138.99.216.112

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Belize

运营商(isp): Life is Good Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Jun 16 01:36:26 mail postfix/postscreen[14633]: DNSBL rank 3 for [138.99.216.112]:61000 ...	2020-06-29 04:47:49
attackbots	Automatic report - Banned IP Access	2020-06-27 20:39:48
attackbots	Port scanning	2020-05-26 12:29:41
attackspam	SMTP Brute-Force	2020-02-18 08:53:32
attack	IMAP	2020-01-12 08:11:48
attackspam	smtp	2020-01-10 17:59:18
attackspam	Portscan or hack attempt detected by psad/fwsnort	2020-01-10 05:40:24
attack	IP was detected trying to Brute-Force SSH, FTP, Web Apps, Port-Scan or Hacking.	2019-12-19 00:51:05

相同子网IP讨论:

IP	类型	评论内容	时间
138.99.216.147	attackbots	138.99.216.147 - - [07/Aug/2020:06:50:18 -0400] "GET /403.shtml HTTP/1.1"	2020-08-07 22:54:31
138.99.216.104	attack	SmallBizIT.US 7 packets to tcp(4444,4455,33333,33890,40000,43389,63389)	2020-08-01 14:07:36
138.99.216.171	attack	Multihost portscan.	2020-07-29 19:35:15
138.99.216.147	attackbotsspam	Unauthorized SSH login attempts	2020-07-26 02:39:10
138.99.216.92	attackspambots	SmallBizIT.US 4 packets to tcp(3380,3384,3386,3390)	2020-07-20 06:26:17
138.99.216.147	attackbotsspam	Hacking	2020-07-04 07:16:06
138.99.216.147	attackspam	Jun 20 02:05:08 mail postfix/postscreen[22396]: DNSBL rank 3 for [138.99.216.147]:61000 ...	2020-06-29 04:46:26
138.99.216.171	attackbots	Jun 17 01:03:35 mail postfix/postscreen[3929]: DNSBL rank 3 for [138.99.216.171]:61000 ...	2020-06-29 04:45:58
138.99.216.171	attack	bad	2020-06-17 18:35:22
138.99.216.92	attack	SmallBizIT.US 7 packets to tcp(3332,3335,3372,3420,3421,5901,11027)	2020-06-16 07:39:19
138.99.216.92	attack	SmallBizIT.US 3 packets to tcp(3372,3503,55389)	2020-06-06 18:19:38
138.99.216.92	attackbotsspam	port	2020-05-29 16:29:26
138.99.216.147	attackspambots	May 27 06:03:38 mail kernel: [926510.604365] [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=138.99.216.147 DST=77.73.69.240 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=7979 PROTO=TCP SPT=61000 DPT=2525 WINDOW=1024 RES=0x00 SYN URGP=0 May 27 06:03:47 mail kernel: [926519.228627] [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=138.99.216.147 DST=77.73.69.240 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=52750 PROTO=TCP SPT=61000 DPT=23 WINDOW=1024 RES=0x00 SYN URGP=0 May 27 06:04:32 mail kernel: [926564.272009] [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=138.99.216.147 DST=77.73.69.240 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=17012 PROTO=TCP SPT=61000 DPT=8095 WINDOW=1024 RES=0x00 SYN URGP=0 May 27 06:04:40 mail kernel: [926572.880879] [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=138.99.216.147 DST=77.73.69.240 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=34444 PROTO=TCP SPT=61000 DPT=20000 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-27 12:32:25
138.99.216.147	attackbots	Port scan - 10 hits (greater than 5)	2020-05-22 22:08:00
138.99.216.92	attackbots	May 19 10:30:07 138.99.216.92 PROTO=TCP SPT=55929 DPT=55389 May 19 11:04:23 138.99.216.92 PROTO=TCP SPT=55929 DPT=6009 May 19 12:29:21 138.99.216.92 PROTO=TCP SPT=55929 DPT=3372 May 19 12:41:33 138.99.216.92 PROTO=TCP SPT=55929 DPT=4050 May 19 12:42:47 138.99.216.92 PROTO=TCP SPT=55929 DPT=11027 May 19 13:06:05 138.99.216.92 PROTO=TCP SPT=55929 DPT=3320	2020-05-21 02:13:47

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.99.216.112
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57247
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.99.216.112.			IN	A

;; AUTHORITY SECTION:
.			523	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121800 1800 900 604800 86400

;; Query time: 109 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Dec 19 00:50:58 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 112.216.99.138.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		100.100.2.136
Address:	100.100.2.136#53

** server can't find 112.216.99.138.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
156.146.36.112	attack	Spammer	2020-07-23 02:19:44
186.64.122.183	attackbots	2020-07-22T06:45:45.856723hostname sshd[116430]: Failed password for invalid user jenkins from 186.64.122.183 port 44664 ssh2 ...	2020-07-23 02:22:06
157.245.83.8	attackbots	07/22/2020-12:02:03.610107 157.245.83.8 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-07-23 01:56:27
211.170.61.184	attackspam	Jul 22 20:16:34 journals sshd\[94329\]: Invalid user ibmadm from 211.170.61.184 Jul 22 20:16:34 journals sshd\[94329\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.170.61.184 Jul 22 20:16:36 journals sshd\[94329\]: Failed password for invalid user ibmadm from 211.170.61.184 port 32256 ssh2 Jul 22 20:20:17 journals sshd\[94677\]: Invalid user jira from 211.170.61.184 Jul 22 20:20:17 journals sshd\[94677\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.170.61.184 ...	2020-07-23 02:29:09
51.178.87.42	attack	Jul 22 20:20:12 pornomens sshd\[6963\]: Invalid user tcl from 51.178.87.42 port 52138 Jul 22 20:20:12 pornomens sshd\[6963\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.178.87.42 Jul 22 20:20:14 pornomens sshd\[6963\]: Failed password for invalid user tcl from 51.178.87.42 port 52138 ssh2 ...	2020-07-23 02:27:06
122.254.11.177	attackbots	Hits on port : 23	2020-07-23 02:32:15
193.169.253.27	attackspam	Jul 22 16:52:42 zeus postfix/smtpd[32313]: warning: unknown[193.169.253.27]: SASL LOGIN authentication failed: authentication failure Jul 22 17:04:19 zeus postfix/smtpd[808]: warning: unknown[193.169.253.27]: SASL LOGIN authentication failed: authentication failure Jul 22 17:14:17 zeus postfix/smtpd[1998]: warning: unknown[193.169.253.27]: SASL LOGIN authentication failed: authentication failure ...	2020-07-23 02:07:02
84.92.98.113	attack	84.92.98.113 - - [22/Jul/2020:18:51:43 +0100] "POST /wp-login.php HTTP/1.1" 200 3568 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" 84.92.98.113 - - [22/Jul/2020:19:08:14 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" 84.92.98.113 - - [22/Jul/2020:19:08:15 +0100] "POST /wp-login.php HTTP/1.1" 200 3568 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" ...	2020-07-23 02:12:53
46.182.6.77	attack	Jul 22 19:36:57 ns382633 sshd\[30807\]: Invalid user alex from 46.182.6.77 port 40352 Jul 22 19:36:57 ns382633 sshd\[30807\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.182.6.77 Jul 22 19:36:59 ns382633 sshd\[30807\]: Failed password for invalid user alex from 46.182.6.77 port 40352 ssh2 Jul 22 19:46:43 ns382633 sshd\[32614\]: Invalid user test from 46.182.6.77 port 36198 Jul 22 19:46:43 ns382633 sshd\[32614\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.182.6.77	2020-07-23 02:33:26
140.143.57.195	attackspambots	Jul 22 17:51:10 hidden sshd[18358]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.57.195 Jul 22 17:51:13 hidden sshd[18358]: Failed password for invalid user sinus from 140.143.57.195 port 43028 ssh2 Jul 22 17:53:34 hidden sshd[18694]: Invalid user chloe from 140.143.57.195 port 39400	2020-07-23 02:02:17
54.255.123.150	attackspam	Jul 22 16:49:36 serwer sshd\[3101\]: Invalid user backups from 54.255.123.150 port 52562 Jul 22 16:49:36 serwer sshd\[3101\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.255.123.150 Jul 22 16:49:37 serwer sshd\[3101\]: Failed password for invalid user backups from 54.255.123.150 port 52562 ssh2 ...	2020-07-23 02:03:09
36.75.228.225	attackspam	Jul 20 20:18:51 web1 sshd[11520]: Invalid user python from 36.75.228.225 Jul 20 20:18:51 web1 sshd[11520]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.75.228.225 Jul 20 20:18:53 web1 sshd[11520]: Failed password for invalid user python from 36.75.228.225 port 56190 ssh2 Jul 20 20:18:54 web1 sshd[11520]: Received disconnect from 36.75.228.225: 11: Bye Bye [preauth] Jul 20 20:19:53 web1 sshd[11536]: Invalid user joseph from 36.75.228.225 Jul 20 20:19:53 web1 sshd[11536]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.75.228.225 Jul 20 20:19:56 web1 sshd[11536]: Failed password for invalid user joseph from 36.75.228.225 port 38846 ssh2 Jul 20 20:19:56 web1 sshd[11536]: Received disconnect from 36.75.228.225: 11: Bye Bye [preauth] Jul 20 20:20:55 web1 sshd[11924]: Invalid user munoz from 36.75.228.225 Jul 20 20:20:55 web1 sshd[11924]: pam_unix(sshd:auth): authentication failure; log........ -------------------------------	2020-07-23 02:17:04
54.37.235.183	attack	Port Scan detected from 54.37.235.183 (PL/Poland/Lower Silesia/Wroc?aw (Krzyki)/183.ip-54-37-235.eu). 4 hits in the last 290 seconds	2020-07-23 01:59:40
180.71.47.198	attackspam	Jul 22 10:45:13 ny01 sshd[28031]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.71.47.198 Jul 22 10:45:15 ny01 sshd[28031]: Failed password for invalid user user from 180.71.47.198 port 53348 ssh2 Jul 22 10:49:16 ny01 sshd[28475]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.71.47.198	2020-07-23 02:22:34
40.77.167.110	attack	IP 40.77.167.110 attacked honeypot on port: 80 at 7/22/2020 7:48:44 AM	2020-07-23 02:23:11

最近上报的IP列表

27.50.169.201	178.175.132.72	128.70.105.236	82.209.250.155
182.61.167.211	34.67.12.249	201.249.163.106	209.207.147.136
2.184.52.126	158.241.133.178	195.208.136.114	251.53.231.211
194.114.166.67	165.68.163.108	186.134.129.197	248.47.102.49
183.243.185.73	228.252.12.239	180.190.76.91	3.27.168.41