27.121.85.242 - IPInfo

Basic Info

City: Pekanbaru

Region: Riau

Country: Indonesia

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 27.121.85.242
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 48228
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;27.121.85.242.			IN	A

;; AUTHORITY SECTION:
.			29	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2023051400 1800 900 604800 86400

;; Query time: 67 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun May 14 15:44:20 CST 2023
;; MSG SIZE  rcvd: 106

Host info

Host 242.85.121.27.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 242.85.121.27.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
5.149.78.122	attackbots	Brute force attempt	2020-08-09 14:37:59
45.181.228.1	attackspambots	k+ssh-bruteforce	2020-08-09 14:45:34
196.65.247.142	attack	Try to hack with python script or wget or shell or curl or other script..	2020-08-09 14:43:40
46.101.84.165	attack	Automatic report - Banned IP Access	2020-08-09 15:13:37
106.75.119.202	attack	Aug 9 08:44:21 fhem-rasp sshd[20876]: Failed password for root from 106.75.119.202 port 41573 ssh2 Aug 9 08:44:22 fhem-rasp sshd[20876]: Disconnected from authenticating user root 106.75.119.202 port 41573 [preauth] ...	2020-08-09 14:58:52
91.104.29.16	attack	(sshd) Failed SSH login from 91.104.29.16 (HU/Hungary/netacc-gpn-104-29-16.pool.telenor.hu): 10 in the last 3600 secs	2020-08-09 14:53:18
212.64.43.52	attack	SSH brutforce	2020-08-09 14:48:53
117.102.114.74	attackbots	Dovecot Invalid User Login Attempt.	2020-08-09 14:58:24
37.59.47.52	attack	37.59.47.52 - - [09/Aug/2020:04:52:51 +0100] "POST /wp-login.php HTTP/1.1" 200 1968 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 37.59.47.52 - - [09/Aug/2020:04:52:52 +0100] "POST /wp-login.php HTTP/1.1" 200 1952 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 37.59.47.52 - - [09/Aug/2020:04:52:52 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-09 14:56:32
115.84.112.138	attackbotsspam	$f2bV_matches	2020-08-09 14:40:30
49.88.112.113	attack	Aug 9 08:44:09 OPSO sshd\[22966\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.113 user=root Aug 9 08:44:10 OPSO sshd\[22966\]: Failed password for root from 49.88.112.113 port 42207 ssh2 Aug 9 08:44:12 OPSO sshd\[22966\]: Failed password for root from 49.88.112.113 port 42207 ssh2 Aug 9 08:44:15 OPSO sshd\[22966\]: Failed password for root from 49.88.112.113 port 42207 ssh2 Aug 9 08:45:09 OPSO sshd\[23311\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.113 user=root	2020-08-09 14:51:23
222.186.30.59	attackbots	port scan and connect, tcp 22 (ssh)	2020-08-09 15:05:35
51.210.121.138	attack	/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "122"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [uri "/wp-admin/admin-ajax.php"] [unique_id "Xy@Ik7wmSMAvlZu6kMRDOgAAAQs"] [Sun Aug 09 05:24:23.031827 2020] [:error] [pid 1855735:tid 47170867189504] [client 51.210.121.138:65172] [client 51.210.121.138] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "122"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [uri "/blog/.env"] [unique_id "Xy@Ih@-3@omul6lYgQiWOQAAAJI"] [Sun Aug 09 05:24:17.303877 2020] [:error] [pid 1855736:tid 47170844075776] [client 51.210.121.138:52153] [client 51.210.121.138] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_ap	2020-08-09 15:12:17
200.87.178.137	attackbots	Banned for a week because repeated abuses, for example SSH, but not only	2020-08-09 15:08:58
139.59.116.243	attackbotsspam	Port scan denied	2020-08-09 15:13:05

Recently Reported IPs

140.116.157.43	140.116.92.22	149.169.65.107	140.127.51.164
131.156.180.211	120.113.185.61	140.116.88.172	157.181.167.157
212.235.180.83	140.116.48.213	103.212.43.139	140.116.36.197
185.207.178.202	134.208.25.190	140.116.214.253	194.210.112.146
210.240.242.15	82.132.118.218	128.171.158.10	160.28.50.157