159.203.100.20

基本信息:

城市(city): Clifton

省份(region): New Jersey

国家(country): United States

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): DigitalOcean, LLC

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	May 11 07:54:47 server sshd\[85786\]: Invalid user dw from 159.203.100.20 May 11 07:54:47 server sshd\[85786\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.100.20 May 11 07:54:49 server sshd\[85786\]: Failed password for invalid user dw from 159.203.100.20 port 37496 ssh2 ...	2019-10-09 18:10:29
attackspambots	Jul 22 04:53:36 h2034429 sshd[11524]: Invalid user alok from 159.203.100.20 Jul 22 04:53:36 h2034429 sshd[11524]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.100.20 Jul 22 04:53:37 h2034429 sshd[11524]: Failed password for invalid user alok from 159.203.100.20 port 49732 ssh2 Jul 22 04:53:37 h2034429 sshd[11524]: Received disconnect from 159.203.100.20 port 49732:11: Bye Bye [preauth] Jul 22 04:53:37 h2034429 sshd[11524]: Disconnected from 159.203.100.20 port 49732 [preauth] Jul 22 05:00:08 h2034429 sshd[11586]: Invalid user emerson from 159.203.100.20 Jul 22 05:00:08 h2034429 sshd[11586]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.100.20 Jul 22 05:00:11 h2034429 sshd[11586]: Failed password for invalid user emerson from 159.203.100.20 port 46946 ssh2 Jul 22 05:00:11 h2034429 sshd[11586]: Received disconnect from 159.203.100.20 port 46946:11: Bye Bye [preauth] Jul 22........ -------------------------------	2019-07-22 11:54:48
attackbots	Invalid user wolf from 159.203.100.20 port 56346	2019-07-21 07:09:33
attack	May 11 07:54:47 server sshd\[85786\]: Invalid user dw from 159.203.100.20 May 11 07:54:47 server sshd\[85786\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.100.20 May 11 07:54:49 server sshd\[85786\]: Failed password for invalid user dw from 159.203.100.20 port 37496 ssh2 ...	2019-07-12 00:48:14
attack	07.07.2019 00:48:27 SSH access blocked by firewall	2019-07-07 09:13:37

相同子网IP讨论:

IP	类型	评论内容	时间
159.203.100.71	attackspambots	port	2020-03-31 09:39:01
159.203.100.30	attackbots	lfd: (smtpauth) Failed SMTP AUTH login from 159.203.100.30 (US/United States/-): 5 in the last 3600 secs - Sun Sep 16 00:57:19 2018	2020-03-09 06:17:25
159.203.100.175	attack	firewall-block, port(s): 6379/tcp	2019-11-30 20:04:23
159.203.100.183	attack	[SunJun2311:49:57.5628992019][:error][pid10285:tid47523410122496][client159.203.100.183:57988][client159.203.100.183]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch"Datanyze"atREQUEST_HEADERS:user-agent.[file"/usr/local/apache.ea3/conf/modsec_rules/20_asl_useragents.conf"][line"68"][id"337749"][rev"2"][msg"Atomicorp.comWAFRules:Datanyzebotblocked"][severity"ERROR"][hostname"pharabouth.com"][uri"/"][unique_id"XQ9LRU5z9z70WZ-ioj8-yQAAAM0"]\,referer:http://pharabouth.com[SunJun2311:49:58.7172552019][:error][pid3160:tid47523391211264][client159.203.100.183:43330][client159.203.100.183]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch"Datanyze"atREQUEST_HEADERS:user-agent.[file"/usr/local/apache.ea3/conf/modsec_rules/20_asl_useragents.conf"][line"68"][id"337749"][rev"2"][msg"Atomicorp.comWAFRules:Datanyzebotblocked"][severity"ERROR"][hostname"pharabouth.com"][uri"/403.shtml"][unique_id"XQ9LRr7rq23X7ZmJ1O51OwAAAAQ"]\,referer:http://pharabouth.com/	2019-06-24 01:22:06

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 159.203.100.20
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 42537
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;159.203.100.20.			IN	A

;; AUTHORITY SECTION:
.			3544	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019041400 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Sun Apr 14 22:01:38 +08 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 20.100.203.159.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 20.100.203.159.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
211.38.132.36	attack	$f2bV_matches	2020-05-28 14:50:49
151.237.25.124	attackspam	SSH login attempts.	2020-05-28 14:59:58
111.93.235.74	attackspambots	May 28 08:29:47 melroy-server sshd[8690]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.93.235.74 May 28 08:29:48 melroy-server sshd[8690]: Failed password for invalid user smb from 111.93.235.74 port 53926 ssh2 ...	2020-05-28 14:57:02
103.21.53.11	attackbotsspam	2020-05-28T03:46:44.001338abusebot-7.cloudsearch.cf sshd[14676]: Invalid user sterner from 103.21.53.11 port 51806 2020-05-28T03:46:44.012423abusebot-7.cloudsearch.cf sshd[14676]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.21.53.11 2020-05-28T03:46:44.001338abusebot-7.cloudsearch.cf sshd[14676]: Invalid user sterner from 103.21.53.11 port 51806 2020-05-28T03:46:45.761761abusebot-7.cloudsearch.cf sshd[14676]: Failed password for invalid user sterner from 103.21.53.11 port 51806 ssh2 2020-05-28T03:55:54.960650abusebot-7.cloudsearch.cf sshd[15183]: Invalid user koga from 103.21.53.11 port 43480 2020-05-28T03:55:54.965297abusebot-7.cloudsearch.cf sshd[15183]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.21.53.11 2020-05-28T03:55:54.960650abusebot-7.cloudsearch.cf sshd[15183]: Invalid user koga from 103.21.53.11 port 43480 2020-05-28T03:55:57.221163abusebot-7.cloudsearch.cf sshd[15183]: Failed pa ...	2020-05-28 14:59:39
118.24.241.97	attackspambots	May 28 06:44:45 hell sshd[30317]: Failed password for root from 118.24.241.97 port 40528 ssh2 ...	2020-05-28 14:56:31
108.12.225.85	attackbotsspam	May 28 06:30:37 xeon sshd[20971]: Failed password for invalid user enable from 108.12.225.85 port 55062 ssh2	2020-05-28 14:58:23
190.43.46.222	attackspam	Port Scan detected! ...	2020-05-28 15:01:50
36.237.208.202	attackbots	Telnetd brute force attack detected by fail2ban	2020-05-28 14:34:08
46.102.68.86	attackspam	TCP (SYN) 46.102.68.86:54483 -> port 23, len 40	2020-05-28 15:09:00
195.70.59.121	attackspambots	2020-05-28T06:20:07.401271shield sshd\[7479\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.70.59.121 user=root 2020-05-28T06:20:09.228852shield sshd\[7479\]: Failed password for root from 195.70.59.121 port 33318 ssh2 2020-05-28T06:23:54.322582shield sshd\[8316\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.70.59.121 user=root 2020-05-28T06:23:56.316194shield sshd\[8316\]: Failed password for root from 195.70.59.121 port 46354 ssh2 2020-05-28T06:27:43.723730shield sshd\[9229\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.70.59.121 user=root	2020-05-28 14:37:55
187.49.133.220	attack	Invalid user server from 187.49.133.220 port 52621	2020-05-28 14:54:23
167.71.236.71	attackbotsspam	Total attacks: 2	2020-05-28 14:56:03
77.123.20.173	attack	May 28 09:03:17 debian-2gb-nbg1-2 kernel: \[12908187.926755\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=77.123.20.173 DST=195.201.40.59 LEN=40 TOS=0x08 PREC=0x20 TTL=240 ID=5590 PROTO=TCP SPT=44402 DPT=3940 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-28 15:06:32
14.182.166.174	attackbots	Brute forcing RDP port 3389	2020-05-28 15:10:26
211.107.237.101	attack	SSH login attempts.	2020-05-28 14:46:39

最近上报的IP列表

177.74.239.69	190.152.214.178	115.216.172.215	123.206.196.62
164.132.12.30	119.135.124.143	5.188.86.198	103.81.87.75
158.140.189.62	200.68.137.183	203.165.67.63	203.19.34.222
201.242.44.20	188.251.177.138	116.53.10.247	205.209.176.236
59.47.71.110	192.162.100.33	42.231.122.177	218.146.119.67