159.138.149.107

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Hong Kong

运营商(isp): Huawei International Pte Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	[Fri Dec 20 21:47:05.500811 2019] [ssl:info] [pid 23331:tid 140202395809536] [client 159.138.149.107:41419] AH02033: No hostname was provided via SNI for a name based virtual host ...	2019-12-21 06:23:57

相同子网IP讨论:

IP	类型	评论内容	时间
159.138.149.210	attackspam	do not respect robot.txt	2020-02-29 03:33:45
159.138.149.47	attackbotsspam	Looking for resource vulnerabilities	2020-01-15 09:23:48
159.138.149.148	attackspambots	badbot	2020-01-07 22:29:13
159.138.149.42	attack	Unauthorized access detected from banned ip	2020-01-01 13:13:04
159.138.149.214	attackbots	Unauthorized access detected from banned ip	2019-12-28 16:06:13
159.138.149.62	attack	badbot	2019-11-27 06:21:04
159.138.149.52	attack	badbot	2019-11-27 03:31:07
159.138.149.34	attackspam	badbot	2019-11-25 14:44:27

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 159.138.149.107
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 37177
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;159.138.149.107.		IN	A

;; AUTHORITY SECTION:
.			302	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019122002 1800 900 604800 86400

;; Query time: 107 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Dec 21 06:23:54 CST 2019
;; MSG SIZE  rcvd: 119

HOST信息:

107.149.138.159.in-addr.arpa domain name pointer ecs-159-138-149-107.compute.hwclouds-dns.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
107.149.138.159.in-addr.arpa	name = ecs-159-138-149-107.compute.hwclouds-dns.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
122.114.18.49	attackbots	Sep 11 02:03:48 cho sshd[2665301]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.114.18.49 Sep 11 02:03:48 cho sshd[2665301]: Invalid user ts3-server from 122.114.18.49 port 33854 Sep 11 02:03:50 cho sshd[2665301]: Failed password for invalid user ts3-server from 122.114.18.49 port 33854 ssh2 Sep 11 02:07:54 cho sshd[2665441]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.114.18.49 user=root Sep 11 02:07:56 cho sshd[2665441]: Failed password for root from 122.114.18.49 port 50189 ssh2 ...	2020-09-11 12:44:45
14.225.238.227	attackspambots	WordPress login Brute force / Web App Attack on client site.	2020-09-11 12:41:04
111.229.139.95	attack	Sep 11 01:51:34 nuernberg-4g-01 sshd[15478]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.139.95 Sep 11 01:51:35 nuernberg-4g-01 sshd[15478]: Failed password for invalid user ekamau from 111.229.139.95 port 29926 ssh2 Sep 11 01:57:16 nuernberg-4g-01 sshd[17275]: Failed password for root from 111.229.139.95 port 36361 ssh2	2020-09-11 13:07:47
64.57.253.25	attack	Failed password for invalid user bcb from 64.57.253.25 port 40536 ssh2	2020-09-11 13:12:10
134.209.233.225	attackbots	Sep 10 20:34:05 mail sshd\[1036\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.233.225 user=root ...	2020-09-11 12:33:40
220.132.123.13	attackbotsspam	Port Scan detected! ...	2020-09-11 13:07:33
118.70.128.28	attackbots	Unauthorized connection attempt from IP address 118.70.128.28 on Port 445(SMB)	2020-09-11 12:44:57
185.220.101.144	attackspam	185.220.101.144 - - \[10/Sep/2020:18:58:37 +0200\] "GET /index.php\?id=-3078%22%2F%2A\&id=%2A%2FWHERE%2F%2A\&id=%2A%2F3917%3D3917%2F%2A\&id=%2A%2FOR%2F%2A\&id=%2A%2F7920%3D%28SELECT%2F%2A\&id=%2A%2F%28CASE%2F%2A\&id=%2A%2FWHEN%2F%2A\&id=%2A%2F%287920%3D7920%29%2F%2A\&id=%2A%2FTHEN%2F%2A\&id=%2A%2F7920%2F%2A\&id=%2A%2FELSE%2F%2A\&id=%2A%2F%28SELECT%2F%2A\&id=%2A%2F9984%2F%2A\&id=%2A%2FUNION%2F%2A\&id=%2A%2FSELECT%2F%2A\&id=%2A%2F4471%29%2F%2A\&id=%2A%2FEND%29%29--%2F%2A\&id=%2A%2FjCMi HTTP/1.1" 200 12305 "http://www.firma-lsf.eu:80/index.php" "Googlebot \(compatible Googlebot/2.1 http://www.google.com/bot.html\)" ...	2020-09-11 12:50:13
222.186.42.137	attackbotsspam	Sep 11 06:53:44 inter-technics sshd[18438]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.137 user=root Sep 11 06:53:46 inter-technics sshd[18438]: Failed password for root from 222.186.42.137 port 61547 ssh2 Sep 11 06:53:48 inter-technics sshd[18438]: Failed password for root from 222.186.42.137 port 61547 ssh2 Sep 11 06:53:44 inter-technics sshd[18438]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.137 user=root Sep 11 06:53:46 inter-technics sshd[18438]: Failed password for root from 222.186.42.137 port 61547 ssh2 Sep 11 06:53:48 inter-technics sshd[18438]: Failed password for root from 222.186.42.137 port 61547 ssh2 Sep 11 06:53:44 inter-technics sshd[18438]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.137 user=root Sep 11 06:53:46 inter-technics sshd[18438]: Failed password for root from 222.186.42.137 port 61547 ssh2 S ...	2020-09-11 12:59:01
118.44.40.171	attackbots	Sep 10 22:00:45 ssh2 sshd[18283]: User root from 118.44.40.171 not allowed because not listed in AllowUsers Sep 10 22:00:45 ssh2 sshd[18283]: Failed password for invalid user root from 118.44.40.171 port 51095 ssh2 Sep 10 22:00:46 ssh2 sshd[18283]: Connection closed by invalid user root 118.44.40.171 port 51095 [preauth] ...	2020-09-11 13:08:35
192.3.27.227	attack	SPAM	2020-09-11 12:42:50
158.69.35.227	attackbotsspam	Sep 11 06:35:51 nuernberg-4g-01 sshd[19109]: Failed password for root from 158.69.35.227 port 44752 ssh2 Sep 11 06:35:54 nuernberg-4g-01 sshd[19109]: Failed password for root from 158.69.35.227 port 44752 ssh2 Sep 11 06:35:58 nuernberg-4g-01 sshd[19109]: Failed password for root from 158.69.35.227 port 44752 ssh2 Sep 11 06:36:00 nuernberg-4g-01 sshd[19109]: Failed password for root from 158.69.35.227 port 44752 ssh2	2020-09-11 13:05:09
185.108.106.251	attack	[2020-09-11 01:00:41] NOTICE[1239] chan_sip.c: Registration from '' failed for '185.108.106.251:64229' - Wrong password [2020-09-11 01:00:41] SECURITY[1264] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-09-11T01:00:41.108-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="8094",SessionID="0x7f4d482e4338",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.108.106.251/64229",Challenge="7c2e421c",ReceivedChallenge="7c2e421c",ReceivedHash="6c3229f1863833892578a21e90dfdce7" [2020-09-11 01:01:12] NOTICE[1239] chan_sip.c: Registration from '' failed for '185.108.106.251:63423' - Wrong password [2020-09-11 01:01:12] SECURITY[1264] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-09-11T01:01:12.565-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="5850",SessionID="0x7f4d4827ad68",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.108 ...	2020-09-11 13:03:59
222.186.30.57	attackspambots	Sep 11 06:55:05 ncomp sshd[32031]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.57 user=root Sep 11 06:55:07 ncomp sshd[32031]: Failed password for root from 222.186.30.57 port 44158 ssh2 Sep 11 06:55:13 ncomp sshd[32033]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.57 user=root Sep 11 06:55:15 ncomp sshd[32033]: Failed password for root from 222.186.30.57 port 22284 ssh2	2020-09-11 12:59:41
132.232.66.238	attackspambots	Invalid user sirius from 132.232.66.238 port 44564	2020-09-11 12:58:05

最近上报的IP列表

213.45.4.230	68.189.113.213	6.156.128.229	224.165.215.59
88.22.158.187	86.143.249.228	191.32.158.240	201.39.41.226
40.92.18.33	175.176.91.150	201.1.128.20	42.119.212.224
42.113.108.101	201.208.20.9	159.20.106.234	23.227.38.65
157.26.70.77	223.230.153.139	218.64.91.95	193.34.145.203