189.254.169.18

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Mexico

运营商(isp): Uninet S.A. de C.V.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Unauthorized connection attempt from IP address 189.254.169.18 on Port 445(SMB)	2020-09-06 03:58:35
attack	Unauthorized connection attempt from IP address 189.254.169.18 on Port 445(SMB)	2020-09-05 19:41:17
attack	Unauthorized connection attempt from IP address 189.254.169.18 on Port 445(SMB)	2020-05-12 20:05:08
attackspam	Unauthorized connection attempt from IP address 189.254.169.18 on Port 445(SMB)	2019-12-06 09:37:14
attack	Unauthorized connection attempt from IP address 189.254.169.18 on Port 445(SMB)	2019-06-30 19:02:32

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 189.254.169.18
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 43833
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;189.254.169.18.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019063000 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Jun 30 19:02:24 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

18.169.254.189.in-addr.arpa domain name pointer customer-189-254-169-18-sta.uninet-ide.com.mx.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
*** Can't find 18.169.254.189.in-addr.arpa.: No answer

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
188.212.172.63	attack	1580910542 - 02/05/2020 14:49:02 Host: 188.212.172.63/188.212.172.63 Port: 445 TCP Blocked	2020-02-05 23:01:06
89.248.168.62	attackbots	Feb 5 15:01:42 h2177944 kernel: \[4109395.681878\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=89.248.168.62 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=59436 PROTO=TCP SPT=58143 DPT=4444 WINDOW=1024 RES=0x00 SYN URGP=0 Feb 5 15:01:42 h2177944 kernel: \[4109395.681891\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=89.248.168.62 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=59436 PROTO=TCP SPT=58143 DPT=4444 WINDOW=1024 RES=0x00 SYN URGP=0 Feb 5 15:10:50 h2177944 kernel: \[4109944.107812\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=89.248.168.62 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=46137 PROTO=TCP SPT=58143 DPT=24000 WINDOW=1024 RES=0x00 SYN URGP=0 Feb 5 15:45:13 h2177944 kernel: \[4112006.311717\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=89.248.168.62 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=18465 PROTO=TCP SPT=58143 DPT=29000 WINDOW=1024 RES=0x00 SYN URGP=0 Feb 5 15:45:13 h2177944 kernel: \[4112006.311732\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=89.248.168.62 DST=85.214.117	2020-02-05 22:48:37
190.64.64.74	attackspam	Feb 5 05:46:04 mockhub sshd[28775]: Failed password for root from 190.64.64.74 port 17026 ssh2 ...	2020-02-05 23:00:31
91.92.133.224	attack	Brute force attempt	2020-02-05 22:29:21
193.33.38.234	attack	Wed Feb 5 06:49:09 2020 - Child process 44438 handling connection Wed Feb 5 06:49:09 2020 - New connection from: 193.33.38.234:42141 Wed Feb 5 06:49:09 2020 - Sending data to client: [Login: ] Wed Feb 5 06:49:40 2020 - Child aborting Wed Feb 5 06:49:40 2020 - Reporting IP address: 193.33.38.234 - mflag: 0	2020-02-05 22:47:26
114.241.157.186	attackbots	firewall-block, port(s): 1433/tcp	2020-02-05 22:57:23
222.186.180.130	attackspambots	Feb 5 14:59:06 localhost sshd\[78916\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.130 user=root Feb 5 14:59:08 localhost sshd\[78916\]: Failed password for root from 222.186.180.130 port 20706 ssh2 Feb 5 14:59:10 localhost sshd\[78916\]: Failed password for root from 222.186.180.130 port 20706 ssh2 Feb 5 14:59:12 localhost sshd\[78916\]: Failed password for root from 222.186.180.130 port 20706 ssh2 Feb 5 15:05:50 localhost sshd\[78978\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.130 user=root ...	2020-02-05 23:09:50
146.88.240.2	attackspambots	Portscan or hack attempt detected by psad/fwsnort	2020-02-05 22:22:42
51.75.33.86	attackspam	Hits on port : 1080	2020-02-05 22:52:04
54.213.133.161	attackspambots	02/05/2020-15:52:31.946221 54.213.133.161 Protocol: 6 SURICATA TLS invalid record/traffic	2020-02-05 23:06:33
106.12.199.82	attack	Unauthorized connection attempt detected from IP address 106.12.199.82 to port 2220 [J]	2020-02-05 22:23:00
148.251.215.225	attackspambots	xmlrpc attack	2020-02-05 22:39:31
183.62.225.103	attack	Feb 5 15:06:35 DAAP sshd[3940]: Invalid user sophie from 183.62.225.103 port 53922 Feb 5 15:06:35 DAAP sshd[3940]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.62.225.103 Feb 5 15:06:35 DAAP sshd[3940]: Invalid user sophie from 183.62.225.103 port 53922 Feb 5 15:06:37 DAAP sshd[3940]: Failed password for invalid user sophie from 183.62.225.103 port 53922 ssh2 Feb 5 15:15:01 DAAP sshd[4063]: Invalid user bodega from 183.62.225.103 port 35892 ...	2020-02-05 22:56:53
3.12.197.130	attackbotsspam	Forbidden directory scan :: 2020/02/05 13:49:31 [error] 1025#1025: *96892 access forbidden by rule, client: 3.12.197.130, server: [censored_2], request: "HEAD /~onixpw/cfg/AppleID.logln.myaccount.JAZ2834HQSD7Q7SD6Q6SD67QSD5Q7S6D6QSD76QSD67Q67D6QQSJDQLJF HTTP/1.1", host: "[censored_2]"	2020-02-05 22:41:26
113.22.11.197	attackspambots	1580910544 - 02/05/2020 14:49:04 Host: 113.22.11.197/113.22.11.197 Port: 445 TCP Blocked	2020-02-05 22:58:23

最近上报的IP列表

177.184.167.185	31.177.95.170	99.188.76.203	231.238.215.91
63.84.46.120	187.56.1.143	234.202.53.191	187.240.215.93
151.106.213.138	107.191.105.127	155.241.234.59	41.163.167.57
101.95.85.122	151.41.195.23	49.66.133.191	142.104.180.45
137.100.62.188	194.34.247.51	194.44.115.160	168.228.150.157