159.138.117.44

Basic Info

City: unknown

Region: unknown

Country: Singapore

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
159.138.117.89	attack	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-05-28 23:06:41
159.138.117.89	attackbotsspam	xmlrpc attack	2020-05-28 06:52:16

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 159.138.117.44
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 59826
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;159.138.117.44.			IN	A

;; AUTHORITY SECTION:
.			383	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022701 1800 900 604800 86400

;; Query time: 94 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 28 05:09:00 CST 2022
;; MSG SIZE  rcvd: 107

Host info

44.117.138.159.in-addr.arpa domain name pointer ecs-159-138-117-44.compute.hwclouds-dns.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
44.117.138.159.in-addr.arpa	name = ecs-159-138-117-44.compute.hwclouds-dns.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
200.233.204.218	attack	Mar 18 06:45:56 uapps sshd[27367]: Address 200.233.204.218 maps to 200-233-204-218.dynamic.idial.com.br, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Mar 18 06:45:56 uapps sshd[27367]: User r.r from 200.233.204.218 not allowed because not listed in AllowUsers Mar 18 06:45:56 uapps sshd[27367]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.233.204.218 user=r.r Mar 18 06:45:58 uapps sshd[27367]: Failed password for invalid user r.r from 200.233.204.218 port 46262 ssh2 Mar 18 06:45:58 uapps sshd[27367]: Received disconnect from 200.233.204.218: 11: Bye Bye [preauth] Mar 18 06:55:35 uapps sshd[27474]: Address 200.233.204.218 maps to 200-233-204-218.dynamic.idial.com.br, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Mar 18 06:55:35 uapps sshd[27474]: User r.r from 200.233.204.218 not allowed because not listed in AllowUsers Mar 18 06:55:35 uapps sshd[27474]: pam_unix(sshd:auth):........ -------------------------------	2020-03-19 05:42:29
213.100.203.11	attackspam	Honeypot attack, port: 5555, PTR: c213.100.203-11.bredband.comhem.se.	2020-03-19 06:09:50
79.61.51.195	attackspam	Mar 18 08:00:38 server1 sshd\[4428\]: Failed password for root from 79.61.51.195 port 51436 ssh2 Mar 18 08:04:53 server1 sshd\[5641\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=79.61.51.195 user=root Mar 18 08:04:55 server1 sshd\[5641\]: Failed password for root from 79.61.51.195 port 62614 ssh2 Mar 18 08:09:27 server1 sshd\[7039\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=79.61.51.195 user=root Mar 18 08:09:29 server1 sshd\[7039\]: Failed password for root from 79.61.51.195 port 49462 ssh2 ...	2020-03-19 05:56:56
190.183.222.39	attackspam	detected by Fail2Ban	2020-03-19 06:09:12
2.50.160.20	attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-03-19 05:55:56
185.176.27.42	attackspam	Port 20999 scan denied	2020-03-19 06:14:20
182.148.122.8	attackbotsspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-03-19 06:02:50
106.12.117.161	attack	2020-03-18T20:48:13.605906v22018076590370373 sshd[28474]: Failed password for root from 106.12.117.161 port 45264 ssh2 2020-03-18T20:49:47.439364v22018076590370373 sshd[7042]: Invalid user sys from 106.12.117.161 port 38880 2020-03-18T20:49:47.445754v22018076590370373 sshd[7042]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.117.161 2020-03-18T20:49:47.439364v22018076590370373 sshd[7042]: Invalid user sys from 106.12.117.161 port 38880 2020-03-18T20:49:49.183031v22018076590370373 sshd[7042]: Failed password for invalid user sys from 106.12.117.161 port 38880 ssh2 ...	2020-03-19 06:08:57
222.186.173.180	attackspam	2020-03-18T17:42:16.918278xentho-1 sshd[507155]: Failed password for root from 222.186.173.180 port 14782 ssh2 2020-03-18T17:42:11.052308xentho-1 sshd[507155]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.180 user=root 2020-03-18T17:42:12.959267xentho-1 sshd[507155]: Failed password for root from 222.186.173.180 port 14782 ssh2 2020-03-18T17:42:16.918278xentho-1 sshd[507155]: Failed password for root from 222.186.173.180 port 14782 ssh2 2020-03-18T17:42:20.508771xentho-1 sshd[507155]: Failed password for root from 222.186.173.180 port 14782 ssh2 2020-03-18T17:42:11.052308xentho-1 sshd[507155]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.180 user=root 2020-03-18T17:42:12.959267xentho-1 sshd[507155]: Failed password for root from 222.186.173.180 port 14782 ssh2 2020-03-18T17:42:16.918278xentho-1 sshd[507155]: Failed password for root from 222.186.173.180 port 14782 ssh2 2020-0 ...	2020-03-19 05:43:06
39.62.15.52	attackspam	Lines containing failures of 39.62.15.52 Mar 18 14:30:26 shared07 sshd[19102]: Invalid user admin from 39.62.15.52 port 53529 Mar 18 14:30:26 shared07 sshd[19102]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=39.62.15.52 Mar 18 14:30:27 shared07 sshd[19102]: Failed password for invalid user admin from 39.62.15.52 port 53529 ssh2 Mar 18 14:30:27 shared07 sshd[19102]: Connection closed by invalid user admin 39.62.15.52 port 53529 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=39.62.15.52	2020-03-19 05:52:10
45.55.6.42	attack	Mar 19 03:02:40 itv-usvr-02 sshd[31190]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.6.42 user=root Mar 19 03:08:19 itv-usvr-02 sshd[31352]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.6.42 user=root Mar 19 03:10:30 itv-usvr-02 sshd[31542]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.6.42 user=root	2020-03-19 05:40:36
194.67.93.208	attackbotsspam	Mar 18 08:49:13 UTC__SANYALnet-Labs__cac13 sshd[672]: Connection from 194.67.93.208 port 45458 on 45.62.248.66 port 22 Mar 18 08:49:14 UTC__SANYALnet-Labs__cac13 sshd[672]: Invalid user monhostnameoring from 194.67.93.208 Mar 18 08:49:14 UTC__SANYALnet-Labs__cac13 sshd[672]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=194-67-93-208.cloudvps.regruhosting.ru Mar 18 08:49:17 UTC__SANYALnet-Labs__cac13 sshd[672]: Failed password for invalid user monhostnameoring from 194.67.93.208 port 45458 ssh2 Mar 18 08:49:17 UTC__SANYALnet-Labs__cac13 sshd[672]: Received disconnect from 194.67.93.208: 11: Bye Bye [preauth] Mar 18 08:55:05 UTC__SANYALnet-Labs__cac13 sshd[781]: Connection from 194.67.93.208 port 48870 on 45.62.248.66 port 22 Mar 18 08:55:09 UTC__SANYALnet-Labs__cac13 sshd[781]: User r.r from 194-67-93-208.cloudvps.regruhosting.ru not allowed because not listed in AllowUsers Mar 18 08:55:09 UTC__SANYALnet-Labs__cac13 sshd[781]: ........ -------------------------------	2020-03-19 05:56:29
109.94.183.27	attack	1584536647 - 03/18/2020 14:04:07 Host: 109.94.183.27/109.94.183.27 Port: 445 TCP Blocked	2020-03-19 06:07:59
95.217.50.47	attackspam	(From doreen.warby54@gmail.com) Good morning My name is Sergey and I am a founder of Sweaty Quid Freelancer Marketplace just where you can purchase and sell all kinds of on-line solutions ranging from back links and guest post to explainer video clips, infographics and articles for your business website. I believe that you and drroeder.com can seriously benefit from Sweaty Quid, no matter if you would like to supply your services or employ the services of freelancers to assist you to expand your business. I have been a freelancer on a number of marketplaces for over 5 years and have had my accounts randomly shut down, my revenues pocketed and I simply had a tough time with many poor quality freelancers. After much unnecessary aggravation, I made a decision to launch my very own freelance market place that would do things differently and much better. After almost one year of caffeinne powered evenings, myself and my crew at Creative Bear Tech have developed Sweaty Quid from ground up. One month in	2020-03-19 06:21:43
222.186.180.223	attackbotsspam	Mar 19 05:52:17 bacztwo sshd[2506]: error: PAM: Authentication failure for root from 222.186.180.223 Mar 19 05:52:20 bacztwo sshd[2506]: error: PAM: Authentication failure for root from 222.186.180.223 Mar 19 05:52:23 bacztwo sshd[2506]: error: PAM: Authentication failure for root from 222.186.180.223 Mar 19 05:52:23 bacztwo sshd[2506]: Failed keyboard-interactive/pam for root from 222.186.180.223 port 56676 ssh2 Mar 19 05:52:14 bacztwo sshd[2506]: error: PAM: Authentication failure for root from 222.186.180.223 Mar 19 05:52:17 bacztwo sshd[2506]: error: PAM: Authentication failure for root from 222.186.180.223 Mar 19 05:52:20 bacztwo sshd[2506]: error: PAM: Authentication failure for root from 222.186.180.223 Mar 19 05:52:23 bacztwo sshd[2506]: error: PAM: Authentication failure for root from 222.186.180.223 Mar 19 05:52:23 bacztwo sshd[2506]: Failed keyboard-interactive/pam for root from 222.186.180.223 port 56676 ssh2 Mar 19 05:52:26 bacztwo sshd[2506]: error: PAM: Authentication fa ...	2020-03-19 05:53:47

Recently Reported IPs

159.138.119.222	159.138.123.200	159.138.130.21	159.138.116.88
159.138.132.216	159.138.134.152	159.138.14.209	159.138.141.191
159.138.145.65	159.138.141.101	159.138.146.229	159.138.152.124
159.138.150.148	159.138.153.216	159.138.20.239	159.138.154.82
159.138.201.206	159.138.213.16	159.138.22.80	159.138.238.151