138.94.193.36 - IPInfo

基本信息:

城市(city): Cotia

省份(region): Sao Paulo

国家(country): Brazil

运营商(isp): Alberto Henrique da Costa-ME

主机名(hostname): unknown

机构(organization): AgresteNet Com e Serv LTDA - ME

使用类型(Usage Type): Commercial

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Jul 26 11:04:28 our-server-hostname postfix/smtpd[20997]: connect from unknown[138.94.193.36] Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul 26 11:04:33 our-server-hostname postfix/smtpd[20997]: lost connection after RCPT from unknown[138.94.193.36] Jul 26 11:04:33 our-server-hostname postfix/smtpd[20997]: disconnect from unknown[138.94.193.36] Jul 26 17:59:12 our-server-hostname postfix/smtpd[11780]: connect from unknown[138.94.193.36] Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=138.94.193.36	2019-07-27 01:31:33

类型

评论内容

时间

attackspam

Jul 26 11:04:28 our-server-hostname postfix/smtpd[20997]: connect from unknown[138.94.193.36]
Jul x@x
Jul x@x
Jul x@x
Jul x@x
Jul x@x
Jul 26 11:04:33 our-server-hostname postfix/smtpd[20997]: lost connection after RCPT from unknown[138.94.193.36]
Jul 26 11:04:33 our-server-hostname postfix/smtpd[20997]: disconnect from unknown[138.94.193.36]
Jul 26 17:59:12 our-server-hostname postfix/smtpd[11780]: connect from unknown[138.94.193.36]
Jul x@x
Jul x@x
Jul x@x
Jul x@x
Jul x@x
Jul x@x
Jul x@x
Jul x@x
Jul x@x
Jul x@x


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=138.94.193.36

2019-07-27 01:31:33

相同子网IP讨论:

IP	类型	评论内容	时间
138.94.193.43	attack	SPF Fail sender not permitted to send mail for @agtnet.com.br / Sent mail to target address hacked/leaked from abandonia in 2016	2019-09-14 01:43:45

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.94.193.36
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 39486
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.94.193.36.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019072600 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Jul 27 01:31:17 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

36.193.94.138.in-addr.arpa domain name pointer customer-138-94-193-36.agtnet.com.br.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
36.193.94.138.in-addr.arpa	name = customer-138-94-193-36.agtnet.com.br.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
183.82.109.165	attackspam	1581915386 - 02/17/2020 05:56:26 Host: 183.82.109.165/183.82.109.165 Port: 445 TCP Blocked	2020-02-17 18:01:07
223.207.241.252	attack	20/2/16@23:56:21: FAIL: Alarm-Network address from=223.207.241.252 ...	2020-02-17 18:08:22
168.95.5.216	attackbotsspam	SSH login attempts.	2020-02-17 18:05:25
222.186.30.145	attackbotsspam	Feb 17 09:00:58 [HOSTNAME] sshd[15697]: User removed from 222.186.30.145 not allowed because not listed in AllowUsers Feb 17 10:53:13 [HOSTNAME] sshd[16928]: User removed from 222.186.30.145 not allowed because not listed in AllowUsers Feb 17 11:03:47 [HOSTNAME] sshd[16995]: User removed from 222.186.30.145 not allowed because not listed in AllowUsers ...	2020-02-17 18:10:18
167.172.49.65	attack	Feb 17 09:02:27 tuxlinux sshd[742]: Invalid user test01 from 167.172.49.65 port 41522 Feb 17 09:02:27 tuxlinux sshd[742]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.172.49.65 Feb 17 09:02:27 tuxlinux sshd[742]: Invalid user test01 from 167.172.49.65 port 41522 Feb 17 09:02:27 tuxlinux sshd[742]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.172.49.65 Feb 17 09:02:27 tuxlinux sshd[742]: Invalid user test01 from 167.172.49.65 port 41522 Feb 17 09:02:27 tuxlinux sshd[742]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.172.49.65 Feb 17 09:02:29 tuxlinux sshd[742]: Failed password for invalid user test01 from 167.172.49.65 port 41522 ssh2 ...	2020-02-17 18:00:06
218.166.19.136	attackspam	SSH login attempts.	2020-02-17 18:16:22
196.218.157.102	attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-17 18:10:42
196.246.210.124	attackbotsspam	Brute force attempt	2020-02-17 18:24:51
74.125.28.26	attackspam	SSH login attempts.	2020-02-17 18:01:56
196.218.146.91	attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-17 18:37:43
129.28.57.8	attackbots	Feb 17 09:13:06 pkdns2 sshd\[13022\]: Invalid user admin from 129.28.57.8Feb 17 09:13:08 pkdns2 sshd\[13022\]: Failed password for invalid user admin from 129.28.57.8 port 52972 ssh2Feb 17 09:17:18 pkdns2 sshd\[13181\]: Invalid user kathleen from 129.28.57.8Feb 17 09:17:20 pkdns2 sshd\[13181\]: Failed password for invalid user kathleen from 129.28.57.8 port 37271 ssh2Feb 17 09:21:32 pkdns2 sshd\[13338\]: Invalid user postgres from 129.28.57.8Feb 17 09:21:34 pkdns2 sshd\[13338\]: Failed password for invalid user postgres from 129.28.57.8 port 49806 ssh2 ...	2020-02-17 18:33:52
218.84.169.3	attack	SSH login attempts.	2020-02-17 17:59:47
196.218.154.65	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-17 18:18:47
148.70.54.187	attack	Feb 17 03:00:30 plusreed sshd[26664]: Invalid user debian from 148.70.54.187 ...	2020-02-17 18:32:59
196.218.150.140	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-17 18:26:16

最近上报的IP列表

155.7.69.31	31.71.149.216	80.248.6.146	222.189.247.107
173.138.166.83	182.64.115.67	106.145.156.152	67.1.96.240
39.7.50.209	36.131.119.14	115.219.101.48	114.32.63.15
164.47.246.191	170.141.149.5	165.169.33.131	62.161.7.1
58.74.57.141	68.174.42.211	129.96.167.97	31.12.254.178