121.40.162.239

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Aliyun Computing Co. Ltd

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Autoban 121.40.162.239 AUTH/CONNECT	2020-02-16 09:14:30
attack	spam	2020-01-24 16:18:53
attackbotsspam	Unauthorized SSH login attempts	2020-01-22 18:43:04
attackbots	Nov 4 00:41:18 mxgate1 postfix/postscreen[5913]: CONNECT from [121.40.162.239]:63166 to [176.31.12.44]:25 Nov 4 00:41:18 mxgate1 postfix/dnsblog[5983]: addr 121.40.162.239 listed by domain cbl.abuseat.org as 127.0.0.2 Nov 4 00:41:18 mxgate1 postfix/dnsblog[5987]: addr 121.40.162.239 listed by domain zen.spamhaus.org as 127.0.0.4 Nov 4 00:41:18 mxgate1 postfix/dnsblog[5987]: addr 121.40.162.239 listed by domain zen.spamhaus.org as 127.0.0.3 Nov 4 00:41:18 mxgate1 postfix/dnsblog[5985]: addr 121.40.162.239 listed by domain ix.dnsbl.xxxxxx.net as 127.0.0.2 Nov 4 00:41:18 mxgate1 postfix/dnsblog[5986]: addr 121.40.162.239 listed by domain b.barracudacentral.org as 127.0.0.2 Nov 4 00:41:18 mxgate1 postfix/dnsblog[5984]: addr 121.40.162.239 listed by domain bl.spamcop.net as 127.0.0.2 Nov 4 00:41:18 mxgate1 postfix/postscreen[5913]: PREGREET 14 after 0.49 from [121.40.162.239]:63166: EHLO 0sg.net Nov 4 00:41:18 mxgate1 postfix/postscreen[5913]: DNSBL rank 6 for [121........ -------------------------------	2019-11-04 18:10:37

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 121.40.162.239
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 28059
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;121.40.162.239.			IN	A

;; AUTHORITY SECTION:
.			461	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019110400 1800 900 604800 86400

;; Query time: 382 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Nov 04 18:10:34 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 239.162.40.121.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 239.162.40.121.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
59.37.33.202	attackbotsspam	DATE:2019-09-03 14:38:49,IP:59.37.33.202,MATCHES:10,PORT:ssh	2019-09-03 23:10:51
60.174.182.73	attack	Sep 3 14:19:27 pl3server sshd[21303]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.174.182.73 user=r.r Sep 3 14:19:28 pl3server sshd[21303]: Failed password for r.r from 60.174.182.73 port 47237 ssh2 Sep 3 14:19:33 pl3server sshd[21303]: Failed password for r.r from 60.174.182.73 port 47237 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=60.174.182.73	2019-09-03 23:32:13
37.187.0.223	attackbots	Sep 3 13:14:10 MK-Soft-Root2 sshd\[328\]: Invalid user cn from 37.187.0.223 port 44920 Sep 3 13:14:10 MK-Soft-Root2 sshd\[328\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.187.0.223 Sep 3 13:14:12 MK-Soft-Root2 sshd\[328\]: Failed password for invalid user cn from 37.187.0.223 port 44920 ssh2 ...	2019-09-03 23:27:41
185.234.218.124	attackspam	2019-09-03T19:00:22.759792ns1.unifynetsol.net postfix/smtpd\[1427\]: warning: unknown\[185.234.218.124\]: SASL LOGIN authentication failed: authentication failure 2019-09-03T19:10:15.278397ns1.unifynetsol.net postfix/smtpd\[2250\]: warning: unknown\[185.234.218.124\]: SASL LOGIN authentication failed: authentication failure 2019-09-03T19:20:15.902050ns1.unifynetsol.net postfix/smtpd\[28712\]: warning: unknown\[185.234.218.124\]: SASL LOGIN authentication failed: authentication failure 2019-09-03T19:30:07.384432ns1.unifynetsol.net postfix/smtpd\[4643\]: warning: unknown\[185.234.218.124\]: SASL LOGIN authentication failed: authentication failure 2019-09-03T19:40:03.817931ns1.unifynetsol.net postfix/smtpd\[5243\]: warning: unknown\[185.234.218.124\]: SASL LOGIN authentication failed: authentication failure	2019-09-03 23:17:09
201.22.95.52	attack	Sep 3 13:11:16 nextcloud sshd\[22343\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.22.95.52 user=root Sep 3 13:11:18 nextcloud sshd\[22343\]: Failed password for root from 201.22.95.52 port 53853 ssh2 Sep 3 13:17:19 nextcloud sshd\[31595\]: Invalid user tipodirect from 201.22.95.52 Sep 3 13:17:19 nextcloud sshd\[31595\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.22.95.52 ...	2019-09-03 23:18:25
160.20.52.22	attack	Unauthorized connection attempt from IP address 160.20.52.22 on Port 445(SMB)	2019-09-03 23:35:55
187.45.124.131	attackbotsspam	Sep 3 10:59:14 vtv3 sshd\[30593\]: Invalid user marif from 187.45.124.131 port 36440 Sep 3 10:59:14 vtv3 sshd\[30593\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.45.124.131 Sep 3 10:59:16 vtv3 sshd\[30593\]: Failed password for invalid user marif from 187.45.124.131 port 36440 ssh2 Sep 3 11:04:18 vtv3 sshd\[569\]: Invalid user weblogic from 187.45.124.131 port 62503 Sep 3 11:04:18 vtv3 sshd\[569\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.45.124.131 Sep 3 11:18:46 vtv3 sshd\[7954\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.45.124.131 user=root Sep 3 11:18:48 vtv3 sshd\[7954\]: Failed password for root from 187.45.124.131 port 2738 ssh2 Sep 3 11:23:46 vtv3 sshd\[10496\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.45.124.131 user=root Sep 3 11:23:49 vtv3 sshd\[10496\]: Failed password for ro	2019-09-04 00:02:56
106.12.6.74	attack	$f2bV_matches	2019-09-04 00:00:51
43.225.108.51	attackbots	43.225.108.51 - - [03/Sep/2019:13:53:52 +0200] "GET /wp-login.php HTTP/1.1" 200 1301 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 43.225.108.51 - - [03/Sep/2019:13:54:01 +0200] "POST /wp-login.php HTTP/1.1" 200 1704 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 43.225.108.51 - - [03/Sep/2019:13:54:02 +0200] "GET /wp-login.php HTTP/1.1" 200 1301 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 43.225.108.51 - - [03/Sep/2019:13:54:09 +0200] "POST /wp-login.php HTTP/1.1" 200 1684 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 43.225.108.51 - - [03/Sep/2019:13:54:11 +0200] "GET /wp-login.php HTTP/1.1" 200 1301 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 43.225.108.51 - - [03/Sep/2019:13:54:19 +0200] "POST /wp-login.php HTTP/1.1" 200 1688 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-09-03 23:15:21
181.40.122.2	attackspam	Aug 14 18:41:36 Server10 sshd[22210]: Invalid user perez from 181.40.122.2 port 47322 Aug 14 18:41:36 Server10 sshd[22210]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.40.122.2 Aug 14 18:41:38 Server10 sshd[22210]: Failed password for invalid user perez from 181.40.122.2 port 47322 ssh2	2019-09-03 23:45:06
200.196.55.94	attackbots	Unauthorized connection attempt from IP address 200.196.55.94 on Port 445(SMB)	2019-09-03 23:40:48
185.137.111.136	attack	Exceeded maximum number of incorrect SMTP login attempts	2019-09-03 22:55:59
177.85.62.127	attackspambots	failed_logins	2019-09-03 23:51:13
147.135.210.187	attackspambots	Sep 3 01:40:08 web1 sshd\[3908\]: Invalid user briana from 147.135.210.187 Sep 3 01:40:08 web1 sshd\[3908\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.135.210.187 Sep 3 01:40:11 web1 sshd\[3908\]: Failed password for invalid user briana from 147.135.210.187 port 36638 ssh2 Sep 3 01:44:05 web1 sshd\[4318\]: Invalid user test4 from 147.135.210.187 Sep 3 01:44:05 web1 sshd\[4318\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.135.210.187	2019-09-03 23:34:35
106.12.220.192	attackspam	Sep 3 17:26:18 hosting sshd[26580]: Invalid user dujoey from 106.12.220.192 port 45476 ...	2019-09-03 23:02:31

Recently Reported IPs

218.26.172.61	14.169.219.156	161.0.158.172	156.194.130.10
184.82.193.253	83.20.207.37	153.37.97.184	35.189.253.58
104.245.145.42	104.211.90.120	45.95.33.112	83.135.138.20
187.120.216.22	178.128.85.156	139.217.131.17	167.250.98.11
122.51.87.23	178.219.84.175	185.131.155.180	167.249.44.194