104.244.79.146

基本信息:

城市(city): Roost

省份(region): Mersch

国家(country): Luxembourg

运营商(isp): BuyVM

主机名(hostname): unknown

机构(organization): FranTech Solutions

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	01/03/2020-13:04:00.094725 104.244.79.146 Protocol: 6 ET COMPROMISED Known Compromised or Hostile Host Traffic group 2	2020-01-03 20:06:04
attackbots	2020-01-02T07:09:50.998340shield sshd\[2765\]: Invalid user fake from 104.244.79.146 port 52400 2020-01-02T07:09:51.002502shield sshd\[2765\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.244.79.146 2020-01-02T07:09:53.182522shield sshd\[2765\]: Failed password for invalid user fake from 104.244.79.146 port 52400 ssh2 2020-01-02T07:09:53.994050shield sshd\[2775\]: Invalid user ubnt from 104.244.79.146 port 56270 2020-01-02T07:09:53.998258shield sshd\[2775\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.244.79.146	2020-01-02 15:32:25
attackspambots	Jan 1 07:02:32 XXX sshd[64291]: Invalid user fake from 104.244.79.146 port 44234	2020-01-01 15:06:37
attack	[portscan] tcp/22 [SSH] in blocklist.de:'listed [ssh]' *(RWIN=65535)(12291354)	2019-12-29 19:23:41
attack	Dec 28 17:28:23 XXX sshd[22679]: Invalid user fake from 104.244.79.146 port 37760	2019-12-29 03:25:38
attack	Too many connections or unauthorized access detected from Arctic banned ip	2019-12-26 23:06:48
attackbotsspam	2019-12-26T11:53:02.731693shield sshd\[7798\]: Invalid user fake from 104.244.79.146 port 58160 2019-12-26T11:53:02.737580shield sshd\[7798\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.244.79.146 2019-12-26T11:53:04.979596shield sshd\[7798\]: Failed password for invalid user fake from 104.244.79.146 port 58160 ssh2 2019-12-26T11:53:05.775204shield sshd\[7800\]: Invalid user ubnt from 104.244.79.146 port 33856 2019-12-26T11:53:05.779615shield sshd\[7800\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.244.79.146	2019-12-26 20:02:17
attack	Dec 22 17:46:09 rotator sshd\[28640\]: Invalid user fake from 104.244.79.146Dec 22 17:46:10 rotator sshd\[28640\]: Failed password for invalid user fake from 104.244.79.146 port 50624 ssh2Dec 22 17:46:11 rotator sshd\[28642\]: Invalid user ubnt from 104.244.79.146Dec 22 17:46:12 rotator sshd\[28642\]: Failed password for invalid user ubnt from 104.244.79.146 port 53540 ssh2Dec 22 17:46:13 rotator sshd\[28646\]: Invalid user admin from 104.244.79.146Dec 22 17:46:15 rotator sshd\[28646\]: Failed password for invalid user admin from 104.244.79.146 port 56420 ssh2 ...	2019-12-23 01:01:48
attack	2019-12-09T19:23:42.514564vps751288.ovh.net sshd\[818\]: Invalid user fake from 104.244.79.146 port 48600 2019-12-09T19:23:42.522924vps751288.ovh.net sshd\[818\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.244.79.146 2019-12-09T19:23:44.676447vps751288.ovh.net sshd\[818\]: Failed password for invalid user fake from 104.244.79.146 port 48600 ssh2 2019-12-09T19:23:45.072988vps751288.ovh.net sshd\[820\]: Invalid user ubnt from 104.244.79.146 port 52200 2019-12-09T19:23:45.082297vps751288.ovh.net sshd\[820\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.244.79.146	2019-12-10 02:53:39
attackbots	Dec 9 07:07:09 XXX sshd[51973]: Invalid user fake from 104.244.79.146 port 36258	2019-12-09 21:37:13
attackspam	Dec 6 07:14:00 XXX sshd[29136]: Invalid user fake from 104.244.79.146 port 51898	2019-12-06 22:28:12
attackbots	2019-12-02T10:46:45.031072scmdmz1 sshd\[25499\]: Invalid user fake from 104.244.79.146 port 49708 2019-12-02T10:46:45.033632scmdmz1 sshd\[25499\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.244.79.146 2019-12-02T10:46:46.918747scmdmz1 sshd\[25499\]: Failed password for invalid user fake from 104.244.79.146 port 49708 ssh2 ...	2019-12-02 17:52:01
attackspam	Port 22 Scan, PTR: None	2019-12-01 18:49:12
attackbots	2019-11-27T16:27:24.738280abusebot-6.cloudsearch.cf sshd\[3701\]: Invalid user fake from 104.244.79.146 port 44712	2019-11-28 00:51:14
attackbots	Automatically reported by fail2ban report script (powermetal_old)	2019-11-27 03:11:32
attackspam	Scanning random ports - tries to find possible vulnerable services	2019-11-21 18:21:59
attackbots	Nov 21 05:43:06 XXXXXX sshd[45510]: Invalid user fake from 104.244.79.146 port 44640	2019-11-21 14:02:19
attackbotsspam	Nov 20 05:14:07 server sshd\[18592\]: Failed password for invalid user ubnt from 104.244.79.146 port 54202 ssh2 Nov 20 11:39:19 server sshd\[16689\]: Invalid user fake from 104.244.79.146 Nov 20 11:39:19 server sshd\[16689\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.244.79.146 Nov 20 11:39:21 server sshd\[16689\]: Failed password for invalid user fake from 104.244.79.146 port 49500 ssh2 Nov 20 11:39:21 server sshd\[16694\]: Invalid user ubnt from 104.244.79.146 Nov 20 11:39:21 server sshd\[16694\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.244.79.146 ...	2019-11-20 18:27:53
attackbotsspam	SSH Server BruteForce Attack	2019-11-17 17:43:38
attack	Invalid user fake from 104.244.79.146 port 59524	2019-11-13 18:26:11
attackspam	Invalid user fake from 104.244.79.146 port 59524	2019-11-11 19:01:58
attack	k+ssh-bruteforce	2019-11-07 14:17:38
attack	Nov 5 17:09:33 XXX sshd[5926]: Invalid user fake from 104.244.79.146 port 33552	2019-11-06 01:14:36
attackbots	Oct 26 01:24:23 server sshd\[17896\]: Invalid user admin from 104.244.79.146 Oct 26 01:24:23 server sshd\[17896\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.244.79.146 Oct 26 01:24:26 server sshd\[17896\]: Failed password for invalid user admin from 104.244.79.146 port 56616 ssh2 Oct 26 15:44:24 server sshd\[15110\]: Invalid user fake from 104.244.79.146 Oct 26 15:44:24 server sshd\[15110\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.244.79.146 ...	2019-10-27 00:49:51
attackbots	Oct 25 11:09:32 XXX sshd[61715]: Invalid user fake from 104.244.79.146 port 37276	2019-10-26 03:44:12
attackspambots	Invalid user fake from 104.244.79.146 port 40588	2019-10-22 15:07:42
attackbots	Invalid user fake from 104.244.79.146 port 40588	2019-10-21 13:09:41
attackspambots	Oct 17 22:11:59 host sshd[51325]: Invalid user fake from 104.244.79.146 port 53974 Oct 17 22:11:59 host sshd[51325]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.244.79.146 Oct 17 22:11:59 host sshd[51325]: Invalid user fake from 104.244.79.146 port 53974 Oct 17 22:12:02 host sshd[51325]: Failed password for invalid user fake from 104.244.79.146 port 53974 ssh2 Oct 17 22:12:02 host sshd[51390]: Invalid user admin from 104.244.79.146 port 57694 ...	2019-10-18 04:23:34
attackbots	2019-10-10T09:24:25.069850hz01.yumiweb.com sshd\[20980\]: Invalid user fake from 104.244.79.146 port 32876 2019-10-10T09:24:25.263936hz01.yumiweb.com sshd\[20982\]: Invalid user admin from 104.244.79.146 port 33154 2019-10-10T09:24:25.650162hz01.yumiweb.com sshd\[20986\]: Invalid user ubnt from 104.244.79.146 port 33766 ...	2019-10-10 17:02:20
attackspambots	2019-10-03T18:18:08.457794shield sshd\[10420\]: Invalid user fake from 104.244.79.146 port 60376 2019-10-03T18:18:08.462599shield sshd\[10420\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.244.79.146 2019-10-03T18:18:11.345478shield sshd\[10420\]: Failed password for invalid user fake from 104.244.79.146 port 60376 ssh2 2019-10-03T18:18:12.162486shield sshd\[10438\]: Invalid user admin from 104.244.79.146 port 37166 2019-10-03T18:18:12.166706shield sshd\[10438\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.244.79.146	2019-10-04 04:02:05

相同子网IP讨论:

IP	类型	评论内容	时间
104.244.79.241	attackspambots	(mod_security) mod_security (id:949110) triggered by 104.244.79.241 (LU/Luxembourg/lux.tor.stevencampbell23): 5 in the last 14400 secs; ID: rub	2020-10-12 01:12:49
104.244.79.241	attackbotsspam	Oct 10 15:23:04 askasleikir sshd[48449]: Failed password for invalid user admin from 104.244.79.241 port 56660 ssh2	2020-10-11 17:04:35
104.244.79.241	attackbots	Oct 10 15:23:04 askasleikir sshd[48449]: Failed password for invalid user admin from 104.244.79.241 port 56660 ssh2	2020-10-11 10:25:01
104.244.79.157	attackspambots	Failed password for invalid user from 104.244.79.157 port 48016 ssh2	2020-10-10 05:50:03
104.244.79.157	attackspambots	Oct 9 09:55:18 aragorn sshd[936]: Invalid user admin from 104.244.79.157 Oct 9 09:55:21 aragorn sshd[1079]: Invalid user admin from 104.244.79.157 Oct 9 09:55:22 aragorn sshd[1116]: Invalid user ubuntu from 104.244.79.157 Oct 9 09:55:24 aragorn sshd[1120]: Invalid user admin from 104.244.79.157 ...	2020-10-09 21:56:21
104.244.79.157	attack	Unauthorized connection attempt detected from IP address 104.244.79.157 to port 22 [T]	2020-10-09 13:46:40
104.244.79.181	attackbots	ET CINS Active Threat Intelligence Poor Reputation IP group 95 - port: 8080 proto: tcp cat: Misc Attackbytes: 60	2020-10-01 06:41:29
104.244.79.181	attackspam	ET CINS Active Threat Intelligence Poor Reputation IP group 95 - port: 8080 proto: tcp cat: Misc Attackbytes: 60	2020-09-30 23:04:48
104.244.79.181	attackbots	ET CINS Active Threat Intelligence Poor Reputation IP group 94 - port: 8080 proto: tcp cat: Misc Attackbytes: 60	2020-09-30 15:38:32
104.244.79.241	attackbotsspam	2020-09-20T09:21:06.471042ks3355764 sshd[11307]: Failed password for root from 104.244.79.241 port 57780 ssh2 2020-09-20T09:21:10.834047ks3355764 sshd[11307]: Failed password for root from 104.244.79.241 port 57780 ssh2 ...	2020-09-20 15:37:47
104.244.79.241	attackbotsspam	Sep 20 00:06:42 sigma sshd\[31397\]: Invalid user admin from 104.244.79.241Sep 20 00:06:45 sigma sshd\[31397\]: Failed password for invalid user admin from 104.244.79.241 port 54698 ssh2 ...	2020-09-20 07:32:19
104.244.79.241	attackbotsspam	Sep 9 12:58:55 prox sshd[24842]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.244.79.241 Sep 9 12:58:57 prox sshd[24842]: Failed password for invalid user admin from 104.244.79.241 port 35386 ssh2	2020-09-09 20:44:05
104.244.79.241	attackspambots	Sep 9 07:58:04 theomazars sshd[24902]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.244.79.241 user=root Sep 9 07:58:06 theomazars sshd[24902]: Failed password for root from 104.244.79.241 port 41236 ssh2	2020-09-09 14:40:19
104.244.79.241	attack	Sep 9 05:32:06 itv-usvr-01 sshd[19055]: Invalid user admin from 104.244.79.241	2020-09-09 06:52:14
104.244.79.241	attackspambots	Sep 6 05:29:14 l02a sshd[21136]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.244.79.241 user=root Sep 6 05:29:16 l02a sshd[21136]: Failed password for root from 104.244.79.241 port 55956 ssh2 Sep 6 05:29:19 l02a sshd[21136]: Failed password for root from 104.244.79.241 port 55956 ssh2 Sep 6 05:29:14 l02a sshd[21136]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.244.79.241 user=root Sep 6 05:29:16 l02a sshd[21136]: Failed password for root from 104.244.79.241 port 55956 ssh2 Sep 6 05:29:19 l02a sshd[21136]: Failed password for root from 104.244.79.241 port 55956 ssh2	2020-09-06 14:33:28

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.244.79.146
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 54813
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.244.79.146.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019083101 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Sep 01 01:31:52 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 146.79.244.104.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 146.79.244.104.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
175.30.204.124	attackspam	Invalid user impala from 175.30.204.124 port 49295	2020-03-21 21:57:10
104.248.153.158	attack	5x Failed Password	2020-03-21 22:16:41
181.48.225.126	attackspambots	Invalid user natisha from 181.48.225.126 port 33984	2020-03-21 21:53:15
51.68.198.75	attackbotsspam	Invalid user git from 51.68.198.75 port 40580	2020-03-21 22:25:58
125.213.128.52	attack	Invalid user test123 from 125.213.128.52 port 35518	2020-03-21 22:06:55
112.3.30.17	attackbots	Invalid user liuzongming from 112.3.30.17 port 35548	2020-03-21 22:14:01
122.51.31.60	attackbots	Invalid user test from 122.51.31.60 port 38342	2020-03-21 22:07:50
122.51.136.235	attackspambots	Invalid user dfk from 122.51.136.235 port 59098	2020-03-21 22:07:21
106.13.103.1	attackspambots	Mar 21 14:17:17 prox sshd[3421]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.103.1 Mar 21 14:17:18 prox sshd[3421]: Failed password for invalid user stu2 from 106.13.103.1 port 60666 ssh2	2020-03-21 22:15:52
160.16.51.127	attackbots	Invalid user oliver from 160.16.51.127 port 60816	2020-03-21 21:59:14
203.128.242.166	attackbots	Invalid user zhans from 203.128.242.166 port 36123	2020-03-21 21:49:04
49.51.159.151	attackspam	Mar 20 19:30:56 nandi sshd[24848]: Invalid user minecraft from 49.51.159.151 Mar 20 19:30:56 nandi sshd[24848]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.51.159.151 Mar 20 19:30:58 nandi sshd[24848]: Failed password for invalid user minecraft from 49.51.159.151 port 50752 ssh2 Mar 20 19:30:58 nandi sshd[24848]: Received disconnect from 49.51.159.151: 11: Bye Bye [preauth] Mar 20 19:41:54 nandi sshd[29607]: Invalid user radio from 49.51.159.151 Mar 20 19:41:54 nandi sshd[29607]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.51.159.151 Mar 20 19:41:56 nandi sshd[29607]: Failed password for invalid user radio from 49.51.159.151 port 47150 ssh2 Mar 20 19:41:58 nandi sshd[29607]: Received disconnect from 49.51.159.151: 11: Bye Bye [preauth] Mar 20 19:49:39 nandi sshd[32759]: Invalid user xvwei from 49.51.159.151 Mar 20 19:49:39 nandi sshd[32759]: pam_unix(sshd:auth): authenticatio........ -------------------------------	2020-03-21 22:27:30
94.191.47.31	attackbotsspam	Invalid user caidanwei from 94.191.47.31 port 42902	2020-03-21 22:18:43
80.82.64.134	attack	Brute-force attempt banned	2020-03-21 22:21:34
62.117.96.63	attackspambots	Invalid user yi from 62.117.96.63 port 12525	2020-03-21 22:22:45

最近上报的IP列表

42.94.203.54	95.224.235.247	79.165.234.123	242.153.212.186
224.134.129.14	16.10.225.142	194.28.92.254	64.164.7.213
99.73.216.109	212.11.242.45	108.93.232.76	133.194.154.109
58.83.192.219	60.68.119.194	146.163.38.221	74.215.28.14
59.28.37.255	180.126.235.104	18.202.151.218	24.212.135.142