197.159.139.193

基本信息:

城市(city): Accra

省份(region): Greater Accra Region

国家(country): Ghana

运营商(isp): Telesol LTE IP Block

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Sep 3 18:46:26 mellenthin postfix/smtpd[20629]: NOQUEUE: reject: RCPT from unknown[197.159.139.193]: 554 5.7.1 Service unavailable; Client host [197.159.139.193] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/197.159.139.193; from= to= proto=ESMTP helo=<[197.159.139.193]>	2020-09-05 00:54:27
attack	Sep 3 18:46:26 mellenthin postfix/smtpd[20629]: NOQUEUE: reject: RCPT from unknown[197.159.139.193]: 554 5.7.1 Service unavailable; Client host [197.159.139.193] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/197.159.139.193; from= to= proto=ESMTP helo=<[197.159.139.193]>	2020-09-04 16:16:28
attackspambots	Sep 3 18:46:26 mellenthin postfix/smtpd[20629]: NOQUEUE: reject: RCPT from unknown[197.159.139.193]: 554 5.7.1 Service unavailable; Client host [197.159.139.193] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/197.159.139.193; from= to= proto=ESMTP helo=<[197.159.139.193]>	2020-09-04 08:35:57

类型

评论内容

时间

attackspam

Sep  3 18:46:26 mellenthin postfix/smtpd[20629]: NOQUEUE: reject: RCPT from unknown[197.159.139.193]: 554 5.7.1 Service unavailable; Client host [197.159.139.193] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/197.159.139.193; from= to= proto=ESMTP helo=<[197.159.139.193]>

2020-09-05 00:54:27

attack

Sep  3 18:46:26 mellenthin postfix/smtpd[20629]: NOQUEUE: reject: RCPT from unknown[197.159.139.193]: 554 5.7.1 Service unavailable; Client host [197.159.139.193] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/197.159.139.193; from= to= proto=ESMTP helo=<[197.159.139.193]>

2020-09-04 16:16:28

attackspambots

Sep  3 18:46:26 mellenthin postfix/smtpd[20629]: NOQUEUE: reject: RCPT from unknown[197.159.139.193]: 554 5.7.1 Service unavailable; Client host [197.159.139.193] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/197.159.139.193; from= to= proto=ESMTP helo=<[197.159.139.193]>

2020-09-04 08:35:57

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 197.159.139.193
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 47536
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;197.159.139.193.		IN	A

;; AUTHORITY SECTION:
.			210	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020090301 1800 900 604800 86400

;; Query time: 71 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Sep 04 08:35:50 CST 2020
;; MSG SIZE  rcvd: 119

HOST信息:

Host 193.139.159.197.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 193.139.159.197.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
71.6.232.8	attackbots	TCP (SYN) 71.6.232.8:32995 -> port 2379, len 44	2020-06-21 07:28:44
101.201.50.1	attackbotsspam	ET SCAN Suspicious inbound to MSSQL port 1433 - port: 1433 proto: TCP cat: Potentially Bad Traffic	2020-06-21 07:38:26
89.248.160.178	attack	NL_IPV_<177>1592696970 [1:2403468:58145] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 85 [Classification: Misc Attack] [Priority: 2]: {TCP} 89.248.160.178:47459	2020-06-21 08:01:48
45.143.221.53	attackbots	TCP (SYN) 45.143.221.53:46212 -> port 8089, len 44	2020-06-21 07:47:27
94.102.56.231	attack	Jun 21 01:27:56 debian-2gb-nbg1-2 kernel: \[14954358.592526\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=94.102.56.231 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=57028 PROTO=TCP SPT=41281 DPT=8166 WINDOW=1024 RES=0x00 SYN URGP=0	2020-06-21 07:39:06
122.49.30.48	attackbots	ET SCAN Suspicious inbound to MSSQL port 1433 - port: 1433 proto: TCP cat: Potentially Bad Traffic	2020-06-21 07:56:56
80.82.77.139	attackspam	Jun 21 01:44:08 debian-2gb-nbg1-2 kernel: \[14955331.286738\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=80.82.77.139 DST=195.201.40.59 LEN=44 TOS=0x00 PREC=0x00 TTL=120 ID=15274 PROTO=TCP SPT=15314 DPT=21379 WINDOW=3777 RES=0x00 SYN URGP=0	2020-06-21 08:04:30
92.63.197.58	attack	Triggered: repeated knocking on closed ports.	2020-06-21 08:00:57
89.248.174.201	attack	NL_IPV_<177>1592695131 [1:2403468:58145] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 85 [Classification: Misc Attack] [Priority: 2]: {TCP} 89.248.174.201:50090	2020-06-21 07:40:30
41.227.30.129	attackbots	Unauthorized IMAP connection attempt	2020-06-21 07:31:40
87.251.74.221	attack	06/20/2020-18:37:15.588878 87.251.74.221 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-06-21 08:02:19
94.102.49.193	attackbots	Fail2Ban Ban Triggered	2020-06-21 07:59:02
54.37.68.33	attackspam	1552. On Jun 20 2020 experienced a Brute Force SSH login attempt -> 42 unique times by 54.37.68.33.	2020-06-21 07:30:15
185.153.196.126	attack	RU_RM Engineering LLC_<177>1592696247 [1:2402000:5581] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2]: {TCP} 185.153.196.126:46947	2020-06-21 07:53:53
185.209.0.32	attackbotsspam	ET DROP Dshield Block Listed Source group 1 - port: 33889 proto: TCP cat: Misc Attack	2020-06-21 07:51:54

最近上报的IP列表

91.80.255.207	203.113.130.213	202.106.177.193	37.63.242.63
37.107.124.100	189.18.222.238	51.158.153.225	203.46.245.83
90.51.255.246	149.63.14.135	188.88.243.249	196.232.222.79
119.50.136.43	61.208.162.149	203.189.237.249	111.207.37.32
183.166.8.225	123.149.30.7	129.226.118.122	78.174.174.108