124.235.138.172

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Changchun Beijingpuruofeite Corp

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	The IP has triggered Cloudflare WAF. CF-Ray: 541173e92925eb41 \| WAF_Rule_ID: 53b8357af6d244d3a132bcf913c3a388 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: api.skk.moe \| User-Agent: Mozilla/4.054101423 Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1) \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 06:25:11

Type

Details

Datetime

attack

The IP has triggered Cloudflare WAF. CF-Ray: 541173e92925eb41 | WAF_Rule_ID: 53b8357af6d244d3a132bcf913c3a388 | WAF_Kind: firewall | CF_Action: drop | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: api.skk.moe | User-Agent: Mozilla/4.054101423 Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1) | CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-08 06:25:11

Comments on same subnet:

IP	Type	Details	Datetime
124.235.138.34	attackbots	user not found%3a http%3a%2f%2f123.125.114.144%2f	2020-10-12 20:36:32
124.235.138.34	attackbots	user not found%3a http%3a%2f%2f123.125.114.144%2f	2020-10-12 12:05:19
124.235.138.202	attackbotsspam	Unauthorized connection attempt detected from IP address 124.235.138.202 to port 80	2020-05-31 03:01:01
124.235.138.41	attack	Unauthorized connection attempt detected from IP address 124.235.138.41 to port 999	2020-05-30 03:39:05
124.235.138.245	attackspam	Unauthorized connection attempt detected from IP address 124.235.138.245 to port 999	2020-05-30 03:38:37
124.235.138.145	attack	Web Server Scan. RayID: 5957efee79dbeb00, UA: Mozilla/5.067805899 Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36, Country: CN	2020-05-21 03:58:23
124.235.138.197	attackspam	Fail2Ban Ban Triggered	2020-03-25 15:46:09
124.235.138.94	attackspam	Unauthorized connection attempt detected from IP address 124.235.138.94 to port 8082 [J]	2020-03-02 19:58:02
124.235.138.238	attackspam	Unauthorized connection attempt detected from IP address 124.235.138.238 to port 8118 [J]	2020-03-02 19:57:36
124.235.138.55	attackspam	Unauthorized connection attempt detected from IP address 124.235.138.55 to port 8443 [J]	2020-03-02 17:10:39
124.235.138.151	attackspambots	Unauthorized connection attempt detected from IP address 124.235.138.151 to port 8081 [J]	2020-03-02 17:10:02
124.235.138.178	attackbots	Unauthorized connection attempt detected from IP address 124.235.138.178 to port 8081 [J]	2020-03-02 17:09:40
124.235.138.152	attackspam	Unauthorized connection attempt detected from IP address 124.235.138.152 to port 22 [J]	2020-03-02 16:40:18
124.235.138.171	attackspam	Unauthorized connection attempt detected from IP address 124.235.138.171 to port 22 [J]	2020-03-02 14:58:00
124.235.138.65	attack	Unauthorized connection attempt detected from IP address 124.235.138.65 to port 8123 [J]	2020-03-02 14:27:36

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 124.235.138.172
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 64238
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;124.235.138.172.		IN	A

;; AUTHORITY SECTION:
.			301	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019120701 1800 900 604800 86400

;; Query time: 135 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Dec 08 06:25:08 CST 2019
;; MSG SIZE  rcvd: 119

Host info

Host 172.138.235.124.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 172.138.235.124.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
103.207.39.243	attackspambots	Lines containing failures of 103.207.39.243 Mar 18 08:16:10 neweola postfix/smtpd[14708]: connect from unknown[103.207.39.243] Mar 18 08:16:11 neweola postfix/smtpd[14708]: lost connection after AUTH from unknown[103.207.39.243] Mar 18 08:16:11 neweola postfix/smtpd[14708]: disconnect from unknown[103.207.39.243] ehlo=1 auth=0/1 commands=1/2 Mar 18 08:16:11 neweola postfix/smtpd[14708]: connect from unknown[103.207.39.243] Mar 18 08:16:12 neweola postfix/smtpd[14708]: lost connection after AUTH from unknown[103.207.39.243] Mar 18 08:16:12 neweola postfix/smtpd[14708]: disconnect from unknown[103.207.39.243] ehlo=1 auth=0/1 commands=1/2 Mar 18 08:16:12 neweola postfix/smtpd[14708]: connect from unknown[103.207.39.243] Mar 18 08:16:13 neweola postfix/smtpd[14708]: lost connection after AUTH from unknown[103.207.39.243] Mar 18 08:16:13 neweola postfix/smtpd[14708]: disconnect from unknown[103.207.39.243] ehlo=1 auth=0/1 commands=1/2 Mar 18 08:16:13 neweola postfix/smtpd[147........ ------------------------------	2020-03-21 03:54:30
222.186.31.204	attackbotsspam	Mar 20 20:27:36 plex sshd[10346]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.31.204 user=root Mar 20 20:27:38 plex sshd[10346]: Failed password for root from 222.186.31.204 port 46213 ssh2	2020-03-21 03:44:20
200.107.13.18	attackbotsspam	Mar 20 19:53:33 Ubuntu-1404-trusty-64-minimal sshd\[9974\]: Invalid user arpawatch from 200.107.13.18 Mar 20 19:53:33 Ubuntu-1404-trusty-64-minimal sshd\[9974\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.107.13.18 Mar 20 19:53:35 Ubuntu-1404-trusty-64-minimal sshd\[9974\]: Failed password for invalid user arpawatch from 200.107.13.18 port 57980 ssh2 Mar 20 20:50:59 Ubuntu-1404-trusty-64-minimal sshd\[12729\]: Invalid user hera from 200.107.13.18 Mar 20 20:50:59 Ubuntu-1404-trusty-64-minimal sshd\[12729\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.107.13.18	2020-03-21 03:52:21
217.182.77.186	attackspam	Mar 20 19:10:56 areeb-Workstation sshd[1555]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.182.77.186 Mar 20 19:10:58 areeb-Workstation sshd[1555]: Failed password for invalid user temp from 217.182.77.186 port 42342 ssh2 ...	2020-03-21 03:24:05
222.186.173.215	attackbotsspam	Mar 21 00:25:01 gw1 sshd[23427]: Failed password for root from 222.186.173.215 port 24488 ssh2 Mar 21 00:25:04 gw1 sshd[23427]: Failed password for root from 222.186.173.215 port 24488 ssh2 ...	2020-03-21 03:29:12
220.133.162.156	attackbotsspam	Telnet/23 MH Probe, Scan, BF, Hack -	2020-03-21 03:30:09
220.178.75.153	attackbotsspam	Mar 20 20:30:11 ns3042688 sshd\[18136\]: Invalid user zps from 220.178.75.153 Mar 20 20:30:11 ns3042688 sshd\[18136\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.178.75.153 Mar 20 20:30:13 ns3042688 sshd\[18136\]: Failed password for invalid user zps from 220.178.75.153 port 46930 ssh2 Mar 20 20:34:24 ns3042688 sshd\[19601\]: Invalid user tharani from 220.178.75.153 Mar 20 20:34:24 ns3042688 sshd\[19601\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.178.75.153 ...	2020-03-21 03:40:32
45.55.88.16	attackbots	Mar 20 15:38:14 work-partkepr sshd\[16574\]: Invalid user ul from 45.55.88.16 port 56904 Mar 20 15:38:14 work-partkepr sshd\[16574\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.88.16 ...	2020-03-21 03:43:29
45.133.99.13	attackspam	2020-03-20T19:30:57.187963l03.customhost.org.uk postfix/smtps/smtpd[19045]: warning: unknown[45.133.99.13]: SASL LOGIN authentication failed: authentication failure 2020-03-20T19:31:03.454246l03.customhost.org.uk postfix/smtps/smtpd[19045]: warning: unknown[45.133.99.13]: SASL LOGIN authentication failed: authentication failure 2020-03-20T19:39:01.730769l03.customhost.org.uk postfix/smtps/smtpd[20659]: warning: unknown[45.133.99.13]: SASL LOGIN authentication failed: authentication failure 2020-03-20T19:39:09.502659l03.customhost.org.uk postfix/smtps/smtpd[20659]: warning: unknown[45.133.99.13]: SASL LOGIN authentication failed: authentication failure ...	2020-03-21 03:56:11
218.92.0.212	attackbotsspam	Mar 20 16:26:58 firewall sshd[12901]: Failed password for root from 218.92.0.212 port 13139 ssh2 Mar 20 16:27:02 firewall sshd[12901]: Failed password for root from 218.92.0.212 port 13139 ssh2 Mar 20 16:27:05 firewall sshd[12901]: Failed password for root from 218.92.0.212 port 13139 ssh2 ...	2020-03-21 03:59:16
111.231.119.188	attackspambots	Mar 20 20:00:48 SilenceServices sshd[16253]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.119.188 Mar 20 20:00:50 SilenceServices sshd[16253]: Failed password for invalid user tmp from 111.231.119.188 port 54800 ssh2 Mar 20 20:05:06 SilenceServices sshd[23605]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.119.188	2020-03-21 03:35:29
117.121.38.200	attackbots	$f2bV_matches	2020-03-21 03:21:21
200.144.255.236	attack	Mar 20 15:41:58 plusreed sshd[6360]: Invalid user danger from 200.144.255.236 ...	2020-03-21 03:58:30
167.71.9.180	attackbots	Mar 20 13:52:44 ns392434 sshd[14014]: Invalid user jocasta from 167.71.9.180 port 40666 Mar 20 13:52:44 ns392434 sshd[14014]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.9.180 Mar 20 13:52:44 ns392434 sshd[14014]: Invalid user jocasta from 167.71.9.180 port 40666 Mar 20 13:52:47 ns392434 sshd[14014]: Failed password for invalid user jocasta from 167.71.9.180 port 40666 ssh2 Mar 20 14:00:38 ns392434 sshd[14145]: Invalid user vagrant from 167.71.9.180 port 38170 Mar 20 14:00:38 ns392434 sshd[14145]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.9.180 Mar 20 14:00:38 ns392434 sshd[14145]: Invalid user vagrant from 167.71.9.180 port 38170 Mar 20 14:00:40 ns392434 sshd[14145]: Failed password for invalid user vagrant from 167.71.9.180 port 38170 ssh2 Mar 20 14:07:15 ns392434 sshd[14242]: Invalid user mind from 167.71.9.180 port 59254	2020-03-21 03:49:36
178.128.108.100	attackspam	Mar 20 20:01:56 ns381471 sshd[25879]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.108.100 Mar 20 20:01:59 ns381471 sshd[25879]: Failed password for invalid user jude from 178.128.108.100 port 55468 ssh2	2020-03-21 03:41:46

Recently Reported IPs

111.14.193.246	110.80.155.177	106.45.0.255	104.198.3.199
58.240.156.164	58.212.14.142	49.7.3.101	47.240.55.187
36.32.3.159	2408:8648:1300:40:69f0:c30b:6b37:ba7d	27.224.136.88	1.202.114.63
1.58.197.155	223.167.212.3	222.94.212.10	221.234.236.131
221.234.225.130	221.11.5.50	183.184.25.191	124.225.43.203