138.246.253.5 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Germany

运营商(isp): Ludwig-Maximilians-Universitaet Muenchen

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): University/College/School

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	From CCTV User Interface Log ...::ffff:138.246.253.5 - - [20/Mar/2020:09:06:43 +0000] "-" 400 179 ...	2020-03-21 04:04:27
attack	138.246.253.5 - - [23/Feb/2020:12:13:07 -0500] "HEAD / HTTP/1.1" 500 - "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/40.0.2214.85 Safari/537.36"	2020-02-24 05:41:47
attackspambots	The IP has triggered Cloudflare WAF. CF-Ray: 54172b9bff56c29f \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: DE \| CF_IPClass: unknown \| Protocol: HTTP/1.1 \| Method: HEAD \| Host: d.skk.moe \| User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/40.0.2214.85 Safari/537.36 \| CF_DC: FRA. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 03:48:13
attackspam	Open Proxy "PROMETHEUS" Node.	2019-11-04 18:34:33
attack	UTC: 2019-10-21 port: 443/tcp	2019-10-22 13:54:40
attack	firewall-block_invalid_GET_Request	2019-08-07 10:37:17
attack	scans system	2019-07-19 20:01:02
attack	firewall-block_invalid_GET_Request	2019-06-27 08:30:19

相同子网IP讨论:

IP	类型	评论内容	时间
138.246.253.15	attackspam	8 web app probes over 24 hour period.	2020-09-25 10:34:17
138.246.253.15	attackbots	CF RAY ID: 5ccfd7a5f8c6eda7 IP Class: unknown URI: /	2020-09-04 04:21:27
138.246.253.15	attack	Unauthorized connection attempt detected from IP address 138.246.253.15 to port 443 [T]	2020-09-03 20:03:51
138.246.253.7	attackbotsspam	TCP (SYN) 138.246.253.7:49295 -> port 53, len 40	2020-08-13 01:56:06
138.246.253.15	attackbotsspam	CF RAY ID: 5be922ac2e11d44f IP Class: unknown URI: /	2020-08-06 23:50:03
138.246.253.15	attackspambots	Unauthorized connection attempt detected from IP address 138.246.253.15 to port 443	2020-06-24 00:44:02
138.246.253.15	attackspambots	138.246.253.15 - - [14/Apr/2020:15:20:12 +0200] "HEAD / HTTP/1.1" 400 3592 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/40.0.2214.85 Safari/537.36"	2020-04-14 23:19:21
138.246.253.21	attackspambots	Port scan on 1 port(s): 53	2020-04-08 05:41:02
138.246.253.21	attack	Port scan on 1 port(s): 53	2020-03-31 23:58:37
138.246.253.15	attackbotsspam	port scan and connect, tcp 443 (https)	2020-03-05 15:32:29
138.246.253.10	attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-19 22:38:30
138.246.253.21	attack	Port scan on 1 port(s): 53	2020-02-13 23:20:48
138.246.253.21	attack	Port scan on 1 port(s): 53	2020-01-20 15:52:05
138.246.253.21	attack	Port Scan detected from 138.246.253.21 (DE/Germany/planetlab21.net.in.tum.de). 5 hits in the last 270 seconds	2019-10-16 05:00:35
138.246.253.21	attackbotsspam	Port scan on 1 port(s): 53	2019-09-07 16:08:43

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.246.253.5
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 28729
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.246.253.5.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019052200 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed May 22 13:46:29 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

5.253.246.138.in-addr.arpa domain name pointer planetlab5.net.in.tum.de.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
5.253.246.138.in-addr.arpa	name = planetlab5.net.in.tum.de.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
179.180.126.118	attackspambots	1581545892 - 02/12/2020 23:18:12 Host: 179.180.126.118/179.180.126.118 Port: 445 TCP Blocked	2020-02-13 08:24:48
41.78.212.50	attackbots	Automatic report - Port Scan Attack	2020-02-13 08:06:24
119.27.173.72	attackbots	Feb 12 13:59:36 auw2 sshd\[22971\]: Invalid user jenkins from 119.27.173.72 Feb 12 13:59:36 auw2 sshd\[22971\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.27.173.72 Feb 12 13:59:37 auw2 sshd\[22971\]: Failed password for invalid user jenkins from 119.27.173.72 port 49574 ssh2 Feb 12 14:01:00 auw2 sshd\[23100\]: Invalid user rowsell from 119.27.173.72 Feb 12 14:01:00 auw2 sshd\[23100\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.27.173.72	2020-02-13 08:07:20
193.112.219.176	attackbotsspam	Feb 12 23:24:52 game-panel sshd[21875]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.219.176 Feb 12 23:24:54 game-panel sshd[21875]: Failed password for invalid user pasqua from 193.112.219.176 port 39528 ssh2 Feb 12 23:28:57 game-panel sshd[22056]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.219.176	2020-02-13 08:04:16
180.76.168.54	attackspam	Feb 12 22:18:13 sigma sshd\[20533\]: Invalid user travis from 180.76.168.54Feb 12 22:18:15 sigma sshd\[20533\]: Failed password for invalid user travis from 180.76.168.54 port 60426 ssh2 ...	2020-02-13 08:22:40
113.186.121.164	attackspambots	Automatic report - Port Scan Attack	2020-02-13 08:18:42
60.190.227.167	attack	Feb 12 23:55:04 game-panel sshd[23270]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.190.227.167 Feb 12 23:55:06 game-panel sshd[23270]: Failed password for invalid user el from 60.190.227.167 port 44728 ssh2 Feb 12 23:58:53 game-panel sshd[23440]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.190.227.167	2020-02-13 08:16:00
51.38.233.93	attackbotsspam	02/12/2020-23:17:56.882432 51.38.233.93 Protocol: 6 ET TOR Known Tor Exit Node Traffic group 72	2020-02-13 08:32:45
46.10.220.33	attackspambots	$f2bV_matches	2020-02-13 08:20:15
95.167.243.148	attackbotsspam	Feb 13 00:45:19 MK-Soft-Root2 sshd[12941]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.167.243.148 Feb 13 00:45:22 MK-Soft-Root2 sshd[12941]: Failed password for invalid user rizky from 95.167.243.148 port 33836 ssh2 ...	2020-02-13 08:18:57
94.191.28.212	attackspam	Feb 12 19:12:03 plusreed sshd[26191]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.191.28.212 user=root Feb 12 19:12:05 plusreed sshd[26191]: Failed password for root from 94.191.28.212 port 50006 ssh2 ...	2020-02-13 08:14:08
1.53.184.247	attack	Honeypot attack, port: 81, PTR: PTR record not found	2020-02-13 08:26:23
178.128.104.110	attackspambots	Feb 12 20:20:41 firewall sshd[7470]: Invalid user style from 178.128.104.110 Feb 12 20:20:43 firewall sshd[7470]: Failed password for invalid user style from 178.128.104.110 port 48286 ssh2 Feb 12 20:24:11 firewall sshd[7606]: Invalid user petey from 178.128.104.110 ...	2020-02-13 08:03:32
1.2.143.171	attack	Telnet/23 MH Probe, BF, Hack -	2020-02-13 08:30:22
222.186.30.248	attack	13.02.2020 00:27:23 SSH access blocked by firewall	2020-02-13 08:28:55

最近上报的IP列表

40.85.62.218	195.158.22.4	68.146.197.220	55.64.24.114
244.215.219.226	180.243.240.38	77.182.209.116	186.120.97.26
94.227.225.64	35.107.228.216	235.41.1.196	176.8.212.182
160.44.108.35	230.149.232.36	188.161.79.156	193.32.163.97
220.130.134.190	202.175.187.74	197.248.30.25	195.158.31.181