138.0.22.243 - IPInfo

基本信息:

城市(city): Juazeiro

省份(region): Bahia

国家(country): Brazil

运营商(isp): Kasatech Provedor de Internet Ltda

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	$f2bV_matches	2019-11-07 13:24:59

相同子网IP讨论:

IP	类型	评论内容	时间
138.0.224.232	attackbotsspam	Unauthorized connection attempt from IP address 138.0.224.232 on Port 445(SMB)	2020-09-01 23:15:44
138.0.227.72	attack	Unauthorized connection attempt detected from IP address 138.0.227.72 to port 8080 [J]	2020-01-31 03:59:20
138.0.227.187	attack	unauthorized connection attempt	2020-01-09 17:39:30
138.0.224.232	attack	Unauthorized connection attempt detected from IP address 138.0.224.232 to port 445	2020-01-01 19:23:36
138.0.227.49	attackspam	port scan and connect, tcp 80 (http)	2019-12-23 00:32:58
138.0.226.76	attackbotsspam	445/tcp [2019-08-09]1pkt	2019-08-09 17:17:56
138.0.227.153	attackbotsspam	port scan and connect, tcp 80 (http)	2019-06-23 17:43:29
138.0.227.88	attack	Request: "GET / HTTP/1.1"	2019-06-22 07:10:30

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.0.22.243
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 11011
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.0.22.243.			IN	A

;; AUTHORITY SECTION:
.			477	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019110602 1800 900 604800 86400

;; Query time: 122 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Nov 07 13:24:52 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 243.22.0.138.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 243.22.0.138.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
152.136.98.80	attackspam	May 26 23:42:30 r.ca sshd[10708]: Failed password for root from 152.136.98.80 port 60576 ssh2	2020-05-27 12:20:38
79.147.28.246	attack	...	2020-05-27 12:01:08
132.232.92.86	attackspam	May 27 05:52:01 eventyay sshd[4418]: Failed password for root from 132.232.92.86 port 39558 ssh2 May 27 05:55:19 eventyay sshd[4486]: Failed password for root from 132.232.92.86 port 47846 ssh2 May 27 05:58:19 eventyay sshd[4601]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.92.86 ...	2020-05-27 12:09:48
185.147.215.8	attack	[2020-05-27 00:18:26] NOTICE[1157] chan_sip.c: Registration from '' failed for '185.147.215.8:62930' - Wrong password [2020-05-27 00:18:26] SECURITY[1173] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-05-27T00:18:26.695-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="7856",SessionID="0x7f5f1039ca78",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.147.215.8/62930",Challenge="1ca31b9f",ReceivedChallenge="1ca31b9f",ReceivedHash="e1ad19c36ab9cac21cec0a8ccbc7e406" [2020-05-27 00:18:52] NOTICE[1157] chan_sip.c: Registration from '' failed for '185.147.215.8:54860' - Wrong password [2020-05-27 00:18:52] SECURITY[1173] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-05-27T00:18:52.608-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="2498",SessionID="0x7f5f100266a8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.147.215.8 ...	2020-05-27 12:26:19
62.173.147.215	attackbotsspam	[2020-05-26 23:57:43] NOTICE[1157][C-00009c1c] chan_sip.c: Call from '' (62.173.147.215:53176) to extension '1770901148221530821' rejected because extension not found in context 'public'. [2020-05-26 23:57:43] SECURITY[1173] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-05-26T23:57:43.444-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="1770901148221530821",SessionID="0x7f5f10787a08",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/62.173.147.215/53176",ACLName="no_extension_match" [2020-05-26 23:58:28] NOTICE[1157][C-00009c20] chan_sip.c: Call from '' (62.173.147.215:63426) to extension '1780901148221530821' rejected because extension not found in context 'public'. [2020-05-26 23:58:28] SECURITY[1173] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-05-26T23:58:28.594-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="1780901148221530821",SessionID="0x7f5f100266a8",LocalAddress="IPV4/UDP/192.168.244.6/5060",Remot ...	2020-05-27 12:01:27
144.217.183.134	attack	144.217.183.134 - - [27/May/2020:05:58:23 +0200] "GET /wp-login.php HTTP/1.1" 200 5865 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 144.217.183.134 - - [27/May/2020:05:58:25 +0200] "POST /wp-login.php HTTP/1.1" 200 6116 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 144.217.183.134 - - [27/May/2020:05:58:26 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-05-27 12:02:20
213.32.111.52	attack	(sshd) Failed SSH login from 213.32.111.52 (FR/France/ip52.ip-213-32-111.eu): 5 in the last 3600 secs	2020-05-27 08:25:05
14.29.182.232	attackbotsspam	SSH Brute Force	2020-05-27 12:27:33
164.132.103.245	attack	Invalid user aranganathan from 164.132.103.245 port 33710	2020-05-27 12:23:10
122.51.62.212	attackbotsspam	2020-05-27T03:53:53.668363shield sshd\[12235\]: Invalid user ftp_user from 122.51.62.212 port 37240 2020-05-27T03:53:53.672060shield sshd\[12235\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.62.212 2020-05-27T03:53:55.436470shield sshd\[12235\]: Failed password for invalid user ftp_user from 122.51.62.212 port 37240 ssh2 2020-05-27T03:58:25.532494shield sshd\[12878\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.62.212 user=root 2020-05-27T03:58:27.969616shield sshd\[12878\]: Failed password for root from 122.51.62.212 port 32976 ssh2	2020-05-27 12:02:50
116.109.58.57	spamattack	Phyck U	2020-05-27 11:50:31
119.29.3.45	attack	$f2bV_matches	2020-05-27 12:20:26
196.53.104.139	attackspambots	odoo8 ...	2020-05-27 12:31:03
178.7.126.168	attackbots	May 27 05:57:45 ovpn sshd\[14310\]: Invalid user pi from 178.7.126.168 May 27 05:57:45 ovpn sshd\[14310\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.7.126.168 May 27 05:57:45 ovpn sshd\[14320\]: Invalid user pi from 178.7.126.168 May 27 05:57:45 ovpn sshd\[14320\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.7.126.168 May 27 05:57:46 ovpn sshd\[14310\]: Failed password for invalid user pi from 178.7.126.168 port 46202 ssh2	2020-05-27 12:27:55
106.13.231.103	attack	Invalid user solr from 106.13.231.103 port 41870	2020-05-27 12:10:36

最近上报的IP列表

62.234.114.126	210.217.124.203	190.60.197.89	51.38.185.246
5.189.151.188	49.51.85.7	117.159.12.214	158.69.116.15
2a01:7c8:aaaa:6f:5054:ff:fe90:4b67	79.67.125.42	60.209.102.63	34.254.74.142
176.107.198.174	220.202.72.141	40.77.167.11	111.74.88.200
123.118.125.78	104.187.32.146	99.29.90.25	79.61.35.16