109.244.99.159

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Unauthorized connection attempt detected from IP address 109.244.99.159 to port 80	2020-05-30 01:27:19

相同子网IP讨论:

IP	类型	评论内容	时间
109.244.99.21	attackspambots	Sep 21 18:48:32 Ubuntu-1404-trusty-64-minimal sshd\[14098\]: Invalid user jenkins from 109.244.99.21 Sep 21 18:48:32 Ubuntu-1404-trusty-64-minimal sshd\[14098\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.244.99.21 Sep 21 18:48:34 Ubuntu-1404-trusty-64-minimal sshd\[14098\]: Failed password for invalid user jenkins from 109.244.99.21 port 52088 ssh2 Sep 21 18:53:08 Ubuntu-1404-trusty-64-minimal sshd\[16815\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.244.99.21 user=root Sep 21 18:53:10 Ubuntu-1404-trusty-64-minimal sshd\[16815\]: Failed password for root from 109.244.99.21 port 35646 ssh2	2020-09-22 01:34:10
109.244.99.21	attackspambots	Sep 21 04:05:11 hidden sshd[661]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.244.99.21 user=root Sep 21 04:05:13 hidden sshd[661]: Failed password for hidden from 109.244.99.21 port 46012 ssh2 Sep 21 04:08:27 hidden sshd[725]: Invalid user postgres from 109.244.99.21 port 57610	2020-09-21 17:17:23
109.244.99.21	attack	109.244.99.21 (CN/China/-), 6 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 17 09:35:20 server4 sshd[32494]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.244.99.21 user=root Sep 17 09:28:09 server4 sshd[26681]: Failed password for root from 60.53.186.113 port 44111 ssh2 Sep 17 09:34:38 server4 sshd[31905]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.146.1.186 user=root Sep 17 09:26:00 server4 sshd[24556]: Failed password for root from 51.91.100.120 port 51058 ssh2 Sep 17 09:34:40 server4 sshd[31905]: Failed password for root from 186.146.1.186 port 33850 ssh2 Sep 17 09:28:08 server4 sshd[26681]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.53.186.113 user=root IP Addresses Blocked:	2020-09-17 21:52:58
109.244.99.21	attack	Sep 16 12:59:04 ws19vmsma01 sshd[140719]: Failed password for root from 109.244.99.21 port 52338 ssh2 Sep 16 14:00:43 ws19vmsma01 sshd[179324]: Failed password for root from 109.244.99.21 port 45582 ssh2 ...	2020-09-17 05:09:01
109.244.99.33	attack	Aug 3 08:56:33 cumulus sshd[3229]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.244.99.33 user=r.r Aug 3 08:56:35 cumulus sshd[3229]: Failed password for r.r from 109.244.99.33 port 49152 ssh2 Aug 3 08:56:35 cumulus sshd[3229]: Received disconnect from 109.244.99.33 port 49152:11: Bye Bye [preauth] Aug 3 08:56:35 cumulus sshd[3229]: Disconnected from 109.244.99.33 port 49152 [preauth] Aug 3 08:59:05 cumulus sshd[3466]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.244.99.33 user=r.r Aug 3 08:59:06 cumulus sshd[3466]: Failed password for r.r from 109.244.99.33 port 45922 ssh2 Aug 3 08:59:06 cumulus sshd[3466]: Received disconnect from 109.244.99.33 port 45922:11: Bye Bye [preauth] Aug 3 08:59:06 cumulus sshd[3466]: Disconnected from 109.244.99.33 port 45922 [preauth] Aug 3 09:01:25 cumulus sshd[3754]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 t........ -------------------------------	2020-08-10 05:19:22
109.244.99.33	attackbotsspam	Connection to SSH Honeypot - Detected by HoneypotDB	2020-08-08 22:50:07
109.244.99.33	attack	Aug 3 08:56:33 cumulus sshd[3229]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.244.99.33 user=r.r Aug 3 08:56:35 cumulus sshd[3229]: Failed password for r.r from 109.244.99.33 port 49152 ssh2 Aug 3 08:56:35 cumulus sshd[3229]: Received disconnect from 109.244.99.33 port 49152:11: Bye Bye [preauth] Aug 3 08:56:35 cumulus sshd[3229]: Disconnected from 109.244.99.33 port 49152 [preauth] Aug 3 08:59:05 cumulus sshd[3466]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.244.99.33 user=r.r Aug 3 08:59:06 cumulus sshd[3466]: Failed password for r.r from 109.244.99.33 port 45922 ssh2 Aug 3 08:59:06 cumulus sshd[3466]: Received disconnect from 109.244.99.33 port 45922:11: Bye Bye [preauth] Aug 3 08:59:06 cumulus sshd[3466]: Disconnected from 109.244.99.33 port 45922 [preauth] Aug 3 09:01:25 cumulus sshd[3754]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 t........ -------------------------------	2020-08-06 14:03:55

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 109.244.99.159
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 39205
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;109.244.99.159.			IN	A

;; AUTHORITY SECTION:
.			554	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020052901 1800 900 604800 86400

;; Query time: 94 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat May 30 01:27:16 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 159.99.244.109.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 159.99.244.109.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
117.50.99.93	attack	Oct 2 14:16:57 gw1 sshd[14944]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.99.93 Oct 2 14:16:59 gw1 sshd[14944]: Failed password for invalid user to from 117.50.99.93 port 56480 ssh2 ...	2019-10-02 17:34:05
2.4.46.210	attackbotsspam	Oct 2 00:38:27 Tower sshd[15993]: Connection from 2.4.46.210 port 37654 on 192.168.10.220 port 22 Oct 2 00:38:28 Tower sshd[15993]: Invalid user tensor from 2.4.46.210 port 37654 Oct 2 00:38:28 Tower sshd[15993]: error: Could not get shadow information for NOUSER Oct 2 00:38:28 Tower sshd[15993]: Failed password for invalid user tensor from 2.4.46.210 port 37654 ssh2 Oct 2 00:38:28 Tower sshd[15993]: Received disconnect from 2.4.46.210 port 37654:11: Bye Bye [preauth] Oct 2 00:38:28 Tower sshd[15993]: Disconnected from invalid user tensor 2.4.46.210 port 37654 [preauth]	2019-10-02 17:12:45
159.65.172.240	attack	SSH Bruteforce attempt	2019-10-02 17:17:46
96.78.175.36	attackbots	2019-10-02T05:12:43.512103shield sshd\[20861\]: Invalid user tonlyele from 96.78.175.36 port 55016 2019-10-02T05:12:43.517295shield sshd\[20861\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=96.78.175.36 2019-10-02T05:12:45.076604shield sshd\[20861\]: Failed password for invalid user tonlyele from 96.78.175.36 port 55016 ssh2 2019-10-02T05:17:15.724906shield sshd\[21506\]: Invalid user !@\#QWEasdZXC from 96.78.175.36 port 47894 2019-10-02T05:17:15.730189shield sshd\[21506\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=96.78.175.36	2019-10-02 16:57:28
51.158.184.28	attackbots	2019-10-02T09:17:36.177952abusebot.cloudsearch.cf sshd\[15214\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.158.184.28 user=root	2019-10-02 17:33:45
188.165.242.200	attackspambots	2019-10-02T11:50:42.990655tmaserv sshd\[11331\]: Invalid user hadoop from 188.165.242.200 port 33682 2019-10-02T11:50:42.994972tmaserv sshd\[11331\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns3077451.ip-188-165-242.eu 2019-10-02T11:50:45.448937tmaserv sshd\[11331\]: Failed password for invalid user hadoop from 188.165.242.200 port 33682 ssh2 2019-10-02T12:00:19.935904tmaserv sshd\[11853\]: Invalid user dan from 188.165.242.200 port 43684 2019-10-02T12:00:19.938380tmaserv sshd\[11853\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns3077451.ip-188-165-242.eu 2019-10-02T12:00:22.001969tmaserv sshd\[11853\]: Failed password for invalid user dan from 188.165.242.200 port 43684 ssh2 ...	2019-10-02 17:07:02
5.149.157.38	attackbotsspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/5.149.157.38/ RU - 1H : (751) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : RU NAME ASN : ASN201551 IP : 5.149.157.38 CIDR : 5.149.156.0/23 PREFIX COUNT : 2 UNIQUE IP COUNT : 768 WYKRYTE ATAKI Z ASN201551 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 1 DateTime : 2019-10-02 05:48:49 INFO : Port MAX SCAN Scan Detected and Blocked by ADMIN - data recovery	2019-10-02 17:00:56
221.132.17.74	attack	Oct 2 06:51:28 MK-Soft-Root2 sshd[17332]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.132.17.74 Oct 2 06:51:30 MK-Soft-Root2 sshd[17332]: Failed password for invalid user user from 221.132.17.74 port 47998 ssh2 ...	2019-10-02 17:31:30
49.88.112.114	attack	Oct 2 04:54:50 *** sshd[19903]: User root from 49.88.112.114 not allowed because not listed in AllowUsers	2019-10-02 17:05:12
118.241.95.217	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/118.241.95.217/ JP - 1H : (195) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : JP NAME ASN : ASN2527 IP : 118.241.95.217 CIDR : 118.240.0.0/15 PREFIX COUNT : 53 UNIQUE IP COUNT : 3406848 WYKRYTE ATAKI Z ASN2527 : 1H - 2 3H - 3 6H - 3 12H - 10 24H - 22 DateTime : 2019-10-02 05:48:15 INFO : Port MAX SCAN Scan Detected and Blocked by ADMIN - data recovery	2019-10-02 17:18:07
80.211.95.201	attack	Oct 2 07:04:20 tuotantolaitos sshd[4821]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.95.201 Oct 2 07:04:23 tuotantolaitos sshd[4821]: Failed password for invalid user hadoop from 80.211.95.201 port 42460 ssh2 ...	2019-10-02 17:08:59
200.209.174.76	attackbotsspam	$f2bV_matches	2019-10-02 17:30:45
61.184.187.130	attack	Oct 2 07:46:37 localhost sshd\[8043\]: Invalid user cash from 61.184.187.130 port 39080 Oct 2 07:46:37 localhost sshd\[8043\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.184.187.130 Oct 2 07:46:39 localhost sshd\[8043\]: Failed password for invalid user cash from 61.184.187.130 port 39080 ssh2	2019-10-02 17:38:36
190.64.68.179	attackspambots	Oct 2 07:44:58 vps647732 sshd[18251]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.64.68.179 Oct 2 07:45:00 vps647732 sshd[18251]: Failed password for invalid user ddo from 190.64.68.179 port 60961 ssh2 ...	2019-10-02 16:58:41
91.121.177.37	attackspambots	Invalid user ftpuser from 91.121.177.37 port 34472	2019-10-02 17:04:49

最近上报的IP列表

77.42.123.3	66.42.196.4	66.42.30.186	66.42.7.83
61.152.66.78	59.19.130.76	9.134.149.12	58.219.238.97
58.65.159.196	50.39.178.144	49.82.69.35	46.231.56.32
46.217.237.35	39.78.133.68	39.76.96.77	37.6.114.216
34.228.215.208	27.192.206.104	14.115.89.91	1.168.204.233