159.138.117.89

基本信息:

城市(city): Santiago

省份(region): Santiago Metropolitan

国家(country): Chile

运营商(isp): Huawei Chile Clouds

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-05-28 23:06:41
attackbotsspam	xmlrpc attack	2020-05-28 06:52:16

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 159.138.117.89
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 59895
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;159.138.117.89.			IN	A

;; AUTHORITY SECTION:
.			461	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020052702 1800 900 604800 86400

;; Query time: 62 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu May 28 06:52:13 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

89.117.138.159.in-addr.arpa domain name pointer uhosting.cl.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
89.117.138.159.in-addr.arpa	name = uhosting.cl.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
50.239.143.195	attack	Oct 25 15:25:42 lnxmysql61 sshd[1967]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=50.239.143.195	2019-10-26 01:06:18
183.134.65.22	attack	2019-10-25T16:32:07.633429scmdmz1 sshd\[21859\]: Invalid user colleen from 183.134.65.22 port 59466 2019-10-25T16:32:07.636583scmdmz1 sshd\[21859\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.134.65.22 2019-10-25T16:32:09.565376scmdmz1 sshd\[21859\]: Failed password for invalid user colleen from 183.134.65.22 port 59466 ssh2 ...	2019-10-26 00:46:23
217.112.142.89	attackspambots	Postfix RBL failed	2019-10-26 00:31:06
198.108.66.80	attack	port scan and connect, tcp 8080 (http-proxy)	2019-10-26 01:05:00
139.59.37.209	attackspam	Oct 25 15:30:28 www sshd\[18391\]: Invalid user bkupexec from 139.59.37.209 port 53144 ...	2019-10-26 01:00:07
191.193.89.46	attackspam	Oct 25 17:44:09 vmanager6029 sshd\[6499\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.193.89.46 user=root Oct 25 17:44:11 vmanager6029 sshd\[6499\]: Failed password for root from 191.193.89.46 port 39366 ssh2 Oct 25 17:50:14 vmanager6029 sshd\[6625\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.193.89.46 user=root	2019-10-26 00:53:49
92.118.38.38	attackspambots	Oct 25 18:19:42 relay postfix/smtpd\[17508\]: warning: unknown\[92.118.38.38\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 25 18:19:59 relay postfix/smtpd\[8747\]: warning: unknown\[92.118.38.38\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 25 18:20:19 relay postfix/smtpd\[18130\]: warning: unknown\[92.118.38.38\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 25 18:20:35 relay postfix/smtpd\[18598\]: warning: unknown\[92.118.38.38\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 25 18:20:55 relay postfix/smtpd\[17499\]: warning: unknown\[92.118.38.38\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-10-26 00:25:04
159.89.1.19	attackspambots	159.89.1.19 - - [25/Oct/2019:18:28:12 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 159.89.1.19 - - [25/Oct/2019:18:28:13 +0200] "POST /wp-login.php HTTP/1.1" 200 1503 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 159.89.1.19 - - [25/Oct/2019:18:28:13 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 159.89.1.19 - - [25/Oct/2019:18:28:13 +0200] "POST /wp-login.php HTTP/1.1" 200 1489 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 159.89.1.19 - - [25/Oct/2019:18:28:14 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 159.89.1.19 - - [25/Oct/2019:18:28:19 +0200] "POST /wp-login.php HTTP/1.1" 200 1491 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-10-26 00:48:20
176.107.131.128	attack	Oct 24 21:41:56 server sshd\[18813\]: Failed password for invalid user is from 176.107.131.128 port 50734 ssh2 Oct 25 15:50:52 server sshd\[6384\]: Invalid user openerp from 176.107.131.128 Oct 25 15:50:52 server sshd\[6384\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=176.107.131.128 Oct 25 15:50:55 server sshd\[6384\]: Failed password for invalid user openerp from 176.107.131.128 port 41818 ssh2 Oct 25 19:17:46 server sshd\[26971\]: Invalid user guest from 176.107.131.128 Oct 25 19:17:46 server sshd\[26971\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=176.107.131.128 ...	2019-10-26 00:22:57
121.46.29.116	attack	Automatic report - Banned IP Access	2019-10-26 00:41:34
213.171.50.48	attackspambots	$f2bV_matches	2019-10-26 01:12:39
187.188.193.211	attack	Oct 25 18:21:38 h2177944 sshd\[4617\]: Invalid user fly123!@\# from 187.188.193.211 port 43840 Oct 25 18:21:38 h2177944 sshd\[4617\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.188.193.211 Oct 25 18:21:40 h2177944 sshd\[4617\]: Failed password for invalid user fly123!@\# from 187.188.193.211 port 43840 ssh2 Oct 25 18:26:09 h2177944 sshd\[4769\]: Invalid user Welcome_123 from 187.188.193.211 port 53270 ...	2019-10-26 00:26:59
49.88.112.114	attackbots	Oct 25 12:47:38 plusreed sshd[16993]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.114 user=root Oct 25 12:47:40 plusreed sshd[16993]: Failed password for root from 49.88.112.114 port 54007 ssh2 ...	2019-10-26 00:51:44
42.117.253.214	attack	Connection by 42.117.253.214 on port: 23 got caught by honeypot at 10/25/2019 5:03:56 AM	2019-10-26 00:54:25
117.50.45.254	attackspam	Oct 25 14:03:58 lnxmail61 sshd[29127]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.45.254	2019-10-26 00:51:16

最近上报的IP列表

74.76.160.153	51.132.188.188	96.74.188.210	69.12.93.0
201.88.26.201	138.33.97.178	114.32.81.95	173.81.70.119
206.134.197.156	124.141.92.32	117.20.225.128	107.95.211.255
226.16.49.155	158.217.208.153	63.140.100.158	120.196.9.85
190.8.233.43	91.65.118.9	190.201.107.197	31.146.228.89