123.138.241.28

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
123.138.241.4	attack	TCP port 3389: Scan and connection	2020-03-18 13:44:50
123.138.241.13	attackspambots	02/15/2020-17:19:27.995351 123.138.241.13 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-02-16 07:48:50
123.138.241.4	attack	2019-12-18T11:18:57Z - RDP login failed multiple times. (123.138.241.4)	2019-12-18 21:28:34

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 123.138.241.28
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 21014
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;123.138.241.28.			IN	A

;; AUTHORITY SECTION:
.			435	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022020701 1800 900 604800 86400

;; Query time: 16 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 08 05:38:45 CST 2022
;; MSG SIZE  rcvd: 107

Host info

Host 28.241.138.123.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 28.241.138.123.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
14.118.212.36	attack	Sep 4 01:21:08 fwservlet sshd[11881]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.118.212.36 user=r.r Sep 4 01:21:10 fwservlet sshd[11881]: Failed password for r.r from 14.118.212.36 port 55552 ssh2 Sep 4 01:21:11 fwservlet sshd[11881]: Received disconnect from 14.118.212.36 port 55552:11: Bye Bye [preauth] Sep 4 01:21:11 fwservlet sshd[11881]: Disconnected from 14.118.212.36 port 55552 [preauth] Sep 4 01:22:58 fwservlet sshd[11929]: Invalid user user01 from 14.118.212.36 Sep 4 01:22:58 fwservlet sshd[11929]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.118.212.36 Sep 4 01:23:00 fwservlet sshd[11929]: Failed password for invalid user user01 from 14.118.212.36 port 55178 ssh2 Sep 4 01:23:00 fwservlet sshd[11929]: Received disconnect from 14.118.212.36 port 55178:11: Bye Bye [preauth] Sep 4 01:23:00 fwservlet sshd[11929]: Disconnected from 14.118.212.36 port 55178 [preau........ -------------------------------	2020-09-07 02:40:09
61.161.250.150	attackspam	reported through recidive - multiple failed attempts(SSH)	2020-09-07 02:45:02
222.186.42.155	attackbots	Sep 6 14:30:30 plusreed sshd[29798]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.155 user=root Sep 6 14:30:32 plusreed sshd[29798]: Failed password for root from 222.186.42.155 port 54331 ssh2 ...	2020-09-07 02:31:19
145.239.92.26	attackbotsspam	(sshd) Failed SSH login from 145.239.92.26 (PL/Poland/relay3.tor.ian.sh): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 6 14:20:43 optimus sshd[25578]: Failed password for root from 145.239.92.26 port 45305 ssh2 Sep 6 14:20:47 optimus sshd[25578]: Failed password for root from 145.239.92.26 port 45305 ssh2 Sep 6 14:20:49 optimus sshd[25578]: Failed password for root from 145.239.92.26 port 45305 ssh2 Sep 6 14:20:52 optimus sshd[25578]: Failed password for root from 145.239.92.26 port 45305 ssh2 Sep 6 14:20:55 optimus sshd[25578]: Failed password for root from 145.239.92.26 port 45305 ssh2	2020-09-07 02:29:02
112.26.98.122	attackspam	firewall-block, port(s): 21388/tcp	2020-09-07 02:29:20
198.100.146.65	attack	Sep 6 17:36:34 marvibiene sshd[15339]: Failed password for root from 198.100.146.65 port 41580 ssh2 Sep 6 17:40:14 marvibiene sshd[15670]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.100.146.65 Sep 6 17:40:16 marvibiene sshd[15670]: Failed password for invalid user melonero from 198.100.146.65 port 45798 ssh2	2020-09-07 02:54:37
43.241.64.199	attackspam	Icarus honeypot on github	2020-09-07 02:25:05
112.134.220.130	attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-09-07 02:49:04
158.69.0.38	attackspam	2020-09-06T18:43:28.945174randservbullet-proofcloud-66.localdomain sshd[22704]: Invalid user wedding from 158.69.0.38 port 59858 2020-09-06T18:43:28.951054randservbullet-proofcloud-66.localdomain sshd[22704]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=38.ip-158-69-0.net 2020-09-06T18:43:28.945174randservbullet-proofcloud-66.localdomain sshd[22704]: Invalid user wedding from 158.69.0.38 port 59858 2020-09-06T18:43:30.789804randservbullet-proofcloud-66.localdomain sshd[22704]: Failed password for invalid user wedding from 158.69.0.38 port 59858 ssh2 ...	2020-09-07 02:56:17
36.226.76.176	attack	Sep 4 03:24:06 kunden sshd[28861]: Invalid user admin from 36.226.76.176 Sep 4 03:24:06 kunden sshd[28861]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36-226-76-176.dynamic-ip.hinet.net Sep 4 03:24:08 kunden sshd[28861]: Failed password for invalid user admin from 36.226.76.176 port 60891 ssh2 Sep 4 03:24:08 kunden sshd[28861]: Received disconnect from 36.226.76.176: 11: Bye Bye [preauth] Sep 4 03:24:10 kunden sshd[28863]: Invalid user admin from 36.226.76.176 Sep 4 03:24:10 kunden sshd[28863]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36-226-76-176.dynamic-ip.hinet.net Sep 4 03:24:13 kunden sshd[28863]: Failed password for invalid user admin from 36.226.76.176 port 60998 ssh2 Sep 4 03:24:13 kunden sshd[28863]: Received disconnect from 36.226.76.176: 11: Bye Bye [preauth] Sep 4 03:24:15 kunden sshd[28865]: Invalid user admin from 36.226.76.176 Sep 4 03:24:15 kunden ssh........ -------------------------------	2020-09-07 02:41:00
180.177.79.69	attack	Honeypot attack, port: 5555, PTR: 180-177-79-69.dynamic.kbronet.com.tw.	2020-09-07 02:28:33
175.213.178.217	attack	Honeypot attack, port: 81, PTR: PTR record not found	2020-09-07 02:54:22
130.61.118.231	attack	Banned for a week because repeated abuses, for example SSH, but not only	2020-09-07 02:46:13
185.247.224.43	attackspambots	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-09-06T15:27:46Z and 2020-09-06T15:27:48Z	2020-09-07 02:43:21
119.42.35.200	attack	445/tcp [2020-09-06]1pkt	2020-09-07 02:41:26

Recently Reported IPs

177.200.86.142	85.133.247.167	116.203.52.28	189.207.99.49
121.29.188.71	201.158.24.134	23.108.51.9	37.111.213.61
122.53.40.235	120.229.21.34	70.91.158.46	184.87.212.61
207.182.78.63	5.2.73.229	24.157.190.74	91.206.67.165
122.252.242.210	95.188.68.213	42.224.92.137	125.242.58.124