121.138.155.41

基本信息:

城市(city): Seoul

省份(region): Seoul

国家(country): South Korea

运营商(isp): KT Corporation

主机名(hostname): unknown

机构(organization): Korea Telecom

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Unauthorized IMAP connection attempt	2020-06-03 08:24:39
attackbots	Apr 29 13:47:45 web01.agentur-b-2.de postfix/smtpd[1089894]: NOQUEUE: reject: RCPT from unknown[121.138.155.41]: 450 4.7.1 <2cd.us>: Helo command rejected: Host not found; from= to= proto=ESMTP helo=<2cd.us> Apr 29 13:47:52 web01.agentur-b-2.de postfix/smtpd[1089894]: NOQUEUE: reject: RCPT from unknown[121.138.155.41]: 450 4.7.1 <2cd.us>: Helo command rejected: Host not found; from= to= proto=ESMTP helo=<2cd.us> Apr 29 13:47:54 web01.agentur-b-2.de postfix/smtpd[1089894]: NOQUEUE: reject: RCPT from unknown[121.138.155.41]: 450 4.7.1 <2cd.us>: Helo command rejected: Host not found; from= to= proto=ESMTP helo=<2cd.us> Apr 29 13:47:56 web01.agentur-b-2.de postfix/smtpd[1089894]: NOQUEUE: reject: RCPT from unknown[121.138.155.41]: 450 4.7.1 <2cd.us>: Helo command rejected: Host not found; from= to= proto=ESMTP helo=<2cd.us> Apr 29 13:48:03 web01.agentur-b-2.de po	2020-04-29 20:44:35
attackbotsspam	2019-09-19 20:06:48 H=(lolafitness.it) [121.138.155.41]:47228 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.4, 127.0.0.3) (https://www.spamhaus.org/query/ip/121.138.155.41) 2019-09-19 20:06:48 H=(lolafitness.it) [121.138.155.41]:47228 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.4, 127.0.0.3) (https://www.spamhaus.org/query/ip/121.138.155.41) 2019-09-19 20:06:50 H=(lolafitness.it) [121.138.155.41]:47228 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.3, 127.0.0.4) (https://www.spamhaus.org/query/ip/121.138.155.41) ...	2019-09-20 10:26:23
attackbotsspam	"Account brute force using dictionary attack against Exchange Online"	2019-08-06 01:53:32

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 121.138.155.41
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 39739
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;121.138.155.41.			IN	A

;; AUTHORITY SECTION:
.			2065	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019080501 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Aug 06 01:53:25 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 41.155.138.121.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 41.155.138.121.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
222.92.139.158	attackspambots	Oct 16 23:40:52 cumulus sshd[19515]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.92.139.158 user=r.r Oct 16 23:40:53 cumulus sshd[19515]: Failed password for r.r from 222.92.139.158 port 41214 ssh2 Oct 16 23:40:53 cumulus sshd[19515]: Received disconnect from 222.92.139.158 port 41214:11: Bye Bye [preauth] Oct 16 23:40:53 cumulus sshd[19515]: Disconnected from 222.92.139.158 port 41214 [preauth] Oct 16 23:55:34 cumulus sshd[19927]: Invalid user stream from 222.92.139.158 port 39146 Oct 16 23:55:34 cumulus sshd[19927]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.92.139.158 Oct 16 23:55:36 cumulus sshd[19927]: Failed password for invalid user stream from 222.92.139.158 port 39146 ssh2 Oct 16 23:55:36 cumulus sshd[19927]: Received disconnect from 222.92.139.158 port 39146:11: Bye Bye [preauth] Oct 16 23:55:36 cumulus sshd[19927]: Disconnected from 222.92.139.158 port 39146 [pre........ -------------------------------	2019-10-17 14:10:58
23.95.56.162	attackspam	10/17/2019-00:10:52.414761 23.95.56.162 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-10-17 14:27:12
167.86.66.128	attackbotsspam	Oct 16 19:22:55 php1 sshd\[26755\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=vmi301869.contaboserver.net user=root Oct 16 19:22:57 php1 sshd\[26755\]: Failed password for root from 167.86.66.128 port 43166 ssh2 Oct 16 19:27:13 php1 sshd\[27242\]: Invalid user default from 167.86.66.128 Oct 16 19:27:13 php1 sshd\[27242\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=vmi301869.contaboserver.net Oct 16 19:27:15 php1 sshd\[27242\]: Failed password for invalid user default from 167.86.66.128 port 54466 ssh2	2019-10-17 14:00:43
106.75.122.81	attackspam	Oct 17 07:28:38 * sshd[7250]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.122.81 Oct 17 07:28:40 * sshd[7250]: Failed password for invalid user Cxsd1234 from 106.75.122.81 port 34926 ssh2	2019-10-17 14:19:59
222.186.175.217	attackspam	Oct 17 07:53:45 MK-Soft-Root2 sshd[15152]: Failed password for root from 222.186.175.217 port 42766 ssh2 Oct 17 07:53:50 MK-Soft-Root2 sshd[15152]: Failed password for root from 222.186.175.217 port 42766 ssh2 ...	2019-10-17 14:02:41
70.114.207.203	attackbots	Oct 17 05:47:19 server658 sshd[10849]: Invalid user pi from 70.114.207.203 Oct 17 05:47:19 server658 sshd[10850]: Invalid user pi from 70.114.207.203 Oct 17 05:47:19 server658 sshd[10850]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=cpe-70-114-207-203.austin.res.rr.com Oct 17 05:47:19 server658 sshd[10849]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=cpe-70-114-207-203.austin.res.rr.com ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=70.114.207.203	2019-10-17 14:16:49
156.203.231.199	attackbots	Unauthorised access (Oct 17) SRC=156.203.231.199 LEN=40 TTL=53 ID=28500 TCP DPT=23 WINDOW=44393 SYN	2019-10-17 14:07:55
66.214.40.126	attackbots	Oct 17 00:18:45 debian sshd\[2674\]: Invalid user pi from 66.214.40.126 port 49264 Oct 17 00:18:46 debian sshd\[2674\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.214.40.126 Oct 17 00:18:46 debian sshd\[2676\]: Invalid user pi from 66.214.40.126 port 49270 ...	2019-10-17 14:02:22
119.84.146.239	attackspam	Oct 17 08:01:29 bouncer sshd\[31597\]: Invalid user P@$$@Word from 119.84.146.239 port 38844 Oct 17 08:01:29 bouncer sshd\[31597\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.84.146.239 Oct 17 08:01:31 bouncer sshd\[31597\]: Failed password for invalid user P@$$@Word from 119.84.146.239 port 38844 ssh2 ...	2019-10-17 14:07:21
125.130.110.20	attackbotsspam	Oct 17 06:38:08 markkoudstaal sshd[32526]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.130.110.20 Oct 17 06:38:09 markkoudstaal sshd[32526]: Failed password for invalid user delynna from 125.130.110.20 port 58890 ssh2 Oct 17 06:42:19 markkoudstaal sshd[522]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.130.110.20	2019-10-17 14:34:35
31.184.218.47	attackbotsspam	10/16/2019-23:54:29.029943 31.184.218.47 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-10-17 14:07:03
217.182.68.146	attackbots	Oct 16 17:47:11 friendsofhawaii sshd\[26326\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.ip-217-182-68.eu user=root Oct 16 17:47:13 friendsofhawaii sshd\[26326\]: Failed password for root from 217.182.68.146 port 37490 ssh2 Oct 16 17:50:58 friendsofhawaii sshd\[26627\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.ip-217-182-68.eu user=root Oct 16 17:51:00 friendsofhawaii sshd\[26627\]: Failed password for root from 217.182.68.146 port 57017 ssh2 Oct 16 17:54:48 friendsofhawaii sshd\[26915\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.ip-217-182-68.eu user=root	2019-10-17 13:57:41
180.106.81.168	attackspam	SSH authentication failure x 6 reported by Fail2Ban ...	2019-10-17 14:33:11
58.217.107.82	attackbots	port scan and connect, tcp 6379 (redis)	2019-10-17 14:22:20
128.199.49.171	attackspam	DATE:2019-10-17 05:54:27, IP:128.199.49.171, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2019-10-17 14:05:49

最近上报的IP列表

92.11.89.87	121.122.50.157	217.200.105.159	2600:8801:2b80:173a:1884:d79:13c2:7c8f
159.2.165.225	64.31.121.144	121.58.243.202	62.225.154.184
165.22.20.93	88.191.108.0	129.79.19.155	186.102.27.161
121.46.85.127	195.199.56.137	185.76.148.87	121.46.85.65
40.178.5.197	195.80.203.154	121.46.85.57	156.204.2.9