159.192.250.138

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Thailand

运营商(isp): CAT Telecom Public Company Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	1600016352 - 09/13/2020 18:59:12 Host: 159.192.250.138/159.192.250.138 Port: 445 TCP Blocked	2020-09-14 20:51:55
attackspam	1600016352 - 09/13/2020 18:59:12 Host: 159.192.250.138/159.192.250.138 Port: 445 TCP Blocked	2020-09-14 12:44:28
attackbots	1600016352 - 09/13/2020 18:59:12 Host: 159.192.250.138/159.192.250.138 Port: 445 TCP Blocked	2020-09-14 04:46:42

类型

评论内容

时间

attackbotsspam

1600016352 - 09/13/2020 18:59:12 Host: 159.192.250.138/159.192.250.138 Port: 445 TCP Blocked

2020-09-14 20:51:55

attackspam

1600016352 - 09/13/2020 18:59:12 Host: 159.192.250.138/159.192.250.138 Port: 445 TCP Blocked

2020-09-14 12:44:28

attackbots

1600016352 - 09/13/2020 18:59:12 Host: 159.192.250.138/159.192.250.138 Port: 445 TCP Blocked

2020-09-14 04:46:42

相同子网IP讨论:

IP	类型	评论内容	时间
159.192.250.158	attack	Unauthorized connection attempt from IP address 159.192.250.158 on Port 445(SMB)	2020-07-25 07:46:25
159.192.250.129	attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-06-21 22:40:42
159.192.250.233	attackbots	Unauthorized connection attempt from IP address 159.192.250.233 on Port 445(SMB)	2020-02-26 10:32:12
159.192.250.93	attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-02-06 20:27:44
159.192.250.22	attackspam	1579668833 - 01/22/2020 05:53:53 Host: 159.192.250.22/159.192.250.22 Port: 445 TCP Blocked	2020-01-22 19:04:49
159.192.250.235	attackbots	Unauthorised access (Nov 5) SRC=159.192.250.235 LEN=52 TTL=116 ID=13137 DF TCP DPT=445 WINDOW=8192 SYN Unauthorised access (Nov 5) SRC=159.192.250.235 LEN=52 TTL=116 ID=31896 DF TCP DPT=445 WINDOW=8192 SYN	2019-11-06 01:09:54
159.192.250.242	attackspam	Unauthorized connection attempt from IP address 159.192.250.242 on Port 445(SMB)	2019-09-28 23:13:58
159.192.250.76	attackspam	Unauthorized connection attempt from IP address 159.192.250.76 on Port 445(SMB)	2019-07-22 20:25:14

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 159.192.250.138
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44781
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;159.192.250.138.		IN	A

;; AUTHORITY SECTION:
.			292	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020091301 1800 900 604800 86400

;; Query time: 106 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Sep 14 04:46:39 CST 2020
;; MSG SIZE  rcvd: 119

HOST信息:

Host 138.250.192.159.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 138.250.192.159.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
69.165.239.85	attackspam	Jan 13 22:25:51 ns381471 sshd[16950]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=69.165.239.85 Jan 13 22:25:53 ns381471 sshd[16950]: Failed password for invalid user sinusbot from 69.165.239.85 port 46442 ssh2	2020-01-14 05:36:00
164.132.47.139	attack	Unauthorized connection attempt detected from IP address 164.132.47.139 to port 2220 [J]	2020-01-14 06:02:43
111.229.48.141	attackspam	Jan 13 13:00:58 HOST sshd[26997]: Failed password for invalid user adminixxxr from 111.229.48.141 port 53734 ssh2 Jan 13 13:00:58 HOST sshd[26997]: Received disconnect from 111.229.48.141: 11: Bye Bye [preauth] Jan 13 13:06:12 HOST sshd[27098]: Failed password for invalid user pork from 111.229.48.141 port 59442 ssh2 Jan 13 13:06:12 HOST sshd[27098]: Received disconnect from 111.229.48.141: 11: Bye Bye [preauth] Jan 13 13:10:16 HOST sshd[27218]: Connection closed by 111.229.48.141 [preauth] Jan 13 13:13:32 HOST sshd[27265]: Failed password for invalid user winnie from 111.229.48.141 port 48582 ssh2 Jan 13 13:13:32 HOST sshd[27265]: Received disconnect from 111.229.48.141: 11: Bye Bye [preauth] Jan 13 13:17:22 HOST sshd[27378]: Failed password for invalid user dangerous from 111.229.48.141 port 43162 ssh2 Jan 13 13:17:22 HOST sshd[27378]: Received disconnect from 111.229.48.141: 11: Bye Bye [preauth] Jan 13 13:21:01 HOST sshd[27452]: Failed password for invalid user test........ -------------------------------	2020-01-14 05:38:52
222.186.30.31	attackbots	01/13/2020-17:05:09.408649 222.186.30.31 Protocol: 6 ET SCAN Potential SSH Scan	2020-01-14 06:05:57
49.234.223.253	attack	Jan 13 16:11:55 vzhost sshd[18149]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.223.253 user=nagios Jan 13 16:11:57 vzhost sshd[18149]: Failed password for nagios from 49.234.223.253 port 49336 ssh2 Jan 13 16:19:06 vzhost sshd[19544]: Invalid user dinamic from 49.234.223.253 Jan 13 16:19:06 vzhost sshd[19544]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.223.253 Jan 13 16:19:08 vzhost sshd[19544]: Failed password for invalid user dinamic from 49.234.223.253 port 33522 ssh2 Jan 13 16:23:46 vzhost sshd[20472]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.223.253 user=r.r Jan 13 16:23:47 vzhost sshd[20472]: Failed password for r.r from 49.234.223.253 port 60382 ssh2 Jan 13 16:28:24 vzhost sshd[21339]: Invalid user XXX from 49.234.223.253 Jan 13 16:28:24 vzhost sshd[21339]: pam_unix(sshd:auth): authentication failure; logn........ -------------------------------	2020-01-14 06:10:48
157.245.86.176	attack	Unauthorized connection attempt detected from IP address 157.245.86.176 to port 2220 [J]	2020-01-14 05:44:33
132.232.113.102	attack	Unauthorized connection attempt detected from IP address 132.232.113.102 to port 2220 [J]	2020-01-14 05:54:19
188.80.140.72	attackspam	port scan and connect, tcp 22 (ssh)	2020-01-14 05:44:11
115.75.66.67	attackbotsspam	Fail2Ban Ban Triggered	2020-01-14 05:47:08
148.76.108.146	attackspambots	Unauthorized connection attempt detected from IP address 148.76.108.146 to port 2220 [J]	2020-01-14 05:42:42
94.25.60.161	attackbotsspam	1578950750 - 01/13/2020 22:25:50 Host: 94.25.60.161/94.25.60.161 Port: 445 TCP Blocked	2020-01-14 05:37:49
177.128.137.255	attackspambots	Unauthorized connection attempt detected from IP address 177.128.137.255 to port 23	2020-01-14 05:38:30
192.200.206.81	attackbots	Jan 13 22:25:43 grey postfix/smtpd\[22750\]: NOQUEUE: reject: RCPT from unknown\[192.200.206.81\]: 554 5.7.1 Service unavailable\; Client host \[192.200.206.81\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[192.200.206.81\]\; from=\ to=\ proto=ESMTP helo=\ ...	2020-01-14 05:39:57
45.55.214.64	attackbots	Jan 13 22:40:00 vpn01 sshd[4148]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.214.64 Jan 13 22:40:02 vpn01 sshd[4148]: Failed password for invalid user pro1 from 45.55.214.64 port 49362 ssh2 ...	2020-01-14 05:43:05
107.175.33.240	attack	2020-01-13T21:48:55.961553shield sshd\[17517\]: Invalid user lucky from 107.175.33.240 port 42232 2020-01-13T21:48:55.966519shield sshd\[17517\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.175.33.240 2020-01-13T21:48:58.344869shield sshd\[17517\]: Failed password for invalid user lucky from 107.175.33.240 port 42232 ssh2 2020-01-13T21:50:31.045867shield sshd\[18082\]: Invalid user db2inst1 from 107.175.33.240 port 33194 2020-01-13T21:50:31.052989shield sshd\[18082\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.175.33.240	2020-01-14 05:51:40

最近上报的IP列表

236.107.111.54	183.150.227.83	95.29.184.193	218.104.216.142
116.74.20.170	113.118.207.119	164.51.191.28	189.178.55.34
168.63.212.45	82.253.141.54	198.251.89.99	94.191.113.77
111.21.255.2	54.39.209.237	119.45.199.173	189.90.135.51
115.98.229.146	94.201.52.66	209.141.46.38	192.99.11.223