138.246.253.5 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Germany

运营商(isp): Ludwig-Maximilians-Universitaet Muenchen

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): University/College/School

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	From CCTV User Interface Log ...::ffff:138.246.253.5 - - [20/Mar/2020:09:06:43 +0000] "-" 400 179 ...	2020-03-21 04:04:27
attack	138.246.253.5 - - [23/Feb/2020:12:13:07 -0500] "HEAD / HTTP/1.1" 500 - "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/40.0.2214.85 Safari/537.36"	2020-02-24 05:41:47
attackspambots	The IP has triggered Cloudflare WAF. CF-Ray: 54172b9bff56c29f \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: DE \| CF_IPClass: unknown \| Protocol: HTTP/1.1 \| Method: HEAD \| Host: d.skk.moe \| User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/40.0.2214.85 Safari/537.36 \| CF_DC: FRA. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 03:48:13
attackspam	Open Proxy "PROMETHEUS" Node.	2019-11-04 18:34:33
attack	UTC: 2019-10-21 port: 443/tcp	2019-10-22 13:54:40
attack	firewall-block_invalid_GET_Request	2019-08-07 10:37:17
attack	scans system	2019-07-19 20:01:02
attack	firewall-block_invalid_GET_Request	2019-06-27 08:30:19

相同子网IP讨论:

IP	类型	评论内容	时间
138.246.253.15	attackspam	8 web app probes over 24 hour period.	2020-09-25 10:34:17
138.246.253.15	attackbots	CF RAY ID: 5ccfd7a5f8c6eda7 IP Class: unknown URI: /	2020-09-04 04:21:27
138.246.253.15	attack	Unauthorized connection attempt detected from IP address 138.246.253.15 to port 443 [T]	2020-09-03 20:03:51
138.246.253.7	attackbotsspam	TCP (SYN) 138.246.253.7:49295 -> port 53, len 40	2020-08-13 01:56:06
138.246.253.15	attackbotsspam	CF RAY ID: 5be922ac2e11d44f IP Class: unknown URI: /	2020-08-06 23:50:03
138.246.253.15	attackspambots	Unauthorized connection attempt detected from IP address 138.246.253.15 to port 443	2020-06-24 00:44:02
138.246.253.15	attackspambots	138.246.253.15 - - [14/Apr/2020:15:20:12 +0200] "HEAD / HTTP/1.1" 400 3592 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/40.0.2214.85 Safari/537.36"	2020-04-14 23:19:21
138.246.253.21	attackspambots	Port scan on 1 port(s): 53	2020-04-08 05:41:02
138.246.253.21	attack	Port scan on 1 port(s): 53	2020-03-31 23:58:37
138.246.253.15	attackbotsspam	port scan and connect, tcp 443 (https)	2020-03-05 15:32:29
138.246.253.10	attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-19 22:38:30
138.246.253.21	attack	Port scan on 1 port(s): 53	2020-02-13 23:20:48
138.246.253.21	attack	Port scan on 1 port(s): 53	2020-01-20 15:52:05
138.246.253.21	attack	Port Scan detected from 138.246.253.21 (DE/Germany/planetlab21.net.in.tum.de). 5 hits in the last 270 seconds	2019-10-16 05:00:35
138.246.253.21	attackbotsspam	Port scan on 1 port(s): 53	2019-09-07 16:08:43

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.246.253.5
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 28729
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.246.253.5.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019052200 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed May 22 13:46:29 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

5.253.246.138.in-addr.arpa domain name pointer planetlab5.net.in.tum.de.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
5.253.246.138.in-addr.arpa	name = planetlab5.net.in.tum.de.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
14.162.178.126	attackbots	1598616195 - 08/28/2020 14:03:15 Host: 14.162.178.126/14.162.178.126 Port: 445 TCP Blocked	2020-08-29 02:40:11
14.227.213.165	attackspambots	20/8/28@08:03:41: FAIL: Alarm-Network address from=14.227.213.165 ...	2020-08-29 02:22:55
129.211.124.29	attack	Aug 28 13:29:14 rocket sshd[8366]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.124.29 Aug 28 13:29:16 rocket sshd[8366]: Failed password for invalid user milton from 129.211.124.29 port 34880 ssh2 ...	2020-08-29 02:31:53
139.59.57.2	attackspam	2020-08-28T20:19:24+0200 Failed SSH Authentication/Brute Force Attack.(Server 2)	2020-08-29 02:40:33
203.176.74.228	attackspambots	Invalid user abhinav from 203.176.74.228 port 47206	2020-08-29 02:39:21
97.74.237.196	attackbots	SSH Brute-Force Attack	2020-08-29 02:25:48
152.136.101.65	attackbotsspam	B: Abusive ssh attack	2020-08-29 02:19:58
220.130.10.13	attack	Aug 28 20:17:56 meumeu sshd[527652]: Invalid user nominatim from 220.130.10.13 port 33172 Aug 28 20:17:56 meumeu sshd[527652]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.130.10.13 Aug 28 20:17:56 meumeu sshd[527652]: Invalid user nominatim from 220.130.10.13 port 33172 Aug 28 20:17:58 meumeu sshd[527652]: Failed password for invalid user nominatim from 220.130.10.13 port 33172 ssh2 Aug 28 20:21:26 meumeu sshd[527845]: Invalid user daf from 220.130.10.13 port 34912 Aug 28 20:21:26 meumeu sshd[527845]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.130.10.13 Aug 28 20:21:26 meumeu sshd[527845]: Invalid user daf from 220.130.10.13 port 34912 Aug 28 20:21:27 meumeu sshd[527845]: Failed password for invalid user daf from 220.130.10.13 port 34912 ssh2 Aug 28 20:24:48 meumeu sshd[528014]: Invalid user aneta from 220.130.10.13 port 36652 ...	2020-08-29 02:39:08
14.1.125.140	attackspambots	Postfix attempt blocked due to public blacklist entry	2020-08-29 02:32:30
45.142.120.166	attack	2020-08-28 20:17:39 dovecot_login authenticator failed for \(User\) \[45.142.120.166\]: 535 Incorrect authentication data 2020-08-28 20:23:37 dovecot_login authenticator failed for \(User\) \[45.142.120.166\]: 535 Incorrect authentication data \(set_id=maxime@no-server.de\) 2020-08-28 20:23:46 dovecot_login authenticator failed for \(User\) \[45.142.120.166\]: 535 Incorrect authentication data \(set_id=maxime@no-server.de\) 2020-08-28 20:23:48 dovecot_login authenticator failed for \(User\) \[45.142.120.166\]: 535 Incorrect authentication data \(set_id=maxime@no-server.de\) 2020-08-28 20:24:10 dovecot_login authenticator failed for \(User\) \[45.142.120.166\]: 535 Incorrect authentication data \(set_id=vgorder@no-server.de\) 2020-08-28 20:24:16 dovecot_login authenticator failed for \(User\) \[45.142.120.166\]: 535 Incorrect authentication data \(set_id=vgorder@no-server.de\) 2020-08-28 20:24:22 dovecot_login authenticator failed for \(User\) \[45.142.120.166\]: 535 Incorrect authentic ...	2020-08-29 02:39:42
167.71.117.84	attackspam	Aug 28 18:06:44 ws26vmsma01 sshd[75258]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.117.84 Aug 28 18:06:47 ws26vmsma01 sshd[75258]: Failed password for invalid user ui from 167.71.117.84 port 41754 ssh2 ...	2020-08-29 02:51:26
129.227.129.171	attackspam	Automatic report - Port Scan	2020-08-29 02:38:43
85.221.215.242	attackspam	2020-08-28 11:10:00.241882-0500 localhost smtpd[54431]: NOQUEUE: reject: RCPT from c215-242.icpnet.pl[85.221.215.242]: 554 5.7.1 Service unavailable; Client host [85.221.215.242] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/85.221.215.242; from= to= proto=ESMTP helo=	2020-08-29 02:49:04
103.149.240.58	attack	Port Scan ...	2020-08-29 02:23:55
124.156.227.100	attackbots	Invalid user kaushik from 124.156.227.100 port 43574	2020-08-29 02:30:08

最近上报的IP列表

40.85.62.218	195.158.22.4	68.146.197.220	55.64.24.114
244.215.219.226	180.243.240.38	77.182.209.116	186.120.97.26
94.227.225.64	35.107.228.216	235.41.1.196	176.8.212.182
160.44.108.35	230.149.232.36	188.161.79.156	193.32.163.97
220.130.134.190	202.175.187.74	197.248.30.25	195.158.31.181