138.118.103.148

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Brazil

运营商(isp): Linenet Suprimentos Para Informatica Ltda-ME

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Unauthorized connection attempt detected from IP address 138.118.103.148 to port 8080 [J]	2020-01-12 23:03:02

相同子网IP讨论:

IP	类型	评论内容	时间
138.118.103.139	attackspambots	Automatic report - Port Scan Attack	2020-05-25 03:53:07
138.118.103.184	attackspambots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/138.118.103.184/ BR - 1H : (275) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : BR NAME ASN : ASN52708 IP : 138.118.103.184 CIDR : 138.118.102.0/23 PREFIX COUNT : 5 UNIQUE IP COUNT : 2048 ATTACKS DETECTED ASN52708 : 1H - 2 3H - 2 6H - 2 12H - 4 24H - 4 DateTime : 2020-03-13 21:12:03 INFO : HACK ! - Looking for resource vulnerabilities Scan Detected and Blocked by ADMIN - data recovery	2020-03-14 08:54:56
138.118.103.241	attackbotsspam	Unauthorized connection attempt detected from IP address 138.118.103.241 to port 8080 [J]	2020-01-22 23:01:25
138.118.103.172	attack	Automatic report - Port Scan Attack	2019-11-06 18:49:43
138.118.103.128	attackbots	Automatic report - Port Scan Attack	2019-09-17 04:41:54

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.118.103.148
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 52925
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.118.103.148.		IN	A

;; AUTHORITY SECTION:
.			447	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020011200 1800 900 604800 86400

;; Query time: 61 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jan 12 23:02:55 CST 2020
;; MSG SIZE  rcvd: 119

HOST信息:

148.103.118.138.in-addr.arpa domain name pointer dynamic-138-118-103-148.linenet.net.br.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
148.103.118.138.in-addr.arpa	name = dynamic-138-118-103-148.linenet.net.br.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
192.81.215.176	attack	Sep 24 05:00:49 TORMINT sshd\[1764\]: Invalid user commando from 192.81.215.176 Sep 24 05:00:49 TORMINT sshd\[1764\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.81.215.176 Sep 24 05:00:51 TORMINT sshd\[1764\]: Failed password for invalid user commando from 192.81.215.176 port 44084 ssh2 ...	2019-09-24 17:09:52
159.203.143.58	attack	Sep 24 10:13:41 Ubuntu-1404-trusty-64-minimal sshd\[26214\]: Invalid user pi from 159.203.143.58 Sep 24 10:13:41 Ubuntu-1404-trusty-64-minimal sshd\[26214\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.143.58 Sep 24 10:13:43 Ubuntu-1404-trusty-64-minimal sshd\[26214\]: Failed password for invalid user pi from 159.203.143.58 port 48778 ssh2 Sep 24 10:32:07 Ubuntu-1404-trusty-64-minimal sshd\[11303\]: Invalid user cvsuser from 159.203.143.58 Sep 24 10:32:07 Ubuntu-1404-trusty-64-minimal sshd\[11303\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.143.58	2019-09-24 17:12:05
49.88.112.68	attack	2019-09-23 11:21:11,654 fail2ban.actions \[946\]: NOTICE \[sshd\] Ban 49.88.112.68 2019-09-23 11:51:58,194 fail2ban.actions \[946\]: NOTICE \[sshd\] Ban 49.88.112.68 2019-09-23 12:22:31,738 fail2ban.actions \[946\]: NOTICE \[sshd\] Ban 49.88.112.68 2019-09-23 12:53:16,885 fail2ban.actions \[946\]: NOTICE \[sshd\] Ban 49.88.112.68 2019-09-24 06:59:31,217 fail2ban.actions \[946\]: NOTICE \[sshd\] Ban 49.88.112.68 ...	2019-09-24 17:07:40
14.2.190.194	attackbotsspam	Sep 23 22:59:20 web9 sshd\[8349\]: Invalid user qsvr from 14.2.190.194 Sep 23 22:59:20 web9 sshd\[8349\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.2.190.194 Sep 23 22:59:22 web9 sshd\[8349\]: Failed password for invalid user qsvr from 14.2.190.194 port 48679 ssh2 Sep 23 23:07:49 web9 sshd\[9993\]: Invalid user rashid from 14.2.190.194 Sep 23 23:07:49 web9 sshd\[9993\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.2.190.194	2019-09-24 17:11:08
220.92.16.78	attack	Sep 24 08:13:13 XXX sshd[54762]: Invalid user ofsaa from 220.92.16.78 port 36128	2019-09-24 16:47:18
213.133.3.8	attackbotsspam	Sep 24 07:07:45 tuotantolaitos sshd[32143]: Failed password for root from 213.133.3.8 port 35935 ssh2 ...	2019-09-24 17:01:01
81.22.45.25	attack	Sep 24 10:41:46 lumpi kernel: INPUT:DROP:SPAMHAUS_EDROP:IN=eth0 OUT= MAC=52:54:a2:01:a5:04:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.25 DST=172.31.1.100 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=52820 PROTO=TCP SPT=55292 DPT=7006 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-09-24 16:51:01
79.11.181.225	attackspambots	Sep 24 07:08:08 tuotantolaitos sshd[32158]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=79.11.181.225 Sep 24 07:08:10 tuotantolaitos sshd[32158]: Failed password for invalid user haldaemon from 79.11.181.225 port 49952 ssh2 ...	2019-09-24 16:57:26
81.22.45.165	attackbots	Sep 24 09:54:02 h2177944 kernel: \[2187953.331075\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=81.22.45.165 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=37512 PROTO=TCP SPT=57112 DPT=7484 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 24 10:05:50 h2177944 kernel: \[2188660.625895\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=81.22.45.165 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=62523 PROTO=TCP SPT=57112 DPT=7378 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 24 10:12:09 h2177944 kernel: \[2189040.004616\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=81.22.45.165 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=4699 PROTO=TCP SPT=57112 DPT=7452 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 24 10:27:48 h2177944 kernel: \[2189979.217633\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=81.22.45.165 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=13690 PROTO=TCP SPT=57112 DPT=7375 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 24 10:46:22 h2177944 kernel: \[2191093.128487\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=81.22.45.165 DST=85.214.117.9 LEN=4	2019-09-24 16:49:38
106.12.13.138	attackspambots	Sep 24 10:41:39 mail sshd\[9800\]: Invalid user test5 from 106.12.13.138 port 56402 Sep 24 10:41:39 mail sshd\[9800\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.13.138 Sep 24 10:41:41 mail sshd\[9800\]: Failed password for invalid user test5 from 106.12.13.138 port 56402 ssh2 Sep 24 10:46:52 mail sshd\[10537\]: Invalid user dg from 106.12.13.138 port 39572 Sep 24 10:46:52 mail sshd\[10537\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.13.138	2019-09-24 17:06:15
186.212.190.28	attackspam	Automatic report - Port Scan Attack	2019-09-24 16:46:09
86.98.0.194	attack	[TueSep2405:52:35.6778572019][:error][pid27327:tid46955268933376][client86.98.0.194:50230][client86.98.0.194]ModSecurity:Accessdeniedwithcode403\(phase2\).Matchof"rx\(MSWebServicesClientProtocol\\|WormlyBot\\|webauth@cmcm\\\\\\\\.com\)"against"REQUEST_HEADERS:User-Agent"required.[file"/usr/local/apache.ea3/conf/modsec_rules/20_asl_useragents.conf"][line"395"][id"397989"][rev"1"][msg"Atomicorp.comWAFRules:MSIE6.0detected\(DisableifyouwanttoallowMSIE6\)"][severity"WARNING"][hostname"pharabouth.com"][uri"/"][unique_id"XYmTA5LJKR5WycMV0a2HYAAAAUc"][TueSep2405:52:38.3198602019][:error][pid27329:tid46955275237120][client86.98.0.194:50235][client86.98.0.194]ModSecurity:Accessdeniedwithcode403\(phase2\).Matchof"rx\(MSWebServicesClientProtocol\\|WormlyBot\\|webauth@cmcm\\\\\\\\.com\)"against"REQUEST_HEADERS:User-Agent"required.[file"/usr/local/apache.ea3/conf/modsec_rules/20_asl_useragents.conf"][line"395"][id"397989"][rev"1"][msg"Atomicorp.comWAFRules:MSIE6.0detected\(Disableifyouwantto	2019-09-24 16:33:53
106.12.211.247	attackbots	Sep 24 04:15:19 xtremcommunity sshd\[423500\]: Invalid user library from 106.12.211.247 port 51544 Sep 24 04:15:19 xtremcommunity sshd\[423500\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.211.247 Sep 24 04:15:22 xtremcommunity sshd\[423500\]: Failed password for invalid user library from 106.12.211.247 port 51544 ssh2 Sep 24 04:21:03 xtremcommunity sshd\[423643\]: Invalid user ingrid from 106.12.211.247 port 35688 Sep 24 04:21:03 xtremcommunity sshd\[423643\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.211.247 ...	2019-09-24 16:37:04
198.50.175.247	attack	Sep 24 04:21:43 ny01 sshd[12928]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.50.175.247 Sep 24 04:21:45 ny01 sshd[12928]: Failed password for invalid user zb from 198.50.175.247 port 37189 ssh2 Sep 24 04:25:32 ny01 sshd[14031]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.50.175.247	2019-09-24 16:32:08
45.55.176.173	attack	2019-09-24T08:01:31.426727 sshd[8001]: Invalid user qwerty from 45.55.176.173 port 58535 2019-09-24T08:01:31.442509 sshd[8001]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.176.173 2019-09-24T08:01:31.426727 sshd[8001]: Invalid user qwerty from 45.55.176.173 port 58535 2019-09-24T08:01:33.578177 sshd[8001]: Failed password for invalid user qwerty from 45.55.176.173 port 58535 ssh2 2019-09-24T08:05:45.321615 sshd[8039]: Invalid user submitter from 45.55.176.173 port 50346 ...	2019-09-24 16:54:00

最近上报的IP列表

42.200.226.46	42.98.69.34	195.210.223.69	31.217.222.223
2.187.223.225	2.186.121.237	1.32.12.21	220.240.10.80
213.232.127.216	213.81.148.130	205.243.127.225	200.93.75.44
200.18.122.125	197.45.103.228	191.23.2.19	190.232.37.51
190.177.147.182	190.163.216.217	189.29.241.118	187.95.181.164