid user web1 from 139.199.168.184 port 46936 Sep 30 11:54:04 mail sshd\[15063\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.168.184 Sep 30 11:54:06 mail sshd\[15063\]: Failed password for invalid user web1 from 139.199.168.184 port 46936 ssh2 Sep 30 11:59:10 mail sshd\[16014\]: Invalid user debian from 139.199.168.184 port 57968 Sep 30 11:59:10 mail sshd\[16014\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.168.184	2019-09-30 18:08:07
113.57.130.172	attackspambots	$f2bV_matches	2019-09-30 17:55:54
157.55.39.253	attack	Automatic report - Banned IP Access	2019-09-30 18:07:12
125.132.103.74	attackspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/125.132.103.74/ KR - 1H : (273) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : KR NAME ASN : ASN4766 IP : 125.132.103.74 CIDR : 125.132.64.0/18 PREFIX COUNT : 8136 UNIQUE IP COUNT : 44725248 WYKRYTE ATAKI Z ASN4766 : 1H - 3 3H - 16 6H - 25 12H - 55 24H - 95 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-09-30 17:40:02
124.156.115.227	attackbotsspam	$f2bV_matches	2019-09-30 17:36:22
190.117.157.115	attackspambots	Sep 29 18:23:10 lcprod sshd\[10490\]: Invalid user admin from 190.117.157.115 Sep 29 18:23:10 lcprod sshd\[10490\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=mail.munialtoalianza.gob.pe Sep 29 18:23:11 lcprod sshd\[10490\]: Failed password for invalid user admin from 190.117.157.115 port 57740 ssh2 Sep 29 18:27:39 lcprod sshd\[10852\]: Invalid user admin from 190.117.157.115 Sep 29 18:27:39 lcprod sshd\[10852\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=mail.munialtoalianza.gob.pe	2019-09-30 18:01:50
94.33.52.72	attackbotsspam	WordPress login Brute force / Web App Attack on client site.	2019-09-30 18:15:28
148.235.57.183	attackspambots	Sep 30 04:32:28 plusreed sshd[4586]: Invalid user yi123 from 148.235.57.183 ...	2019-09-30 17:47:28

最近上报的IP列表

170.81.129.113	52.252.228.170	123.145.37.197	222.163.109.28
70.121.250.106	218.84.165.211	120.92.72.147	191.229.32.90
207.247.243.131	117.182.81.52	111.206.18.250	170.235.36.154
216.78.46.202	116.252.0.249	145.253.244.54	68.46.248.37
116.252.0.200	219.18.141.173	80.239.247.128	125.167.196.192