159.138.128.104

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Hong Kong

运营商(isp): Huawei International Pte Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	badbot	2019-11-27 03:24:04

相同子网IP讨论:

IP	类型	评论内容	时间
159.138.128.155	attack	badbot	2020-01-15 06:19:46
159.138.128.138	attack	badbot	2020-01-15 06:17:18
159.138.128.136	attackspam	Automatic report - Banned IP Access	2020-01-14 09:20:26
159.138.128.209	attack	Unauthorized access detected from banned ip	2020-01-09 05:04:50
159.138.128.24	attackspambots	badbot	2020-01-08 02:43:23
159.138.128.55	attack	Automatic report - Banned IP Access	2020-01-08 01:59:34
159.138.128.225	attackbotsspam	badbot	2019-12-21 01:13:02
159.138.128.55	attack	Automatic report - Banned IP Access	2019-12-14 08:23:28
159.138.128.211	attack	Automatic report - Banned IP Access	2019-12-01 03:50:32
159.138.128.102	attackbotsspam	badbot	2019-11-27 03:46:32
159.138.128.53	attackbots	badbot	2019-11-25 22:13:10
159.138.128.252	attackspambots	hwclouds-dns.com is blocked! 1 month rest and then no longer so stupid behavior!	2019-11-12 02:44:38

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 159.138.128.104
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 23295
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;159.138.128.104.		IN	A

;; AUTHORITY SECTION:
.			527	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019112602 1800 900 604800 86400

;; Query time: 97 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Nov 27 03:24:01 CST 2019
;; MSG SIZE  rcvd: 119

HOST信息:

104.128.138.159.in-addr.arpa domain name pointer ecs-159-138-128-104.compute.hwclouds-dns.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
104.128.138.159.in-addr.arpa	name = ecs-159-138-128-104.compute.hwclouds-dns.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
80.211.111.209	attackbots	80.211.111.209 - - [23/Oct/2019:17:56:59 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 80.211.111.209 - - [23/Oct/2019:17:57:00 +0200] "POST /wp-login.php HTTP/1.1" 200 1503 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 80.211.111.209 - - [23/Oct/2019:17:57:00 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 80.211.111.209 - - [23/Oct/2019:17:57:01 +0200] "POST /wp-login.php HTTP/1.1" 200 1486 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 80.211.111.209 - - [23/Oct/2019:17:57:01 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 80.211.111.209 - - [23/Oct/2019:17:57:02 +0200] "POST /wp-login.php HTTP/1.1" 200 1486 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-10-24 02:17:07
14.34.20.50	attackbots	SSH bruteforce	2019-10-24 02:09:11
142.93.140.192	attackbotsspam	[munged]::443 142.93.140.192 - - [23/Oct/2019:16:04:54 +0200] "POST /[munged]: HTTP/1.1" 200 9079 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 142.93.140.192 - - [23/Oct/2019:16:04:54 +0200] "POST /[munged]: HTTP/1.1" 200 9079 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 142.93.140.192 - - [23/Oct/2019:16:04:55 +0200] "POST /[munged]: HTTP/1.1" 200 9079 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 142.93.140.192 - - [23/Oct/2019:16:04:56 +0200] "POST /[munged]: HTTP/1.1" 200 9079 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 142.93.140.192 - - [23/Oct/2019:16:04:57 +0200] "POST /[munged]: HTTP/1.1" 200 9079 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 142.93.140.192 - - [23/Oct/2019:16:04:57 +0200] "POST /[munged]: HTTP/1.1" 200 9079 "-" "Mozilla/5.0 (X11	2019-10-24 02:07:20
203.242.186.251	attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2019-10-24 02:09:46
54.39.187.138	attackbots	Automatic report - Banned IP Access	2019-10-24 02:26:55
142.93.172.64	attackbotsspam	Oct 23 16:05:13 server sshd\[2876\]: Invalid user test1 from 142.93.172.64 Oct 23 16:05:13 server sshd\[2876\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.172.64 Oct 23 16:05:15 server sshd\[2876\]: Failed password for invalid user test1 from 142.93.172.64 port 53938 ssh2 Oct 23 16:26:46 server sshd\[10387\]: Invalid user krandasi from 142.93.172.64 Oct 23 16:26:46 server sshd\[10387\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.172.64 ...	2019-10-24 02:10:15
220.94.205.222	attackspambots	ssh failed login	2019-10-24 01:46:13
211.143.37.99	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-10-24 02:27:24
203.150.171.24	attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-10-24 02:01:16
101.68.81.66	attack	Invalid user ftp from 101.68.81.66 port 53704 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.68.81.66 Failed password for invalid user ftp from 101.68.81.66 port 53704 ssh2 Invalid user mysql from 101.68.81.66 port 34304 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.68.81.66	2019-10-24 02:03:41
202.75.210.43	attackbots	MultiHost/MultiPort Probe, Scan, Hack -	2019-10-24 01:48:50
107.170.76.170	attackspam	Oct 23 17:32:45 server sshd\[30088\]: Invalid user weiguo from 107.170.76.170 Oct 23 17:32:45 server sshd\[30088\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.170.76.170 Oct 23 17:32:47 server sshd\[30088\]: Failed password for invalid user weiguo from 107.170.76.170 port 58253 ssh2 Oct 23 17:50:10 server sshd\[2423\]: Invalid user josemaria from 107.170.76.170 Oct 23 17:50:10 server sshd\[2423\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.170.76.170 ...	2019-10-24 02:02:18
188.245.250.100	attackspam	Excessive Port-Scanning	2019-10-24 01:57:50
80.232.246.116	attackbots	Port Scan detected from 80.232.246.116 (LV/Latvia/-). 4 hits in the last 80 seconds	2019-10-24 02:12:27
217.182.74.116	attackspambots	WordPress login Brute force / Web App Attack on client site.	2019-10-24 01:57:34

最近上报的IP列表

101.173.237.171	159.138.155.64	125.22.235.254	89.87.217.31
217.79.3.231	130.105.9.214	116.49.16.186	79.85.220.74
56.236.146.149	126.73.149.99	132.194.25.75	3.219.49.246
17.64.161.217	196.89.208.151	32.245.21.75	159.138.158.190
192.117.108.203	124.230.130.238	45.116.229.25	87.201.236.126