159.89.50.40 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States of America (the)

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
159.89.50.148	attack	159.89.50.148 - - [15/Sep/2020:14:54:02 +0200] "GET /wp-login.php HTTP/1.1" 200 8712 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 159.89.50.148 - - [15/Sep/2020:14:54:05 +0200] "POST /wp-login.php HTTP/1.1" 200 8942 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 159.89.50.148 - - [15/Sep/2020:14:54:06 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-09-16 03:25:37
159.89.50.148	attackspambots	CF RAY ID: 5cbf8d8468d4159f IP Class: noRecord URI: /xmlrpc.php	2020-09-02 03:34:36
159.89.50.148	attackbots	159.89.50.148 - - [30/Aug/2020:13:16:16 +0100] "POST /wp-login.php HTTP/1.1" 200 1875 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 159.89.50.148 - - [30/Aug/2020:13:16:17 +0100] "POST /wp-login.php HTTP/1.1" 200 1860 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 159.89.50.148 - - [30/Aug/2020:13:16:18 +0100] "POST /wp-login.php HTTP/1.1" 200 1857 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-30 20:37:28
159.89.50.148	attackspam	159.89.50.148 - - [21/Aug/2020:23:55:17 +0200] "GET /wp-login.php HTTP/1.1" 200 8775 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 159.89.50.148 - - [21/Aug/2020:23:55:23 +0200] "POST /wp-login.php HTTP/1.1" 200 9026 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 159.89.50.148 - - [21/Aug/2020:23:55:23 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-08-22 07:46:01
159.89.50.148	attackspam	159.89.50.148 - - \[07/Aug/2020:15:20:42 +0200\] "POST /wp-login.php HTTP/1.0" 200 6462 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 159.89.50.148 - - \[07/Aug/2020:15:20:49 +0200\] "POST /wp-login.php HTTP/1.0" 200 6431 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 159.89.50.148 - - \[07/Aug/2020:15:20:55 +0200\] "POST /xmlrpc.php HTTP/1.0" 200 736 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2020-08-07 23:01:46
159.89.50.148	attack	159.89.50.148 - - [20/Jul/2020:05:54:12 +0200] "GET /wp-login.php HTTP/1.1" 200 1901 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 159.89.50.148 - - [20/Jul/2020:05:54:13 +0200] "POST /wp-login.php HTTP/1.1" 200 2031 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 159.89.50.148 - - [20/Jul/2020:05:54:18 +0200] "GET /wp-login.php HTTP/1.1" 200 1901 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 159.89.50.148 - - [20/Jul/2020:05:54:19 +0200] "POST /wp-login.php HTTP/1.1" 200 2007 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 159.89.50.148 - - [20/Jul/2020:05:54:24 +0200] "GET /wp-login.php HTTP/1.1" 200 1901 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 159.89.50.148 - - [20/Jul/2020:05:54:24 +0200] "POST /wp-login.php HTTP/1.1" 200 2008 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Fir ...	2020-07-20 15:12:54
159.89.50.15	attackspambots	firewall-block, port(s): 16261/tcp	2020-06-01 15:43:29
159.89.50.15	attackspam	" "	2020-05-31 08:02:53
159.89.50.15	attackspambots	trying to access non-authorized port	2020-05-13 15:47:01
159.89.50.15	attackspam	SSH Scan	2020-04-14 16:12:40

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 159.89.50.40
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 64378
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;159.89.50.40.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025021900 1800 900 604800 86400

;; Query time: 63 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Feb 19 16:06:45 CST 2025
;; MSG SIZE  rcvd: 105

HOST信息:

Host 40.50.89.159.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 40.50.89.159.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
188.166.251.87	attack	Automatic report BANNED IP	2020-07-05 15:09:35
211.80.102.186	attackbots	Jul 5 08:42:07 sticky sshd\[19257\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.80.102.186 user=root Jul 5 08:42:09 sticky sshd\[19257\]: Failed password for root from 211.80.102.186 port 16665 ssh2 Jul 5 08:46:18 sticky sshd\[19341\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.80.102.186 user=root Jul 5 08:46:19 sticky sshd\[19341\]: Failed password for root from 211.80.102.186 port 15799 ssh2 Jul 5 08:50:31 sticky sshd\[19369\]: Invalid user ph from 211.80.102.186 port 10142 Jul 5 08:50:31 sticky sshd\[19369\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.80.102.186	2020-07-05 14:58:59
71.189.47.10	attack	2020-07-05T03:08:21.861857xentho-1 sshd[870072]: Invalid user support from 71.189.47.10 port 26271 2020-07-05T03:08:24.506663xentho-1 sshd[870072]: Failed password for invalid user support from 71.189.47.10 port 26271 ssh2 2020-07-05T03:09:42.180966xentho-1 sshd[870083]: Invalid user wen from 71.189.47.10 port 60709 2020-07-05T03:09:42.188491xentho-1 sshd[870083]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=71.189.47.10 2020-07-05T03:09:42.180966xentho-1 sshd[870083]: Invalid user wen from 71.189.47.10 port 60709 2020-07-05T03:09:43.947677xentho-1 sshd[870083]: Failed password for invalid user wen from 71.189.47.10 port 60709 ssh2 2020-07-05T03:11:05.206011xentho-1 sshd[870098]: Invalid user helpdesk from 71.189.47.10 port 40397 2020-07-05T03:11:05.223988xentho-1 sshd[870098]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=71.189.47.10 2020-07-05T03:11:05.206011xentho-1 sshd[870098]: Invalid user helpd ...	2020-07-05 15:18:19
138.201.81.153	attack	TCP (SYN) 138.201.81.153:51950 -> port 32, len 44	2020-07-05 14:57:16
51.255.28.53	attackspam	Jul 5 08:44:11 [host] sshd[10387]: pam_unix(sshd: Jul 5 08:44:13 [host] sshd[10387]: Failed passwor Jul 5 08:47:23 [host] sshd[10443]: pam_unix(sshd:	2020-07-05 15:03:03
213.202.233.161	attackspam	Brute-force general attack.	2020-07-05 14:48:49
95.167.169.222	attackbotsspam	20/7/5@01:07:38: FAIL: Alarm-Network address from=95.167.169.222 ...	2020-07-05 14:59:53
139.186.68.53	attack	sshd jail - ssh hack attempt	2020-07-05 15:15:23
138.197.151.129	attack	Jul 5 05:53:11 scw-tender-jepsen sshd[19446]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.151.129 Jul 5 05:53:13 scw-tender-jepsen sshd[19446]: Failed password for invalid user lfy from 138.197.151.129 port 42516 ssh2	2020-07-05 14:35:44
223.204.249.203	attackspam	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-07-05 14:40:44
159.89.114.40	attack	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-07-05T05:43:48Z and 2020-07-05T05:50:19Z	2020-07-05 14:45:44
185.108.106.251	attack	[2020-07-05 02:44:28] NOTICE[1197] chan_sip.c: Registration from '' failed for '185.108.106.251:51571' - Wrong password [2020-07-05 02:44:28] SECURITY[1214] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-07-05T02:44:28.288-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="3452",SessionID="0x7f6d2833d578",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.108.106.251/51571",Challenge="1f06f899",ReceivedChallenge="1f06f899",ReceivedHash="944f2bf9d71f4a03008f06c64a9b660d" [2020-07-05 02:44:56] NOTICE[1197] chan_sip.c: Registration from '' failed for '185.108.106.251:63753' - Wrong password ...	2020-07-05 14:46:59
62.171.163.129	attack	Excessive Port-Scanning	2020-07-05 14:58:30
185.143.72.25	attack	Jul 5 08:59:54 relay postfix/smtpd\[8339\]: warning: unknown\[185.143.72.25\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 5 09:00:33 relay postfix/smtpd\[8340\]: warning: unknown\[185.143.72.25\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 5 09:01:10 relay postfix/smtpd\[12146\]: warning: unknown\[185.143.72.25\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 5 09:01:53 relay postfix/smtpd\[12086\]: warning: unknown\[185.143.72.25\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 5 09:02:28 relay postfix/smtpd\[12139\]: warning: unknown\[185.143.72.25\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-07-05 15:04:31
106.52.50.225	attackspambots	Invalid user roberta from 106.52.50.225 port 45048	2020-07-05 15:07:44

最近上报的IP列表

120.76.254.149	140.202.66.134	88.153.46.14	77.142.252.230
99.82.253.133	193.40.32.112	145.59.250.130	184.45.238.14
91.133.11.92	132.46.157.126	59.165.58.218	80.51.25.252
45.86.159.113	55.148.209.30	253.14.90.133	200.109.204.196
52.199.219.158	8.224.199.223	48.126.211.41	255.80.131.237