18.221.138.159

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): Amazon Technologies Inc.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	fraudulent SSH attempt	2019-08-27 07:36:08
attackspam	SSH/22 MH Probe, BF, Hack -	2019-08-25 08:38:22

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 18.221.138.159
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 9412
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;18.221.138.159.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019082401 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Aug 25 08:38:12 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

159.138.221.18.in-addr.arpa domain name pointer ec2-18-221-138-159.us-east-2.compute.amazonaws.com.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
159.138.221.18.in-addr.arpa	name = ec2-18-221-138-159.us-east-2.compute.amazonaws.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
176.59.149.213	attack	20/6/10@15:25:54: FAIL: Alarm-Network address from=176.59.149.213 ...	2020-06-11 05:04:16
91.238.72.79	attack	Automatic report - XMLRPC Attack	2020-06-11 04:52:24
178.32.1.47	attackbots	Lines containing failures of 178.32.1.47 Jun 9 01:54:58 newdogma sshd[5652]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.32.1.47 user=r.r Jun 9 01:55:00 newdogma sshd[5652]: Failed password for r.r from 178.32.1.47 port 34738 ssh2 Jun 9 01:55:00 newdogma sshd[5652]: Received disconnect from 178.32.1.47 port 34738:11: Bye Bye [preauth] Jun 9 01:55:00 newdogma sshd[5652]: Disconnected from authenticating user r.r 178.32.1.47 port 34738 [preauth] Jun 9 02:01:07 newdogma sshd[5694]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.32.1.47 user=r.r Jun 9 02:01:09 newdogma sshd[5694]: Failed password for r.r from 178.32.1.47 port 56940 ssh2 Jun 9 02:01:10 newdogma sshd[5694]: Received disconnect from 178.32.1.47 port 56940:11: Bye Bye [preauth] Jun 9 02:01:10 newdogma sshd[5694]: Disconnected from authenticating user r.r 178.32.1.47 port 56940 [preauth] Jun 9 02:05:40 newdogma........ ------------------------------	2020-06-11 05:10:32
159.203.27.98	attackspam	Jun 10 23:03:28 OPSO sshd\[19450\]: Invalid user yao from 159.203.27.98 port 53920 Jun 10 23:03:28 OPSO sshd\[19450\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.27.98 Jun 10 23:03:31 OPSO sshd\[19450\]: Failed password for invalid user yao from 159.203.27.98 port 53920 ssh2 Jun 10 23:07:35 OPSO sshd\[20509\]: Invalid user chiudi from 159.203.27.98 port 54360 Jun 10 23:07:35 OPSO sshd\[20509\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.27.98	2020-06-11 05:10:54
85.209.0.40	attackspam	Jun 10 21:32:14 mellenthin sshd[27186]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.209.0.40 user=root	2020-06-11 05:25:54
37.252.190.224	attackbotsspam	Jun 10 23:03:08 [host] sshd[25562]: pam_unix(sshd: Jun 10 23:03:10 [host] sshd[25562]: Failed passwor Jun 10 23:06:20 [host] sshd[25662]: pam_unix(sshd:	2020-06-11 05:19:00
106.13.232.65	attackspambots	Jun 10 22:27:29 OPSO sshd\[11997\]: Invalid user liubaimin from 106.13.232.65 port 38360 Jun 10 22:27:29 OPSO sshd\[11997\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.232.65 Jun 10 22:27:31 OPSO sshd\[11997\]: Failed password for invalid user liubaimin from 106.13.232.65 port 38360 ssh2 Jun 10 22:30:48 OPSO sshd\[13008\]: Invalid user Mailis from 106.13.232.65 port 57394 Jun 10 22:30:48 OPSO sshd\[13008\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.232.65	2020-06-11 04:59:30
118.89.105.186	attackspambots	Jun 9 00:39:55 nbi-636 sshd[30061]: User r.r from 118.89.105.186 not allowed because not listed in AllowUsers Jun 9 00:39:55 nbi-636 sshd[30061]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.89.105.186 user=r.r Jun 9 00:39:57 nbi-636 sshd[30061]: Failed password for invalid user r.r from 118.89.105.186 port 50054 ssh2 Jun 9 00:39:57 nbi-636 sshd[30061]: Received disconnect from 118.89.105.186 port 50054:11: Bye Bye [preauth] Jun 9 00:39:57 nbi-636 sshd[30061]: Disconnected from invalid user r.r 118.89.105.186 port 50054 [preauth] Jun 9 00:46:21 nbi-636 sshd[31274]: Invalid user monhostnameor from 118.89.105.186 port 40040 Jun 9 00:46:21 nbi-636 sshd[31274]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.89.105.186 Jun 9 00:46:23 nbi-636 sshd[31274]: Failed password for invalid user monhostnameor from 118.89.105.186 port 40040 ssh2 Jun 9 00:46:24 nbi-636 sshd[31274]: Re........ -------------------------------	2020-06-11 04:50:45
125.227.26.20	attackbotsspam	Jun 10 22:30:34 [host] sshd[24079]: pam_unix(sshd: Jun 10 22:30:36 [host] sshd[24079]: Failed passwor Jun 10 22:34:12 [host] sshd[24199]: Invalid user j	2020-06-11 04:52:38
185.39.11.39	attackbotsspam	Jun 10 22:19:01 debian-2gb-nbg1-2 kernel: \[14079070.435185\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=185.39.11.39 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=15200 PROTO=TCP SPT=52249 DPT=40149 WINDOW=1024 RES=0x00 SYN URGP=0	2020-06-11 05:22:36
129.204.15.121	attack	Jun 10 22:59:26 cp sshd[31307]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.15.121	2020-06-11 05:01:36
211.23.17.2	attackspambots	20/6/10@15:25:58: FAIL: Alarm-Network address from=211.23.17.2 20/6/10@15:25:58: FAIL: Alarm-Network address from=211.23.17.2 ...	2020-06-11 04:58:51
140.143.136.41	attack	$f2bV_matches	2020-06-11 04:51:02
89.248.174.201	attackbotsspam	[H1.VM6] Blocked by UFW	2020-06-11 05:15:22
54.37.71.235	attackspambots	Jun 10 22:18:47 lukav-desktop sshd\[1106\]: Invalid user cron from 54.37.71.235 Jun 10 22:18:47 lukav-desktop sshd\[1106\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.71.235 Jun 10 22:18:49 lukav-desktop sshd\[1106\]: Failed password for invalid user cron from 54.37.71.235 port 51371 ssh2 Jun 10 22:25:59 lukav-desktop sshd\[1218\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.71.235 user=root Jun 10 22:26:00 lukav-desktop sshd\[1218\]: Failed password for root from 54.37.71.235 port 53019 ssh2	2020-06-11 04:55:29

最近上报的IP列表

16.125.152.2	238.220.25.239	101.12.214.97	54.36.149.42
136.166.248.107	119.186.90.2	100.253.181.86	181.52.194.171
141.234.249.33	39.71.133.205	109.154.79.132	103.91.181.25
221.168.103.80	48.241.191.49	155.231.113.192	162.130.2.189
157.230.123.18	139.77.232.124	67.249.18.241	80.79.214.33