182.242.138.21

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: ChinaNet Yunnan Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Unauthorized connection attempt detected from IP address 182.242.138.21 to port 2220 [J]	2020-02-23 19:51:27

Comments on same subnet:

IP	Type	Details	Datetime
182.242.138.147	attackspam	Repeated brute force against a port	2020-04-26 22:33:51
182.242.138.4	attackspam	Invalid user bj from 182.242.138.4 port 49018	2020-04-19 01:59:12
182.242.138.4	attack	Invalid user admin123 from 182.242.138.4 port 43302	2020-04-18 06:57:07
182.242.138.4	attackspambots	Apr 17 00:54:44 firewall sshd[18202]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.242.138.4 user=root Apr 17 00:54:46 firewall sshd[18202]: Failed password for root from 182.242.138.4 port 44484 ssh2 Apr 17 00:58:22 firewall sshd[18294]: Invalid user test from 182.242.138.4 ...	2020-04-17 13:16:56
182.242.138.4	attackbotsspam	3x Failed Password	2020-04-17 02:48:04
182.242.138.236	attack	Unauthorized connection attempt detected from IP address 182.242.138.236 to port 22 [T]	2020-04-15 02:33:47
182.242.138.236	attackbots	"SSH brute force auth login attempt."	2020-01-23 17:12:53
182.242.138.236	attack	$f2bV_matches	2020-01-22 18:55:17
182.242.138.236	attackspam	Nov 28 12:12:57 penfold sshd[24537]: Invalid user shuffler from 182.242.138.236 port 45944 Nov 28 12:12:57 penfold sshd[24537]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.242.138.236 Nov 28 12:13:00 penfold sshd[24537]: Failed password for invalid user shuffler from 182.242.138.236 port 45944 ssh2 Nov 28 12:13:00 penfold sshd[24537]: Received disconnect from 182.242.138.236 port 45944:11: Bye Bye [preauth] Nov 28 12:13:00 penfold sshd[24537]: Disconnected from 182.242.138.236 port 45944 [preauth] Nov 28 12:18:00 penfold sshd[24918]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.242.138.236 user=r.r Nov 28 12:18:02 penfold sshd[24918]: Failed password for r.r from 182.242.138.236 port 52566 ssh2 Nov 28 12:18:02 penfold sshd[24918]: Received disconnect from 182.242.138.236 port 52566:11: Bye Bye [preauth] Nov 28 12:18:02 penfold sshd[24918]: Disconnected from 182.242.138.236 p........ -------------------------------	2019-11-30 00:57:38
182.242.138.147	attackspambots	Nov 25 19:02:04 ns382633 sshd\[12261\]: Invalid user printing from 182.242.138.147 port 37798 Nov 25 19:02:04 ns382633 sshd\[12261\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.242.138.147 Nov 25 19:02:06 ns382633 sshd\[12261\]: Failed password for invalid user printing from 182.242.138.147 port 37798 ssh2 Nov 25 19:21:09 ns382633 sshd\[17237\]: Invalid user ident from 182.242.138.147 port 48706 Nov 25 19:21:09 ns382633 sshd\[17237\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.242.138.147	2019-11-26 03:14:23
182.242.138.147	attackspam	Nov 23 07:45:02 www sshd\[19096\]: Invalid user eric from 182.242.138.147 port 55926 ...	2019-11-23 19:47:46

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 182.242.138.21
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10507
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;182.242.138.21.			IN	A

;; AUTHORITY SECTION:
.			345	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020022300 1800 900 604800 86400

;; Query time: 93 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 23 19:51:21 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 21.138.242.182.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 21.138.242.182.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
139.155.86.130	attackspam	Bruteforce detected by fail2ban	2020-06-07 20:04:12
186.250.18.142	attackbotsspam	f2b trigger Multiple SASL failures	2020-06-07 19:53:29
125.24.168.23	attackbots	20/6/6@23:46:21: FAIL: Alarm-Network address from=125.24.168.23 20/6/6@23:46:21: FAIL: Alarm-Network address from=125.24.168.23 ...	2020-06-07 19:50:55
103.145.12.131	attackspam	Trying ports that it shouldn't be.	2020-06-07 19:46:39
123.50.236.77	attackspambots	Automatic report - Banned IP Access	2020-06-07 20:11:27
139.199.164.21	attackbotsspam	Jun 7 14:01:49 nextcloud sshd\[5983\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.164.21 user=root Jun 7 14:01:51 nextcloud sshd\[5983\]: Failed password for root from 139.199.164.21 port 41624 ssh2 Jun 7 14:09:58 nextcloud sshd\[18933\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.164.21 user=root	2020-06-07 20:18:10
201.187.99.212	attack	TCP (SYN) 201.187.99.212:7199 -> port 80, len 44	2020-06-07 19:58:32
185.220.101.195	attackspam	Jun 7 14:09:44 [Censored Hostname] sshd[23514]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.220.101.195 Jun 7 14:09:47 [Censored Hostname] sshd[23514]: Failed password for invalid user admin from 185.220.101.195 port 11072 ssh2[...]	2020-06-07 20:25:23
195.29.14.102	attack	Unauthorized connection attempt from IP address 195.29.14.102 on Port 445(SMB)	2020-06-07 20:11:11
218.92.0.145	attackspam	Jun 7 13:49:55 abendstille sshd\[7019\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.145 user=root Jun 7 13:49:57 abendstille sshd\[7019\]: Failed password for root from 218.92.0.145 port 49407 ssh2 Jun 7 13:50:00 abendstille sshd\[7019\]: Failed password for root from 218.92.0.145 port 49407 ssh2 Jun 7 13:50:01 abendstille sshd\[7047\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.145 user=root Jun 7 13:50:03 abendstille sshd\[7047\]: Failed password for root from 218.92.0.145 port 31142 ssh2 ...	2020-06-07 19:54:41
189.207.242.100	attackspambots	Automatic report - Windows Brute-Force Attack	2020-06-07 19:46:10
176.113.115.130	attackbotsspam	RDP brute force across this entire class C sub-net	2020-06-07 19:48:44
112.25.69.13	attack	Jun 7 02:04:32 web1 sshd\[21941\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.25.69.13 user=root Jun 7 02:04:35 web1 sshd\[21941\]: Failed password for root from 112.25.69.13 port 37738 ssh2 Jun 7 02:07:13 web1 sshd\[22214\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.25.69.13 user=root Jun 7 02:07:15 web1 sshd\[22214\]: Failed password for root from 112.25.69.13 port 12778 ssh2 Jun 7 02:09:48 web1 sshd\[22476\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.25.69.13 user=root	2020-06-07 20:22:25
190.210.164.141	attack	Jun 7 10:07:51 gw1 sshd[25705]: Failed password for root from 190.210.164.141 port 54939 ssh2 ...	2020-06-07 19:52:54
162.12.217.214	attackspam	$f2bV_matches	2020-06-07 20:29:49

Recently Reported IPs

92.18.21.10	88.25.179.151	86.106.144.152	84.47.171.253
82.81.99.28	61.230.15.139	61.177.77.134	60.248.246.4
59.30.114.37	59.23.205.191	3.160.7.22	180.32.35.226
176.101.51.41	46.201.145.254	45.79.34.247	45.65.128.250
115.209.240.170	42.115.250.141	39.118.185.240	202.232.142.43