159.138.153.194

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Hong Kong

运营商(isp): Huawei International Pte Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	badbot	2019-11-27 03:57:50

相同子网IP讨论:

IP	类型	评论内容	时间
159.138.153.141	attack	DDOS attack - seems Huawei own the whole set blocked 159.138..	2020-01-28 20:34:27
159.138.153.171	attackbots	Automatic report - Banned IP Access	2020-01-12 05:28:27
159.138.153.62	attackbotsspam	badbot	2020-01-08 03:09:06
159.138.153.26	attackbotsspam	badbot	2020-01-08 02:44:14
159.138.153.141	attackbotsspam	Automatic report - Banned IP Access	2019-11-30 02:06:25
159.138.153.65	attack	badbot	2019-11-27 06:26:05
159.138.153.5	attackbots	badbot	2019-11-27 06:00:26
159.138.153.141	attackbotsspam	Automatic report - Banned IP Access	2019-11-25 23:18:22
159.138.153.48	attack	badbot	2019-11-25 07:00:06

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 159.138.153.194
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 4216
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;159.138.153.194.		IN	A

;; AUTHORITY SECTION:
.			146	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019112602 1800 900 604800 86400

;; Query time: 54 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Nov 27 03:57:47 CST 2019
;; MSG SIZE  rcvd: 119

HOST信息:

194.153.138.159.in-addr.arpa domain name pointer ecs-159-138-153-194.compute.hwclouds-dns.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
194.153.138.159.in-addr.arpa	name = ecs-159-138-153-194.compute.hwclouds-dns.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
124.207.165.138	attack	Invalid user sqs from 124.207.165.138 port 51828	2020-05-21 15:39:18
202.107.232.162	attack	May 21 04:54:28 pi sshd[29487]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.107.232.162 May 21 04:54:31 pi sshd[29487]: Failed password for invalid user gvz from 202.107.232.162 port 37001 ssh2	2020-05-21 15:41:00
182.71.224.210	attackspam	IN_MAINT-IN-BBIL_<177>1590033275 [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2]: {TCP} 182.71.224.210:34153	2020-05-21 15:37:13
89.207.108.59	attackbots	May 21 07:40:05 vps647732 sshd[9812]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.207.108.59 May 21 07:40:07 vps647732 sshd[9812]: Failed password for invalid user pradeep from 89.207.108.59 port 46144 ssh2 ...	2020-05-21 15:42:10
198.98.51.63	attackspambots	Port scan on 1 port(s): 53413	2020-05-21 16:01:16
159.65.105.171	attackspambots	Unauthorized connection attempt detected from IP address 159.65.105.171 to port 2598	2020-05-21 15:38:22
65.34.120.176	attackbots	May 21 09:27:32 vmd26974 sshd[10433]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=65.34.120.176 May 21 09:27:35 vmd26974 sshd[10433]: Failed password for invalid user rrt from 65.34.120.176 port 59700 ssh2 ...	2020-05-21 15:59:23
137.59.65.30	attackbotsspam	May 21 05:53:58 icecube postfix/smtpd[55164]: NOQUEUE: reject: RCPT from unknown[137.59.65.30]: 553 5.7.1 : Sender address rejected: not logged in; from= to= proto=ESMTP helo=<[127.0.0.1]>	2020-05-21 15:58:28
175.19.204.4	attackbots	May 21 05:53:44 debian-2gb-nbg1-2 kernel: \[12292047.509194\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=175.19.204.4 DST=195.201.40.59 LEN=44 TOS=0x00 PREC=0x00 TTL=233 ID=39492 PROTO=TCP SPT=30019 DPT=1433 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-21 16:04:16
129.146.96.33	attackspam	[ThuMay2107:17:20.0461582020][:error][pid6437:tid47395587000064][client129.146.96.33:10820][client129.146.96.33]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch"/test-cgi\$"atREQUEST_FILENAME.[file"/usr/local/apache.ea3/conf/modsec_rules/99_asl_jitp.conf"][line"5339"][id"390458"][rev"1"][msg"Atomicorp.comWAFRules-VirtualJustInTimePatch:TestCGIprobe"][severity"CRITICAL"][hostname"pizzarella.ch"][uri"/cgi-bin/test-cgi"][unique_id"XsYO4NOO2gR6dVR@tEyYzgAAAFY"][ThuMay2107:17:20.8150952020][:error][pid6591:tid47395576493824][client129.146.96.33:10953][client129.146.96.33]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch"/test-cgi\$"atREQUEST_FILENAME.[file"/usr/local/apache.ea3/conf/modsec_rules/99_asl_jitp.conf"][line"5339"][id"390458"][rev"1"][msg"Atomicorp.comWAFRules-VirtualJustInTimePatch:TestCGIprobe"][severity"CRITICAL"][hostname"www.pizzarella.ch"][uri"/cgi-bin/test-cgi"][unique_id"XsYO4EwnruPHrK-iUx3D5wAAANE"]	2020-05-21 15:43:05
106.13.29.92	attackspambots	prod11 ...	2020-05-21 16:00:44
40.114.108.93	attackspam	May 21 01:59:33 vps46666688 sshd[23249]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.114.108.93 May 21 01:59:36 vps46666688 sshd[23249]: Failed password for invalid user qew from 40.114.108.93 port 40396 ssh2 ...	2020-05-21 15:31:57
183.196.199.42	attack	" "	2020-05-21 15:33:48
125.163.47.28	attack	May 21 05:54:56 jane sshd[31237]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.163.47.28 May 21 05:54:58 jane sshd[31237]: Failed password for invalid user service from 125.163.47.28 port 28383 ssh2 ...	2020-05-21 15:24:07
190.182.179.12	attack	(imapd) Failed IMAP login from 190.182.179.12 (AR/Argentina/-): 1 in the last 3600 secs	2020-05-21 15:37:55

最近上报的IP列表

24.123.130.130	104.209.215.91	122.151.166.254	45.235.162.204
171.44.213.180	8.2.125.20	173.111.52.195	186.105.205.75
36.90.102.128	179.108.173.64	194.75.64.26	2.164.123.152
106.12.14.107	223.245.84.42	116.12.190.185	73.94.152.237
126.141.92.91	82.154.74.223	1.204.226.26	128.71.218.249