210.48.139.158

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Hong Kong

运营商(isp): Chinatelecom Next Carrying HongKong region Network

主机名(hostname): unknown

机构(organization): China Telecom Next Generation Carrier Network

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Dec 27 07:28:56 debian-2gb-nbg1-2 kernel: \[1080861.507771\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=210.48.139.158 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=239 ID=13210 PROTO=TCP SPT=57132 DPT=199 WINDOW=1024 RES=0x00 SYN URGP=0	2019-12-27 16:25:31
attackspambots	Dec 22 13:24:47 debian-2gb-nbg1-2 kernel: \[670238.384699\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=210.48.139.158 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=239 ID=59312 PROTO=TCP SPT=57132 DPT=84 WINDOW=1024 RES=0x00 SYN URGP=0	2019-12-22 22:19:48
attackbots	Scanning (more than 2 packets) random ports - tries to find possible vulnerable services	2019-06-26 15:08:40
attackbots	MultiHost/MultiPort Probe, Scan, Hack -	2019-06-23 00:49:29
attackbots	firewall-block, port(s): 53/tcp, 100/tcp, 8081/tcp, 10000/tcp	2019-06-21 20:33:21

相同子网IP讨论:

IP	类型	评论内容	时间
210.48.139.228	attackspam	spam	2020-03-01 18:53:52
210.48.139.228	attackspam	spam	2020-01-24 16:00:23
210.48.139.228	attack	Jul 29 11:34:52 mail postfix/postscreen[10598]: PREGREET 14 after 0.59 from [210.48.139.228]:39952: EHLO loss.it ...	2019-07-30 07:26:13

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 210.48.139.158
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 39668
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;210.48.139.158.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019041200 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Sat Apr 13 00:37:49 +08 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 158.139.48.210.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 158.139.48.210.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
185.176.27.198	attackspambots	Aug 12 14:44:00 [host] kernel: [2903229.347764] [U Aug 12 14:44:01 [host] kernel: [2903229.555729] [U Aug 12 14:44:01 [host] kernel: [2903229.763254] [U Aug 12 14:44:01 [host] kernel: [2903229.971305] [U Aug 12 14:44:01 [host] kernel: [2903230.179422] [U Aug 12 14:44:01 [host] kernel: [2903230.387659] [U	2020-08-12 20:49:39
125.24.191.198	attackspam	Attempted connection to port 81.	2020-08-12 20:38:15
14.233.113.171	attackspambots	Attempted connection to port 445.	2020-08-12 20:36:42
202.158.62.240	attackspam	" "	2020-08-12 20:44:48
213.32.78.219	attackspam	2020-08-12T09:01:35.323984vps773228.ovh.net sshd[19255]: Failed password for root from 213.32.78.219 port 57670 ssh2 2020-08-12T09:05:24.321428vps773228.ovh.net sshd[19297]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.32.78.219 user=root 2020-08-12T09:05:26.503115vps773228.ovh.net sshd[19297]: Failed password for root from 213.32.78.219 port 39202 ssh2 2020-08-12T09:09:17.817568vps773228.ovh.net sshd[19331]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.32.78.219 user=root 2020-08-12T09:09:20.321065vps773228.ovh.net sshd[19331]: Failed password for root from 213.32.78.219 port 48962 ssh2 ...	2020-08-12 20:19:50
106.12.69.35	attack	2020-08-12T03:42:18.241021morrigan.ad5gb.com sshd[1737015]: Failed password for root from 106.12.69.35 port 57680 ssh2 2020-08-12T03:42:19.788136morrigan.ad5gb.com sshd[1737015]: Disconnected from authenticating user root 106.12.69.35 port 57680 [preauth]	2020-08-12 20:01:06
61.2.196.36	attackbotsspam	1597203945 - 08/12/2020 05:45:45 Host: 61.2.196.36/61.2.196.36 Port: 23 TCP Blocked	2020-08-12 20:08:56
14.161.11.125	attack	Port Scan ...	2020-08-12 20:17:16
180.126.162.118	attack	Lines containing failures of 180.126.162.118 Aug 12 05:39:13 nbi-636 sshd[23249]: Bad protocol version identification '' from 180.126.162.118 port 57098 Aug 12 05:39:15 nbi-636 sshd[23250]: Invalid user plexuser from 180.126.162.118 port 57175 Aug 12 05:39:15 nbi-636 sshd[23250]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.126.162.118 Aug 12 05:39:18 nbi-636 sshd[23250]: Failed password for invalid user plexuser from 180.126.162.118 port 57175 ssh2 Aug 12 05:39:19 nbi-636 sshd[23250]: Connection closed by invalid user plexuser 180.126.162.118 port 57175 [preauth] Aug 12 05:39:20 nbi-636 sshd[23276]: Invalid user admin from 180.126.162.118 port 57781 Aug 12 05:39:21 nbi-636 sshd[23276]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.126.162.118 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=180.126.162.118	2020-08-12 20:18:29
190.219.2.229	attackbots	Automatic report - Port Scan Attack	2020-08-12 20:08:06
119.46.13.202	attackspambots	Unauthorized connection attempt from IP address 119.46.13.202 on Port 445(SMB)	2020-08-12 19:58:01
200.54.51.124	attackspam	Aug 12 05:24:10 master sshd[12665]: Failed password for root from 200.54.51.124 port 42586 ssh2 Aug 12 05:41:03 master sshd[13316]: Failed password for root from 200.54.51.124 port 39476 ssh2 Aug 12 05:45:38 master sshd[13378]: Failed password for root from 200.54.51.124 port 49354 ssh2 Aug 12 05:50:20 master sshd[13473]: Failed password for root from 200.54.51.124 port 59234 ssh2 Aug 12 05:54:56 master sshd[13487]: Failed password for root from 200.54.51.124 port 40858 ssh2 Aug 12 05:59:25 master sshd[13551]: Failed password for root from 200.54.51.124 port 50728 ssh2 Aug 12 06:03:57 master sshd[14028]: Failed password for root from 200.54.51.124 port 60620 ssh2 Aug 12 06:08:31 master sshd[14091]: Failed password for root from 200.54.51.124 port 42264 ssh2 Aug 12 06:13:01 master sshd[14226]: Failed password for root from 200.54.51.124 port 52140 ssh2 Aug 12 06:17:35 master sshd[14305]: Failed password for root from 200.54.51.124 port 33764 ssh2	2020-08-12 20:02:36
114.32.103.186	attackbots	TCP (SYN) 114.32.103.186:6202 -> port 23, len 44	2020-08-12 20:39:30
149.200.88.27	attack	Automatic report - Port Scan Attack	2020-08-12 20:05:53
220.130.134.190	attack	Attempted connection to port 445.	2020-08-12 19:59:33

最近上报的IP列表

36.90.216.100	123.19.161.152	1.236.28.80	150.242.99.37
97.81.154.92	203.130.20.139	186.179.100.47	119.55.121.74
212.129.138.140	113.195.74.83	82.64.29.249	80.178.145.232
124.13.180.162	119.27.175.249	113.160.172.198	49.84.230.103
197.47.202.236	178.33.85.143	120.211.24.5	121.17.22.174