159.89.142.12 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
159.89.142.25	attackbots	(sshd) Failed SSH login from 159.89.142.25 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: May 25 20:42:48 amsweb01 sshd[2973]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.142.25 user=root May 25 20:42:50 amsweb01 sshd[2973]: Failed password for root from 159.89.142.25 port 36610 ssh2 May 25 20:53:44 amsweb01 sshd[4210]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.142.25 user=root May 25 20:53:46 amsweb01 sshd[4210]: Failed password for root from 159.89.142.25 port 40932 ssh2 May 25 20:57:01 amsweb01 sshd[4492]: Invalid user farand from 159.89.142.25 port 45614	2020-05-26 03:08:10
159.89.142.25	attack	May 22 23:30:28 vps687878 sshd\[30342\]: Failed password for invalid user sox from 159.89.142.25 port 43964 ssh2 May 22 23:33:46 vps687878 sshd\[30597\]: Invalid user fgq from 159.89.142.25 port 49584 May 22 23:33:46 vps687878 sshd\[30597\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.142.25 May 22 23:33:48 vps687878 sshd\[30597\]: Failed password for invalid user fgq from 159.89.142.25 port 49584 ssh2 May 22 23:37:10 vps687878 sshd\[30990\]: Invalid user arz from 159.89.142.25 port 55206 May 22 23:37:10 vps687878 sshd\[30990\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.142.25 ...	2020-05-23 05:38:44
159.89.142.25	attackbotsspam	May 22 07:08:59 cdc sshd[14217]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.142.25 May 22 07:09:00 cdc sshd[14217]: Failed password for invalid user tfe from 159.89.142.25 port 42166 ssh2	2020-05-22 15:06:26
159.89.142.25	attackspambots	Repeated brute force against a port	2020-05-16 05:31:46
159.89.142.25	attackspam	May 13 01:21:56 ip-172-31-61-156 sshd[9218]: Failed password for invalid user cloud from 159.89.142.25 port 52936 ssh2 May 13 01:21:54 ip-172-31-61-156 sshd[9218]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.142.25 May 13 01:21:54 ip-172-31-61-156 sshd[9218]: Invalid user cloud from 159.89.142.25 May 13 01:21:56 ip-172-31-61-156 sshd[9218]: Failed password for invalid user cloud from 159.89.142.25 port 52936 ssh2 May 13 01:24:59 ip-172-31-61-156 sshd[9352]: Invalid user moo from 159.89.142.25 ...	2020-05-13 09:40:37
159.89.142.25	attackbots	Lines containing failures of 159.89.142.25 May 11 13:26:38 shared01 sshd[4080]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.142.25 user=admin May 11 13:26:39 shared01 sshd[4080]: Failed password for admin from 159.89.142.25 port 48062 ssh2 May 11 13:26:40 shared01 sshd[4080]: Received disconnect from 159.89.142.25 port 48062:11: Bye Bye [preauth] May 11 13:26:40 shared01 sshd[4080]: Disconnected from authenticating user admin 159.89.142.25 port 48062 [preauth] May 11 14:00:32 shared01 sshd[17275]: Invalid user applprod from 159.89.142.25 port 60250 May 11 14:00:32 shared01 sshd[17275]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.142.25 May 11 14:00:33 shared01 sshd[17275]: Failed password for invalid user applprod from 159.89.142.25 port 60250 ssh2 May 11 14:00:34 shared01 sshd[17275]: Received disconnect from 159.89.142.25 port 60250:11: Bye Bye [preauth] May 11 14:00:........ ------------------------------	2020-05-12 02:17:48
159.89.142.222	attackbotsspam	MVPower DVR TV Shell Unauthenticated Command Execution Vulnerability	2020-05-10 21:07:25
159.89.142.33	attack	Invalid user admin from 159.89.142.33 port 60394	2019-07-13 18:18:03
159.89.142.3	attack	23/tcp 23/tcp 23/tcp... [2019-06-23/07-02]29pkt,1pt.(tcp)	2019-07-02 14:40:16

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 159.89.142.12
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 23370
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;159.89.142.12.			IN	A

;; AUTHORITY SECTION:
.			383	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022701 1800 900 604800 86400

;; Query time: 56 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 28 05:14:41 CST 2022
;; MSG SIZE  rcvd: 106

HOST信息:

12.142.89.159.in-addr.arpa domain name pointer tdzcp.tempurl.host.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
12.142.89.159.in-addr.arpa	name = tdzcp.tempurl.host.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
5.196.18.169	attackspam	Nov 30 17:34:13 icinga sshd[2426]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.196.18.169 Nov 30 17:34:15 icinga sshd[2426]: Failed password for invalid user wangcheng!@#!@# from 5.196.18.169 port 60210 ssh2 ...	2019-12-01 02:41:46
191.250.215.132	attackbots	Nov 30 14:48:08 * sshd[10754]: Address 191.250.215.132 maps to 191.250.215.132.dynamic.adsl.gvt.net.br, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Nov 30 14:48:08 * sshd[10754]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.250.215.132 user=daemon Nov 30 14:48:11 * sshd[10754]: Failed password for daemon from 191.250.215.132 port 39257 ssh2 Nov 30 14:48:11 * sshd[10754]: Received disconnect from 191.250.215.132: 11: Bye Bye [preauth] Nov 30 15:10:40 * sshd[14624]: Address 191.250.215.132 maps to 191.250.215.132.dynamic.adsl.gvt.net.br, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Nov 30 15:10:40 * sshd[14624]: Invalid user baur from 191.250.215.132 Nov 30 15:10:40 * sshd[14624]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.250.215.132 Nov 30 15:10:42 * sshd[14624]: Failed password for invalid user baur from ........ -------------------------------	2019-12-01 02:37:56
115.96.131.222	attackspambots	Honeypot attack, port: 23, PTR: PTR record not found	2019-12-01 02:45:19
92.118.38.38	attackspam	Nov 30 19:51:18 vmanager6029 postfix/smtpd\[23799\]: warning: unknown\[92.118.38.38\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 30 19:51:53 vmanager6029 postfix/smtpd\[23799\]: warning: unknown\[92.118.38.38\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2019-12-01 02:53:49
112.91.254.4	attackbotsspam	Nov 30 20:42:37 server sshd\[16923\]: User root from 112.91.254.4 not allowed because listed in DenyUsers Nov 30 20:42:37 server sshd\[16923\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.91.254.4 user=root Nov 30 20:42:38 server sshd\[16923\]: Failed password for invalid user root from 112.91.254.4 port 35550 ssh2 Nov 30 20:47:44 server sshd\[10137\]: User root from 112.91.254.4 not allowed because listed in DenyUsers Nov 30 20:47:44 server sshd\[10137\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.91.254.4 user=root	2019-12-01 02:58:54
125.231.219.212	attackspambots	23/tcp [2019-11-30]1pkt	2019-12-01 02:31:42
142.44.160.214	attackbotsspam	fail2ban	2019-12-01 02:38:28
217.138.76.66	attackspambots	Nov 30 08:43:53 php1 sshd\[8267\]: Invalid user 123 from 217.138.76.66 Nov 30 08:43:53 php1 sshd\[8267\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.138.76.66 Nov 30 08:43:55 php1 sshd\[8267\]: Failed password for invalid user 123 from 217.138.76.66 port 36558 ssh2 Nov 30 08:46:59 php1 sshd\[8637\]: Invalid user available from 217.138.76.66 Nov 30 08:46:59 php1 sshd\[8637\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.138.76.66	2019-12-01 03:03:12
170.150.200.210	attackbotsspam	Unauthorised access (Nov 30) SRC=170.150.200.210 LEN=52 TTL=115 ID=30278 DF TCP DPT=445 WINDOW=8192 SYN	2019-12-01 03:10:32
45.228.253.210	attack	Automatic report - Port Scan Attack	2019-12-01 02:27:55
106.13.38.59	attack	Nov 30 19:26:55 wh01 sshd[16860]: Invalid user l4d2 from 106.13.38.59 port 32627 Nov 30 19:26:55 wh01 sshd[16860]: Failed password for invalid user l4d2 from 106.13.38.59 port 32627 ssh2 Nov 30 19:26:55 wh01 sshd[16860]: Received disconnect from 106.13.38.59 port 32627:11: Bye Bye [preauth] Nov 30 19:26:55 wh01 sshd[16860]: Disconnected from 106.13.38.59 port 32627 [preauth] Nov 30 19:45:01 wh01 sshd[18244]: Invalid user fagernes from 106.13.38.59 port 46958 Nov 30 19:45:01 wh01 sshd[18244]: Failed password for invalid user fagernes from 106.13.38.59 port 46958 ssh2 Nov 30 19:45:02 wh01 sshd[18244]: Received disconnect from 106.13.38.59 port 46958:11: Bye Bye [preauth] Nov 30 19:45:02 wh01 sshd[18244]: Disconnected from 106.13.38.59 port 46958 [preauth]	2019-12-01 02:56:33
13.234.116.48	attackbots	Nov3015:31:01server2kernel:Firewall:\TCP_INBlocked\IN=eth0OUT=MAC=00:16:3e:3f:7a:43:52:54:00:a2:7f:43:08:00SRC=13.234.116.48DST=136.243.224.58LEN=40TOS=0x00PREC=0x00TTL=45ID=26855PROTO=TCPSPT=41403DPT=23WINDOW=32090RES=0x00SYNURGP=0Nov3015:31:03server2kernel:Firewall:\TCP_INBlocked\IN=eth0OUT=MAC=00:16:3e:3f:7a:43:52:54:00:a2:7f:43:08:00SRC=13.234.116.48DST=136.243.224.58LEN=40TOS=0x00PREC=0x00TTL=45ID=26855PROTO=TCPSPT=41403DPT=23WINDOW=32090RES=0x00SYNURGP=0Nov3015:31:03server2kernel:Firewall:\TCP_INBlocked\IN=eth0OUT=MAC=00:16:3e:3f:7a:43:52:54:00:a2:7f:43:08:00SRC=13.234.116.48DST=136.243.224.58LEN=40TOS=0x00PREC=0x00TTL=45ID=26855PROTO=TCPSPT=41403DPT=23WINDOW=32090RES=0x00SYNURGP=0Nov3015:31:06server2kernel:Firewall:\TCP_INBlocked\IN=eth0OUT=MAC=00:16:3e:3f:7a:43:52:54:00:a2:7f:43:08:00SRC=13.234.116.48DST=136.243.224.58LEN=40TOS=0x00PREC=0x00TTL=45ID=26855PROTO=TCPSPT=41403DPT=23WINDOW=32090RES=0x00SYNURGP=0Nov3015:31:07server2kernel:Firewall:\TCP_INBlocked\IN=eth0OUT=MAC=00:16:3e:3f:7a:43:52	2019-12-01 02:32:33
88.214.26.102	attackbotsspam	11/30/2019-13:33:23.180603 88.214.26.102 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-12-01 02:48:32
105.73.80.184	attack	Nov 30 18:51:16 venus sshd\[12573\]: Invalid user jessen from 105.73.80.184 port 20518 Nov 30 18:51:16 venus sshd\[12573\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=105.73.80.184 Nov 30 18:51:18 venus sshd\[12573\]: Failed password for invalid user jessen from 105.73.80.184 port 20518 ssh2 ...	2019-12-01 03:04:02
179.232.1.254	attackbots	Nov 30 19:35:41 andromeda sshd\[31024\]: Invalid user asterisk2222 from 179.232.1.254 port 38642 Nov 30 19:35:41 andromeda sshd\[31024\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.232.1.254 Nov 30 19:35:43 andromeda sshd\[31024\]: Failed password for invalid user asterisk2222 from 179.232.1.254 port 38642 ssh2	2019-12-01 02:43:08

最近上报的IP列表

159.89.143.172	159.89.144.197	159.89.146.235	159.89.156.213
159.89.160.74	159.89.162.208	159.89.168.215	159.89.165.84
159.89.162.124	159.89.166.99	159.89.169.162	159.89.167.131
159.89.168.7	159.89.168.58	159.89.170.13	159.89.170.138
159.89.170.234	159.89.171.131	159.89.171.158	159.89.171.165

基本信息:

用户上报:

相同子网IP讨论:

WHOIS信息:

DIG信息:

HOST信息:

NSLOOKUP信息:

相关IP信息:

最新评论:

最近上报的IP列表