154.0.161.99 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): South Africa

运营商(isp): Afrihost (Pty) Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	2020-08-23T05:06:53.968067shield sshd\[23479\]: Invalid user sonar from 154.0.161.99 port 40176 2020-08-23T05:06:53.974794shield sshd\[23479\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=baymonitoring.dedicated.co.za 2020-08-23T05:06:56.320714shield sshd\[23479\]: Failed password for invalid user sonar from 154.0.161.99 port 40176 ssh2 2020-08-23T05:12:21.981373shield sshd\[24869\]: Invalid user ralf from 154.0.161.99 port 49512 2020-08-23T05:12:22.020383shield sshd\[24869\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=baymonitoring.dedicated.co.za	2020-08-23 14:19:19
attackspam	Aug 19 17:32:07 db sshd[14408]: Invalid user sales from 154.0.161.99 port 37440 ...	2020-08-20 02:04:49
attackbots	2020-08-16T12:35:46.067859shield sshd\[20770\]: Invalid user money from 154.0.161.99 port 41120 2020-08-16T12:35:46.077812shield sshd\[20770\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=baymonitoring.dedicated.co.za 2020-08-16T12:35:47.683797shield sshd\[20770\]: Failed password for invalid user money from 154.0.161.99 port 41120 ssh2 2020-08-16T12:40:46.916053shield sshd\[21630\]: Invalid user ed from 154.0.161.99 port 50550 2020-08-16T12:40:46.924820shield sshd\[21630\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=baymonitoring.dedicated.co.za	2020-08-16 21:13:21
attackbots	fail2ban	2020-08-13 22:56:58
attackbots	Aug 8 22:54:41 pkdns2 sshd\[17934\]: Failed password for root from 154.0.161.99 port 60670 ssh2Aug 8 22:56:53 pkdns2 sshd\[18051\]: Address 154.0.161.99 maps to peardev.dedicated.co.za, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!Aug 8 22:56:55 pkdns2 sshd\[18051\]: Failed password for root from 154.0.161.99 port 32926 ssh2Aug 8 22:59:09 pkdns2 sshd\[18139\]: Address 154.0.161.99 maps to peardev.dedicated.co.za, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!Aug 8 22:59:12 pkdns2 sshd\[18139\]: Failed password for root from 154.0.161.99 port 33414 ssh2Aug 8 23:01:31 pkdns2 sshd\[18255\]: Failed password for root from 154.0.161.99 port 33902 ssh2 ...	2020-08-09 04:23:52
attackbotsspam	Connection to SSH Honeypot - Detected by HoneypotDB	2020-07-19 20:48:00

相同子网IP讨论:

IP	类型	评论内容	时间
154.0.161.131	attackspambots	Wordpress_xmlrpc_attack	2020-05-25 22:26:10
154.0.161.239	attackbots	xmlrpc	2020-04-02 07:28:25

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 154.0.161.99
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 29741
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;154.0.161.99.			IN	A

;; AUTHORITY SECTION:
.			467	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020071900 1800 900 604800 86400

;; Query time: 60 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jul 19 20:47:55 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

99.161.0.154.in-addr.arpa domain name pointer baymonitoring.dedicated.co.za.
99.161.0.154.in-addr.arpa domain name pointer gridfive01.dedicated.co.za.
99.161.0.154.in-addr.arpa domain name pointer peardev.dedicated.co.za.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
99.161.0.154.in-addr.arpa	name = gridfive01.dedicated.co.za.
99.161.0.154.in-addr.arpa	name = peardev.dedicated.co.za.
99.161.0.154.in-addr.arpa	name = baymonitoring.dedicated.co.za.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
222.186.175.182	attack	May 14 14:51:19 legacy sshd[24995]: Failed password for root from 222.186.175.182 port 26606 ssh2 May 14 14:51:33 legacy sshd[24995]: error: maximum authentication attempts exceeded for root from 222.186.175.182 port 26606 ssh2 [preauth] May 14 14:51:39 legacy sshd[24999]: Failed password for root from 222.186.175.182 port 51064 ssh2 ...	2020-05-14 21:03:47
69.158.207.141	attackspam	Triggered by Fail2Ban at ReverseProxy web server	2020-05-14 21:10:51
5.135.165.55	attackspam	2020-05-14T08:29:03.203712mail.thespaminator.com sshd[31278]: Invalid user sinus1 from 5.135.165.55 port 52084 2020-05-14T08:29:05.376004mail.thespaminator.com sshd[31278]: Failed password for invalid user sinus1 from 5.135.165.55 port 52084 ssh2 ...	2020-05-14 20:44:46
185.54.246.102	attackspambots	May 14 07:29:16 s158375 sshd[29042]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.54.246.102	2020-05-14 20:37:03
148.70.128.197	attack	May 14 12:27:35 game-panel sshd[13843]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.128.197 May 14 12:27:37 game-panel sshd[13843]: Failed password for invalid user help from 148.70.128.197 port 42608 ssh2 May 14 12:28:46 game-panel sshd[13861]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.128.197	2020-05-14 21:01:17
142.167.14.225	attack	May 14 15:24:44 lukav-desktop sshd\[30853\]: Invalid user testuser from 142.167.14.225 May 14 15:24:44 lukav-desktop sshd\[30853\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.167.14.225 May 14 15:24:46 lukav-desktop sshd\[30853\]: Failed password for invalid user testuser from 142.167.14.225 port 37040 ssh2 May 14 15:28:56 lukav-desktop sshd\[30924\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.167.14.225 user=root May 14 15:28:58 lukav-desktop sshd\[30924\]: Failed password for root from 142.167.14.225 port 48080 ssh2	2020-05-14 20:51:20
222.186.175.148	attack	May 14 15:29:02 ift sshd\[11013\]: Failed password for root from 222.186.175.148 port 30288 ssh2May 14 15:29:06 ift sshd\[11013\]: Failed password for root from 222.186.175.148 port 30288 ssh2May 14 15:29:10 ift sshd\[11013\]: Failed password for root from 222.186.175.148 port 30288 ssh2May 14 15:29:12 ift sshd\[11013\]: Failed password for root from 222.186.175.148 port 30288 ssh2May 14 15:29:16 ift sshd\[11013\]: Failed password for root from 222.186.175.148 port 30288 ssh2 ...	2020-05-14 20:34:30
45.142.195.8	attackspambots	May 14 14:33:32 s1 postfix/submission/smtpd\[12565\]: warning: unknown\[45.142.195.8\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 14 14:33:57 s1 postfix/submission/smtpd\[12564\]: warning: unknown\[45.142.195.8\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 14 14:34:23 s1 postfix/submission/smtpd\[12565\]: warning: unknown\[45.142.195.8\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 14 14:34:48 s1 postfix/submission/smtpd\[14191\]: warning: unknown\[45.142.195.8\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 14 14:35:13 s1 postfix/submission/smtpd\[12565\]: warning: unknown\[45.142.195.8\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 14 14:35:38 s1 postfix/submission/smtpd\[14191\]: warning: unknown\[45.142.195.8\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 14 14:36:04 s1 postfix/submission/smtpd\[12565\]: warning: unknown\[45.142.195.8\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 14 14:36:29 s1 postfix/submission/smtpd\[14191\]: warning: unknown\[45.142.	2020-05-14 20:50:20
202.188.20.123	attack	May 14 15:00:32 ns381471 sshd[10716]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.188.20.123 May 14 15:00:34 ns381471 sshd[10716]: Failed password for invalid user gabriel from 202.188.20.123 port 57486 ssh2	2020-05-14 21:13:55
128.199.110.226	attack	May 14 15:27:40 hosting sshd[27725]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.110.226 May 14 15:27:40 hosting sshd[27725]: Invalid user hadoop1 from 128.199.110.226 port 41647 May 14 15:27:42 hosting sshd[27725]: Failed password for invalid user hadoop1 from 128.199.110.226 port 41647 ssh2 May 14 15:42:54 hosting sshd[29204]: Invalid user nexus from 128.199.110.226 port 48418 ...	2020-05-14 20:49:55
109.194.54.94	attack	Many many attempts RDP protocol !!!!!!	2020-05-14 21:13:12
46.101.139.211	attack	IP blocked	2020-05-14 20:37:46
194.152.206.103	attackbots	May 14 14:45:11 OPSO sshd\[12911\]: Invalid user sk from 194.152.206.103 port 51407 May 14 14:45:11 OPSO sshd\[12911\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.152.206.103 May 14 14:45:12 OPSO sshd\[12911\]: Failed password for invalid user sk from 194.152.206.103 port 51407 ssh2 May 14 14:53:19 OPSO sshd\[14466\]: Invalid user mongod from 194.152.206.103 port 56229 May 14 14:53:19 OPSO sshd\[14466\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.152.206.103	2020-05-14 21:00:22
115.73.220.67	attackbotsspam	2020-05-14T22:28:45.075696luisaranguren sshd[3739332]: Invalid user sniffer from 115.73.220.67 port 35918 2020-05-14T22:28:51.170124luisaranguren sshd[3739332]: Failed password for invalid user sniffer from 115.73.220.67 port 35918 ssh2 ...	2020-05-14 20:56:34
222.186.173.226	attackspambots	May 14 14:39:45 vpn01 sshd[21133]: Failed password for root from 222.186.173.226 port 24075 ssh2 May 14 14:39:54 vpn01 sshd[21133]: Failed password for root from 222.186.173.226 port 24075 ssh2 ...	2020-05-14 20:48:24

最近上报的IP列表

94.31.219.161	92.104.83.68	249.236.181.66	220.178.67.242
66.249.64.134	206.130.141.138	117.203.18.17	113.186.164.164
31.4.128.208	60.167.176.212	95.7.231.42	188.210.187.179
59.127.167.112	187.185.224.2	78.123.86.185	52.188.71.151
186.154.6.73	51.178.43.9	194.182.76.185	206.189.44.61