138.122.4.139 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Venezuela (Bolivarian Republic of)

运营商(isp): Lan-Online C.A.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	(smtpauth) Failed SMTP AUTH login from 138.122.4.139 (VE/Venezuela/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-07-28 08:22:24 plain authenticator failed for ([138.122.4.139]) [138.122.4.139]: 535 Incorrect authentication data (set_id=ab-heidary)	2020-07-28 16:55:39
attack	(smtpauth) Failed SMTP AUTH login from 138.122.4.139 (VE/Venezuela/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-06-11 16:43:21 plain authenticator failed for ([138.122.4.139]) [138.122.4.139]: 535 Incorrect authentication data (set_id=info)	2020-06-11 21:53:42

类型

评论内容

时间

attack

(smtpauth) Failed SMTP AUTH login from 138.122.4.139 (VE/Venezuela/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-07-28 08:22:24 plain authenticator failed for ([138.122.4.139]) [138.122.4.139]: 535 Incorrect authentication data (set_id=ab-heidary)

2020-07-28 16:55:39

attack

(smtpauth) Failed SMTP AUTH login from 138.122.4.139 (VE/Venezuela/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-06-11 16:43:21 plain authenticator failed for ([138.122.4.139]) [138.122.4.139]: 535 Incorrect authentication data (set_id=info)

2020-06-11 21:53:42

相同子网IP讨论:

IP	类型	评论内容	时间
138.122.4.131	attack	Distributed brute force attack	2020-06-06 00:35:46
138.122.4.46	attack	Unauthorized connection attempt detected from IP address 138.122.4.46 to port 80	2020-04-13 04:24:26
138.122.4.46	attackbotsspam	Unauthorized connection attempt detected from IP address 138.122.4.46 to port 8000	2020-01-06 00:53:46
138.122.49.133	attackspam	Unauthorized connection attempt from IP address 138.122.49.133 on Port 445(SMB)	2019-08-20 21:11:18
138.122.4.217	attackspam	proto=tcp . spt=55605 . dpt=25 . (listed on Blocklist de Aug 04) (704)	2019-08-05 14:06:02

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.122.4.139
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 7224
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.122.4.139.			IN	A

;; AUTHORITY SECTION:
.			500	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020061100 1800 900 604800 86400

;; Query time: 108 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jun 11 21:53:34 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 139.4.122.138.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 139.4.122.138.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
218.92.0.158	attackspam	[ssh] SSH attack	2020-06-26 15:19:04
222.186.190.17	attackbots	Jun 26 08:52:35 OPSO sshd\[31987\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.190.17 user=root Jun 26 08:52:37 OPSO sshd\[31987\]: Failed password for root from 222.186.190.17 port 16913 ssh2 Jun 26 08:52:40 OPSO sshd\[31987\]: Failed password for root from 222.186.190.17 port 16913 ssh2 Jun 26 08:52:42 OPSO sshd\[31987\]: Failed password for root from 222.186.190.17 port 16913 ssh2 Jun 26 08:53:27 OPSO sshd\[32237\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.190.17 user=root	2020-06-26 15:03:58
209.97.134.82	attack	Jun 26 06:15:59 game-panel sshd[19011]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=209.97.134.82 Jun 26 06:16:00 game-panel sshd[19011]: Failed password for invalid user praful from 209.97.134.82 port 53228 ssh2 Jun 26 06:20:01 game-panel sshd[19165]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=209.97.134.82	2020-06-26 14:49:46
40.117.147.53	attackspam	Jun 24 23:00:21 v26 sshd[8310]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.117.147.53 user=r.r Jun 24 23:00:21 v26 sshd[8313]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.117.147.53 user=r.r Jun 24 23:00:21 v26 sshd[8314]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.117.147.53 user=r.r Jun 24 23:00:21 v26 sshd[8312]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.117.147.53 user=r.r Jun 24 23:00:21 v26 sshd[8315]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.117.147.53 user=r.r Jun 24 23:00:21 v26 sshd[8316]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.117.147.53 user=r.r Jun 24 23:00:23 v26 sshd[8310]: Failed password for r.r from 40.117.147.53 port 2321 ssh2 Jun 24 23:00:23 v26 sshd[8314]........ -------------------------------	2020-06-26 14:43:21
103.251.59.153	attackspambots	Automatic report - XMLRPC Attack	2020-06-26 14:36:08
222.186.42.137	attackbots	Triggered by Fail2Ban at Ares web server	2020-06-26 14:51:06
91.221.70.80	attack	(cpanel) Failed cPanel login from 91.221.70.80 (RU/Russia/-/-/dedic-center.ru/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [2020-06-26 03:53:59 +0000] info [cpaneld] 91.221.70.80 - silverre "POST /login/?login_only=1 HTTP/1.1" FAILED LOGIN cpaneld: invalid cpanel user silverre (has_cpuser_file failed)	2020-06-26 15:07:15
51.91.157.255	attackbotsspam	Automatic report - XMLRPC Attack	2020-06-26 15:06:03
171.231.19.86	attack	1593143639 - 06/26/2020 05:53:59 Host: 171.231.19.86/171.231.19.86 Port: 445 TCP Blocked	2020-06-26 15:09:51
20.1.2.2	attackspambots	SMB Server BruteForce Attack	2020-06-26 15:10:36
137.74.41.119	attackspambots	Jun 26 12:52:48 itv-usvr-01 sshd[5452]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=137.74.41.119 user=ubuntu Jun 26 12:52:50 itv-usvr-01 sshd[5452]: Failed password for ubuntu from 137.74.41.119 port 60094 ssh2	2020-06-26 15:06:20
218.94.156.130	attackbots	Unauthorized access to SSH at 26/Jun/2020:06:59:22 +0000.	2020-06-26 15:10:57
128.199.245.33	attack	Automatic report - XMLRPC Attack	2020-06-26 14:59:54
115.124.74.158	attackspambots	Unauthorized connection attempt: SRC=115.124.74.158 ...	2020-06-26 15:14:41
111.230.137.250	attack	Failed password for root from 111.230.137.250 port 41358 ssh2 Invalid user wzq from 111.230.137.250 port 37060 pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.230.137.250 Invalid user wzq from 111.230.137.250 port 37060 Failed password for invalid user wzq from 111.230.137.250 port 37060 ssh2	2020-06-26 14:54:34

最近上报的IP列表

167.71.225.58	120.24.253.182	213.217.1.105	177.87.114.223
161.166.203.0	51.37.120.136	171.247.64.211	194.165.133.97
14.186.161.68	208.175.142.73	109.196.33.87	186.216.64.111
116.14.116.5	27.40.69.185	14.165.68.19	123.24.34.252
82.54.140.124	171.244.26.200	59.127.155.193	177.190.88.51