138.99.216.92 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Belize

运营商(isp): Life is Good Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	SmallBizIT.US 4 packets to tcp(3380,3384,3386,3390)	2020-07-20 06:26:17
attack	SmallBizIT.US 7 packets to tcp(3332,3335,3372,3420,3421,5901,11027)	2020-06-16 07:39:19
attack	SmallBizIT.US 3 packets to tcp(3372,3503,55389)	2020-06-06 18:19:38
attackbotsspam	port	2020-05-29 16:29:26
attackbots	May 19 10:30:07 138.99.216.92 PROTO=TCP SPT=55929 DPT=55389 May 19 11:04:23 138.99.216.92 PROTO=TCP SPT=55929 DPT=6009 May 19 12:29:21 138.99.216.92 PROTO=TCP SPT=55929 DPT=3372 May 19 12:41:33 138.99.216.92 PROTO=TCP SPT=55929 DPT=4050 May 19 12:42:47 138.99.216.92 PROTO=TCP SPT=55929 DPT=11027 May 19 13:06:05 138.99.216.92 PROTO=TCP SPT=55929 DPT=3320	2020-05-21 02:13:47

相同子网IP讨论:

IP	类型	评论内容	时间
138.99.216.147	attackbots	138.99.216.147 - - [07/Aug/2020:06:50:18 -0400] "GET /403.shtml HTTP/1.1"	2020-08-07 22:54:31
138.99.216.104	attack	SmallBizIT.US 7 packets to tcp(4444,4455,33333,33890,40000,43389,63389)	2020-08-01 14:07:36
138.99.216.171	attack	Multihost portscan.	2020-07-29 19:35:15
138.99.216.147	attackbotsspam	Unauthorized SSH login attempts	2020-07-26 02:39:10
138.99.216.147	attackbotsspam	Hacking	2020-07-04 07:16:06
138.99.216.112	attack	Jun 16 01:36:26 mail postfix/postscreen[14633]: DNSBL rank 3 for [138.99.216.112]:61000 ...	2020-06-29 04:47:49
138.99.216.147	attackspam	Jun 20 02:05:08 mail postfix/postscreen[22396]: DNSBL rank 3 for [138.99.216.147]:61000 ...	2020-06-29 04:46:26
138.99.216.171	attackbots	Jun 17 01:03:35 mail postfix/postscreen[3929]: DNSBL rank 3 for [138.99.216.171]:61000 ...	2020-06-29 04:45:58
138.99.216.112	attackbots	Automatic report - Banned IP Access	2020-06-27 20:39:48
138.99.216.171	attack	bad	2020-06-17 18:35:22
138.99.216.147	attackspambots	May 27 06:03:38 mail kernel: [926510.604365] [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=138.99.216.147 DST=77.73.69.240 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=7979 PROTO=TCP SPT=61000 DPT=2525 WINDOW=1024 RES=0x00 SYN URGP=0 May 27 06:03:47 mail kernel: [926519.228627] [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=138.99.216.147 DST=77.73.69.240 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=52750 PROTO=TCP SPT=61000 DPT=23 WINDOW=1024 RES=0x00 SYN URGP=0 May 27 06:04:32 mail kernel: [926564.272009] [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=138.99.216.147 DST=77.73.69.240 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=17012 PROTO=TCP SPT=61000 DPT=8095 WINDOW=1024 RES=0x00 SYN URGP=0 May 27 06:04:40 mail kernel: [926572.880879] [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=138.99.216.147 DST=77.73.69.240 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=34444 PROTO=TCP SPT=61000 DPT=20000 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-27 12:32:25
138.99.216.112	attackbots	Port scanning	2020-05-26 12:29:41
138.99.216.147	attackbots	Port scan - 10 hits (greater than 5)	2020-05-22 22:08:00
138.99.216.104	attackspambots	SmallBizIT.US 9 packets to tcp(3357,4008,5005,6003,9092,9833,10533,13468,14389)	2020-05-21 02:13:25
138.99.216.15	attackbotsspam	rdp bruteforce (have logs)	2020-05-13 09:42:58

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.99.216.92
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 48513
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.99.216.92.			IN	A

;; AUTHORITY SECTION:
.			498	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020052001 1800 900 604800 86400

;; Query time: 112 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu May 21 02:13:44 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 92.216.99.138.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 92.216.99.138.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
14.161.47.197	attackspambots	2020-05-3005:43:241jesP3-0004S8-GW\<=info@whatsup2013.chH=$localhost$[123.21.201.8]:40025P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=2949id=af46d4878ca7727e591caaf90dca404c7ff5e17d@whatsup2013.chT="tolukegooseby"forlukegooseby@gmail.comdaz@hotmail.comalvinneal60@gmail.com2020-05-3005:42:011jesNh-0004NH-0u\<=info@whatsup2013.chH=$localhost$[113.172.196.62]:21991P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=3000id=809f297a715a7078e4e157fb1c68425efded53@whatsup2013.chT="toallenbrooks154"forallenbrooks154@yahoo.co.uk2020-05-3005:44:171jesPu-0004Uu-5j\<=info@whatsup2013.chH=$localhost$[14.187.33.239]:38639P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=2992id=a619df9a91ba6f9cbf41b7e4ef3b02ae8d67965659@whatsup2013.chT="to26552128"for26552128@gmail.comjpramirez1215@gmail.comnito5@yahoo.com2020-05-3005:41:141jesMz-0004M3-SC\<=info@whatsup2013.chH=$localhost$[14.161.47.19	2020-05-30 20:11:41
203.156.205.59	attackspam	$f2bV_matches	2020-05-30 19:55:37
89.134.126.89	attackbotsspam	May 30 12:59:29 OPSO sshd\[4171\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.134.126.89 user=root May 30 12:59:31 OPSO sshd\[4171\]: Failed password for root from 89.134.126.89 port 38900 ssh2 May 30 13:02:04 OPSO sshd\[4701\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.134.126.89 user=root May 30 13:02:06 OPSO sshd\[4701\]: Failed password for root from 89.134.126.89 port 52676 ssh2 May 30 13:04:47 OPSO sshd\[4876\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.134.126.89 user=root	2020-05-30 20:10:38
63.41.9.206	attackspambots	2020-05-29T22:43:18.861476server.mjenks.net sshd[2306737]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=63.41.9.206 user=root 2020-05-29T22:43:20.428453server.mjenks.net sshd[2306737]: Failed password for root from 63.41.9.206 port 40147 ssh2 2020-05-29T22:44:01.326973server.mjenks.net sshd[2306851]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=63.41.9.206 user=root 2020-05-29T22:44:03.130256server.mjenks.net sshd[2306851]: Failed password for root from 63.41.9.206 port 42092 ssh2 2020-05-29T22:44:46.462057server.mjenks.net sshd[2306889]: Invalid user teamspeak from 63.41.9.206 port 44037 ...	2020-05-30 19:50:56
105.27.236.36	attack	Unauthorized connection attempt from IP address 105.27.236.36 on Port 445(SMB)	2020-05-30 20:30:41
218.78.81.207	attack	May 30 10:18:45 ip-172-31-61-156 sshd[2593]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.78.81.207 user=root May 30 10:18:47 ip-172-31-61-156 sshd[2593]: Failed password for root from 218.78.81.207 port 43974 ssh2 May 30 10:18:45 ip-172-31-61-156 sshd[2593]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.78.81.207 user=root May 30 10:18:47 ip-172-31-61-156 sshd[2593]: Failed password for root from 218.78.81.207 port 43974 ssh2 May 30 10:20:52 ip-172-31-61-156 sshd[2687]: Invalid user postgres from 218.78.81.207 ...	2020-05-30 20:15:28
84.17.59.70	attackspam	fell into ViewStateTrap:wien2018	2020-05-30 19:50:15
206.189.216.163	attackbotsspam	May 29 20:08:48 php1 sshd\[6696\]: Invalid user fleawort from 206.189.216.163 May 29 20:08:48 php1 sshd\[6696\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.216.163 May 29 20:08:50 php1 sshd\[6696\]: Failed password for invalid user fleawort from 206.189.216.163 port 55296 ssh2 May 29 20:11:55 php1 sshd\[7080\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.216.163 user=root May 29 20:11:58 php1 sshd\[7080\]: Failed password for root from 206.189.216.163 port 46288 ssh2	2020-05-30 20:07:11
218.92.0.158	attackbotsspam	May 30 14:15:17 vmi345603 sshd[18794]: Failed password for root from 218.92.0.158 port 1619 ssh2 May 30 14:15:20 vmi345603 sshd[18794]: Failed password for root from 218.92.0.158 port 1619 ssh2 ...	2020-05-30 20:31:15
107.150.33.194	attackspambots	SMB Server BruteForce Attack	2020-05-30 20:10:07
51.68.189.111	attack	...	2020-05-30 19:57:38
185.220.102.6	attackbotsspam	185.220.102.6 - - [30/May/2020:07:05:31 +0200] "POST /xmlrpc.php HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:68.0) Gecko/20100101 Firefox/68.0" 185.220.102.6 - - [30/May/2020:07:05:31 +0200] "POST /xmlrpc.php HTTP/1.1" 403 146 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:68.0) Gecko/20100101 Firefox/68.0" ...	2020-05-30 20:08:51
192.141.16.215	attack	Honeypot attack, port: 445, PTR: ip192-141-16-215.ligueweb.com.br.	2020-05-30 20:27:04
92.222.72.234	attackbotsspam	2020-05-30T13:44:05.367125ns386461 sshd\[20015\]: Invalid user yoko from 92.222.72.234 port 60015 2020-05-30T13:44:05.373460ns386461 sshd\[20015\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=234.ip-92-222-72.eu 2020-05-30T13:44:06.845097ns386461 sshd\[20015\]: Failed password for invalid user yoko from 92.222.72.234 port 60015 ssh2 2020-05-30T14:15:21.469991ns386461 sshd\[16648\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=234.ip-92-222-72.eu user=root 2020-05-30T14:15:23.774539ns386461 sshd\[16648\]: Failed password for root from 92.222.72.234 port 37849 ssh2 ...	2020-05-30 20:27:20
119.97.164.244	attackbotsspam	frenzy	2020-05-30 19:49:35

最近上报的IP列表

14.240.167.184	14.183.246.135	39.136.136.244	120.175.108.159
222.188.11.74	220.255.31.95	86.46.100.90	220.135.107.54
220.132.128.143	220.79.195.232	219.84.253.66	218.173.118.181
218.35.227.133	218.24.213.164	213.45.153.80	211.21.168.171
197.232.61.224	196.202.32.22	185.73.76.227	13.90.147.166