109.244.99.159

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Unauthorized connection attempt detected from IP address 109.244.99.159 to port 80	2020-05-30 01:27:19

相同子网IP讨论:

IP	类型	评论内容	时间
109.244.99.21	attackspambots	Sep 21 18:48:32 Ubuntu-1404-trusty-64-minimal sshd\[14098\]: Invalid user jenkins from 109.244.99.21 Sep 21 18:48:32 Ubuntu-1404-trusty-64-minimal sshd\[14098\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.244.99.21 Sep 21 18:48:34 Ubuntu-1404-trusty-64-minimal sshd\[14098\]: Failed password for invalid user jenkins from 109.244.99.21 port 52088 ssh2 Sep 21 18:53:08 Ubuntu-1404-trusty-64-minimal sshd\[16815\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.244.99.21 user=root Sep 21 18:53:10 Ubuntu-1404-trusty-64-minimal sshd\[16815\]: Failed password for root from 109.244.99.21 port 35646 ssh2	2020-09-22 01:34:10
109.244.99.21	attackspambots	Sep 21 04:05:11 hidden sshd[661]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.244.99.21 user=root Sep 21 04:05:13 hidden sshd[661]: Failed password for hidden from 109.244.99.21 port 46012 ssh2 Sep 21 04:08:27 hidden sshd[725]: Invalid user postgres from 109.244.99.21 port 57610	2020-09-21 17:17:23
109.244.99.21	attack	109.244.99.21 (CN/China/-), 6 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 17 09:35:20 server4 sshd[32494]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.244.99.21 user=root Sep 17 09:28:09 server4 sshd[26681]: Failed password for root from 60.53.186.113 port 44111 ssh2 Sep 17 09:34:38 server4 sshd[31905]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.146.1.186 user=root Sep 17 09:26:00 server4 sshd[24556]: Failed password for root from 51.91.100.120 port 51058 ssh2 Sep 17 09:34:40 server4 sshd[31905]: Failed password for root from 186.146.1.186 port 33850 ssh2 Sep 17 09:28:08 server4 sshd[26681]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.53.186.113 user=root IP Addresses Blocked:	2020-09-17 21:52:58
109.244.99.21	attack	Sep 16 12:59:04 ws19vmsma01 sshd[140719]: Failed password for root from 109.244.99.21 port 52338 ssh2 Sep 16 14:00:43 ws19vmsma01 sshd[179324]: Failed password for root from 109.244.99.21 port 45582 ssh2 ...	2020-09-17 05:09:01
109.244.99.33	attack	Aug 3 08:56:33 cumulus sshd[3229]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.244.99.33 user=r.r Aug 3 08:56:35 cumulus sshd[3229]: Failed password for r.r from 109.244.99.33 port 49152 ssh2 Aug 3 08:56:35 cumulus sshd[3229]: Received disconnect from 109.244.99.33 port 49152:11: Bye Bye [preauth] Aug 3 08:56:35 cumulus sshd[3229]: Disconnected from 109.244.99.33 port 49152 [preauth] Aug 3 08:59:05 cumulus sshd[3466]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.244.99.33 user=r.r Aug 3 08:59:06 cumulus sshd[3466]: Failed password for r.r from 109.244.99.33 port 45922 ssh2 Aug 3 08:59:06 cumulus sshd[3466]: Received disconnect from 109.244.99.33 port 45922:11: Bye Bye [preauth] Aug 3 08:59:06 cumulus sshd[3466]: Disconnected from 109.244.99.33 port 45922 [preauth] Aug 3 09:01:25 cumulus sshd[3754]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 t........ -------------------------------	2020-08-10 05:19:22
109.244.99.33	attackbotsspam	Connection to SSH Honeypot - Detected by HoneypotDB	2020-08-08 22:50:07
109.244.99.33	attack	Aug 3 08:56:33 cumulus sshd[3229]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.244.99.33 user=r.r Aug 3 08:56:35 cumulus sshd[3229]: Failed password for r.r from 109.244.99.33 port 49152 ssh2 Aug 3 08:56:35 cumulus sshd[3229]: Received disconnect from 109.244.99.33 port 49152:11: Bye Bye [preauth] Aug 3 08:56:35 cumulus sshd[3229]: Disconnected from 109.244.99.33 port 49152 [preauth] Aug 3 08:59:05 cumulus sshd[3466]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.244.99.33 user=r.r Aug 3 08:59:06 cumulus sshd[3466]: Failed password for r.r from 109.244.99.33 port 45922 ssh2 Aug 3 08:59:06 cumulus sshd[3466]: Received disconnect from 109.244.99.33 port 45922:11: Bye Bye [preauth] Aug 3 08:59:06 cumulus sshd[3466]: Disconnected from 109.244.99.33 port 45922 [preauth] Aug 3 09:01:25 cumulus sshd[3754]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 t........ -------------------------------	2020-08-06 14:03:55

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 109.244.99.159
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 39205
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;109.244.99.159.			IN	A

;; AUTHORITY SECTION:
.			554	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020052901 1800 900 604800 86400

;; Query time: 94 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat May 30 01:27:16 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 159.99.244.109.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 159.99.244.109.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
122.114.161.19	attack	Oct 8 22:00:56 [host] sshd[16159]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.114.161.19 user=root Oct 8 22:00:58 [host] sshd[16159]: Failed password for root from 122.114.161.19 port 45666 ssh2 Oct 8 22:06:17 [host] sshd[16285]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.114.161.19 user=root	2019-10-09 04:19:18
190.152.124.134	attackbots	Sending SPAM email	2019-10-09 05:07:33
218.150.220.194	attackspam	Oct 8 22:05:39 jane sshd[721]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.150.220.194 Oct 8 22:05:40 jane sshd[721]: Failed password for invalid user daniel from 218.150.220.194 port 57866 ssh2 ...	2019-10-09 04:45:31
85.25.177.187	attack	[Tue Oct 08 22:04:05.364339 2019] [proxy_fcgi:error] [pid 27770] [client 85.25.177.187:51901] AH01071: Got error 'Primary script unknown\n' [Tue Oct 08 22:04:33.277669 2019] [proxy_fcgi:error] [pid 27788] [client 85.25.177.187:54701] AH01071: Got error 'Primary script unknown\n' [Tue Oct 08 22:04:38.719553 2019] [proxy_fcgi:error] [pid 27792] [client 85.25.177.187:45909] AH01071: Got error 'Primary script unknown\n' [Tue Oct 08 22:04:52.567000 2019] [proxy_fcgi:error] [pid 27803] [client 85.25.177.187:38951] AH01071: Got error 'Primary script unknown\n' [Tue Oct 08 22:04:54.428571 2019] [proxy_fcgi:error] [pid 27806] [client 85.25.177.187:36941] AH01071: Got error 'Primary script unknown\n' [Tue Oct 08 22:05:03.432416 2019] [proxy_fcgi:error] [pid 27845] [client 85.25.177.187:57759] AH01071: Got error 'Primary script unknown\n' ...	2019-10-09 04:43:07
189.159.154.142	attackbots	Attempt to attack host OS, exploiting network vulnerabilities, on 08-10-2019 21:05:18.	2019-10-09 05:01:08
106.12.21.124	attack	Oct 8 22:51:10 vps691689 sshd[9401]: Failed password for root from 106.12.21.124 port 53086 ssh2 Oct 8 22:55:26 vps691689 sshd[9433]: Failed password for root from 106.12.21.124 port 60988 ssh2 ...	2019-10-09 04:58:01
23.129.64.161	attackspambots	Oct 8 22:05:29 MainVPS sshd[28987]: Invalid user 1111 from 23.129.64.161 port 51420 Oct 8 22:05:29 MainVPS sshd[28987]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=23.129.64.161 Oct 8 22:05:29 MainVPS sshd[28987]: Invalid user 1111 from 23.129.64.161 port 51420 Oct 8 22:05:30 MainVPS sshd[28987]: Failed password for invalid user 1111 from 23.129.64.161 port 51420 ssh2 Oct 8 22:05:34 MainVPS sshd[29005]: Invalid user 123!@# from 23.129.64.161 port 15700 Oct 8 22:05:34 MainVPS sshd[29005]: Invalid user 123!@# from 23.129.64.161 port 15700 Oct 8 22:05:34 MainVPS sshd[29005]: Failed none for invalid user 123!@# from 23.129.64.161 port 15700 ssh2 ...	2019-10-09 04:46:42
221.239.62.155	attack	Oct 8 22:44:59 ns41 sshd[21314]: Failed password for root from 221.239.62.155 port 48283 ssh2 Oct 8 22:44:59 ns41 sshd[21314]: Failed password for root from 221.239.62.155 port 48283 ssh2	2019-10-09 05:13:58
218.22.100.42	attackbots	Oct 8 REMOVED dovecot: imap-login: Disconnected \(auth failed, 1 attempts in 6 secs\): user=\, method=PLAIN, rip=218.22.100.42, lip=REMOVED, TLS: Disconnected, session=\ Oct 8 REMOVED dovecot: imap-login: Disconnected \(auth failed, 1 attempts in 5 secs\): user=\, method=PLAIN, rip=218.22.100.42, lip=REMOVED, TLS: Disconnected, session=\ Oct 8 REMOVED dovecot: imap-login: Disconnected \(auth failed, 1 attempts in 6 secs\): user=\, method=PLAIN, rip=218.22.100.42, lip=REMOVED, TLS: Disconnected, session=\<3KOtsGuUrJvaFmQq\>	2019-10-09 04:48:50
138.197.5.191	attackbotsspam	2019-10-08T21:06:26.835306abusebot-4.cloudsearch.cf sshd\[25935\]: Invalid user Marcela-123 from 138.197.5.191 port 40910	2019-10-09 05:12:47
92.118.161.17	attackspam	Automatic report - Banned IP Access	2019-10-09 04:54:39
77.40.11.88	attackbots	10/08/2019-22:06:06.367044 77.40.11.88 Protocol: 6 SURICATA SMTP tls rejected	2019-10-09 04:28:22
207.154.243.255	attack	Oct 8 10:17:07 php1 sshd\[21026\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.154.243.255 user=root Oct 8 10:17:09 php1 sshd\[21026\]: Failed password for root from 207.154.243.255 port 47598 ssh2 Oct 8 10:20:53 php1 sshd\[21375\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.154.243.255 user=root Oct 8 10:20:56 php1 sshd\[21375\]: Failed password for root from 207.154.243.255 port 60060 ssh2 Oct 8 10:24:32 php1 sshd\[21689\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.154.243.255 user=root	2019-10-09 04:33:20
222.186.180.20	attackbots	Oct 8 22:54:47 MK-Soft-VM7 sshd[11465]: Failed password for root from 222.186.180.20 port 25052 ssh2 Oct 8 22:54:52 MK-Soft-VM7 sshd[11465]: Failed password for root from 222.186.180.20 port 25052 ssh2 ...	2019-10-09 05:03:32
51.79.129.237	attack	Oct 8 22:04:07 herz-der-gamer sshd[22135]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.79.129.237 user=root Oct 8 22:04:09 herz-der-gamer sshd[22135]: Failed password for root from 51.79.129.237 port 47376 ssh2 ...	2019-10-09 05:10:23

最近上报的IP列表

77.42.123.3	66.42.196.4	66.42.30.186	66.42.7.83
61.152.66.78	59.19.130.76	9.134.149.12	58.219.238.97
58.65.159.196	50.39.178.144	49.82.69.35	46.231.56.32
46.217.237.35	39.78.133.68	39.76.96.77	37.6.114.216
34.228.215.208	27.192.206.104	14.115.89.91	1.168.204.233