138.219.97.70 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Brazil

运营商(isp): Speed Turbo Telecom

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Jun 23 12:27:44 ns41 sshd[15328]: Failed password for root from 138.219.97.70 port 51792 ssh2 Jun 23 12:36:12 ns41 sshd[15680]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.219.97.70 Jun 23 12:36:14 ns41 sshd[15680]: Failed password for invalid user tmax from 138.219.97.70 port 50884 ssh2	2020-06-23 19:02:18
attackspambots	Bruteforce detected by fail2ban	2020-06-15 20:01:32
attackbots	$f2bV_matches	2020-06-11 18:57:08

类型

评论内容

时间

attack

Jun 23 12:27:44 ns41 sshd[15328]: Failed password for root from 138.219.97.70 port 51792 ssh2
Jun 23 12:36:12 ns41 sshd[15680]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.219.97.70
Jun 23 12:36:14 ns41 sshd[15680]: Failed password for invalid user tmax from 138.219.97.70 port 50884 ssh2

2020-06-23 19:02:18

attackspambots

Bruteforce detected by fail2ban

2020-06-15 20:01:32

attackbots

$f2bV_matches

2020-06-11 18:57:08

相同子网IP讨论:

IP	类型	评论内容	时间
138.219.97.217	attackbots	Automatic report - Port Scan Attack	2019-11-15 17:43:53

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.219.97.70
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44198
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.219.97.70.			IN	A

;; AUTHORITY SECTION:
.			598	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020061100 1800 900 604800 86400

;; Query time: 157 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jun 11 18:56:59 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

70.97.219.138.in-addr.arpa domain name pointer dynamic-138-219-97-70.speedturbo.net.br.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
70.97.219.138.in-addr.arpa	name = dynamic-138-219-97-70.speedturbo.net.br.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
42.117.20.222	attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-28 23:57:22
197.210.70.153	attack	20/2/28@08:31:24: FAIL: Alarm-Network address from=197.210.70.153 ...	2020-02-29 00:18:42
42.117.20.196	attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-29 00:07:26
111.231.142.79	attack	Feb 28 15:38:17 nextcloud sshd\[16149\]: Invalid user minecraft from 111.231.142.79 Feb 28 15:38:17 nextcloud sshd\[16149\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.142.79 Feb 28 15:38:19 nextcloud sshd\[16149\]: Failed password for invalid user minecraft from 111.231.142.79 port 39530 ssh2	2020-02-28 23:41:40
114.232.123.36	attackspam	IDS admin	2020-02-29 00:13:57
150.223.17.130	attack	Feb 28 15:44:42 server sshd[2390052]: Failed password for invalid user direction from 150.223.17.130 port 59990 ssh2 Feb 28 16:11:01 server sshd[2395557]: Failed password for invalid user atan from 150.223.17.130 port 47271 ssh2 Feb 28 16:28:50 server sshd[2399334]: Failed password for invalid user kiban01 from 150.223.17.130 port 48202 ssh2	2020-02-28 23:46:08
103.90.159.59	attackspambots	suspicious action Fri, 28 Feb 2020 10:31:49 -0300	2020-02-28 23:48:48
91.205.130.163	attackbots	Unauthorized connection attempt from IP address 91.205.130.163 on Port 445(SMB)	2020-02-29 00:06:44
92.63.194.106	attackspam	02/28/2020-10:13:14.641940 92.63.194.106 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2020-02-28 23:37:02
178.208.138.251	attack	Unauthorized connection attempt from IP address 178.208.138.251 on Port 445(SMB)	2020-02-28 23:38:49
42.117.20.94	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-28 23:47:04
41.72.192.210	attackbots	Email rejected due to spam filtering	2020-02-28 23:53:15
86.110.21.103	attack	suspicious action Fri, 28 Feb 2020 10:31:33 -0300	2020-02-29 00:08:45
180.124.10.131	attackbots	Feb 28 14:31:56 grey postfix/smtpd\[20677\]: NOQUEUE: reject: RCPT from unknown\[180.124.10.131\]: 554 5.7.1 Service unavailable\; Client host \[180.124.10.131\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[180.124.10.131\]\; from=\ to=\ proto=ESMTP helo=\ ...	2020-02-28 23:41:26
206.189.137.113	attack	Feb 28 15:04:13 internal-server-tf sshd\[5017\]: Invalid user oracle from 206.189.137.113Feb 28 15:08:08 internal-server-tf sshd\[5105\]: Invalid user test from 206.189.137.113 ...	2020-02-29 00:08:21

最近上报的IP列表

37.6.45.70	105.235.112.20	2a02:a03f:3ea0:9200:8d13:1a7b:2b2b:9762	1.52.237.9
171.249.44.65	57.180.240.65	166.11.12.229	176.38.39.245
142.93.240.192	135.66.137.232	108.172.70.214	137.183.172.179
223.22.90.3	105.55.127.203	255.43.15.38	201.114.137.249
113.53.145.21	56.220.230.115	50.131.238.73	46.103.102.41