138.118.103.148

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Brazil

运营商(isp): Linenet Suprimentos Para Informatica Ltda-ME

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Unauthorized connection attempt detected from IP address 138.118.103.148 to port 8080 [J]	2020-01-12 23:03:02

相同子网IP讨论:

IP	类型	评论内容	时间
138.118.103.139	attackspambots	Automatic report - Port Scan Attack	2020-05-25 03:53:07
138.118.103.184	attackspambots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/138.118.103.184/ BR - 1H : (275) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : BR NAME ASN : ASN52708 IP : 138.118.103.184 CIDR : 138.118.102.0/23 PREFIX COUNT : 5 UNIQUE IP COUNT : 2048 ATTACKS DETECTED ASN52708 : 1H - 2 3H - 2 6H - 2 12H - 4 24H - 4 DateTime : 2020-03-13 21:12:03 INFO : HACK ! - Looking for resource vulnerabilities Scan Detected and Blocked by ADMIN - data recovery	2020-03-14 08:54:56
138.118.103.241	attackbotsspam	Unauthorized connection attempt detected from IP address 138.118.103.241 to port 8080 [J]	2020-01-22 23:01:25
138.118.103.172	attack	Automatic report - Port Scan Attack	2019-11-06 18:49:43
138.118.103.128	attackbots	Automatic report - Port Scan Attack	2019-09-17 04:41:54

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.118.103.148
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 52925
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.118.103.148.		IN	A

;; AUTHORITY SECTION:
.			447	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020011200 1800 900 604800 86400

;; Query time: 61 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jan 12 23:02:55 CST 2020
;; MSG SIZE  rcvd: 119

HOST信息:

148.103.118.138.in-addr.arpa domain name pointer dynamic-138-118-103-148.linenet.net.br.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
148.103.118.138.in-addr.arpa	name = dynamic-138-118-103-148.linenet.net.br.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
165.22.253.190	attackbotsspam	TCP (SYN) 165.22.253.190:56146 -> port 14002, len 44	2020-07-20 16:47:03
116.108.1.159	attack	Automatic report - Port Scan Attack	2020-07-20 16:52:35
154.160.7.251	attackbotsspam	[Mon Jul 20 00:48:33.152817 2020] [:error] [pid 9064] [client 154.160.7.251:57071] script '/var/www/www.periodicos.ufn.edu.br/html/xWarning.php' not found or unable to stat [Mon Jul 20 00:49:23.443102 2020] [:error] [pid 24705] [client 154.160.7.251:57083] script '/var/www/www.periodicos.ufn.edu.br/html/xWarning.php' not found or unable to stat [Mon Jul 20 00:51:47.979449 2020] [:error] [pid 27914] [client 154.160.7.251:57296] script '/var/www/www.periodicos.ufn.edu.br/html/xWarning.php' not found or unable to stat ...	2020-07-20 16:25:34
132.232.4.140	attackspam	Jul 20 08:34:51 buvik sshd[13112]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.4.140 Jul 20 08:34:53 buvik sshd[13112]: Failed password for invalid user ubuntu from 132.232.4.140 port 35808 ssh2 Jul 20 08:41:01 buvik sshd[14118]: Invalid user fausto from 132.232.4.140 ...	2020-07-20 16:42:09
5.226.137.138	attack	firewall-block, port(s): 5060/udp	2020-07-20 16:48:50
188.254.0.2	attackspambots	Jul 20 10:01:37 inter-technics sshd[14423]: Invalid user test4 from 188.254.0.2 port 33610 Jul 20 10:01:37 inter-technics sshd[14423]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.254.0.2 Jul 20 10:01:37 inter-technics sshd[14423]: Invalid user test4 from 188.254.0.2 port 33610 Jul 20 10:01:39 inter-technics sshd[14423]: Failed password for invalid user test4 from 188.254.0.2 port 33610 ssh2 Jul 20 10:09:46 inter-technics sshd[15134]: Invalid user zxin10 from 188.254.0.2 port 47242 ...	2020-07-20 16:19:16
54.38.185.131	attackbotsspam	$f2bV_matches	2020-07-20 16:29:55
113.160.129.10	attackspam	07/19/2020-23:53:10.190401 113.160.129.10 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2020-07-20 16:21:18
167.99.131.243	attack	Jul 20 02:13:21 server1 sshd\[21216\]: Failed password for invalid user six from 167.99.131.243 port 53126 ssh2 Jul 20 02:17:18 server1 sshd\[23652\]: Invalid user ctw from 167.99.131.243 Jul 20 02:17:18 server1 sshd\[23652\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.131.243 Jul 20 02:17:20 server1 sshd\[23652\]: Failed password for invalid user ctw from 167.99.131.243 port 38632 ssh2 Jul 20 02:21:07 server1 sshd\[24727\]: Invalid user robert from 167.99.131.243 ...	2020-07-20 16:45:16
162.243.128.38	attackbots	MultiHost/MultiPort Probe, Scan, Hack -	2020-07-20 16:37:18
185.86.164.108	attackbots	WordPress login Brute force / Web App Attack on client site.	2020-07-20 16:44:55
187.32.7.108	attack	Jul 20 14:01:31 NG-HHDC-SVS-001 sshd[27791]: Invalid user vvv from 187.32.7.108 ...	2020-07-20 16:50:38
51.158.162.242	attackspam	(sshd) Failed SSH login from 51.158.162.242 (NL/Netherlands/242-162-158-51.instances.scw.cloud): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jul 20 07:56:43 grace sshd[12583]: Invalid user redmine from 51.158.162.242 port 47534 Jul 20 07:56:45 grace sshd[12583]: Failed password for invalid user redmine from 51.158.162.242 port 47534 ssh2 Jul 20 08:10:42 grace sshd[14715]: Invalid user bitrix from 51.158.162.242 port 55034 Jul 20 08:10:44 grace sshd[14715]: Failed password for invalid user bitrix from 51.158.162.242 port 55034 ssh2 Jul 20 08:17:01 grace sshd[15365]: Invalid user royal from 51.158.162.242 port 42244	2020-07-20 16:44:12
176.31.105.14	attackspambots	2020-07-20T07:26:46Z - RDP login failed multiple times. (176.31.105.14)	2020-07-20 16:49:07
206.189.35.138	attackbots	206.189.35.138 - - \[20/Jul/2020:07:51:34 +0200\] "POST /wp-login.php HTTP/1.0" 200 2797 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 206.189.35.138 - - \[20/Jul/2020:07:51:37 +0200\] "POST /wp-login.php HTTP/1.0" 200 2724 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 206.189.35.138 - - \[20/Jul/2020:07:51:39 +0200\] "POST /wp-login.php HTTP/1.0" 200 2762 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2020-07-20 16:34:58

最近上报的IP列表

42.200.226.46	42.98.69.34	195.210.223.69	31.217.222.223
2.187.223.225	2.186.121.237	1.32.12.21	220.240.10.80
213.232.127.216	213.81.148.130	205.243.127.225	200.93.75.44
200.18.122.125	197.45.103.228	191.23.2.19	190.232.37.51
190.177.147.182	190.163.216.217	189.29.241.118	187.95.181.164