159.138.11.193

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Hong Kong

运营商(isp): Huawei International Pte Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	ECShop Remote Code Execution Vulnerability, PTR: ecs-159-138-11-193.compute.hwclouds-dns.com.	2019-09-10 11:07:21

相同子网IP讨论:

IP	类型	评论内容	时间
159.138.117.89	attack	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-05-28 23:06:41
159.138.117.89	attackbotsspam	xmlrpc attack	2020-05-28 06:52:16
159.138.119.7	attackspambots	Dec 22 18:39:52 plusreed sshd[17472]: Invalid user arbanas from 159.138.119.7 ...	2019-12-23 07:40:23
159.138.119.7	attackbotsspam	fraudulent SSH attempt	2019-12-14 04:28:28
159.138.119.7	attackbotsspam	Dec 12 16:35:59 ns41 sshd[18739]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.138.119.7	2019-12-13 00:34:47
159.138.119.7	attackspambots	detected by Fail2Ban	2019-12-12 20:57:33

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 159.138.11.193
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 60653
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;159.138.11.193.			IN	A

;; AUTHORITY SECTION:
.			1932	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019090902 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Sep 10 11:07:15 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

193.11.138.159.in-addr.arpa domain name pointer ecs-159-138-11-193.compute.hwclouds-dns.com.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
193.11.138.159.in-addr.arpa	name = ecs-159-138-11-193.compute.hwclouds-dns.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
41.231.8.188	attackspambots	Jan 10 11:33:44 grey postfix/smtpd\[25696\]: NOQUEUE: reject: RCPT from unknown\[41.231.8.188\]: 554 5.7.1 Service unavailable\; Client host \[41.231.8.188\] blocked using bl.spamcop.net\; Blocked - see https://www.spamcop.net/bl.shtml\?41.231.8.188\; from=\ to=\ proto=ESMTP helo=\<\[41.231.8.188\]\> ...	2020-01-10 19:23:25
95.9.61.234	attackbotsspam	37215/tcp 23/tcp 23/tcp [2019-12-22/2020-01-10]3pkt	2020-01-10 19:41:40
103.12.163.20	attackspam	1433/tcp 1433/tcp [2019-12-27/2020-01-10]2pkt	2020-01-10 19:35:22
217.19.154.218	attackspambots	Jan 10 01:04:48 hanapaa sshd\[29773\]: Invalid user beg from 217.19.154.218 Jan 10 01:04:48 hanapaa sshd\[29773\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=host-217-19-154-218.ip.retelit.it Jan 10 01:04:50 hanapaa sshd\[29773\]: Failed password for invalid user beg from 217.19.154.218 port 16729 ssh2 Jan 10 01:07:19 hanapaa sshd\[30051\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=host-217-19-154-218.ip.retelit.it user=root Jan 10 01:07:21 hanapaa sshd\[30051\]: Failed password for root from 217.19.154.218 port 35634 ssh2	2020-01-10 19:17:57
122.49.208.38	attack	445/tcp 445/tcp [2019-11-12/2020-01-10]2pkt	2020-01-10 19:27:20
185.200.118.45	attackspambots	[portscan] tcp/3389 [MS RDP] *(RWIN=65535)(01101146)	2020-01-10 19:54:47
68.183.31.138	attackbotsspam	Jan 10 01:18:25 eddieflores sshd\[2683\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.31.138 user=root Jan 10 01:18:27 eddieflores sshd\[2683\]: Failed password for root from 68.183.31.138 port 43102 ssh2 Jan 10 01:20:48 eddieflores sshd\[2893\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.31.138 user=root Jan 10 01:20:51 eddieflores sshd\[2893\]: Failed password for root from 68.183.31.138 port 39940 ssh2 Jan 10 01:23:17 eddieflores sshd\[3119\]: Invalid user 6888 from 68.183.31.138	2020-01-10 19:42:31
185.175.93.14	attackbotsspam	01/10/2020-12:23:43.854919 185.175.93.14 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2020-01-10 19:35:49
117.102.86.125	attackbots	445/tcp 445/tcp [2019-11-19/2020-01-10]2pkt	2020-01-10 19:23:05
110.49.70.245	attackbots	Automatic report - Banned IP Access	2020-01-10 19:58:48
218.107.133.49	attack	Jan 10 12:23:39 mail postfix/smtpd[13393]: warning: unknown[218.107.133.49]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jan 10 12:23:48 mail postfix/smtpd[13393]: warning: unknown[218.107.133.49]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jan 10 12:24:00 mail postfix/smtpd[13393]: warning: unknown[218.107.133.49]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-01-10 19:40:47
195.72.252.58	attack	445/tcp 1433/tcp [2019-12-28/2020-01-10]2pkt	2020-01-10 19:51:23
91.185.193.101	attack	T: f2b ssh aggressive 3x	2020-01-10 19:44:38
171.224.177.141	attackspambots	Unauthorized connection attempt detected from IP address 171.224.177.141 to port 445	2020-01-10 19:22:15
193.251.189.244	attackspambots	Jan 10 06:47:37 server2 sshd\[23394\]: User root from lputeaux-658-1-54-244.w193-251.abo.wanadoo.fr not allowed because not listed in AllowUsers Jan 10 06:47:42 server2 sshd\[23400\]: User root from lputeaux-658-1-54-244.w193-251.abo.wanadoo.fr not allowed because not listed in AllowUsers Jan 10 06:47:49 server2 sshd\[23402\]: User root from lputeaux-658-1-54-244.w193-251.abo.wanadoo.fr not allowed because not listed in AllowUsers Jan 10 06:47:57 server2 sshd\[23407\]: User root from lputeaux-658-1-54-244.w193-251.abo.wanadoo.fr not allowed because not listed in AllowUsers Jan 10 06:48:05 server2 sshd\[23413\]: Invalid user admin from 193.251.189.244 Jan 10 06:48:11 server2 sshd\[23448\]: Invalid user admin from 193.251.189.244	2020-01-10 20:00:18

最近上报的IP列表

200.116.76.24	175.248.91.175	63.73.136.77	39.29.42.192
188.40.159.236	193.112.2.207	182.61.10.190	185.93.3.111
62.180.218.148	125.155.208.85	45.196.217.134	168.96.57.82
84.56.175.59	124.221.44.106	106.75.85.37	3.200.250.80
20.99.215.120	125.61.20.146	53.144.19.53	118.56.135.71