必须是合法有效的IP地址, 可以是IPv4或者是IPv6, 例如127.0.0.1或者2001:DB8:0:0:8:800:200C:417A
基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Indonesia

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:
暂无关于此IP的讨论, 沙发请点上方按钮
相同子网IP讨论:
IP 类型 评论内容 时间
202.138.242.111 attack
Telnetd brute force attack detected by fail2ban
2020-06-01 07:18:38
202.138.242.37 attack
1588363984 - 05/01/2020 22:13:04 Host: 202.138.242.37/202.138.242.37 Port: 445 TCP Blocked
2020-05-02 06:50:18
202.138.242.21 attack
2020-04-05T02:01:49.009163struts4.enskede.local sshd\[27803\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.138.242.21  user=root
2020-04-05T02:01:51.378143struts4.enskede.local sshd\[27803\]: Failed password for root from 202.138.242.21 port 39604 ssh2
2020-04-05T02:04:48.606620struts4.enskede.local sshd\[27872\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.138.242.21  user=root
2020-04-05T02:04:51.540384struts4.enskede.local sshd\[27872\]: Failed password for root from 202.138.242.21 port 51584 ssh2
2020-04-05T02:06:27.282474struts4.enskede.local sshd\[27914\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.138.242.21  user=root
...
2020-04-05 08:23:26
202.138.242.47 attack
Unauthorized SSH connection attempt
2019-11-08 21:20:11
202.138.242.22 attackbots
IP: 202.138.242.22
ASN: AS9657 Melsa-i-net AS
Port: Simple Mail Transfer 25
Found in one or more Blacklists
Date: 12/10/2019 6:06:23 AM UTC
2019-10-12 19:27:31
202.138.242.22 attackspam
proto=tcp  .  spt=55919  .  dpt=25  .     (Found on   Blocklist de  Oct 03)     (497)
2019-10-05 02:03:34
202.138.242.101 attack
postfix (unknown user, SPF fail or relay access denied)
2019-10-02 07:18:29
202.138.242.6 attackspambots
Mail sent to address hacked/leaked from atari.st
2019-09-16 01:53:53
202.138.242.121 attackbots
Aug 22 22:27:14 dedicated sshd[10267]: Invalid user rso from 202.138.242.121 port 44700
2019-08-23 09:45:45
202.138.242.121 attack
Aug 18 14:14:56 XXX sshd[12187]: Invalid user testphp from 202.138.242.121 port 35348
2019-08-19 02:23:21
202.138.242.121 attackspambots
Aug 15 02:09:59 web9 sshd\[26350\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.138.242.121  user=mysql
Aug 15 02:10:00 web9 sshd\[26350\]: Failed password for mysql from 202.138.242.121 port 43046 ssh2
Aug 15 02:15:44 web9 sshd\[27399\]: Invalid user omsagent from 202.138.242.121
Aug 15 02:15:44 web9 sshd\[27399\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.138.242.121
Aug 15 02:15:46 web9 sshd\[27399\]: Failed password for invalid user omsagent from 202.138.242.121 port 36398 ssh2
2019-08-15 20:22:52
202.138.242.121 attackspam
$f2bV_matches
2019-08-14 18:07:42
202.138.242.6 attack
Unauthorized connection attempt from IP address 202.138.242.6 on Port 25(SMTP)
2019-08-12 10:43:30
202.138.242.121 attackbots
2019-07-15T08:23:28.942435lon01.zurich-datacenter.net sshd\[22264\]: Invalid user odbc from 202.138.242.121 port 46070
2019-07-15T08:23:28.946718lon01.zurich-datacenter.net sshd\[22264\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.138.242.121
2019-07-15T08:23:30.935706lon01.zurich-datacenter.net sshd\[22264\]: Failed password for invalid user odbc from 202.138.242.121 port 46070 ssh2
2019-07-15T08:29:17.459106lon01.zurich-datacenter.net sshd\[22360\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.138.242.121  user=root
2019-07-15T08:29:19.693844lon01.zurich-datacenter.net sshd\[22360\]: Failed password for root from 202.138.242.121 port 45104 ssh2
...
2019-07-15 15:06:34
202.138.242.121 attackspam
2019-07-13T16:49:51.179215abusebot-4.cloudsearch.cf sshd\[9858\]: Invalid user oracle from 202.138.242.121 port 44994
2019-07-14 01:06:26
WHOIS信息:
b
DIG信息:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 202.138.242.41
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1333
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;202.138.242.41.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025020401 1800 900 604800 86400

;; Query time: 62 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Feb 05 02:09:39 CST 2025
;; MSG SIZE  rcvd: 107
HOST信息:
Host 41.242.138.202.in-addr.arpa. not found: 3(NXDOMAIN)
NSLOOKUP信息:
Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 41.242.138.202.in-addr.arpa: NXDOMAIN
相关IP信息:
最新评论:
IP 类型 评论内容 时间
41.92.107.180 attackspam
Sep  3 18:42:22 mellenthin postfix/smtpd[19910]: NOQUEUE: reject: RCPT from unknown[41.92.107.180]: 554 5.7.1 Service unavailable; Client host [41.92.107.180] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/41.92.107.180; from= to= proto=ESMTP helo=<[41.92.107.180]>
2020-09-04 19:56:49
45.142.120.93 attackbots
2020-09-04 14:58:50 dovecot_login authenticator failed for \(User\) \[45.142.120.93\]: 535 Incorrect authentication data \(set_id=uu@org.ua\)2020-09-04 14:59:25 dovecot_login authenticator failed for \(User\) \[45.142.120.93\]: 535 Incorrect authentication data \(set_id=trips@org.ua\)2020-09-04 15:00:02 dovecot_login authenticator failed for \(User\) \[45.142.120.93\]: 535 Incorrect authentication data \(set_id=isajax@org.ua\)
...
2020-09-04 20:00:37
23.129.64.197 attackspam
SSH brutforce
2020-09-04 20:18:23
5.188.108.26 attackspambots
Lines containing failures of 5.188.108.26
/var/log/mail.err:Sep  3 18:22:48 server01 postfix/smtpd[15085]: warning: hostname pro-detail.stream does not resolve to address 5.188.108.26: Name or service not known
/var/log/mail.err:Sep  3 18:22:58 server01 postfix/smtpd[15085]: warning: hostname pro-detail.stream does not resolve to address 5.188.108.26: Name or service not known
/var/log/apache/pucorp.org.log:Sep  3 18:22:48 server01 postfix/smtpd[15085]: warning: hostname pro-detail.stream does not resolve to address 5.188.108.26: Name or service not known
/var/log/apache/pucorp.org.log:Sep  3 18:22:48 server01 postfix/smtpd[15085]: connect from unknown[5.188.108.26]
/var/log/apache/pucorp.org.log:Sep x@x
/var/log/apache/pucorp.org.log:Sep x@x
/var/log/apache/pucorp.org.log:Sep x@x
/var/log/apache/pucorp.org.log:Sep  3 18:22:56 server01 postfix/smtpd[15085]: disconnect from unknown[5.188.108.26]
/var/log/apache/pucorp.org.log:Sep  3 18:22:58 server01 postfix/smtpd[15085]:........
------------------------------
2020-09-04 20:15:29
180.153.91.75 attack
2020-09-03T12:55:45.923893correo.[domain] sshd[10867]: Invalid user kasia from 180.153.91.75 port 55202 2020-09-03T12:55:48.230681correo.[domain] sshd[10867]: Failed password for invalid user kasia from 180.153.91.75 port 55202 ssh2 2020-09-03T13:05:37.509816correo.[domain] sshd[12000]: Invalid user nexus from 180.153.91.75 port 38882 ...
2020-09-04 20:20:04
199.76.38.123 attack
2020-09-04T11:23:58.859714Z 96d9d989dfe7 New connection: 199.76.38.123:33484 (172.17.0.2:2222) [session: 96d9d989dfe7]
2020-09-04T11:23:58.984886Z 53121ba60257 New connection: 199.76.38.123:33490 (172.17.0.2:2222) [session: 53121ba60257]
2020-09-04 19:41:05
58.49.76.100 attackspam
Sep  4 01:45:22 sso sshd[19623]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.49.76.100
Sep  4 01:45:24 sso sshd[19623]: Failed password for invalid user testftp from 58.49.76.100 port 48096 ssh2
...
2020-09-04 19:39:56
218.241.202.58 attack
SSH bruteforce
2020-09-04 19:54:51
140.143.9.145 attackspambots
Sep  1 08:02:05 kmh-wmh-003-nbg03 sshd[16370]: Invalid user system from 140.143.9.145 port 49096
Sep  1 08:02:05 kmh-wmh-003-nbg03 sshd[16370]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.9.145
Sep  1 08:02:07 kmh-wmh-003-nbg03 sshd[16370]: Failed password for invalid user system from 140.143.9.145 port 49096 ssh2
Sep  1 08:02:08 kmh-wmh-003-nbg03 sshd[16370]: Received disconnect from 140.143.9.145 port 49096:11: Bye Bye [preauth]
Sep  1 08:02:08 kmh-wmh-003-nbg03 sshd[16370]: Disconnected from 140.143.9.145 port 49096 [preauth]
Sep  1 08:14:40 kmh-wmh-003-nbg03 sshd[17754]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.9.145  user=r.r
Sep  1 08:14:42 kmh-wmh-003-nbg03 sshd[17754]: Failed password for r.r from 140.143.9.145 port 52240 ssh2
Sep  1 08:14:42 kmh-wmh-003-nbg03 sshd[17754]: Received disconnect from 140.143.9.145 port 52240:11: Bye Bye [preauth]
Sep  1 08:14:........
-------------------------------
2020-09-04 20:09:10
59.145.221.103 attackspambots
2020-07-26 04:50:42,145 fail2ban.actions        [18606]: NOTICE  [sshd] Ban 59.145.221.103
2020-07-26 05:04:34,087 fail2ban.actions        [18606]: NOTICE  [sshd] Ban 59.145.221.103
2020-07-26 05:18:39,440 fail2ban.actions        [18606]: NOTICE  [sshd] Ban 59.145.221.103
2020-07-26 05:32:40,649 fail2ban.actions        [18606]: NOTICE  [sshd] Ban 59.145.221.103
2020-07-26 05:46:40,634 fail2ban.actions        [18606]: NOTICE  [sshd] Ban 59.145.221.103
...
2020-09-04 20:10:30
27.153.182.147 attack
Invalid user students from 27.153.182.147 port 48920
2020-09-04 20:03:01
49.233.15.54 attackbotsspam
2020-09-04T10:26:25.894504abusebot-6.cloudsearch.cf sshd[11928]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.15.54  user=root
2020-09-04T10:26:27.455879abusebot-6.cloudsearch.cf sshd[11928]: Failed password for root from 49.233.15.54 port 59566 ssh2
2020-09-04T10:30:20.334893abusebot-6.cloudsearch.cf sshd[11941]: Invalid user konan from 49.233.15.54 port 42276
2020-09-04T10:30:20.340192abusebot-6.cloudsearch.cf sshd[11941]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.15.54
2020-09-04T10:30:20.334893abusebot-6.cloudsearch.cf sshd[11941]: Invalid user konan from 49.233.15.54 port 42276
2020-09-04T10:30:21.499395abusebot-6.cloudsearch.cf sshd[11941]: Failed password for invalid user konan from 49.233.15.54 port 42276 ssh2
2020-09-04T10:34:12.770042abusebot-6.cloudsearch.cf sshd[11954]: Invalid user fernando from 49.233.15.54 port 53210
...
2020-09-04 19:40:15
200.8.101.135 attackbotsspam
Sep  3 18:22:20 mxgate1 postfix/postscreen[14653]: CONNECT from [200.8.101.135]:41810 to [176.31.12.44]:25
Sep  3 18:22:20 mxgate1 postfix/dnsblog[14766]: addr 200.8.101.135 listed by domain ix.dnsbl.xxxxxx.net as 127.0.0.2
Sep  3 18:22:20 mxgate1 postfix/dnsblog[14765]: addr 200.8.101.135 listed by domain zen.spamhaus.org as 127.0.0.11
Sep  3 18:22:20 mxgate1 postfix/dnsblog[14764]: addr 200.8.101.135 listed by domain b.barracudacentral.org as 127.0.0.2
Sep  3 18:22:26 mxgate1 postfix/postscreen[14653]: DNSBL rank 4 for [200.8.101.135]:41810
Sep x@x


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=200.8.101.135
2020-09-04 20:07:44
141.156.198.128 attackbotsspam
Sep  3 18:13:45 kunden sshd[19183]: Address 141.156.198.128 maps to pool-141-156-198-128.washdc.fios.verizon.net, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!
Sep  3 18:13:45 kunden sshd[19183]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.156.198.128  user=r.r
Sep  3 18:13:47 kunden sshd[19183]: Failed password for r.r from 141.156.198.128 port 33418 ssh2
Sep  3 18:13:49 kunden sshd[19183]: Failed password for r.r from 141.156.198.128 port 33418 ssh2
Sep  3 18:13:52 kunden sshd[19183]: Failed password for r.r from 141.156.198.128 port 33418 ssh2
Sep  3 18:13:54 kunden sshd[19183]: Failed password for r.r from 141.156.198.128 port 33418 ssh2
Sep  3 18:13:57 kunden sshd[19183]: Failed password for r.r from 141.156.198.128 port 33418 ssh2
Sep  3 18:13:59 kunden sshd[19183]: Failed password for r.r from 141.156.198.128 port 33418 ssh2
Sep  3 18:13:59 kunden sshd[19183]: PAM 5 more authentication failu........
-------------------------------
2020-09-04 19:50:29
142.4.4.229 attackspambots
142.4.4.229 - - \[04/Sep/2020:13:59:58 +0200\] "POST /wp-login.php HTTP/1.1" 200 12843 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
142.4.4.229 - - \[04/Sep/2020:14:00:05 +0200\] "POST /wp-login.php HTTP/1.1" 200 12712 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
...
2020-09-04 20:11:31

最近上报的IP列表

67.17.149.133 9.108.113.73 135.239.193.143 104.197.225.109
54.59.135.104 64.3.4.131 90.199.20.8 96.245.89.68
50.2.238.48 110.244.17.118 194.223.120.56 13.184.179.229
43.56.62.139 15.35.123.182 26.192.64.53 84.105.172.67
138.237.89.234 242.104.130.200 185.40.76.212 238.111.143.119