124.166.111.138

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: China Unicom Shan1Xi Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	UTC: 2019-10-21 port: 123/udp	2019-10-22 17:19:44

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 124.166.111.138
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 16039
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;124.166.111.138.		IN	A

;; AUTHORITY SECTION:
.			459	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019102200 1800 900 604800 86400

;; Query time: 49 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Oct 22 17:19:41 CST 2019
;; MSG SIZE  rcvd: 119

Host info

138.111.166.124.in-addr.arpa domain name pointer 138.111.166.124.adsl-pool.sx.cn.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
138.111.166.124.in-addr.arpa	name = 138.111.166.124.adsl-pool.sx.cn.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
201.240.62.70	attackspam	Oct 4 19:08:29 gw1 sshd[24302]: Failed password for root from 201.240.62.70 port 54938 ssh2 ...	2019-10-04 23:16:07
94.158.83.181	attack	Sent mail to target address hacked/leaked from abandonia in 2016	2019-10-04 23:11:26
213.166.70.101	attackspambots	10/04/2019-10:54:47.324324 213.166.70.101 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-10-04 22:58:00
198.108.67.91	attack	8837/tcp 9663/tcp 3558/tcp... [2019-08-03/10-03]113pkt,108pt.(tcp)	2019-10-04 23:05:00
77.78.9.137	attackbotsspam	Web App Attack	2019-10-04 22:36:07
89.46.104.188	attack	xmlrpc attack	2019-10-04 23:00:25
46.176.132.63	attack	Telnet Server BruteForce Attack	2019-10-04 22:58:59
219.250.29.108	attackbotsspam	Forbidden directory scan :: 2019/10/04 22:26:57 [error] 14664#14664: *888532 access forbidden by rule, client: 219.250.29.108, server: [censored_4], request: "GET //lazyfoodreviews1.sql HTTP/1.1", host: "[censored_4]", referrer: "http://[censored_4]:80//lazyfoodreviews1.sql"	2019-10-04 22:54:26
146.185.206.27	attack	B: zzZZzz blocked content access	2019-10-04 22:34:46
60.10.70.232	attackbotsspam	(Oct 4) LEN=40 TTL=48 ID=9307 TCP DPT=8080 WINDOW=651 SYN (Oct 4) LEN=40 TTL=48 ID=33964 TCP DPT=8080 WINDOW=42033 SYN (Oct 4) LEN=40 TTL=48 ID=23928 TCP DPT=8080 WINDOW=14635 SYN (Oct 3) LEN=40 TTL=48 ID=3785 TCP DPT=8080 WINDOW=23387 SYN (Oct 3) LEN=40 TTL=48 ID=33277 TCP DPT=8080 WINDOW=47913 SYN (Oct 3) LEN=40 TTL=48 ID=50101 TCP DPT=8080 WINDOW=34307 SYN (Oct 2) LEN=40 TTL=48 ID=17705 TCP DPT=8080 WINDOW=3551 SYN (Oct 2) LEN=40 TTL=48 ID=20962 TCP DPT=8080 WINDOW=20171 SYN (Oct 2) LEN=40 TTL=48 ID=39361 TCP DPT=8080 WINDOW=9929 SYN (Oct 2) LEN=40 TTL=48 ID=21617 TCP DPT=8080 WINDOW=36115 SYN (Oct 2) LEN=40 TTL=48 ID=23323 TCP DPT=8080 WINDOW=38547 SYN (Oct 1) LEN=40 TTL=48 ID=63355 TCP DPT=8080 WINDOW=9929 SYN (Oct 1) LEN=40 TTL=48 ID=3215 TCP DPT=8080 WINDOW=651 SYN (Oct 1) LEN=40 TTL=48 ID=49746 TCP DPT=8080 WINDOW=47913 SYN	2019-10-04 22:38:55
110.10.189.64	attack	Oct 4 20:29:44 areeb-Workstation sshd[19606]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.10.189.64 Oct 4 20:29:47 areeb-Workstation sshd[19606]: Failed password for invalid user T3ST1234 from 110.10.189.64 port 46124 ssh2 ...	2019-10-04 23:03:57
198.108.67.89	attackbotsspam	" "	2019-10-04 22:59:27
190.67.247.73	attackbots	Automatic report - Port Scan Attack	2019-10-04 23:01:29
194.228.3.191	attackspambots	2019-10-04T20:23:06.688457enmeeting.mahidol.ac.th sshd\[16286\]: User root from 194.228.3.191 not allowed because not listed in AllowUsers 2019-10-04T20:23:06.813021enmeeting.mahidol.ac.th sshd\[16286\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.228.3.191 user=root 2019-10-04T20:23:08.734676enmeeting.mahidol.ac.th sshd\[16286\]: Failed password for invalid user root from 194.228.3.191 port 37232 ssh2 ...	2019-10-04 22:41:45
178.88.115.126	attackspam	SSH Brute-Force reported by Fail2Ban	2019-10-04 23:08:45

Recently Reported IPs

106.51.143.22	121.30.252.186	177.34.148.63	118.97.67.114
121.168.149.109	118.34.31.147	117.68.155.81	42.114.40.148
167.114.172.144	103.141.138.125	97.79.238.200	201.212.216.79
198.71.63.24	224.103.191.23	179.241.46.139	118.25.103.132
90.162.147.217	123.121.218.134	174.116.140.43	138.94.160.57