159.138.148.221

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Hong Kong

运营商(isp): Huawei International Pte Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	badbot	2019-11-27 03:20:43

相同子网IP讨论:

IP	类型	评论内容	时间
159.138.148.103	attackbotsspam	badbot	2019-11-27 06:34:19
159.138.148.145	attack	badbot	2019-11-27 05:34:19

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 159.138.148.221
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 19452
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;159.138.148.221.		IN	A

;; AUTHORITY SECTION:
.			518	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019112602 1800 900 604800 86400

;; Query time: 501 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Nov 27 03:20:40 CST 2019
;; MSG SIZE  rcvd: 119

HOST信息:

221.148.138.159.in-addr.arpa domain name pointer ecs-159-138-148-221.compute.hwclouds-dns.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
221.148.138.159.in-addr.arpa	name = ecs-159-138-148-221.compute.hwclouds-dns.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
37.120.147.251	attack	Postfix DNSBL listed. Trying to send SPAM.	2019-07-06 19:35:18
222.76.119.165	attack	2019-07-06T04:32:23.176056abusebot-3.cloudsearch.cf sshd\[9713\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.76.119.165 user=root	2019-07-06 19:52:04
198.211.118.157	attack	Jul 6 07:26:24 localhost sshd\[3331\]: Invalid user doku from 198.211.118.157 port 40292 Jul 6 07:26:24 localhost sshd\[3331\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.211.118.157 Jul 6 07:26:26 localhost sshd\[3331\]: Failed password for invalid user doku from 198.211.118.157 port 40292 ssh2	2019-07-06 19:35:42
217.182.79.245	attackbotsspam	Jul 6 09:15:42 *** sshd[13612]: Invalid user euclide from 217.182.79.245	2019-07-06 19:33:53
107.170.20.247	attackbots	Jul 6 04:36:54 MK-Soft-VM4 sshd\[29936\]: Invalid user cron from 107.170.20.247 port 59294 Jul 6 04:36:54 MK-Soft-VM4 sshd\[29936\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.170.20.247 Jul 6 04:36:57 MK-Soft-VM4 sshd\[29936\]: Failed password for invalid user cron from 107.170.20.247 port 59294 ssh2 ...	2019-07-06 20:00:10
191.53.195.64	attackbotsspam	Jul 5 23:36:10 web1 postfix/smtpd[31149]: warning: unknown[191.53.195.64]: SASL PLAIN authentication failed: authentication failure ...	2019-07-06 19:43:32
62.102.148.69	attackspambots	Jul 6 06:30:01 km20725 sshd\[13093\]: Invalid user admin from 62.102.148.69Jul 6 06:30:03 km20725 sshd\[13093\]: Failed password for invalid user admin from 62.102.148.69 port 40213 ssh2Jul 6 06:30:06 km20725 sshd\[13167\]: Invalid user admin1 from 62.102.148.69Jul 6 06:30:09 km20725 sshd\[13167\]: Failed password for invalid user admin1 from 62.102.148.69 port 43473 ssh2 ...	2019-07-06 20:05:50
191.53.222.105	attackbotsspam	failed_logins	2019-07-06 20:10:30
206.189.145.251	attack	Jul 6 06:05:36 vtv3 sshd\[15925\]: Invalid user aloko from 206.189.145.251 port 38248 Jul 6 06:05:36 vtv3 sshd\[15925\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.145.251 Jul 6 06:05:38 vtv3 sshd\[15925\]: Failed password for invalid user aloko from 206.189.145.251 port 38248 ssh2 Jul 6 06:11:58 vtv3 sshd\[18747\]: Invalid user sandrine from 206.189.145.251 port 39682 Jul 6 06:11:58 vtv3 sshd\[18747\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.145.251 Jul 6 06:22:02 vtv3 sshd\[23794\]: Invalid user pul from 206.189.145.251 port 57030 Jul 6 06:22:02 vtv3 sshd\[23794\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.145.251 Jul 6 06:22:04 vtv3 sshd\[23794\]: Failed password for invalid user pul from 206.189.145.251 port 57030 ssh2 Jul 6 06:24:28 vtv3 sshd\[24695\]: Invalid user cpanel from 206.189.145.251 port 54306 Jul 6 06:24:28 vtv3 ss	2019-07-06 19:24:29
115.127.70.148	attackbots	19/7/5@23:37:09: FAIL: Alarm-Intrusion address from=115.127.70.148 ...	2019-07-06 19:26:19
92.118.37.70	attackbots	Honeypot attack, port: 445, PTR: PTR record not found	2019-07-06 19:22:28
5.42.57.2	attack	[portscan] Port scan	2019-07-06 19:43:49
54.36.118.64	attackspambots	\[2019-07-06 12:56:41\] SECURITY\[3671\] res_security_log.c: SecurityEvent="ChallengeResponseFailed",EventTV="2019-07-06T12:56:41.445+0200",Severity="Error",Service="PJSIP",EventVersion="1",AccountID="\",SessionID="946733719-1382275394-1693585012",LocalAddress="IPV4/UDP/188.40.118.248/5060",RemoteAddress="IPV4/UDP/54.36.118.64/54661",Challenge="1562410601/ec20cb912c83b8fb222a96718bc12dd1",Response="56791a7e2062067b5d0ebfd0101e9e31",ExpectedResponse="" \[2019-07-06 12:56:41\] SECURITY\[3671\] res_security_log.c: SecurityEvent="ChallengeResponseFailed",EventTV="2019-07-06T12:56:41.518+0200",Severity="Error",Service="PJSIP",EventVersion="1",AccountID="\",SessionID="946733719-1382275394-1693585012",LocalAddress="IPV4/UDP/188.40.118.248/5060",RemoteAddress="IPV4/UDP/54.36.118.64/54661",Challenge="1562410601/ec20cb912c83b8fb222a96718bc12dd1",Response="5ae3eeb8491d127915acfa3d4af1cffa",ExpectedResponse="" \[2019-07-06 12:56:41\] SECURITY\[3671\] res_security_log.c: SecurityEvent="ChallengeRespon	2019-07-06 19:32:58
95.111.74.98	attackspam	Automated report - ssh fail2ban: Jul 6 06:05:30 authentication failure Jul 6 06:05:32 wrong password, user=ang, port=53574, ssh2	2019-07-06 20:11:00
148.70.71.137	attackspam	Jul 6 07:41:20 MK-Soft-Root2 sshd\[24138\]: Invalid user electrical from 148.70.71.137 port 43908 Jul 6 07:41:20 MK-Soft-Root2 sshd\[24138\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.71.137 Jul 6 07:41:23 MK-Soft-Root2 sshd\[24138\]: Failed password for invalid user electrical from 148.70.71.137 port 43908 ssh2 ...	2019-07-06 19:22:04

最近上报的IP列表

186.199.213.161	119.5.190.115	159.138.155.185	113.116.33.202
108.45.166.162	159.138.128.104	119.80.67.54	32.219.145.185
56.92.36.187	70.3.248.91	89.11.155.55	5.180.184.55
110.246.25.208	75.21.78.91	199.76.111.173	101.173.237.171
159.138.155.64	125.22.235.254	89.87.217.31	217.79.3.231