124.235.138.128

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Changchun Beijingpuruofeite Corp

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	The IP has triggered Cloudflare WAF. CF-Ray: 5436f4c4dbde77dc \| WAF_Rule_ID: 1112825 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: blog.skk.moe \| User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Mobile Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 02:17:02

Type

Details

Datetime

attack

The IP has triggered Cloudflare WAF. CF-Ray: 5436f4c4dbde77dc | WAF_Rule_ID: 1112825 | WAF_Kind: firewall | CF_Action: challenge | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: blog.skk.moe | User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Mobile Safari/537.36 | CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-12 02:17:02

Comments on same subnet:

IP	Type	Details	Datetime
124.235.138.34	attackbots	user not found%3a http%3a%2f%2f123.125.114.144%2f	2020-10-12 20:36:32
124.235.138.34	attackbots	user not found%3a http%3a%2f%2f123.125.114.144%2f	2020-10-12 12:05:19
124.235.138.202	attackbotsspam	Unauthorized connection attempt detected from IP address 124.235.138.202 to port 80	2020-05-31 03:01:01
124.235.138.41	attack	Unauthorized connection attempt detected from IP address 124.235.138.41 to port 999	2020-05-30 03:39:05
124.235.138.245	attackspam	Unauthorized connection attempt detected from IP address 124.235.138.245 to port 999	2020-05-30 03:38:37
124.235.138.145	attack	Web Server Scan. RayID: 5957efee79dbeb00, UA: Mozilla/5.067805899 Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36, Country: CN	2020-05-21 03:58:23
124.235.138.197	attackspam	Fail2Ban Ban Triggered	2020-03-25 15:46:09
124.235.138.94	attackspam	Unauthorized connection attempt detected from IP address 124.235.138.94 to port 8082 [J]	2020-03-02 19:58:02
124.235.138.238	attackspam	Unauthorized connection attempt detected from IP address 124.235.138.238 to port 8118 [J]	2020-03-02 19:57:36
124.235.138.55	attackspam	Unauthorized connection attempt detected from IP address 124.235.138.55 to port 8443 [J]	2020-03-02 17:10:39
124.235.138.151	attackspambots	Unauthorized connection attempt detected from IP address 124.235.138.151 to port 8081 [J]	2020-03-02 17:10:02
124.235.138.178	attackbots	Unauthorized connection attempt detected from IP address 124.235.138.178 to port 8081 [J]	2020-03-02 17:09:40
124.235.138.152	attackspam	Unauthorized connection attempt detected from IP address 124.235.138.152 to port 22 [J]	2020-03-02 16:40:18
124.235.138.171	attackspam	Unauthorized connection attempt detected from IP address 124.235.138.171 to port 22 [J]	2020-03-02 14:58:00
124.235.138.65	attack	Unauthorized connection attempt detected from IP address 124.235.138.65 to port 8123 [J]	2020-03-02 14:27:36

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 124.235.138.128
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 40740
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;124.235.138.128.		IN	A

;; AUTHORITY SECTION:
.			227	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121101 1800 900 604800 86400

;; Query time: 190 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Dec 12 02:16:50 CST 2019
;; MSG SIZE  rcvd: 119

Host info

Host 128.138.235.124.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 128.138.235.124.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
95.86.241.63	attackspambots	Telnet/23 MH Probe, BF, Hack -	2020-02-10 18:37:01
222.254.251.99	attackspambots	1581310305 - 02/10/2020 05:51:45 Host: 222.254.251.99/222.254.251.99 Port: 445 TCP Blocked	2020-02-10 18:16:51
191.7.12.74	attackspambots	Honeypot attack, port: 81, PTR: 191-7-12-74-dynamic.onnettelecom.com.br.	2020-02-10 18:22:03
87.120.246.53	attackbots	2020-02-09 22:51:11 H=(client.playtime.bg) [87.120.246.53]:39451 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.3, 127.0.0.4) (https://www.spamhaus.org/query/ip/87.120.246.53) 2020-02-09 22:51:11 H=(client.playtime.bg) [87.120.246.53]:39451 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.4, 127.0.0.3) (https://www.spamhaus.org/sbl/query/SBLCSS) 2020-02-09 22:51:11 H=(client.playtime.bg) [87.120.246.53]:39451 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.4, 127.0.0.3) (https://www.spamhaus.org/sbl/query/SBLCSS) ...	2020-02-10 18:44:14
1.34.107.92	attackspambots	Feb 10 10:00:39 pornomens sshd\[16535\]: Invalid user mbj from 1.34.107.92 port 49540 Feb 10 10:00:39 pornomens sshd\[16535\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.34.107.92 Feb 10 10:00:41 pornomens sshd\[16535\]: Failed password for invalid user mbj from 1.34.107.92 port 49540 ssh2 ...	2020-02-10 18:18:18
210.18.139.132	attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-02-10 18:43:47
185.36.81.170	attackbots	Rude login attack (12 tries in 1d)	2020-02-10 18:20:51
118.27.9.229	attack	Feb 10 10:26:10 [host] sshd[29524]: Invalid user f Feb 10 10:26:10 [host] sshd[29524]: pam_unix(sshd: Feb 10 10:26:11 [host] sshd[29524]: Failed passwor	2020-02-10 18:53:30
190.147.159.34	attackspam	$f2bV_matches	2020-02-10 18:44:41
220.132.163.144	attackspambots	unauthorized connection attempt	2020-02-10 18:18:53
94.124.241.161	attackspambots	Telnet/23 MH Probe, BF, Hack -	2020-02-10 18:41:52
1.6.79.39	attack	unauthorized connection attempt	2020-02-10 18:29:41
113.164.8.155	attackbots	20/2/9@23:50:55: FAIL: Alarm-Network address from=113.164.8.155 ...	2020-02-10 18:58:42
118.24.154.64	attackspam	Automatic report - SSH Brute-Force Attack	2020-02-10 18:55:26
176.41.4.57	attack	Feb 9 19:05:26 auw2 sshd\[32481\]: Invalid user yxf from 176.41.4.57 Feb 9 19:05:26 auw2 sshd\[32481\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=176.41.4.57 Feb 9 19:05:28 auw2 sshd\[32481\]: Failed password for invalid user yxf from 176.41.4.57 port 44622 ssh2 Feb 9 19:10:05 auw2 sshd\[648\]: Invalid user lmq from 176.41.4.57 Feb 9 19:10:05 auw2 sshd\[648\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=176.41.4.57	2020-02-10 18:16:17

Recently Reported IPs

82.151.211.177	173.79.199.194	232.15.10.122	113.58.240.24
186.88.70.226	218.55.158.187	111.224.221.39	111.175.56.138
111.162.143.101	110.80.152.235	106.59.214.142	60.216.136.176
52.229.162.70	49.7.3.243	47.244.215.150	47.75.222.63
2606:4700:1101:0:6d83:c1d6:10e6:1fac	36.110.199.52	116.206.12.48	34.83.131.214