128.1.138.214 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Hong Kong

运营商(isp): Zenlayer Inc

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Oct 9 08:41:52 ns37 sshd[9106]: Failed password for root from 128.1.138.214 port 53310 ssh2 Oct 9 08:41:52 ns37 sshd[9106]: Failed password for root from 128.1.138.214 port 53310 ssh2	2020-10-10 07:14:22
attack	Oct 9 08:41:52 ns37 sshd[9106]: Failed password for root from 128.1.138.214 port 53310 ssh2 Oct 9 08:41:52 ns37 sshd[9106]: Failed password for root from 128.1.138.214 port 53310 ssh2	2020-10-09 23:32:39
attackbots	Oct 9 08:41:52 ns37 sshd[9106]: Failed password for root from 128.1.138.214 port 53310 ssh2 Oct 9 08:41:52 ns37 sshd[9106]: Failed password for root from 128.1.138.214 port 53310 ssh2	2020-10-09 15:21:37

类型

评论内容

时间

attackbotsspam

Oct  9 08:41:52 ns37 sshd[9106]: Failed password for root from 128.1.138.214 port 53310 ssh2
Oct  9 08:41:52 ns37 sshd[9106]: Failed password for root from 128.1.138.214 port 53310 ssh2

2020-10-10 07:14:22

attack

Oct  9 08:41:52 ns37 sshd[9106]: Failed password for root from 128.1.138.214 port 53310 ssh2
Oct  9 08:41:52 ns37 sshd[9106]: Failed password for root from 128.1.138.214 port 53310 ssh2

2020-10-09 23:32:39

attackbots

Oct  9 08:41:52 ns37 sshd[9106]: Failed password for root from 128.1.138.214 port 53310 ssh2
Oct  9 08:41:52 ns37 sshd[9106]: Failed password for root from 128.1.138.214 port 53310 ssh2

2020-10-09 15:21:37

相同子网IP讨论:

IP	类型	评论内容	时间
128.1.138.219	attack	Jul 24 11:37:13 mail.srvfarm.net postfix/smtpd[2207704]: lost connection after RCPT from hwhk138-219.mailset.cn[128.1.138.219] Jul 24 11:37:36 mail.srvfarm.net postfix/smtpd[2210862]: lost connection after RCPT from hwhk138-219.mailset.cn[128.1.138.219] Jul 24 11:37:53 mail.srvfarm.net postfix/smtpd[2205461]: lost connection after RCPT from hwhk138-219.mailset.cn[128.1.138.219] Jul 24 11:38:06 mail.srvfarm.net postfix/smtpd[2210830]: lost connection after RCPT from hwhk138-219.mailset.cn[128.1.138.219] Jul 24 11:38:24 mail.srvfarm.net postfix/smtpd[2210828]: lost connection after RCPT from hwhk138-219.mailset.cn[128.1.138.219]	2020-07-25 02:51:08
128.1.138.97	attackspam	Unauthorized connection attempt detected from IP address 128.1.138.97 to port 2220 [J]	2020-02-04 03:24:12
128.1.138.242	attack	SSH Brute Force, server-1 sshd[2275]: Failed password for invalid user secretaria from 128.1.138.242 port 46934 ssh2	2019-08-14 00:08:49
128.1.138.97	attackbots	Aug 9 10:37:06 microserver sshd[45145]: Invalid user mn from 128.1.138.97 port 56950 Aug 9 10:37:06 microserver sshd[45145]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.1.138.97 Aug 9 10:37:08 microserver sshd[45145]: Failed password for invalid user mn from 128.1.138.97 port 56950 ssh2 Aug 9 10:42:05 microserver sshd[45831]: Invalid user tool from 128.1.138.97 port 52470 Aug 9 10:42:05 microserver sshd[45831]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.1.138.97 Aug 9 10:56:29 microserver sshd[47819]: Invalid user waldemar from 128.1.138.97 port 38690 Aug 9 10:56:29 microserver sshd[47819]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.1.138.97 Aug 9 10:56:31 microserver sshd[47819]: Failed password for invalid user waldemar from 128.1.138.97 port 38690 ssh2 Aug 9 11:01:31 microserver sshd[48488]: Invalid user marketing from 128.1.138.97 port 34088 Aug 9 11:0	2019-08-09 17:46:25
128.1.138.97	attackspambots	2019-08-04T02:05:50.412925abusebot-6.cloudsearch.cf sshd\[4525\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.1.138.97 user=ftp	2019-08-04 10:17:46

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 128.1.138.214
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 3551
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;128.1.138.214.			IN	A

;; AUTHORITY SECTION:
.			268	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020100900 1800 900 604800 86400

;; Query time: 102 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Oct 09 15:21:33 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 214.138.1.128.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 214.138.1.128.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
51.218.251.114	attackbotsspam	445/tcp [2019-06-26]1pkt	2019-06-27 02:27:43
92.61.67.102	attackbots	23/tcp 23/tcp [2019-06-26]2pkt	2019-06-27 02:19:53
193.9.245.143	attack	RDP Brute-Force (Grieskirchen RZ1)	2019-06-27 02:14:21
2.153.184.166	attackbotsspam	Jun 26 18:15:05 web24hdcode sshd[122077]: Invalid user git5 from 2.153.184.166 port 48058 Jun 26 18:15:05 web24hdcode sshd[122077]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.153.184.166 Jun 26 18:15:05 web24hdcode sshd[122077]: Invalid user git5 from 2.153.184.166 port 48058 Jun 26 18:15:07 web24hdcode sshd[122077]: Failed password for invalid user git5 from 2.153.184.166 port 48058 ssh2 Jun 26 18:17:06 web24hdcode sshd[122083]: Invalid user tomcat from 2.153.184.166 port 36792 Jun 26 18:17:06 web24hdcode sshd[122083]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.153.184.166 Jun 26 18:17:06 web24hdcode sshd[122083]: Invalid user tomcat from 2.153.184.166 port 36792 Jun 26 18:17:07 web24hdcode sshd[122083]: Failed password for invalid user tomcat from 2.153.184.166 port 36792 ssh2 Jun 26 18:19:01 web24hdcode sshd[122087]: Invalid user logger from 2.153.184.166 port 53762 ...	2019-06-27 02:09:56
131.100.219.3	attackbots	Jun 26 16:05:01 vmd17057 sshd\[14883\]: Invalid user minecraft from 131.100.219.3 port 59076 Jun 26 16:05:02 vmd17057 sshd\[14883\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=131.100.219.3 Jun 26 16:05:03 vmd17057 sshd\[14883\]: Failed password for invalid user minecraft from 131.100.219.3 port 59076 ssh2 ...	2019-06-27 02:03:52
184.105.139.105	attack	873/tcp 11211/tcp 9200/tcp... [2019-04-27/06-26]55pkt,11pt.(tcp),3pt.(udp)	2019-06-27 01:52:06
104.152.52.28	attackbots	A portscan was detected. Details about the event: Time.............: 2019-06-25 21:30:16 Source IP address: 104.152.52.28 (internettl.org)	2019-06-27 02:10:39
107.170.192.6	attackspam	22/tcp 179/tcp 21029/tcp... [2019-04-26/06-26]51pkt,41pt.(tcp),5pt.(udp)	2019-06-27 02:28:14
112.186.99.216	attack	Jun 24 22:49:59 mail-host sshd[33305]: Invalid user gerard from 112.186.99.216 Jun 24 22:49:59 mail-host sshd[33305]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.186.99.216 Jun 24 22:50:01 mail-host sshd[33305]: Failed password for invalid user gerard from 112.186.99.216 port 44674 ssh2 Jun 24 22:50:02 mail-host sshd[33307]: Received disconnect from 112.186.99.216: 11: Bye Bye Jun 24 22:53:25 mail-host sshd[33999]: Invalid user epiphanie from 112.186.99.216 Jun 24 22:53:25 mail-host sshd[33999]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.186.99.216 Jun 24 22:53:27 mail-host sshd[33999]: Failed password for invalid user epiphanie from 112.186.99.216 port 49560 ssh2 Jun 24 22:53:27 mail-host sshd[34001]: Received disconnect from 112.186.99.216: 11: Bye Bye Jun 24 22:55:16 mail-host sshd[34467]: Invalid user vncuser from 112.186.99.216 Jun 24 22:55:16 mail-host sshd[34467]: p........ -------------------------------	2019-06-27 02:02:17
103.15.106.120	attackbots	Jun 24 21:43:40 xb3 sshd[17313]: Failed password for invalid user ssingh from 103.15.106.120 port 49844 ssh2 Jun 24 21:43:41 xb3 sshd[17313]: Received disconnect from 103.15.106.120: 11: Bye Bye [preauth] Jun 24 21:46:50 xb3 sshd[13748]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.15.106.120 user=r.r Jun 24 21:46:52 xb3 sshd[13748]: Failed password for r.r from 103.15.106.120 port 28910 ssh2 Jun 24 21:46:52 xb3 sshd[13748]: Received disconnect from 103.15.106.120: 11: Bye Bye [preauth] Jun 24 21:48:38 xb3 sshd[18541]: Failed password for invalid user jake from 103.15.106.120 port 46624 ssh2 Jun 24 21:48:38 xb3 sshd[18541]: Received disconnect from 103.15.106.120: 11: Bye Bye [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=103.15.106.120	2019-06-27 01:55:59
121.182.166.81	attackbotsspam	Jun 26 15:36:42 meumeu sshd[9749]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.182.166.81 Jun 26 15:36:44 meumeu sshd[9749]: Failed password for invalid user tomcat from 121.182.166.81 port 41067 ssh2 Jun 26 15:38:42 meumeu sshd[9945]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.182.166.81 ...	2019-06-27 01:47:37
115.29.5.66	attackbotsspam	TCP src-port=53730 dst-port=25 dnsbl-sorbs abuseat-org barracuda (898)	2019-06-27 01:49:09
165.227.150.158	attackbots	detected by Fail2Ban	2019-06-27 01:56:21
94.191.60.199	attackspam	Jun 26 17:06:27 server sshd[45207]: Failed password for invalid user kslewin from 94.191.60.199 port 41326 ssh2 Jun 26 17:11:08 server sshd[46280]: Failed password for invalid user tracker from 94.191.60.199 port 49642 ssh2 Jun 26 17:13:34 server sshd[46913]: Failed password for invalid user admin from 94.191.60.199 port 38068 ssh2	2019-06-27 02:28:40
110.35.180.239	attack	SSH bruteforce	2019-06-27 02:06:41

最近上报的IP列表

8.219.242.102	154.158.199.167	28.173.71.184	113.190.242.110
17.2.243.79	218.146.162.241	200.196.86.47	13.72.86.185
94.251.252.163	201.209.94.67	111.88.74.159	81.68.121.82
94.25.228.146	189.2.182.226	58.171.61.25	62.45.106.135
31.135.44.108	190.248.84.205	34.216.95.97	36.72.166.17