123.138.111.243

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: XianCity IPAddressPool

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Scanning	2019-12-20 18:01:43

Comments on same subnet:

IP	Type	Details	Datetime
123.138.111.244	attack	SIP/5060 Probe, BF, Hack -	2019-12-28 00:07:37
123.138.111.247	attackbotsspam	SIP/5060 Probe, BF, Hack -	2019-12-28 00:05:18
123.138.111.246	attackspam	Automatic report - Port Scan	2019-12-25 20:18:08
123.138.111.247	attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-12-25 18:05:29
123.138.111.239	attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2019-12-24 06:03:36
123.138.111.240	attackbots	MultiHost/MultiPort Probe, Scan, Hack -	2019-12-24 05:56:59
123.138.111.247	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-12-24 05:39:55
123.138.111.241	attackspambots	Unauthorized connection attempt from IP address 123.138.111.241 on Port 3389(RDP)	2019-12-21 05:56:43
123.138.111.239	attackspam	Dec 20 16:17:32 vmd46246 kernel: [766436.039853] [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:fb:88:28:99:3a:4d:30:af:08:00 SRC=123.138.111.239 DST=144.91.112.181 LEN=52 TOS=0x00 PREC=0x00 TTL=239 ID=51931 PROTO=TCP SPT=3132 DPT=11211 WINDOW=8192 RES=0x00 SYN URGP=0 Dec 20 16:17:33 vmd46246 kernel: [766436.693748] [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:fb:88:28:99:3a:4d:30:af:08:00 SRC=123.138.111.239 DST=144.91.112.181 LEN=52 TOS=0x00 PREC=0x00 TTL=239 ID=45865 PROTO=TCP SPT=3132 DPT=11211 WINDOW=8192 RES=0x00 SYN URGP=0 Dec 20 16:17:33 vmd46246 kernel: [766437.344518] [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:fb:88:28:99:3a:4d:30:af:08:00 SRC=123.138.111.239 DST=144.91.112.181 LEN=52 TOS=0x00 PREC=0x00 TTL=239 ID=36648 PROTO=TCP SPT=3132 DPT=11211 WINDOW=8192 RES=0x00 SYN URGP=0 ...	2019-12-21 02:09:41
123.138.111.249	attackbots	Scanning	2019-12-20 17:33:15
123.138.111.241	attackbots	Host Scan	2019-12-20 15:19:11

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 123.138.111.243
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 43220
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;123.138.111.243.		IN	A

;; AUTHORITY SECTION:
.			576	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121902 1800 900 604800 86400

;; Query time: 137 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Dec 20 18:01:39 CST 2019
;; MSG SIZE  rcvd: 119

Host info

Host 243.111.138.123.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 243.111.138.123.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
51.38.112.45	attack	Oct 29 21:00:10 SilenceServices sshd[13559]: Failed password for root from 51.38.112.45 port 52004 ssh2 Oct 29 21:03:55 SilenceServices sshd[15949]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.112.45 Oct 29 21:03:58 SilenceServices sshd[15949]: Failed password for invalid user postgres from 51.38.112.45 port 34986 ssh2	2019-10-30 04:12:08
222.186.175.216	attackspambots	2019-10-29T20:14:26.129009abusebot-7.cloudsearch.cf sshd\[11126\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.216 user=root	2019-10-30 04:17:08
51.38.33.178	attackspambots	Oct 29 19:58:51 h2177944 sshd\[14676\]: Invalid user P@ssw0rd123 from 51.38.33.178 port 38208 Oct 29 19:58:51 h2177944 sshd\[14676\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.33.178 Oct 29 19:58:53 h2177944 sshd\[14676\]: Failed password for invalid user P@ssw0rd123 from 51.38.33.178 port 38208 ssh2 Oct 29 20:02:34 h2177944 sshd\[15354\]: Invalid user asdasd321 from 51.38.33.178 port 57898 ...	2019-10-30 04:05:18
119.29.15.120	attackbots	Oct 29 20:02:05 ip-172-31-1-72 sshd\[25414\]: Invalid user pa from 119.29.15.120 Oct 29 20:02:05 ip-172-31-1-72 sshd\[25414\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.15.120 Oct 29 20:02:07 ip-172-31-1-72 sshd\[25414\]: Failed password for invalid user pa from 119.29.15.120 port 41034 ssh2 Oct 29 20:06:16 ip-172-31-1-72 sshd\[25458\]: Invalid user was from 119.29.15.120 Oct 29 20:06:16 ip-172-31-1-72 sshd\[25458\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.15.120	2019-10-30 04:34:38
80.211.153.198	attack	Oct 29 16:18:51 plusreed sshd[9645]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.153.198 user=root Oct 29 16:18:52 plusreed sshd[9645]: Failed password for root from 80.211.153.198 port 40148 ssh2 ...	2019-10-30 04:26:33
83.13.91.50	attack	Automatic report - Port Scan Attack	2019-10-30 04:15:25
103.249.100.48	attack	Oct 29 01:44:25 web9 sshd\[31359\]: Invalid user 12345qwerta from 103.249.100.48 Oct 29 01:44:25 web9 sshd\[31359\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.249.100.48 Oct 29 01:44:27 web9 sshd\[31359\]: Failed password for invalid user 12345qwerta from 103.249.100.48 port 51256 ssh2 Oct 29 01:51:23 web9 sshd\[32411\]: Invalid user 123qaz from 103.249.100.48 Oct 29 01:51:23 web9 sshd\[32411\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.249.100.48	2019-10-30 04:04:21
58.240.52.75	attackbotsspam	Oct 29 20:52:54 andromeda sshd\[23718\]: Invalid user wangsu!@\#\$%\^ from 58.240.52.75 port 40494 Oct 29 20:52:54 andromeda sshd\[23718\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.240.52.75 Oct 29 20:52:56 andromeda sshd\[23718\]: Failed password for invalid user wangsu!@\#\$%\^ from 58.240.52.75 port 40494 ssh2	2019-10-30 04:00:32
202.230.143.53	attack	Oct 29 17:47:26 venus sshd\[3577\]: Invalid user jenniferm from 202.230.143.53 port 48046 Oct 29 17:47:26 venus sshd\[3577\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.230.143.53 Oct 29 17:47:28 venus sshd\[3577\]: Failed password for invalid user jenniferm from 202.230.143.53 port 48046 ssh2 ...	2019-10-30 03:58:29
31.13.145.132	attack	Chat Spam	2019-10-30 04:06:04
94.42.178.137	attackspambots	Oct 29 21:03:56 andromeda sshd\[30190\]: Invalid user testuser from 94.42.178.137 port 35371 Oct 29 21:03:56 andromeda sshd\[30190\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.42.178.137 Oct 29 21:03:59 andromeda sshd\[30190\]: Failed password for invalid user testuser from 94.42.178.137 port 35371 ssh2	2019-10-30 04:10:57
72.11.168.29	attack	Oct 29 09:57:36 web9 sshd\[6086\]: Invalid user wordpress from 72.11.168.29 Oct 29 09:57:36 web9 sshd\[6086\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=72.11.168.29 Oct 29 09:57:39 web9 sshd\[6086\]: Failed password for invalid user wordpress from 72.11.168.29 port 36126 ssh2 Oct 29 10:03:41 web9 sshd\[6872\]: Invalid user public from 72.11.168.29 Oct 29 10:03:41 web9 sshd\[6872\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=72.11.168.29	2019-10-30 04:23:25
179.179.78.104	attackspam	Telnet Server BruteForce Attack	2019-10-30 04:11:45
167.71.241.174	attackbots	C1,WP GET /conni-club/wp-login.php	2019-10-30 04:35:47
116.3.136.203	attackbotsspam	Telnet Server BruteForce Attack	2019-10-30 04:07:43

Recently Reported IPs

39.38.150.65	117.1.177.252	146.141.37.152	37.74.47.233
100.32.167.161	167.28.43.202	22.229.82.161	113.172.5.207
18.132.152.25	187.162.91.169	88.3.14.101	197.46.63.164
118.69.186.86	176.113.74.19	235.37.203.12	2.50.141.189
60.213.73.20	222.254.28.131	2408:8249:3882:328:eca7:d4a7:75db:4f8c	188.254.92.218