138.185.243.70

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Brazil

运营商(isp): Mast Telecomunicacoes e Informatica Ltda

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Lines containing failures of 138.185.243.70 Aug 17 12:33:19 www sshd[12615]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.185.243.70 user=r.r Aug 17 12:33:21 www sshd[12615]: Failed password for r.r from 138.185.243.70 port 53956 ssh2 Aug 17 12:33:21 www sshd[12615]: Received disconnect from 138.185.243.70 port 53956:11: Bye Bye [preauth] Aug 17 12:33:21 www sshd[12615]: Disconnected from authenticating user r.r 138.185.243.70 port 53956 [preauth] Aug 17 12:54:09 www sshd[17195]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.185.243.70 user=r.r Aug 17 12:54:11 www sshd[17195]: Failed password for r.r from 138.185.243.70 port 46818 ssh2 Aug 17 12:54:12 www sshd[17195]: Received disconnect from 138.185.243.70 port 46818:11: Bye Bye [preauth] Aug 17 12:54:12 www sshd[17195]: Disconnected from authenticating user r.r 138.185.243.70 port 46818 [preauth] Aug 17 13:00:19 www sshd[1840........ ------------------------------	2020-08-17 21:44:02

类型

评论内容

时间

attack

Lines containing failures of 138.185.243.70
Aug 17 12:33:19 www sshd[12615]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.185.243.70  user=r.r
Aug 17 12:33:21 www sshd[12615]: Failed password for r.r from 138.185.243.70 port 53956 ssh2
Aug 17 12:33:21 www sshd[12615]: Received disconnect from 138.185.243.70 port 53956:11: Bye Bye [preauth]
Aug 17 12:33:21 www sshd[12615]: Disconnected from authenticating user r.r 138.185.243.70 port 53956 [preauth]
Aug 17 12:54:09 www sshd[17195]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.185.243.70  user=r.r
Aug 17 12:54:11 www sshd[17195]: Failed password for r.r from 138.185.243.70 port 46818 ssh2
Aug 17 12:54:12 www sshd[17195]: Received disconnect from 138.185.243.70 port 46818:11: Bye Bye [preauth]
Aug 17 12:54:12 www sshd[17195]: Disconnected from authenticating user r.r 138.185.243.70 port 46818 [preauth]
Aug 17 13:00:19 www sshd[1840........
------------------------------

2020-08-17 21:44:02

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.185.243.70
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 21442
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.185.243.70.			IN	A

;; AUTHORITY SECTION:
.			512	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020081700 1800 900 604800 86400

;; Query time: 17 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Aug 17 21:43:57 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

70.243.185.138.in-addr.arpa domain name pointer 70.243.185.138.masttelecom.com.br.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
70.243.185.138.in-addr.arpa	name = 70.243.185.138.masttelecom.com.br.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
185.147.215.8	attackspam	\[May 25 21:50:26\] NOTICE\[2019\] chan_sip.c: Registration from '\' failed for '185.147.215.8:59026' - Wrong password \[May 25 21:50:59\] NOTICE\[2019\] chan_sip.c: Registration from '\' failed for '185.147.215.8:54587' - Wrong password \[May 25 21:52:42\] NOTICE\[2019\] chan_sip.c: Registration from '\' failed for '185.147.215.8:49433' - Wrong password \[May 25 21:53:14\] NOTICE\[2019\] chan_sip.c: Registration from '\' failed for '185.147.215.8:58575' - Wrong password \[May 25 21:54:56\] NOTICE\[2019\] chan_sip.c: Registration from '\' failed for '185.147.215.8:57918' - Wrong password \[May 25 21:55:27\] NOTICE\[2019\] chan_sip.c: Registration from '\' failed for '185.147.215.8:50773' - Wrong password \[May 25 21:55:58\] NOTICE\[2019\] chan_sip.c: Registration from '\' failed fo ...	2020-05-26 01:08:32
222.186.175.216	attackbotsspam	May 25 19:03:41 eventyay sshd[1981]: Failed password for root from 222.186.175.216 port 7510 ssh2 May 25 19:03:44 eventyay sshd[1981]: Failed password for root from 222.186.175.216 port 7510 ssh2 May 25 19:03:47 eventyay sshd[1981]: Failed password for root from 222.186.175.216 port 7510 ssh2 May 25 19:03:54 eventyay sshd[1981]: error: maximum authentication attempts exceeded for root from 222.186.175.216 port 7510 ssh2 [preauth] ...	2020-05-26 01:07:41
222.186.139.52	attackspam	Time: Mon May 25 08:35:39 2020 -0300 IP: 222.186.139.52 (CN/China/-) Failures: 30 (smtpauth) Interval: 3600 seconds Blocked: Permanent Block	2020-05-26 01:18:59
51.91.212.80	attack	TCP port 8081: Scan and connection	2020-05-26 01:22:03
124.156.105.251	attack	Bruteforce detected by fail2ban	2020-05-26 01:17:44
195.209.148.134	attack	Unauthorized connection attempt from IP address 195.209.148.134 on Port 445(SMB)	2020-05-26 01:16:19
211.151.130.24	attackbots	May 25 18:11:27 ms-srv sshd[37464]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.151.130.24 user=root May 25 18:11:29 ms-srv sshd[37464]: Failed password for invalid user root from 211.151.130.24 port 58906 ssh2	2020-05-26 01:15:58
68.48.247.106	attackspam	Failed password for invalid user hung from 68.48.247.106 port 43015 ssh2	2020-05-26 01:19:58
2.139.220.30	attackbotsspam	May 25 15:29:02 home sshd[30003]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.139.220.30 May 25 15:29:04 home sshd[30003]: Failed password for invalid user admin from 2.139.220.30 port 58980 ssh2 May 25 15:32:48 home sshd[30398]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.139.220.30 ...	2020-05-26 01:00:59
185.209.0.75	attackspam	Attempted connection to port 33899.	2020-05-26 01:03:59
190.5.228.74	attackspam	May 25 16:56:41 h2779839 sshd[29308]: Invalid user noc from 190.5.228.74 port 33376 May 25 16:56:41 h2779839 sshd[29308]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.5.228.74 May 25 16:56:41 h2779839 sshd[29308]: Invalid user noc from 190.5.228.74 port 33376 May 25 16:56:44 h2779839 sshd[29308]: Failed password for invalid user noc from 190.5.228.74 port 33376 ssh2 May 25 17:01:15 h2779839 sshd[29402]: Invalid user shioya from 190.5.228.74 port 36302 May 25 17:01:15 h2779839 sshd[29402]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.5.228.74 May 25 17:01:15 h2779839 sshd[29402]: Invalid user shioya from 190.5.228.74 port 36302 May 25 17:01:17 h2779839 sshd[29402]: Failed password for invalid user shioya from 190.5.228.74 port 36302 ssh2 May 25 17:06:22 h2779839 sshd[29600]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.5.228.74 user=root May 25 17 ...	2020-05-26 01:39:39
162.243.143.239	attackspam	Unauthorized connection attempt detected from IP address 162.243.143.239 to port 9042	2020-05-26 01:11:19
92.63.197.99	attackspambots	firewall-block, port(s): 34777/tcp, 34888/tcp, 35000/tcp, 35089/tcp	2020-05-26 01:29:06
45.84.196.58	attackspambots	May 26 02:09:14 web1 sshd[29732]: Invalid user ubnt from 45.84.196.58 port 58670 May 26 02:09:14 web1 sshd[29732]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.84.196.58 May 26 02:09:14 web1 sshd[29732]: Invalid user ubnt from 45.84.196.58 port 58670 May 26 02:09:16 web1 sshd[29732]: Failed password for invalid user ubnt from 45.84.196.58 port 58670 ssh2 May 26 02:09:19 web1 sshd[29750]: Invalid user admin from 45.84.196.58 port 36924 May 26 02:09:19 web1 sshd[29750]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.84.196.58 May 26 02:09:19 web1 sshd[29750]: Invalid user admin from 45.84.196.58 port 36924 May 26 02:09:21 web1 sshd[29750]: Failed password for invalid user admin from 45.84.196.58 port 36924 ssh2 May 26 02:09:23 web1 sshd[29768]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.84.196.58 user=root May 26 02:09:26 web1 sshd[29768]: Failed pass ...	2020-05-26 01:36:21
118.254.113.18	attackspam	"SERVER-WEBAPP GPON Router authentication bypass and command injection attempt"	2020-05-26 01:27:46

最近上报的IP列表

185.216.25.156	117.6.240.17	134.209.81.15	125.123.214.97
123.169.35.135	113.7.231.182	42.118.157.62	99.246.154.83
60.186.36.19	201.92.139.47	13.66.3.31	91.6.95.102
38.64.78.193	114.43.138.174	104.41.33.227	95.111.245.15
49.234.82.165	168.167.94.155	120.28.148.219	176.122.164.195