38.115.139.41 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States of America

运营商(isp): Cogent Communications Inc

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	SSH brute force	2020-04-13 16:16:16

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 38.115.139.41
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 8388
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;38.115.139.41.			IN	A

;; AUTHORITY SECTION:
.			217	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020041300 1800 900 604800 86400

;; Query time: 251 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Apr 13 16:15:59 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 41.139.115.38.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		100.100.2.138
Address:	100.100.2.138#53

** server can't find 41.139.115.38.in-addr.arpa.: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
91.149.139.198	attack	Multiple SSH login attempts.	2020-09-09 06:35:41
179.113.169.216	attackbotsspam	Lines containing failures of 179.113.169.216 Sep 7 01:43:04 dns-3 sshd[27300]: User r.r from 179.113.169.216 not allowed because not listed in AllowUsers Sep 7 01:43:04 dns-3 sshd[27300]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.113.169.216 user=r.r Sep 7 01:43:06 dns-3 sshd[27300]: Failed password for invalid user r.r from 179.113.169.216 port 48338 ssh2 Sep 7 01:43:08 dns-3 sshd[27300]: Received disconnect from 179.113.169.216 port 48338:11: Bye Bye [preauth] Sep 7 01:43:08 dns-3 sshd[27300]: Disconnected from invalid user r.r 179.113.169.216 port 48338 [preauth] Sep 7 01:47:58 dns-3 sshd[27380]: User r.r from 179.113.169.216 not allowed because not listed in AllowUsers Sep 7 01:47:58 dns-3 sshd[27380]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.113.169.216 user=r.r Sep 7 01:48:00 dns-3 sshd[27380]: Failed password for invalid user r.r from 179.113.169.216 port........ ------------------------------	2020-09-09 06:46:17
222.186.180.6	attackspam	Sep 9 08:40:32 localhost sshd[1998117]: Unable to negotiate with 222.186.180.6 port 13374: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1 [preauth] ...	2020-09-09 06:40:53
106.54.47.171	attackbotsspam	Tried sshing with brute force.	2020-09-09 07:05:40
157.47.24.137	attackbots	Port probing on unauthorized port 445	2020-09-09 06:29:57
85.209.0.100	attackspambots	TCP (SYN) 85.209.0.100:6818 -> port 22, len 60	2020-09-09 06:46:31
91.232.4.149	attackbots	prod6 ...	2020-09-09 06:55:06
170.239.47.251	attackbots	2020-09-08T20:07:44.662996vps773228.ovh.net sshd[20685]: Failed password for root from 170.239.47.251 port 36548 ssh2 2020-09-08T20:12:41.339409vps773228.ovh.net sshd[20687]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=sgp.ddsatnet.com.br user=root 2020-09-08T20:12:43.060767vps773228.ovh.net sshd[20687]: Failed password for root from 170.239.47.251 port 50070 ssh2 2020-09-08T20:17:17.384920vps773228.ovh.net sshd[20689]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=sgp.ddsatnet.com.br user=root 2020-09-08T20:17:19.657686vps773228.ovh.net sshd[20689]: Failed password for root from 170.239.47.251 port 35182 ssh2 ...	2020-09-09 06:51:23
164.90.208.135	attackspambots	ET SCAN Sipvicious Scan - port: 5060 proto: sip cat: Attempted Information Leakbytes: 456	2020-09-09 06:29:35
124.156.107.252	attackbotsspam	Sep 8 22:50:43 marvibiene sshd[5442]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.156.107.252 user=root Sep 8 22:50:45 marvibiene sshd[5442]: Failed password for root from 124.156.107.252 port 38976 ssh2 Sep 8 23:07:49 marvibiene sshd[5714]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.156.107.252 user=root Sep 8 23:07:51 marvibiene sshd[5714]: Failed password for root from 124.156.107.252 port 57470 ssh2	2020-09-09 07:09:45
104.224.173.181	attackspam	Coordinated SSH brute-force attack from different IPs. pam_unix(sshd:auth): user=root	2020-09-09 07:08:15
45.142.120.36	attackspam	Sep 9 00:48:27 srv01 postfix/smtpd\[5302\]: warning: unknown\[45.142.120.36\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 9 00:48:50 srv01 postfix/smtpd\[26925\]: warning: unknown\[45.142.120.36\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 9 00:48:51 srv01 postfix/smtpd\[8929\]: warning: unknown\[45.142.120.36\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 9 00:48:58 srv01 postfix/smtpd\[3661\]: warning: unknown\[45.142.120.36\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 9 00:49:06 srv01 postfix/smtpd\[26925\]: warning: unknown\[45.142.120.36\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-09-09 06:52:46
217.14.211.216	attackbots	SSH bruteforce	2020-09-09 07:03:50
140.143.30.191	attack	(sshd) Failed SSH login from 140.143.30.191 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 8 15:29:52 server4 sshd[25580]: Invalid user steve from 140.143.30.191 Sep 8 15:29:52 server4 sshd[25580]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.30.191 Sep 8 15:29:55 server4 sshd[25580]: Failed password for invalid user steve from 140.143.30.191 port 42088 ssh2 Sep 8 15:48:22 server4 sshd[3954]: Invalid user admin from 140.143.30.191 Sep 8 15:48:22 server4 sshd[3954]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.30.191	2020-09-09 07:04:51
181.48.18.130	attack	Sep 8 19:55:17 * sshd[25607]: Failed password for root from 181.48.18.130 port 44330 ssh2	2020-09-09 06:53:34

最近上报的IP列表

40.83.195.25	65.188.148.70	148.171.157.1	60.191.4.67
102.242.246.7	121.181.237.122	113.184.71.97	202.124.193.215
75.148.156.244	62.167.57.3	14.182.129.143	187.23.134.110
249.195.152.163	48.107.68.193	141.245.27.145	106.12.133.103
248.62.65.122	238.127.87.220	71.98.221.129	246.178.23.22