131.196.138.9 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): None

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 131.196.138.9
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 33999
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;131.196.138.9.			IN	A

;; AUTHORITY SECTION:
.			556	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022030802 1800 900 604800 86400

;; Query time: 74 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Mar 09 05:31:23 CST 2022
;; MSG SIZE  rcvd: 106

HOST信息:

9.138.196.131.in-addr.arpa domain name pointer 131-196-138-9.customer.invistanet.com.br.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
9.138.196.131.in-addr.arpa	name = 131-196-138-9.customer.invistanet.com.br.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
49.235.23.20	attackspambots	Feb 1 07:14:20 hosting180 sshd[10632]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.23.20 user=ftp Feb 1 07:14:22 hosting180 sshd[10632]: Failed password for ftp from 49.235.23.20 port 59465 ssh2 ...	2020-02-01 15:06:45
194.78.225.106	attack	Feb 1 07:04:39 mailserver postfix/smtpd[45697]: disconnect from unknown[194.78.225.106] Feb 1 07:05:45 mailserver postfix/smtpd[45697]: connect from unknown[194.78.225.106] Feb 1 07:05:45 mailserver postfix/smtpd[45697]: NOQUEUE: reject: RCPT from unknown[194.78.225.106]: 450 4.7.1 Client host rejected: cannot find your hostname, [194.78.225.106]; from=<> to=<[hidden]> proto=ESMTP helo= Feb 1 07:05:45 mailserver postfix/smtpd[45697]: disconnect from unknown[194.78.225.106] Feb 1 08:15:23 mailserver postfix/smtpd[46106]: connect from unknown[194.78.225.106] Feb 1 08:15:24 mailserver postfix/smtpd[46106]: NOQUEUE: reject: RCPT from unknown[194.78.225.106]: 450 4.7.1 Client host rejected: cannot find your hostname, [194.78.225.106]; from=<> to=<[hidden]> proto=ESMTP helo= Feb 1 08:15:24 mailserver postfix/smtpd[46106]: disconnect from unknown[194.78.225.106] Feb 1 08:16:27 mailserver postfix/smtpd[46106]: connect from unknown[194.78.225.106] Feb 1 08:16:27 mailserver postfix/	2020-02-01 15:44:54
52.66.136.113	attack	[SatFeb0107:51:58.0132962020][:error][pid12204:tid47392804058880][client52.66.136.113:36372][client52.66.136.113]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch"$\?:\\\\\\\\b\(\?:\\\\\\\\.\(\?:ht\(\?:access\\|passwd\\|group$\\|www_\?acl\)\\|global\\\\\\\\.asa\\|httpd\\\\\\\\.conf\\|boot\\\\\\\\.ini\\|web.config\)\\\\\\\\b\\|$\\|\^\\|\\\\\\\\.\\\\\\\\.$/etc/\\|/\\\\\\\\.$\?:history\\|bash_history\\|sh_history\\|env$\$\)"atREQUEST_FILENAME.[file"/usr/local/apache.ea3/conf/modsec_rules/10_asl_rules.conf"][line"211"][id"390709"][rev"30"][msg"Atomicorp.comWAFRules:Attempttoaccessprotectedfileremotely"][data"/.env"][severity"CRITICAL"][hostname"www.parrocchiaditesserete.ch"][uri"/.env"][unique_id"XjUgDlBIXxWR23kZycYuOwAAAJU"][SatFeb0108:32:02.0148982020][:error][pid12116:tid47392795653888][client52.66.136.113:48978][client52.66.136.113]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch"$\?:\\\\\\\\b\(\?:\\\\\\\\.\(\?:ht\(\?:access\\|passwd\\|group$\\|www_\?acl\)\\|global\\\\\\\\.asa\	2020-02-01 15:37:05
122.51.135.40	attack	xmlrpc attack	2020-02-01 15:40:19
77.247.109.100	attack	Feb 1 06:57:30 vps339862 kernel: \[5209424.138454\] \[iptables\] PORT DENIED: IN=eth0 OUT= MAC=fa:16:3e:65:a1:f6:22:9b:64:31:28:de:08:00 SRC=77.247.109.100 DST=51.254.206.43 LEN=429 TOS=0x00 PREC=0x00 TTL=51 ID=1379 DF PROTO=UDP SPT=5151 DPT=5084 LEN=409 Feb 1 06:57:30 vps339862 kernel: \[5209424.138454\] \[iptables\] PORT DENIED: IN=eth0 OUT= MAC=fa:16:3e:65:a1:f6:22:9b:64:31:28:de:08:00 SRC=77.247.109.100 DST=51.254.206.43 LEN=427 TOS=0x00 PREC=0x00 TTL=51 ID=1381 DF PROTO=UDP SPT=5151 DPT=5065 LEN=407 Feb 1 06:57:30 vps339862 kernel: \[5209424.152380\] \[iptables\] PORT DENIED: IN=eth0 OUT= MAC=fa:16:3e:65:a1:f6:22:9b:64:31:28:de:08:00 SRC=77.247.109.100 DST=51.254.206.43 LEN=427 TOS=0x00 PREC=0x00 TTL=51 ID=1377 DF PROTO=UDP SPT=5151 DPT=5064 LEN=407 Feb 1 06:57:30 vps339862 kernel: \[5209424.152500\] \[iptables\] PORT DENIED: IN=eth0 OUT= MAC=fa:16:3e:65:a1:f6:22:9b:64:31:28:de:08:00 SRC=77.247.109.100 DST=51.254.206.43 LEN=429 TOS=0x00 PREC=0x00 TTL=51 ID=1378 DF PROTO=UDP ...	2020-02-01 15:36:30
35.180.232.167	attack	B: Abusive content scan (301)	2020-02-01 15:41:57
150.109.63.204	attackbotsspam	frenzy	2020-02-01 15:18:02
139.155.20.146	attackspam	Feb 1 07:23:39 legacy sshd[6096]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.20.146 Feb 1 07:23:41 legacy sshd[6096]: Failed password for invalid user odoo from 139.155.20.146 port 54460 ssh2 Feb 1 07:26:29 legacy sshd[6217]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.20.146 ...	2020-02-01 15:08:47
49.234.206.45	attackspambots	Feb 1 07:19:18 legacy sshd[5873]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.206.45 Feb 1 07:19:20 legacy sshd[5873]: Failed password for invalid user arkserver from 49.234.206.45 port 36638 ssh2 Feb 1 07:23:35 legacy sshd[6083]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.206.45 ...	2020-02-01 15:15:19
222.186.30.31	attack	2020-02-01T08:22:31.920889scmdmz1 sshd[10465]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.31 user=root 2020-02-01T08:22:33.893279scmdmz1 sshd[10465]: Failed password for root from 222.186.30.31 port 44668 ssh2 2020-02-01T08:22:37.383509scmdmz1 sshd[10465]: Failed password for root from 222.186.30.31 port 44668 ssh2 2020-02-01T08:22:31.920889scmdmz1 sshd[10465]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.31 user=root 2020-02-01T08:22:33.893279scmdmz1 sshd[10465]: Failed password for root from 222.186.30.31 port 44668 ssh2 2020-02-01T08:22:37.383509scmdmz1 sshd[10465]: Failed password for root from 222.186.30.31 port 44668 ssh2 2020-02-01T08:22:31.920889scmdmz1 sshd[10465]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.31 user=root 2020-02-01T08:22:33.893279scmdmz1 sshd[10465]: Failed password for root from 222.186.30.31 port 44668 ssh2 2020-02-0	2020-02-01 15:26:10
52.58.96.173	attack	Restricted File Access Requests (0x363685-Q11-XjUN3V8tBRYn-R@F3orj9gAAAFM) Bot disrespecting robots.txt (0x393779-Z61-XjUN3V8tBRYn-R@F3orj9gAAAFM)	2020-02-01 15:41:08
49.145.229.80	attackspambots	1580532948 - 02/01/2020 05:55:48 Host: 49.145.229.80/49.145.229.80 Port: 445 TCP Blocked	2020-02-01 15:09:27
193.26.21.113	attackspam	spam	2020-02-01 15:23:05
140.143.236.53	attack	Feb 1 08:08:04 pkdns2 sshd\[47819\]: Invalid user test from 140.143.236.53Feb 1 08:08:06 pkdns2 sshd\[47819\]: Failed password for invalid user test from 140.143.236.53 port 35025 ssh2Feb 1 08:12:55 pkdns2 sshd\[48010\]: Invalid user minecraft from 140.143.236.53Feb 1 08:12:57 pkdns2 sshd\[48010\]: Failed password for invalid user minecraft from 140.143.236.53 port 49901 ssh2Feb 1 08:17:55 pkdns2 sshd\[48213\]: Invalid user melissa from 140.143.236.53Feb 1 08:17:57 pkdns2 sshd\[48213\]: Failed password for invalid user melissa from 140.143.236.53 port 36548 ssh2 ...	2020-02-01 15:51:45
112.25.176.62	attackbotsspam	Feb 1 03:32:40 wh01 sshd[7509]: Did not receive identification string from 112.25.176.62 port 60642 Feb 1 05:54:47 wh01 sshd[19031]: Invalid user netscreen from 112.25.176.62 port 34177 Feb 1 05:54:48 wh01 sshd[19031]: Failed password for invalid user netscreen from 112.25.176.62 port 34177 ssh2 Feb 1 05:54:48 wh01 sshd[19031]: Connection closed by 112.25.176.62 port 34177 [preauth] Feb 1 05:54:50 wh01 sshd[19033]: Failed password for root from 112.25.176.62 port 34849 ssh2 Feb 1 05:54:50 wh01 sshd[19033]: Connection closed by 112.25.176.62 port 34849 [preauth]	2020-02-01 15:48:08

最近上报的IP列表

51.175.201.240	118.172.236.80	131.196.14.116	131.196.14.114
131.196.14.159	131.196.14.149	131.196.14.203	131.196.141.1
131.196.14.231	131.196.14.235	131.196.14.232	131.196.141.100
131.196.14.82	131.196.141.10	118.172.237.113	131.196.141.103
131.196.141.104	131.196.141.106	118.172.237.141	131.196.141.108