159.89.50.40 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States of America (the)

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
159.89.50.148	attack	159.89.50.148 - - [15/Sep/2020:14:54:02 +0200] "GET /wp-login.php HTTP/1.1" 200 8712 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 159.89.50.148 - - [15/Sep/2020:14:54:05 +0200] "POST /wp-login.php HTTP/1.1" 200 8942 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 159.89.50.148 - - [15/Sep/2020:14:54:06 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-09-16 03:25:37
159.89.50.148	attackspambots	CF RAY ID: 5cbf8d8468d4159f IP Class: noRecord URI: /xmlrpc.php	2020-09-02 03:34:36
159.89.50.148	attackbots	159.89.50.148 - - [30/Aug/2020:13:16:16 +0100] "POST /wp-login.php HTTP/1.1" 200 1875 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 159.89.50.148 - - [30/Aug/2020:13:16:17 +0100] "POST /wp-login.php HTTP/1.1" 200 1860 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 159.89.50.148 - - [30/Aug/2020:13:16:18 +0100] "POST /wp-login.php HTTP/1.1" 200 1857 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-30 20:37:28
159.89.50.148	attackspam	159.89.50.148 - - [21/Aug/2020:23:55:17 +0200] "GET /wp-login.php HTTP/1.1" 200 8775 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 159.89.50.148 - - [21/Aug/2020:23:55:23 +0200] "POST /wp-login.php HTTP/1.1" 200 9026 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 159.89.50.148 - - [21/Aug/2020:23:55:23 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-08-22 07:46:01
159.89.50.148	attackspam	159.89.50.148 - - \[07/Aug/2020:15:20:42 +0200\] "POST /wp-login.php HTTP/1.0" 200 6462 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 159.89.50.148 - - \[07/Aug/2020:15:20:49 +0200\] "POST /wp-login.php HTTP/1.0" 200 6431 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 159.89.50.148 - - \[07/Aug/2020:15:20:55 +0200\] "POST /xmlrpc.php HTTP/1.0" 200 736 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2020-08-07 23:01:46
159.89.50.148	attack	159.89.50.148 - - [20/Jul/2020:05:54:12 +0200] "GET /wp-login.php HTTP/1.1" 200 1901 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 159.89.50.148 - - [20/Jul/2020:05:54:13 +0200] "POST /wp-login.php HTTP/1.1" 200 2031 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 159.89.50.148 - - [20/Jul/2020:05:54:18 +0200] "GET /wp-login.php HTTP/1.1" 200 1901 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 159.89.50.148 - - [20/Jul/2020:05:54:19 +0200] "POST /wp-login.php HTTP/1.1" 200 2007 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 159.89.50.148 - - [20/Jul/2020:05:54:24 +0200] "GET /wp-login.php HTTP/1.1" 200 1901 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 159.89.50.148 - - [20/Jul/2020:05:54:24 +0200] "POST /wp-login.php HTTP/1.1" 200 2008 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Fir ...	2020-07-20 15:12:54
159.89.50.15	attackspambots	firewall-block, port(s): 16261/tcp	2020-06-01 15:43:29
159.89.50.15	attackspam	" "	2020-05-31 08:02:53
159.89.50.15	attackspambots	trying to access non-authorized port	2020-05-13 15:47:01
159.89.50.15	attackspam	SSH Scan	2020-04-14 16:12:40

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 159.89.50.40
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 64378
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;159.89.50.40.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025021900 1800 900 604800 86400

;; Query time: 63 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Feb 19 16:06:45 CST 2025
;; MSG SIZE  rcvd: 105

HOST信息:

Host 40.50.89.159.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 40.50.89.159.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
27.71.227.198	attackspambots	Banned for a week because repeated abuses, for example SSH, but not only	2020-08-10 18:58:12
37.187.113.197	attackbots	37.187.113.197 - - [10/Aug/2020:10:05:49 +0100] "POST /wp-login.php HTTP/1.1" 200 1801 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 37.187.113.197 - - [10/Aug/2020:10:05:50 +0100] "POST /wp-login.php HTTP/1.1" 200 1779 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 37.187.113.197 - - [10/Aug/2020:10:05:50 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-10 19:01:25
157.0.134.164	attackbots	Aug 10 03:59:13 rush sshd[3938]: Failed password for root from 157.0.134.164 port 61493 ssh2 Aug 10 04:01:53 rush sshd[4020]: Failed password for root from 157.0.134.164 port 13757 ssh2 ...	2020-08-10 18:52:30
27.72.113.111	attackbotsspam	(eximsyntax) Exim syntax errors from 27.72.113.111 (VN/Vietnam/dynamic-adsl.viettel.vn): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-08-10 08:18:27 SMTP call from [27.72.113.111] dropped: too many syntax or protocol errors (last command was "?\034?\032?\027?\031?\034?\033?\030?\032?\026?\016?\r?\v?\f? ?")	2020-08-10 18:59:35
194.170.156.9	attack	Banned for a week because repeated abuses, for example SSH, but not only	2020-08-10 18:50:30
122.51.187.118	attackspambots	Aug 10 10:12:38 *** sshd[18240]: User root from 122.51.187.118 not allowed because not listed in AllowUsers	2020-08-10 18:26:17
101.89.145.133	attack	Aug 10 00:32:56 v26 sshd[18883]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.89.145.133 user=r.r Aug 10 00:32:58 v26 sshd[18883]: Failed password for r.r from 101.89.145.133 port 37722 ssh2 Aug 10 00:32:58 v26 sshd[18883]: Received disconnect from 101.89.145.133 port 37722:11: Bye Bye [preauth] Aug 10 00:32:58 v26 sshd[18883]: Disconnected from 101.89.145.133 port 37722 [preauth] Aug 10 00:56:02 v26 sshd[21726]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.89.145.133 user=r.r Aug 10 00:56:04 v26 sshd[21726]: Failed password for r.r from 101.89.145.133 port 34482 ssh2 Aug 10 00:56:04 v26 sshd[21726]: Received disconnect from 101.89.145.133 port 34482:11: Bye Bye [preauth] Aug 10 00:56:04 v26 sshd[21726]: Disconnected from 101.89.145.133 port 34482 [preauth] Aug 10 00:59:47 v26 sshd[22111]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost........ -------------------------------	2020-08-10 18:32:32
192.35.168.88	attack	scan	2020-08-10 18:48:56
61.177.172.102	attackspam	2020-08-10T13:34:29.959659lavrinenko.info sshd[5237]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.177.172.102 user=root 2020-08-10T13:34:31.920942lavrinenko.info sshd[5237]: Failed password for root from 61.177.172.102 port 63640 ssh2 2020-08-10T13:34:29.959659lavrinenko.info sshd[5237]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.177.172.102 user=root 2020-08-10T13:34:31.920942lavrinenko.info sshd[5237]: Failed password for root from 61.177.172.102 port 63640 ssh2 2020-08-10T13:34:33.906991lavrinenko.info sshd[5237]: Failed password for root from 61.177.172.102 port 63640 ssh2 ...	2020-08-10 18:56:27
85.209.0.102	attackbots	TCP port : 22	2020-08-10 18:29:29
162.241.183.131	attackspam	(mod_security) mod_security (id:210492) triggered by 162.241.183.131 (US/United States/server.sihuilubin.com): 5 in the last 3600 secs	2020-08-10 18:25:01
129.204.238.250	attackspambots	Aug 10 12:28:59 vm0 sshd[27060]: Failed password for root from 129.204.238.250 port 33448 ssh2 ...	2020-08-10 18:36:56
188.159.179.87	attackbotsspam	(pop3d) Failed POP3 login from 188.159.179.87 (IR/Iran/adsl-188-159-179-87.sabanet.ir): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Aug 10 08:18:47 ir1 dovecot[3110802]: pop3-login: Aborted login (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=188.159.179.87, lip=5.63.12.44, session=	2020-08-10 18:46:45
114.234.35.65	attack	" "	2020-08-10 18:54:41
49.232.55.161	attackbots	2020-08-10T11:37:35.614017centos sshd[16592]: Failed password for root from 49.232.55.161 port 43478 ssh2 2020-08-10T11:40:29.413123centos sshd[17110]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.232.55.161 user=root 2020-08-10T11:40:31.910341centos sshd[17110]: Failed password for root from 49.232.55.161 port 54316 ssh2 ...	2020-08-10 18:35:43

最近上报的IP列表

120.76.254.149	140.202.66.134	88.153.46.14	77.142.252.230
99.82.253.133	193.40.32.112	145.59.250.130	184.45.238.14
91.133.11.92	132.46.157.126	59.165.58.218	80.51.25.252
45.86.159.113	55.148.209.30	253.14.90.133	200.109.204.196
52.199.219.158	8.224.199.223	48.126.211.41	255.80.131.237