124.235.138.41

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Changchun Beijingpuruofeite Corp

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Unauthorized connection attempt detected from IP address 124.235.138.41 to port 999	2020-05-30 03:39:05
attack	The IP has triggered Cloudflare WAF. CF-Ray: 5437ac17fe88e50e \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: img.skk.moe \| User-Agent: Mozilla/5.051975669 Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 00:43:10

类型

评论内容

时间

attack

Unauthorized connection attempt detected from IP address 124.235.138.41 to port 999

2020-05-30 03:39:05

attack

The IP has triggered Cloudflare WAF. CF-Ray: 5437ac17fe88e50e | WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 | WAF_Kind: firewall | CF_Action: drop | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: img.skk.moe | User-Agent: Mozilla/5.051975669 Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36 | CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-12 00:43:10

相同子网IP讨论:

IP	类型	评论内容	时间
124.235.138.34	attackbots	user not found%3a http%3a%2f%2f123.125.114.144%2f	2020-10-12 20:36:32
124.235.138.34	attackbots	user not found%3a http%3a%2f%2f123.125.114.144%2f	2020-10-12 12:05:19
124.235.138.202	attackbotsspam	Unauthorized connection attempt detected from IP address 124.235.138.202 to port 80	2020-05-31 03:01:01
124.235.138.245	attackspam	Unauthorized connection attempt detected from IP address 124.235.138.245 to port 999	2020-05-30 03:38:37
124.235.138.145	attack	Web Server Scan. RayID: 5957efee79dbeb00, UA: Mozilla/5.067805899 Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36, Country: CN	2020-05-21 03:58:23
124.235.138.197	attackspam	Fail2Ban Ban Triggered	2020-03-25 15:46:09
124.235.138.94	attackspam	Unauthorized connection attempt detected from IP address 124.235.138.94 to port 8082 [J]	2020-03-02 19:58:02
124.235.138.238	attackspam	Unauthorized connection attempt detected from IP address 124.235.138.238 to port 8118 [J]	2020-03-02 19:57:36
124.235.138.55	attackspam	Unauthorized connection attempt detected from IP address 124.235.138.55 to port 8443 [J]	2020-03-02 17:10:39
124.235.138.151	attackspambots	Unauthorized connection attempt detected from IP address 124.235.138.151 to port 8081 [J]	2020-03-02 17:10:02
124.235.138.178	attackbots	Unauthorized connection attempt detected from IP address 124.235.138.178 to port 8081 [J]	2020-03-02 17:09:40
124.235.138.152	attackspam	Unauthorized connection attempt detected from IP address 124.235.138.152 to port 22 [J]	2020-03-02 16:40:18
124.235.138.171	attackspam	Unauthorized connection attempt detected from IP address 124.235.138.171 to port 22 [J]	2020-03-02 14:58:00
124.235.138.65	attack	Unauthorized connection attempt detected from IP address 124.235.138.65 to port 8123 [J]	2020-03-02 14:27:36
124.235.138.216	attack	Unauthorized connection attempt detected from IP address 124.235.138.216 to port 443 [J]	2020-02-05 09:35:34

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 124.235.138.41
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 11573
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;124.235.138.41.			IN	A

;; AUTHORITY SECTION:
.			532	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121100 1800 900 604800 86400

;; Query time: 237 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Dec 12 00:42:58 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 41.138.235.124.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		100.100.2.136
Address:	100.100.2.136#53

** server can't find 41.138.235.124.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
106.12.94.186	attackbotsspam	Aug 16 05:56:24 db sshd[21419]: User root from 106.12.94.186 not allowed because none of user's groups are listed in AllowGroups ...	2020-08-16 13:35:41
85.133.166.41	attack	Automatic report - Port Scan Attack	2020-08-16 13:48:12
177.21.213.173	attackbots	Aug 16 05:14:33 mail.srvfarm.net postfix/smtps/smtpd[1890601]: warning: unknown[177.21.213.173]: SASL PLAIN authentication failed: Aug 16 05:14:33 mail.srvfarm.net postfix/smtps/smtpd[1890601]: lost connection after AUTH from unknown[177.21.213.173] Aug 16 05:16:48 mail.srvfarm.net postfix/smtpd[1888822]: warning: unknown[177.21.213.173]: SASL PLAIN authentication failed: Aug 16 05:16:49 mail.srvfarm.net postfix/smtpd[1888822]: lost connection after AUTH from unknown[177.21.213.173] Aug 16 05:20:18 mail.srvfarm.net postfix/smtpd[1887729]: warning: unknown[177.21.213.173]: SASL PLAIN authentication failed:	2020-08-16 13:17:27
37.143.144.1	attack	Automatic report - Port Scan Attack	2020-08-16 13:50:15
14.243.136.198	attack	1597550186 - 08/16/2020 05:56:26 Host: 14.243.136.198/14.243.136.198 Port: 445 TCP Blocked	2020-08-16 13:33:38
45.148.121.3	attackbotsspam	[2020-08-16 01:37:30] NOTICE[1185] chan_sip.c: Registration from '"200" ' failed for '45.148.121.3:5311' - Wrong password [2020-08-16 01:37:30] SECURITY[1203] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-08-16T01:37:30.980-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="200",SessionID="0x7f10c40ef148",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/45.148.121.3/5311",Challenge="35381028",ReceivedChallenge="35381028",ReceivedHash="58b4cd8b54669b1a05324018eea15b98" [2020-08-16 01:37:31] NOTICE[1185] chan_sip.c: Registration from '"200" ' failed for '45.148.121.3:5311' - Wrong password [2020-08-16 01:37:31] SECURITY[1203] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-08-16T01:37:31.200-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="200",SessionID="0x7f10c4270ff8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/45.148.121. ...	2020-08-16 13:43:35
62.210.194.8	attackspam	Aug 16 06:28:59 mail.srvfarm.net postfix/smtpd[1924775]: lost connection after STARTTLS from r8.news.eu.rvca.com[62.210.194.8] Aug 16 06:32:26 mail.srvfarm.net postfix/smtpd[1931100]: lost connection after STARTTLS from r8.news.eu.rvca.com[62.210.194.8] Aug 16 06:35:38 mail.srvfarm.net postfix/smtpd[1931102]: lost connection after STARTTLS from r8.news.eu.rvca.com[62.210.194.8] Aug 16 06:36:43 mail.srvfarm.net postfix/smtpd[1931100]: lost connection after STARTTLS from r8.news.eu.rvca.com[62.210.194.8] Aug 16 06:38:05 mail.srvfarm.net postfix/smtpd[1931097]: lost connection after STARTTLS from r8.news.eu.rvca.com[62.210.194.8]	2020-08-16 13:24:36
222.186.175.215	attackspambots	Aug 15 22:22:59 dignus sshd[7383]: Failed password for root from 222.186.175.215 port 12800 ssh2 Aug 15 22:23:02 dignus sshd[7383]: Failed password for root from 222.186.175.215 port 12800 ssh2 Aug 15 22:23:06 dignus sshd[7383]: Failed password for root from 222.186.175.215 port 12800 ssh2 Aug 15 22:23:09 dignus sshd[7383]: Failed password for root from 222.186.175.215 port 12800 ssh2 Aug 15 22:23:12 dignus sshd[7383]: Failed password for root from 222.186.175.215 port 12800 ssh2 ...	2020-08-16 13:39:59
5.188.206.194	attackbots	Aug 16 07:20:43 relay postfix/smtpd\[4916\]: warning: unknown\[5.188.206.194\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 16 07:21:06 relay postfix/smtpd\[7571\]: warning: unknown\[5.188.206.194\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 16 07:24:55 relay postfix/smtpd\[8536\]: warning: unknown\[5.188.206.194\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 16 07:25:19 relay postfix/smtpd\[8536\]: warning: unknown\[5.188.206.194\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 16 07:25:38 relay postfix/smtpd\[7541\]: warning: unknown\[5.188.206.194\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-08-16 13:29:56
49.233.204.30	attackbotsspam	Aug 16 07:25:27 db sshd[29798]: User root from 49.233.204.30 not allowed because none of user's groups are listed in AllowGroups ...	2020-08-16 13:37:22
94.250.60.38	attack	1597550169 - 08/16/2020 05:56:09 Host: 94.250.60.38/94.250.60.38 Port: 445 TCP Blocked	2020-08-16 13:47:47
80.82.155.26	attackspam	Aug 16 05:20:02 mail.srvfarm.net postfix/smtpd[1888504]: warning: unknown[80.82.155.26]: SASL PLAIN authentication failed: Aug 16 05:20:02 mail.srvfarm.net postfix/smtpd[1888504]: lost connection after AUTH from unknown[80.82.155.26] Aug 16 05:26:25 mail.srvfarm.net postfix/smtps/smtpd[1888744]: warning: unknown[80.82.155.26]: SASL PLAIN authentication failed: Aug 16 05:26:25 mail.srvfarm.net postfix/smtps/smtpd[1888744]: lost connection after AUTH from unknown[80.82.155.26] Aug 16 05:26:39 mail.srvfarm.net postfix/smtps/smtpd[1874192]: warning: unknown[80.82.155.26]: SASL PLAIN authentication failed:	2020-08-16 13:06:16
82.251.198.4	attackspambots	Aug 16 06:11:24 db sshd[23026]: User root from 82.251.198.4 not allowed because none of user's groups are listed in AllowGroups ...	2020-08-16 13:40:16
189.126.169.158	attackspam	Aug 16 05:16:08 mail.srvfarm.net postfix/smtps/smtpd[1890601]: warning: unknown[189.126.169.158]: SASL PLAIN authentication failed: Aug 16 05:16:08 mail.srvfarm.net postfix/smtps/smtpd[1890601]: lost connection after AUTH from unknown[189.126.169.158] Aug 16 05:19:14 mail.srvfarm.net postfix/smtpd[1874513]: warning: unknown[189.126.169.158]: SASL PLAIN authentication failed: Aug 16 05:19:14 mail.srvfarm.net postfix/smtpd[1874513]: lost connection after AUTH from unknown[189.126.169.158] Aug 16 05:19:35 mail.srvfarm.net postfix/smtpd[1887729]: warning: unknown[189.126.169.158]: SASL PLAIN authentication failed:	2020-08-16 13:11:14
112.85.42.194	attack	Aug 16 05:36:11 jumpserver sshd[169360]: Failed password for root from 112.85.42.194 port 60823 ssh2 Aug 16 05:36:14 jumpserver sshd[169360]: Failed password for root from 112.85.42.194 port 60823 ssh2 Aug 16 05:36:16 jumpserver sshd[169360]: Failed password for root from 112.85.42.194 port 60823 ssh2 ...	2020-08-16 13:45:22

最近上报的IP列表

98.252.124.6	25.22.31.119	111.224.248.50	111.224.234.16
111.206.221.2	111.181.67.160	110.177.85.85	47.75.160.11
27.224.137.40	27.154.80.38	222.82.63.30	222.79.48.201
196.245.218.60	183.17.229.113	182.138.158.135	180.95.231.171
190.180.184.211	175.184.166.44	171.37.208.196	137.23.127.91