138.121.16.111

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Brazil

运营商(isp): MicroWebNet - Techlink Telecomunicacoes

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Invalid user admin from 138.121.16.111 port 44172	2020-06-06 01:28:57

相同子网IP讨论:

IP	类型	评论内容	时间
138.121.161.198	attackbotsspam	Feb 16 01:28:50 sd-53420 sshd\[31396\]: Invalid user gmodserver1 from 138.121.161.198 Feb 16 01:28:50 sd-53420 sshd\[31396\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.121.161.198 Feb 16 01:28:52 sd-53420 sshd\[31396\]: Failed password for invalid user gmodserver1 from 138.121.161.198 port 34128 ssh2 Feb 16 01:32:34 sd-53420 sshd\[31830\]: Invalid user osman from 138.121.161.198 Feb 16 01:32:34 sd-53420 sshd\[31830\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.121.161.198 ...	2020-02-16 10:45:04
138.121.161.222	attack	Dec 9 07:39:33 * sshd[8908]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.121.161.222 Dec 9 07:39:35 * sshd[8908]: Failed password for invalid user pugin from 138.121.161.222 port 54959 ssh2	2019-12-09 14:52:21
138.121.161.198	attack	Sep 23 21:05:29 localhost sshd\[77474\]: Invalid user www from 138.121.161.198 port 45582 Sep 23 21:05:29 localhost sshd\[77474\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.121.161.198 Sep 23 21:05:31 localhost sshd\[77474\]: Failed password for invalid user www from 138.121.161.198 port 45582 ssh2 Sep 23 21:10:16 localhost sshd\[77674\]: Invalid user odroid from 138.121.161.198 port 36053 Sep 23 21:10:16 localhost sshd\[77674\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.121.161.198 ...	2019-09-24 06:37:41
138.121.161.198	attackspam	Sep 14 10:37:54 lcdev sshd\[11567\]: Invalid user aDmin from 138.121.161.198 Sep 14 10:37:54 lcdev sshd\[11567\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.121.161.198 Sep 14 10:37:56 lcdev sshd\[11567\]: Failed password for invalid user aDmin from 138.121.161.198 port 57782 ssh2 Sep 14 10:42:42 lcdev sshd\[12047\]: Invalid user c_log from 138.121.161.198 Sep 14 10:42:42 lcdev sshd\[12047\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.121.161.198	2019-09-15 09:16:24
138.121.161.198	attack	2019-09-07T09:26:14.011765lon01.zurich-datacenter.net sshd\[29585\]: Invalid user testftp from 138.121.161.198 port 44623 2019-09-07T09:26:14.019383lon01.zurich-datacenter.net sshd\[29585\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.121.161.198 2019-09-07T09:26:16.633167lon01.zurich-datacenter.net sshd\[29585\]: Failed password for invalid user testftp from 138.121.161.198 port 44623 ssh2 2019-09-07T09:31:19.784407lon01.zurich-datacenter.net sshd\[29698\]: Invalid user ts3server from 138.121.161.198 port 36045 2019-09-07T09:31:19.790531lon01.zurich-datacenter.net sshd\[29698\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.121.161.198 ...	2019-09-07 16:04:56
138.121.161.198	attack	Sep 3 04:19:20 bouncer sshd\[18354\]: Invalid user admin from 138.121.161.198 port 45456 Sep 3 04:19:20 bouncer sshd\[18354\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.121.161.198 Sep 3 04:19:22 bouncer sshd\[18354\]: Failed password for invalid user admin from 138.121.161.198 port 45456 ssh2 ...	2019-09-03 10:38:30
138.121.161.198	attackbots	Aug 30 11:46:04 aiointranet sshd\[17797\]: Invalid user chip from 138.121.161.198 Aug 30 11:46:04 aiointranet sshd\[17797\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.121.161.198 Aug 30 11:46:06 aiointranet sshd\[17797\]: Failed password for invalid user chip from 138.121.161.198 port 52856 ssh2 Aug 30 11:51:06 aiointranet sshd\[18191\]: Invalid user jack from 138.121.161.198 Aug 30 11:51:06 aiointranet sshd\[18191\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.121.161.198	2019-08-31 06:17:27
138.121.161.198	attack	ssh failed login	2019-08-24 03:24:21
138.121.161.198	attack	Aug 22 01:49:49 web1 sshd\[19295\]: Invalid user prueba from 138.121.161.198 Aug 22 01:49:49 web1 sshd\[19295\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.121.161.198 Aug 22 01:49:51 web1 sshd\[19295\]: Failed password for invalid user prueba from 138.121.161.198 port 53022 ssh2 Aug 22 01:55:09 web1 sshd\[19827\]: Invalid user abc123 from 138.121.161.198 Aug 22 01:55:09 web1 sshd\[19827\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.121.161.198	2019-08-22 19:56:37
138.121.161.198	attack	Invalid user it1 from 138.121.161.198 port 53798	2019-08-18 20:19:14
138.121.161.198	attackspambots	Aug 15 12:15:55 aiointranet sshd\[8122\]: Invalid user gao from 138.121.161.198 Aug 15 12:15:55 aiointranet sshd\[8122\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.121.161.198 Aug 15 12:15:57 aiointranet sshd\[8122\]: Failed password for invalid user gao from 138.121.161.198 port 44003 ssh2 Aug 15 12:20:55 aiointranet sshd\[8642\]: Invalid user gpadmin from 138.121.161.198 Aug 15 12:20:55 aiointranet sshd\[8642\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.121.161.198	2019-08-16 06:32:41
138.121.161.198	attackbots	Triggered by Fail2Ban at Vostok web server	2019-08-13 16:26:44
138.121.161.198	attackbots	Brute force SMTP login attempted. ...	2019-08-10 04:10:47
138.121.161.198	attackbots	Aug 8 19:28:03 ks10 sshd[3792]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.121.161.198 Aug 8 19:28:05 ks10 sshd[3792]: Failed password for invalid user aria from 138.121.161.198 port 43246 ssh2 ...	2019-08-09 02:44:41
138.121.161.198	attackbots	Aug 8 04:21:57 tux-35-217 sshd\[20446\]: Invalid user admin from 138.121.161.198 port 42193 Aug 8 04:21:57 tux-35-217 sshd\[20446\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.121.161.198 Aug 8 04:22:00 tux-35-217 sshd\[20446\]: Failed password for invalid user admin from 138.121.161.198 port 42193 ssh2 Aug 8 04:27:26 tux-35-217 sshd\[20484\]: Invalid user ria from 138.121.161.198 port 37162 Aug 8 04:27:26 tux-35-217 sshd\[20484\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.121.161.198 ...	2019-08-08 11:15:29

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.121.16.111
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 58055
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.121.16.111.			IN	A

;; AUTHORITY SECTION:
.			423	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020060500 1800 900 604800 86400

;; Query time: 122 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Jun 06 01:28:51 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

111.16.121.138.in-addr.arpa domain name pointer 111-16-121-138.static.microwebnet.com.br.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
111.16.121.138.in-addr.arpa	name = 111-16-121-138.static.microwebnet.com.br.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
81.22.45.10	attackspambots	Port scan on 12 port(s): 3333 3344 3377 3379 3390 3402 3889 3900 4003 4489 6000 8888	2019-07-08 10:07:16
130.43.59.165	attackspam	TCP port 23 (Telnet) attempt blocked by firewall. [2019-07-08 01:08:15]	2019-07-08 09:38:23
111.122.181.250	attackspambots	ssh failed login	2019-07-08 09:46:37
42.236.10.114	botsattack	好像是360打着百度旗号去撞库 42.236.10.114 - - [08/Jul/2019:08:53:28 +0800] "GET /check-ip/220.191.107.172 HTTP/2.0" 200 9740 "http://www.baidu.com/" "Mozilla/5.0 (Linux; U; Android 8.1.0; zh-CN; EML-AL00 Build/HUAWEIEML-AL00) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/ 57.0.2987.108 baidu.sogo.uc.UCBrowser/11.9.4.974 UWS/2.13.1.48 Mobile Safari/537.36 AliApp(DingTalk/4.5.11) com.alibaba.android.rimet/10487439 Channel/227200 language/zh-CN" 42.236.10.117 - - [08/Jul/2019:08:53:28 +0800] "GET / HTTP/1.1" 301 194 "http://www.baidu.com/" "Mozilla/5.0 (Linux; U; Android 8.1.0; zh-CN; EML-AL00 Build/HUAWEIEML-AL00) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/57.0.2987.108 baidu.sogo. uc.UCBrowser/11.9.4.974 UWS/2.13.1.48 Mobile Safari/537.36 AliApp(DingTalk/4.5.11) com.alibaba.android.rimet/10487439 Channel/227200 language/zh-CN" 42.236.10.117 - - [08/Jul/2019:08:53:30 +0800] "GET / HTTP/2.0" 200 3594 "http://www.baidu.com/" "Mozilla/5.0 (Linux; U; Android 8.1.0; zh-CN; EML-AL00 Build/HUAWEIEML-AL00) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/57.0.2987.108 baidu.sogo .uc.UCBrowser/11.9.4.974 UWS/2.13.1.48 Mobile Safari/537.36 AliApp(DingTalk/4.5.11) com.alibaba.android.rimet/10487439 Channel/227200 language/zh-CN" 42.236.10.114 - - [08/Jul/2019:08:53:30 +0800] "GET /static/bootstrap/css/bootstrap.min.css HTTP/2.0" 200 145148 "https://ipinfo.asytech.cn/check-ip/220.191.107.172" "Mozilla/5.0 (Linux; U; Android 8.1.0; zh-CN; EML-AL00 Build/HUAWEIEML-AL00) AppleWebKit/5 37.36 (KHTML, like Gecko) Version/4.0 Chrome/57.0.2987.108 baidu.sogo.uc.UCBrowser/11.9.4.974 UWS/2.13.1.48 Mobile Safari/537.36 AliApp(DingTalk/4.5.11) com.alibaba.android.rimet/10487439 Channel/227200 language/zh-CN"	2019-07-08 09:22:17
177.206.87.206	attack	Jul 8 08:59:49 localhost sshd[5768]: Invalid user webuser from 177.206.87.206 port 38026 ...	2019-07-08 09:39:37
82.64.80.109	attackbots	/setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=busybox&curpath=/¤tsetting.htm=1	2019-07-08 09:34:23
118.24.40.130	attackbotsspam	Jul 8 00:59:19 ns41 sshd[9826]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.40.130 Jul 8 00:59:21 ns41 sshd[9826]: Failed password for invalid user deploy from 118.24.40.130 port 39554 ssh2 Jul 8 01:07:39 ns41 sshd[10555]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.40.130	2019-07-08 10:04:37
88.200.214.110	attack	WordPress wp-login brute force :: 88.200.214.110 0.068 BYPASS [08/Jul/2019:09:10:09 1000] www.[censored_4] "POST /wp-login.php HTTP/1.1" 200 3538 "https://[censored_4]/wp-login.php" "Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0"	2019-07-08 09:26:17
198.245.61.119	attackspam	Automatic report - Web App Attack	2019-07-08 10:06:00
185.129.148.159	attackbotsspam	port scan and connect, tcp 8080 (http-proxy)	2019-07-08 09:32:20
91.134.248.245	attackspambots	Automatic report - Web App Attack	2019-07-08 09:29:04
168.90.147.220	attackbotsspam	Jul 8 00:26:50 localhost sshd\[34719\]: Invalid user robinson from 168.90.147.220 port 51364 Jul 8 00:26:50 localhost sshd\[34719\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.90.147.220 ...	2019-07-08 09:41:04
109.167.168.243	attack	2019-07-04 00:46:39 H=(109-167-168-243.westcall.net) [109.167.168.243]:39613 I=[10.100.18.25]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=109.167.168.243) 2019-07-04 00:46:39 unexpected disconnection while reading SMTP command from (109-167-168-243.westcall.net) [109.167.168.243]:39613 I=[10.100.18.25]:25 (error: Connection reset by peer) 2019-07-04 01:02:02 H=(109-167-168-243.westcall.net) [109.167.168.243]:39009 I=[10.100.18.25]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=109.167.168.243) ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=109.167.168.243	2019-07-08 09:22:13
51.68.230.54	attack	Jul 8 03:22:04 ns3367391 sshd\[14914\]: Invalid user uta from 51.68.230.54 port 41142 Jul 8 03:22:05 ns3367391 sshd\[14914\]: Failed password for invalid user uta from 51.68.230.54 port 41142 ssh2 ...	2019-07-08 09:31:53
218.92.0.188	attackbotsspam	pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.188 user=root Failed password for root from 218.92.0.188 port 5596 ssh2 Failed password for root from 218.92.0.188 port 5596 ssh2 Failed password for root from 218.92.0.188 port 5596 ssh2 Failed password for root from 218.92.0.188 port 5596 ssh2	2019-07-08 09:48:50

最近上报的IP列表

49.235.184.92	45.84.196.236	41.218.196.212	41.202.166.215
41.42.172.94	41.35.43.2	41.34.196.83	36.68.134.68
34.82.57.112	14.198.3.44	14.182.5.126	14.169.224.192
14.169.207.209	14.169.134.24	14.162.223.185	36.70.151.240
14.161.43.154	43.55.9.125	18.6.18.167	221.148.21.159