202.138.242.41

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Indonesia

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
202.138.242.111	attack	Telnetd brute force attack detected by fail2ban	2020-06-01 07:18:38
202.138.242.37	attack	1588363984 - 05/01/2020 22:13:04 Host: 202.138.242.37/202.138.242.37 Port: 445 TCP Blocked	2020-05-02 06:50:18
202.138.242.21	attack	2020-04-05T02:01:49.009163struts4.enskede.local sshd\[27803\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.138.242.21 user=root 2020-04-05T02:01:51.378143struts4.enskede.local sshd\[27803\]: Failed password for root from 202.138.242.21 port 39604 ssh2 2020-04-05T02:04:48.606620struts4.enskede.local sshd\[27872\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.138.242.21 user=root 2020-04-05T02:04:51.540384struts4.enskede.local sshd\[27872\]: Failed password for root from 202.138.242.21 port 51584 ssh2 2020-04-05T02:06:27.282474struts4.enskede.local sshd\[27914\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.138.242.21 user=root ...	2020-04-05 08:23:26
202.138.242.47	attack	Unauthorized SSH connection attempt	2019-11-08 21:20:11
202.138.242.22	attackbots	IP: 202.138.242.22 ASN: AS9657 Melsa-i-net AS Port: Simple Mail Transfer 25 Found in one or more Blacklists Date: 12/10/2019 6:06:23 AM UTC	2019-10-12 19:27:31
202.138.242.22	attackspam	proto=tcp . spt=55919 . dpt=25 . (Found on Blocklist de Oct 03) (497)	2019-10-05 02:03:34
202.138.242.101	attack	postfix (unknown user, SPF fail or relay access denied)	2019-10-02 07:18:29
202.138.242.6	attackspambots	Mail sent to address hacked/leaked from atari.st	2019-09-16 01:53:53
202.138.242.121	attackbots	Aug 22 22:27:14 dedicated sshd[10267]: Invalid user rso from 202.138.242.121 port 44700	2019-08-23 09:45:45
202.138.242.121	attack	Aug 18 14:14:56 XXX sshd[12187]: Invalid user testphp from 202.138.242.121 port 35348	2019-08-19 02:23:21
202.138.242.121	attackspambots	Aug 15 02:09:59 web9 sshd\[26350\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.138.242.121 user=mysql Aug 15 02:10:00 web9 sshd\[26350\]: Failed password for mysql from 202.138.242.121 port 43046 ssh2 Aug 15 02:15:44 web9 sshd\[27399\]: Invalid user omsagent from 202.138.242.121 Aug 15 02:15:44 web9 sshd\[27399\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.138.242.121 Aug 15 02:15:46 web9 sshd\[27399\]: Failed password for invalid user omsagent from 202.138.242.121 port 36398 ssh2	2019-08-15 20:22:52
202.138.242.121	attackspam	$f2bV_matches	2019-08-14 18:07:42
202.138.242.6	attack	Unauthorized connection attempt from IP address 202.138.242.6 on Port 25(SMTP)	2019-08-12 10:43:30
202.138.242.121	attackbots	2019-07-15T08:23:28.942435lon01.zurich-datacenter.net sshd\[22264\]: Invalid user odbc from 202.138.242.121 port 46070 2019-07-15T08:23:28.946718lon01.zurich-datacenter.net sshd\[22264\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.138.242.121 2019-07-15T08:23:30.935706lon01.zurich-datacenter.net sshd\[22264\]: Failed password for invalid user odbc from 202.138.242.121 port 46070 ssh2 2019-07-15T08:29:17.459106lon01.zurich-datacenter.net sshd\[22360\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.138.242.121 user=root 2019-07-15T08:29:19.693844lon01.zurich-datacenter.net sshd\[22360\]: Failed password for root from 202.138.242.121 port 45104 ssh2 ...	2019-07-15 15:06:34
202.138.242.121	attackspam	2019-07-13T16:49:51.179215abusebot-4.cloudsearch.cf sshd\[9858\]: Invalid user oracle from 202.138.242.121 port 44994	2019-07-14 01:06:26

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 202.138.242.41
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1333
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;202.138.242.41.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025020401 1800 900 604800 86400

;; Query time: 62 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Feb 05 02:09:39 CST 2025
;; MSG SIZE  rcvd: 107

HOST信息:

Host 41.242.138.202.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 41.242.138.202.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
41.92.107.180	attackspam	Sep 3 18:42:22 mellenthin postfix/smtpd[19910]: NOQUEUE: reject: RCPT from unknown[41.92.107.180]: 554 5.7.1 Service unavailable; Client host [41.92.107.180] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/41.92.107.180; from= to= proto=ESMTP helo=<[41.92.107.180]>	2020-09-04 19:56:49
45.142.120.93	attackbots	2020-09-04 14:58:50 dovecot_login authenticator failed for $User$ \[45.142.120.93\]: 535 Incorrect authentication data $set_id=uu@org.ua$2020-09-04 14:59:25 dovecot_login authenticator failed for $User$ \[45.142.120.93\]: 535 Incorrect authentication data $set_id=trips@org.ua$2020-09-04 15:00:02 dovecot_login authenticator failed for $User$ \[45.142.120.93\]: 535 Incorrect authentication data $set_id=isajax@org.ua$ ...	2020-09-04 20:00:37
23.129.64.197	attackspam	SSH brutforce	2020-09-04 20:18:23
5.188.108.26	attackspambots	Lines containing failures of 5.188.108.26 /var/log/mail.err:Sep 3 18:22:48 server01 postfix/smtpd[15085]: warning: hostname pro-detail.stream does not resolve to address 5.188.108.26: Name or service not known /var/log/mail.err:Sep 3 18:22:58 server01 postfix/smtpd[15085]: warning: hostname pro-detail.stream does not resolve to address 5.188.108.26: Name or service not known /var/log/apache/pucorp.org.log:Sep 3 18:22:48 server01 postfix/smtpd[15085]: warning: hostname pro-detail.stream does not resolve to address 5.188.108.26: Name or service not known /var/log/apache/pucorp.org.log:Sep 3 18:22:48 server01 postfix/smtpd[15085]: connect from unknown[5.188.108.26] /var/log/apache/pucorp.org.log:Sep x@x /var/log/apache/pucorp.org.log:Sep x@x /var/log/apache/pucorp.org.log:Sep x@x /var/log/apache/pucorp.org.log:Sep 3 18:22:56 server01 postfix/smtpd[15085]: disconnect from unknown[5.188.108.26] /var/log/apache/pucorp.org.log:Sep 3 18:22:58 server01 postfix/smtpd[15085]:........ ------------------------------	2020-09-04 20:15:29
180.153.91.75	attack	2020-09-03T12:55:45.923893correo.[domain] sshd[10867]: Invalid user kasia from 180.153.91.75 port 55202 2020-09-03T12:55:48.230681correo.[domain] sshd[10867]: Failed password for invalid user kasia from 180.153.91.75 port 55202 ssh2 2020-09-03T13:05:37.509816correo.[domain] sshd[12000]: Invalid user nexus from 180.153.91.75 port 38882 ...	2020-09-04 20:20:04
199.76.38.123	attack	2020-09-04T11:23:58.859714Z 96d9d989dfe7 New connection: 199.76.38.123:33484 (172.17.0.2:2222) [session: 96d9d989dfe7] 2020-09-04T11:23:58.984886Z 53121ba60257 New connection: 199.76.38.123:33490 (172.17.0.2:2222) [session: 53121ba60257]	2020-09-04 19:41:05
58.49.76.100	attackspam	Sep 4 01:45:22 sso sshd[19623]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.49.76.100 Sep 4 01:45:24 sso sshd[19623]: Failed password for invalid user testftp from 58.49.76.100 port 48096 ssh2 ...	2020-09-04 19:39:56
218.241.202.58	attack	SSH bruteforce	2020-09-04 19:54:51
140.143.9.145	attackspambots	Sep 1 08:02:05 kmh-wmh-003-nbg03 sshd[16370]: Invalid user system from 140.143.9.145 port 49096 Sep 1 08:02:05 kmh-wmh-003-nbg03 sshd[16370]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.9.145 Sep 1 08:02:07 kmh-wmh-003-nbg03 sshd[16370]: Failed password for invalid user system from 140.143.9.145 port 49096 ssh2 Sep 1 08:02:08 kmh-wmh-003-nbg03 sshd[16370]: Received disconnect from 140.143.9.145 port 49096:11: Bye Bye [preauth] Sep 1 08:02:08 kmh-wmh-003-nbg03 sshd[16370]: Disconnected from 140.143.9.145 port 49096 [preauth] Sep 1 08:14:40 kmh-wmh-003-nbg03 sshd[17754]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.9.145 user=r.r Sep 1 08:14:42 kmh-wmh-003-nbg03 sshd[17754]: Failed password for r.r from 140.143.9.145 port 52240 ssh2 Sep 1 08:14:42 kmh-wmh-003-nbg03 sshd[17754]: Received disconnect from 140.143.9.145 port 52240:11: Bye Bye [preauth] Sep 1 08:14:........ -------------------------------	2020-09-04 20:09:10
59.145.221.103	attackspambots	2020-07-26 04:50:42,145 fail2ban.actions [18606]: NOTICE [sshd] Ban 59.145.221.103 2020-07-26 05:04:34,087 fail2ban.actions [18606]: NOTICE [sshd] Ban 59.145.221.103 2020-07-26 05:18:39,440 fail2ban.actions [18606]: NOTICE [sshd] Ban 59.145.221.103 2020-07-26 05:32:40,649 fail2ban.actions [18606]: NOTICE [sshd] Ban 59.145.221.103 2020-07-26 05:46:40,634 fail2ban.actions [18606]: NOTICE [sshd] Ban 59.145.221.103 ...	2020-09-04 20:10:30
27.153.182.147	attack	Invalid user students from 27.153.182.147 port 48920	2020-09-04 20:03:01
49.233.15.54	attackbotsspam	2020-09-04T10:26:25.894504abusebot-6.cloudsearch.cf sshd[11928]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.15.54 user=root 2020-09-04T10:26:27.455879abusebot-6.cloudsearch.cf sshd[11928]: Failed password for root from 49.233.15.54 port 59566 ssh2 2020-09-04T10:30:20.334893abusebot-6.cloudsearch.cf sshd[11941]: Invalid user konan from 49.233.15.54 port 42276 2020-09-04T10:30:20.340192abusebot-6.cloudsearch.cf sshd[11941]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.15.54 2020-09-04T10:30:20.334893abusebot-6.cloudsearch.cf sshd[11941]: Invalid user konan from 49.233.15.54 port 42276 2020-09-04T10:30:21.499395abusebot-6.cloudsearch.cf sshd[11941]: Failed password for invalid user konan from 49.233.15.54 port 42276 ssh2 2020-09-04T10:34:12.770042abusebot-6.cloudsearch.cf sshd[11954]: Invalid user fernando from 49.233.15.54 port 53210 ...	2020-09-04 19:40:15
200.8.101.135	attackbotsspam	Sep 3 18:22:20 mxgate1 postfix/postscreen[14653]: CONNECT from [200.8.101.135]:41810 to [176.31.12.44]:25 Sep 3 18:22:20 mxgate1 postfix/dnsblog[14766]: addr 200.8.101.135 listed by domain ix.dnsbl.xxxxxx.net as 127.0.0.2 Sep 3 18:22:20 mxgate1 postfix/dnsblog[14765]: addr 200.8.101.135 listed by domain zen.spamhaus.org as 127.0.0.11 Sep 3 18:22:20 mxgate1 postfix/dnsblog[14764]: addr 200.8.101.135 listed by domain b.barracudacentral.org as 127.0.0.2 Sep 3 18:22:26 mxgate1 postfix/postscreen[14653]: DNSBL rank 4 for [200.8.101.135]:41810 Sep x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=200.8.101.135	2020-09-04 20:07:44
141.156.198.128	attackbotsspam	Sep 3 18:13:45 kunden sshd[19183]: Address 141.156.198.128 maps to pool-141-156-198-128.washdc.fios.verizon.net, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Sep 3 18:13:45 kunden sshd[19183]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.156.198.128 user=r.r Sep 3 18:13:47 kunden sshd[19183]: Failed password for r.r from 141.156.198.128 port 33418 ssh2 Sep 3 18:13:49 kunden sshd[19183]: Failed password for r.r from 141.156.198.128 port 33418 ssh2 Sep 3 18:13:52 kunden sshd[19183]: Failed password for r.r from 141.156.198.128 port 33418 ssh2 Sep 3 18:13:54 kunden sshd[19183]: Failed password for r.r from 141.156.198.128 port 33418 ssh2 Sep 3 18:13:57 kunden sshd[19183]: Failed password for r.r from 141.156.198.128 port 33418 ssh2 Sep 3 18:13:59 kunden sshd[19183]: Failed password for r.r from 141.156.198.128 port 33418 ssh2 Sep 3 18:13:59 kunden sshd[19183]: PAM 5 more authentication failu........ -------------------------------	2020-09-04 19:50:29
142.4.4.229	attackspambots	142.4.4.229 - - \[04/Sep/2020:13:59:58 +0200\] "POST /wp-login.php HTTP/1.1" 200 12843 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 142.4.4.229 - - \[04/Sep/2020:14:00:05 +0200\] "POST /wp-login.php HTTP/1.1" 200 12712 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" ...	2020-09-04 20:11:31

最近上报的IP列表

67.17.149.133	9.108.113.73	135.239.193.143	104.197.225.109
54.59.135.104	64.3.4.131	90.199.20.8	96.245.89.68
50.2.238.48	110.244.17.118	194.223.120.56	13.184.179.229
43.56.62.139	15.35.123.182	26.192.64.53	84.105.172.67
138.237.89.234	242.104.130.200	185.40.76.212	238.111.143.119

基本信息:

用户上报:

相同子网IP讨论:

WHOIS信息:

DIG信息:

HOST信息:

NSLOOKUP信息:

相关IP信息:

最新评论:

最近上报的IP列表