138.128.163.42

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): None

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.128.163.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 62355
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;138.128.163.42.			IN	A

;; AUTHORITY SECTION:
.			171	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022000 1800 900 604800 86400

;; Query time: 17 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 20 21:28:41 CST 2022
;; MSG SIZE  rcvd: 107

HOST信息:

42.163.128.138.in-addr.arpa domain name pointer lima.gendns.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
42.163.128.138.in-addr.arpa	name = lima.gendns.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
189.19.185.1	attackspambots	Icarus honeypot on github	2020-09-05 20:09:50
197.40.29.98	attackspam	Telnet Server BruteForce Attack	2020-09-05 20:22:20
113.160.54.78	attackbotsspam	113.160.54.78 - - \[05/Sep/2020:12:58:12 +0200\] "POST /wp-login.php HTTP/1.0" 200 3535 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 113.160.54.78 - - \[05/Sep/2020:12:58:16 +0200\] "POST /wp-login.php HTTP/1.0" 200 3489 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 113.160.54.78 - - \[05/Sep/2020:12:58:18 +0200\] "POST /xmlrpc.php HTTP/1.0" 200 778 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2020-09-05 20:03:19
159.203.74.227	attackspam	SSH Brute-Force attacks	2020-09-05 20:10:39
52.173.28.92	attack	Sep 3 18:17:36 finn sshd[31529]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.173.28.92 user=r.r Sep 3 18:17:38 finn sshd[31529]: Failed password for r.r from 52.173.28.92 port 59198 ssh2 Sep 3 18:17:38 finn sshd[31529]: Received disconnect from 52.173.28.92 port 59198:11: Bye Bye [preauth] Sep 3 18:17:38 finn sshd[31529]: Disconnected from 52.173.28.92 port 59198 [preauth] Sep 3 18:31:24 finn sshd[3950]: Invalid user rachel from 52.173.28.92 port 32910 Sep 3 18:31:24 finn sshd[3950]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.173.28.92 Sep 3 18:31:26 finn sshd[3950]: Failed password for invalid user rachel from 52.173.28.92 port 32910 ssh2 Sep 3 18:31:26 finn sshd[3950]: Received disconnect from 52.173.28.92 port 32910:11: Bye Bye [preauth] Sep 3 18:31:26 finn sshd[3950]: Disconnected from 52.173.28.92 port 32910 [preauth] Sep 3 18:36:00 finn sshd[5255]: Invalid use........ -------------------------------	2020-09-05 20:08:56
118.160.78.157	attackbotsspam	Attempted connection to port 1433.	2020-09-05 20:23:43
178.93.151.246	attack	1599238406 - 09/04/2020 18:53:26 Host: 178.93.151.246/178.93.151.246 Port: 445 TCP Blocked	2020-09-05 20:42:38
118.70.67.23	attack	1599238433 - 09/04/2020 18:53:53 Host: 118.70.67.23/118.70.67.23 Port: 445 TCP Blocked	2020-09-05 20:19:27
41.220.30.134	attackspambots	41.220.30.134 - - [05/Sep/2020:12:33:55 +0200] "POST /xmlrpc.php HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1944.0 Safari/537.36" 41.220.30.134 - - [05/Sep/2020:12:33:59 +0200] "POST /wordpress/xmlrpc.php HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1944.0 Safari/537.36" ...	2020-09-05 20:40:06
111.243.1.63	attackspam	Honeypot attack, port: 445, PTR: 111-243-1-63.dynamic-ip.hinet.net.	2020-09-05 20:28:51
89.234.157.254	attackspam	89.234.157.254 (FR/France/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 5 08:23:56 server2 sshd[1662]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.239.84.11 user=root Sep 5 08:23:57 server2 sshd[1662]: Failed password for root from 103.239.84.11 port 59072 ssh2 Sep 5 08:23:59 server2 sshd[1598]: Failed password for root from 89.234.157.254 port 32816 ssh2 Sep 5 08:25:13 server2 sshd[3018]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.173.236 user=root Sep 5 08:16:18 server2 sshd[30221]: Failed password for root from 114.103.137.146 port 49958 ssh2 IP Addresses Blocked: 103.239.84.11 (IN/India/-)	2020-09-05 20:33:49
45.129.33.23	attackspam	TCP (SYN) 45.129.33.23:48386 -> port 44, len 44	2020-09-05 20:38:41
194.26.27.32	attackbotsspam	Sep 5 14:05:44 [host] kernel: [4974141.251609] [U Sep 5 14:07:02 [host] kernel: [4974219.898612] [U Sep 5 14:09:18 [host] kernel: [4974355.837220] [U Sep 5 14:09:31 [host] kernel: [4974368.702324] [U Sep 5 14:15:38 [host] kernel: [4974736.043753] [U Sep 5 14:15:49 [host] kernel: [4974746.989950] [U	2020-09-05 20:30:21
24.142.34.181	attackbots	Sep 5 05:19:03 r.ca sshd[13804]: Failed password for invalid user ftpusr from 24.142.34.181 port 43208 ssh2	2020-09-05 20:43:50
51.210.0.25	attack	Automatic report - Banned IP Access	2020-09-05 20:13:32

最近上报的IP列表

104.22.28.181	138.128.160.131	138.123.240.163	138.128.161.172
138.128.160.138	138.128.164.66	138.122.6.156	138.128.167.82
138.128.165.21	138.122.39.248	138.128.164.226	138.128.170.188
138.128.170.85	138.128.165.158	138.128.244.27	104.22.28.194
138.128.189.50	138.128.181.253	138.128.245.25	138.128.240.187