必须是合法有效的IP地址, 可以是IPv4或者是IPv6, 例如127.0.0.1或者2001:DB8:0:0:8:800:200C:417A
基本信息:

城市(city): unknown

省份(region): unknown

国家(country): South Africa

运营商(isp): Afrihost (Pty) Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:
类型 评论内容 时间
attackbots
2020-08-23T05:06:53.968067shield sshd\[23479\]: Invalid user sonar from 154.0.161.99 port 40176
2020-08-23T05:06:53.974794shield sshd\[23479\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=baymonitoring.dedicated.co.za
2020-08-23T05:06:56.320714shield sshd\[23479\]: Failed password for invalid user sonar from 154.0.161.99 port 40176 ssh2
2020-08-23T05:12:21.981373shield sshd\[24869\]: Invalid user ralf from 154.0.161.99 port 49512
2020-08-23T05:12:22.020383shield sshd\[24869\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=baymonitoring.dedicated.co.za
2020-08-23 14:19:19
attackspam
Aug 19 17:32:07 db sshd[14408]: Invalid user sales from 154.0.161.99 port 37440
...
2020-08-20 02:04:49
attackbots
2020-08-16T12:35:46.067859shield sshd\[20770\]: Invalid user money from 154.0.161.99 port 41120
2020-08-16T12:35:46.077812shield sshd\[20770\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=baymonitoring.dedicated.co.za
2020-08-16T12:35:47.683797shield sshd\[20770\]: Failed password for invalid user money from 154.0.161.99 port 41120 ssh2
2020-08-16T12:40:46.916053shield sshd\[21630\]: Invalid user ed from 154.0.161.99 port 50550
2020-08-16T12:40:46.924820shield sshd\[21630\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=baymonitoring.dedicated.co.za
2020-08-16 21:13:21
attackbots
fail2ban
2020-08-13 22:56:58
attackbots
Aug  8 22:54:41 pkdns2 sshd\[17934\]: Failed password for root from 154.0.161.99 port 60670 ssh2Aug  8 22:56:53 pkdns2 sshd\[18051\]: Address 154.0.161.99 maps to peardev.dedicated.co.za, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!Aug  8 22:56:55 pkdns2 sshd\[18051\]: Failed password for root from 154.0.161.99 port 32926 ssh2Aug  8 22:59:09 pkdns2 sshd\[18139\]: Address 154.0.161.99 maps to peardev.dedicated.co.za, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!Aug  8 22:59:12 pkdns2 sshd\[18139\]: Failed password for root from 154.0.161.99 port 33414 ssh2Aug  8 23:01:31 pkdns2 sshd\[18255\]: Failed password for root from 154.0.161.99 port 33902 ssh2
...
2020-08-09 04:23:52
attackbotsspam
Connection to SSH Honeypot - Detected by HoneypotDB
2020-07-19 20:48:00
相同子网IP讨论:
IP 类型 评论内容 时间
154.0.161.131 attackspambots
Wordpress_xmlrpc_attack
2020-05-25 22:26:10
154.0.161.239 attackbots
xmlrpc
2020-04-02 07:28:25
WHOIS信息:
b
DIG信息:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 154.0.161.99
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 29741
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;154.0.161.99.			IN	A

;; AUTHORITY SECTION:
.			467	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020071900 1800 900 604800 86400

;; Query time: 60 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jul 19 20:47:55 CST 2020
;; MSG SIZE  rcvd: 116
HOST信息:
99.161.0.154.in-addr.arpa domain name pointer baymonitoring.dedicated.co.za.
99.161.0.154.in-addr.arpa domain name pointer gridfive01.dedicated.co.za.
99.161.0.154.in-addr.arpa domain name pointer peardev.dedicated.co.za.
NSLOOKUP信息:
Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
99.161.0.154.in-addr.arpa	name = gridfive01.dedicated.co.za.
99.161.0.154.in-addr.arpa	name = peardev.dedicated.co.za.
99.161.0.154.in-addr.arpa	name = baymonitoring.dedicated.co.za.

Authoritative answers can be found from:
相关IP信息:
最新评论:
IP 类型 评论内容 时间
179.119.229.72 attack
$f2bV_matches
2020-09-17 12:10:21
31.14.139.129 attack
DATE:2020-09-17 05:49:21, IP:31.14.139.129, PORT:ssh SSH brute force auth (docker-dc)
2020-09-17 12:26:44
121.12.104.124 attack
SPOOFING
18.223.209.7
121.12.104.124
104.232.130.167
52.114.142.54
52.231.152.70
47.91.170.222
20.57.122.240
143.220.15.131
 NS2.NAMEBRIGHTDNS.COM
 JM2.DNS.COM
O7N6_registration@uCOoKw.org
2020-09-17 12:30:13
103.211.20.205 attack
Unauthorized connection attempt from IP address 103.211.20.205 on Port 445(SMB)
2020-09-17 12:26:21
197.49.109.98 attackspambots
DATE:2020-09-16 19:00:22, IP:197.49.109.98, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)
2020-09-17 12:39:06
49.82.79.106 attack
Brute forcing email accounts
2020-09-17 12:11:51
18.136.231.183 attackspambots
xmlrpc attack
2020-09-17 12:31:15
201.238.247.234 attackspam
Unauthorized connection attempt from IP address 201.238.247.234 on Port 445(SMB)
2020-09-17 12:29:24
185.220.102.248 attackbots
badbot
2020-09-17 12:09:07
170.231.247.151 attackspambots
Automatic report - Banned IP Access
2020-09-17 12:23:45
61.2.195.11 attackspam
Listed on    zen-spamhaus also abuseat.org and dnsbl-sorbs   / proto=6  .  srcport=16485  .  dstport=23  .     (1135)
2020-09-17 12:22:49
61.177.172.128 attackspam
$f2bV_matches
2020-09-17 12:22:20
190.210.62.45 attackspam
SSH bruteforce
2020-09-17 12:33:18
61.93.240.65 attackspambots
2020-09-17T04:26:24.653735vps1033 sshd[19884]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=061093240065.static.ctinets.com
2020-09-17T04:26:24.642232vps1033 sshd[19884]: Invalid user sys from 61.93.240.65 port 58833
2020-09-17T04:26:26.916885vps1033 sshd[19884]: Failed password for invalid user sys from 61.93.240.65 port 58833 ssh2
2020-09-17T04:31:11.845644vps1033 sshd[29785]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=061093240065.static.ctinets.com  user=root
2020-09-17T04:31:19.273163vps1033 sshd[29785]: Failed password for root from 61.93.240.65 port 36555 ssh2
...
2020-09-17 12:36:18
190.205.117.18 attack
Unauthorized connection attempt from IP address 190.205.117.18 on Port 445(SMB)
2020-09-17 12:13:34

最近上报的IP列表

94.31.219.161 92.104.83.68 249.236.181.66 220.178.67.242
66.249.64.134 206.130.141.138 117.203.18.17 113.186.164.164
31.4.128.208 60.167.176.212 95.7.231.42 188.210.187.179
59.127.167.112 187.185.224.2 78.123.86.185 52.188.71.151
186.154.6.73 51.178.43.9 194.182.76.185 206.189.44.61