159.89.144.166

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States of America (the)

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
159.89.144.102	attack	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: prod-sfo2.qencode-encoder-9137f07cfe8411eaa27feef0a7ddd79b.	2020-09-25 08:52:45
159.89.144.7	attackspambots	159.89.144.7 - - [08/Apr/2020:05:58:40 +0200] "POST /wp-login.php HTTP/1.0" 200 2504 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 159.89.144.7 - - [08/Apr/2020:05:58:47 +0200] "POST /wp-login.php HTTP/1.0" 200 2485 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-04-08 13:51:31
159.89.144.7	attack	CMS (WordPress or Joomla) login attempt.	2020-03-26 03:30:52
159.89.144.7	attack	159.89.144.7 has been banned for [WebApp Attack] ...	2020-03-22 17:56:10
159.89.144.7	attackspambots	Automatic report - XMLRPC Attack	2020-02-21 18:16:15
159.89.144.7	attackbots	WordPress login Brute force / Web App Attack on client site.	2020-01-23 14:58:39
159.89.144.143	attack	#Fields: datetime priority clientip category message 2019-12-02T10:41:36+00:00 INFO 159.89.144.143 joomlafailure Username and password do not match or you do not have an account yet. 2019-12-02T10:41:37+00:00 INFO 159.89.144.143 joomlafailure Username and password do not match or you do not have an account yet. Many more attempts from the same IP address	2020-01-14 11:41:35
159.89.144.7	attack	Automatic report generated by Wazuh	2020-01-03 14:04:19
159.89.144.7	attackspambots	Banned for posting to wp-login.php without referer {"log":"eboney","pwd":"admin@1234","wp-submit":"Log In","redirect_to":"http:\/\/garylukeysellshomes.com\/wp-admin\/","testcookie":"1"}	2019-11-25 14:14:43
159.89.144.7	attack	xmlrpc attack	2019-11-24 01:54:57
159.89.144.7	attack	159.89.144.7 - - \[03/Nov/2019:14:35:05 +0000\] "POST /wp-login.php HTTP/1.1" 200 4358 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 159.89.144.7 - - \[03/Nov/2019:14:35:06 +0000\] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" ...	2019-11-04 01:13:53
159.89.144.7	attackbots	159.89.144.7 - - \[08/Aug/2019:14:09:54 +0200\] "POST /wp-login.php HTTP/1.1" 200 2110 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 159.89.144.7 - - \[08/Aug/2019:14:10:05 +0200\] "POST /wp-login.php HTTP/1.1" 200 2091 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" ...	2019-08-08 20:42:54

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 159.89.144.166
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 36452
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;159.89.144.166.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025020301 1800 900 604800 86400

;; Query time: 33 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 04 04:45:07 CST 2025
;; MSG SIZE  rcvd: 107

HOST信息:

Host 166.144.89.159.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 166.144.89.159.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
181.113.26.116	attackbots	Nov 8 06:34:11 auw2 sshd\[14570\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.113.26.116 user=root Nov 8 06:34:13 auw2 sshd\[14570\]: Failed password for root from 181.113.26.116 port 37339 ssh2 Nov 8 06:38:50 auw2 sshd\[14969\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.113.26.116 user=root Nov 8 06:38:53 auw2 sshd\[14969\]: Failed password for root from 181.113.26.116 port 56537 ssh2 Nov 8 06:43:31 auw2 sshd\[15494\]: Invalid user un from 181.113.26.116	2019-11-09 03:29:48
45.171.150.20	attack	Attempt to attack host OS, exploiting network vulnerabilities, on 08-11-2019 14:35:29.	2019-11-09 02:59:52
185.143.223.81	attackbotsspam	Nov 8 19:21:44 h2177944 kernel: \[6112903.433191\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.143.223.81 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=51597 PROTO=TCP SPT=53588 DPT=49061 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 8 19:22:01 h2177944 kernel: \[6112920.383536\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.143.223.81 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=37457 PROTO=TCP SPT=53588 DPT=7124 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 8 19:26:35 h2177944 kernel: \[6113194.006230\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.143.223.81 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=15144 PROTO=TCP SPT=53588 DPT=21989 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 8 19:27:58 h2177944 kernel: \[6113276.863247\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.143.223.81 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=5036 PROTO=TCP SPT=53588 DPT=11781 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 8 19:32:11 h2177944 kernel: \[6113530.688147\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.143.223.81 DST=85.21	2019-11-09 03:25:36
179.98.120.60	attackbots	Attempt to attack host OS, exploiting network vulnerabilities, on 08-11-2019 14:35:24.	2019-11-09 03:09:31
109.80.120.250	attackbots	RDPBruteCAu24	2019-11-09 02:56:56
170.239.0.23	attackspam	Attempt to attack host OS, exploiting network vulnerabilities, on 08-11-2019 14:35:23.	2019-11-09 03:11:19
93.171.141.141	attackbotsspam	Nov 8 19:24:11 ns41 sshd[7630]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.171.141.141	2019-11-09 03:22:37
112.85.42.180	attackbots	Oct 23 13:02:21 cavern sshd[26893]: Failed password for root from 112.85.42.180 port 36457 ssh2	2019-11-09 03:31:01
190.57.185.220	attackbotsspam	Attempt to attack host OS, exploiting network vulnerabilities, on 08-11-2019 14:35:26.	2019-11-09 03:05:08
110.35.173.103	attackspam	2019-11-08T18:24:52.849428abusebot.cloudsearch.cf sshd\[5451\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.35.173.103 user=root	2019-11-09 03:37:18
123.16.255.140	attackbots	Attempt to attack host OS, exploiting network vulnerabilities, on 08-11-2019 14:35:22.	2019-11-09 03:12:23
201.26.80.180	attackspambots	port scan and connect, tcp 80 (http)	2019-11-09 03:29:16
89.148.231.236	attackbotsspam	Telnet Server BruteForce Attack	2019-11-09 03:36:40
79.137.75.5	attackspam	2019-11-08T19:11:41.270165shield sshd\[20818\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.ip-79-137-75.eu user=root 2019-11-08T19:11:43.332242shield sshd\[20818\]: Failed password for root from 79.137.75.5 port 42366 ssh2 2019-11-08T19:14:46.859144shield sshd\[21309\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.ip-79-137-75.eu user=root 2019-11-08T19:14:49.648323shield sshd\[21309\]: Failed password for root from 79.137.75.5 port 48096 ssh2 2019-11-08T19:17:55.013727shield sshd\[21748\]: Invalid user demo from 79.137.75.5 port 53878	2019-11-09 03:27:33
59.50.85.195	attackspambots	" "	2019-11-09 03:24:00

最近上报的IP列表

171.7.149.58	60.97.112.136	220.221.72.105	220.143.123.29
20.122.185.175	192.113.127.15	62.205.161.194	108.81.44.223
43.18.150.198	102.0.253.14	127.106.63.166	28.6.117.78
120.79.219.85	243.111.197.209	242.188.242.145	25.242.198.211
6.139.8.202	168.158.123.235	190.226.220.176	122.30.64.9