159.203.111.100

基本信息:

城市(city): Clifton

省份(region): New Jersey

国家(country): United States

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): DigitalOcean, LLC

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	(sshd) Failed SSH login from 159.203.111.100 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 21 05:44:21 optimus sshd[13712]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.111.100 user=root Sep 21 05:44:23 optimus sshd[13712]: Failed password for root from 159.203.111.100 port 50779 ssh2 Sep 21 05:49:51 optimus sshd[15758]: Invalid user postgres from 159.203.111.100 Sep 21 05:49:51 optimus sshd[15758]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.111.100 Sep 21 05:49:53 optimus sshd[15758]: Failed password for invalid user postgres from 159.203.111.100 port 45487 ssh2	2020-09-21 20:49:53
attackspambots	2020-09-20T23:26:32.225557afi-git.jinr.ru sshd[9422]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.111.100 2020-09-20T23:26:32.222301afi-git.jinr.ru sshd[9422]: Invalid user samba from 159.203.111.100 port 50376 2020-09-20T23:26:33.698110afi-git.jinr.ru sshd[9422]: Failed password for invalid user samba from 159.203.111.100 port 50376 ssh2 2020-09-20T23:31:24.068964afi-git.jinr.ru sshd[10400]: pam_sss(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.111.100 user=test 2020-09-20T23:31:25.491142afi-git.jinr.ru sshd[10400]: Failed password for test from 159.203.111.100 port 43100 ssh2 ...	2020-09-21 12:40:28
attack	2020-09-20T23:26:32.225557afi-git.jinr.ru sshd[9422]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.111.100 2020-09-20T23:26:32.222301afi-git.jinr.ru sshd[9422]: Invalid user samba from 159.203.111.100 port 50376 2020-09-20T23:26:33.698110afi-git.jinr.ru sshd[9422]: Failed password for invalid user samba from 159.203.111.100 port 50376 ssh2 2020-09-20T23:31:24.068964afi-git.jinr.ru sshd[10400]: pam_sss(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.111.100 user=test 2020-09-20T23:31:25.491142afi-git.jinr.ru sshd[10400]: Failed password for test from 159.203.111.100 port 43100 ssh2 ...	2020-09-21 04:31:44
attackbots	2020-08-18T00:08:23.443060ks3355764 sshd[2078]: Invalid user zhongzheng from 159.203.111.100 port 57263 2020-08-18T00:08:25.211140ks3355764 sshd[2078]: Failed password for invalid user zhongzheng from 159.203.111.100 port 57263 ssh2 ...	2020-08-18 08:21:25
attackbots	frenzy	2020-08-15 15:09:55
attack	Aug 11 03:25:42 webhost01 sshd[25159]: Failed password for root from 159.203.111.100 port 39986 ssh2 ...	2020-08-11 04:46:51
attackbotsspam	2020-08-04T15:43:40.704686linuxbox-skyline sshd[75460]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.111.100 user=root 2020-08-04T15:43:42.740605linuxbox-skyline sshd[75460]: Failed password for root from 159.203.111.100 port 53978 ssh2 ...	2020-08-05 05:50:53
attackspam	Jul 31 08:20:55 mockhub sshd[11075]: Failed password for root from 159.203.111.100 port 45684 ssh2 ...	2020-08-01 01:02:33
attackspambots	DATE:2020-07-25 09:27:11,IP:159.203.111.100,MATCHES:11,PORT:ssh	2020-07-25 15:32:40
attackbotsspam	Jul 3 16:23:09 lukav-desktop sshd\[16684\]: Invalid user tidb from 159.203.111.100 Jul 3 16:23:09 lukav-desktop sshd\[16684\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.111.100 Jul 3 16:23:11 lukav-desktop sshd\[16684\]: Failed password for invalid user tidb from 159.203.111.100 port 56492 ssh2 Jul 3 16:26:39 lukav-desktop sshd\[16741\]: Invalid user hywang from 159.203.111.100 Jul 3 16:26:39 lukav-desktop sshd\[16741\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.111.100	2020-07-03 22:21:31
attackbots	Jun 29 14:14:48 jane sshd[23297]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.111.100 Jun 29 14:14:50 jane sshd[23297]: Failed password for invalid user bernard from 159.203.111.100 port 33546 ssh2 ...	2020-06-30 01:27:48
attackspam	SSH authentication failure x 6 reported by Fail2Ban ...	2020-06-19 16:50:26
attackbotsspam	Jun 11 11:00:38 itv-usvr-01 sshd[9815]: Invalid user cristian from 159.203.111.100 Jun 11 11:00:38 itv-usvr-01 sshd[9815]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.111.100 Jun 11 11:00:38 itv-usvr-01 sshd[9815]: Invalid user cristian from 159.203.111.100 Jun 11 11:00:40 itv-usvr-01 sshd[9815]: Failed password for invalid user cristian from 159.203.111.100 port 41350 ssh2 Jun 11 11:08:03 itv-usvr-01 sshd[10111]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.111.100 user=root Jun 11 11:08:06 itv-usvr-01 sshd[10111]: Failed password for root from 159.203.111.100 port 42230 ssh2	2020-06-11 15:16:43
attackbotsspam	Jun 9 10:09:17 vps46666688 sshd[27238]: Failed password for root from 159.203.111.100 port 53022 ssh2 ...	2020-06-09 21:25:46
attackbots	2020-06-06T22:54:09.057792linuxbox-skyline sshd[189164]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.111.100 user=root 2020-06-06T22:54:10.936295linuxbox-skyline sshd[189164]: Failed password for root from 159.203.111.100 port 52686 ssh2 ...	2020-06-07 17:52:42
attackbotsspam	Jun 6 12:03:52 vmi345603 sshd[15782]: Failed password for root from 159.203.111.100 port 42644 ssh2 ...	2020-06-06 18:27:03
attackspambots	Invalid user glassfish from 159.203.111.100 port 59818	2020-05-29 16:04:07
attack	May 13 22:09:16 webhost01 sshd[28300]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.111.100 May 13 22:09:18 webhost01 sshd[28300]: Failed password for invalid user sjx from 159.203.111.100 port 54815 ssh2 ...	2020-05-14 01:59:16
attackbotsspam	2020-05-10T15:07:10.648762centos sshd[21263]: Invalid user antivirus from 159.203.111.100 port 53328 2020-05-10T15:07:12.470032centos sshd[21263]: Failed password for invalid user antivirus from 159.203.111.100 port 53328 ssh2 2020-05-10T15:15:35.519341centos sshd[21796]: Invalid user tobin from 159.203.111.100 port 58011 ...	2020-05-10 23:19:39
attackspambots	May 1 11:29:50 vpn01 sshd[733]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.111.100 May 1 11:29:52 vpn01 sshd[733]: Failed password for invalid user om from 159.203.111.100 port 40133 ssh2 ...	2020-05-01 17:57:36
attackspam	SSH Brute-Force Attack	2020-04-30 13:53:49
attackbots	2020-04-19T22:06:38.678008vps773228.ovh.net sshd[13707]: Invalid user hi from 159.203.111.100 port 46283 2020-04-19T22:06:38.693570vps773228.ovh.net sshd[13707]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.111.100 2020-04-19T22:06:38.678008vps773228.ovh.net sshd[13707]: Invalid user hi from 159.203.111.100 port 46283 2020-04-19T22:06:40.110064vps773228.ovh.net sshd[13707]: Failed password for invalid user hi from 159.203.111.100 port 46283 ssh2 2020-04-19T22:15:55.613152vps773228.ovh.net sshd[13938]: Invalid user vr from 159.203.111.100 port 54944 ...	2020-04-20 04:23:16
attackbots	Invalid user tester from 159.203.111.100 port 40525	2020-04-18 15:24:25
attackspambots	Apr 3 14:42:56 ns382633 sshd\[1766\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.111.100 user=root Apr 3 14:42:58 ns382633 sshd\[1766\]: Failed password for root from 159.203.111.100 port 60253 ssh2 Apr 3 14:52:08 ns382633 sshd\[3634\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.111.100 user=root Apr 3 14:52:10 ns382633 sshd\[3634\]: Failed password for root from 159.203.111.100 port 42693 ssh2 Apr 3 15:00:40 ns382633 sshd\[5439\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.111.100 user=root	2020-04-03 21:32:31
attack	Mar 22 00:41:55 silence02 sshd[31368]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.111.100 Mar 22 00:41:57 silence02 sshd[31368]: Failed password for invalid user qd from 159.203.111.100 port 37574 ssh2 Mar 22 00:48:59 silence02 sshd[31858]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.111.100	2020-03-22 07:54:09
attack	2020-03-19T01:13:48.674466linuxbox-skyline sshd[60931]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.111.100 user=root 2020-03-19T01:13:50.626494linuxbox-skyline sshd[60931]: Failed password for root from 159.203.111.100 port 50225 ssh2 ...	2020-03-19 15:17:47
attackbotsspam	Mar 12 13:22:41 prox sshd[14841]: Failed password for root from 159.203.111.100 port 38823 ssh2	2020-03-12 21:12:23
attackspam	(sshd) Failed SSH login from 159.203.111.100 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Feb 27 06:32:47 elude sshd[25405]: Invalid user git from 159.203.111.100 port 37412 Feb 27 06:32:49 elude sshd[25405]: Failed password for invalid user git from 159.203.111.100 port 37412 ssh2 Feb 27 06:53:33 elude sshd[26661]: Invalid user kamal from 159.203.111.100 port 40380 Feb 27 06:53:35 elude sshd[26661]: Failed password for invalid user kamal from 159.203.111.100 port 40380 ssh2 Feb 27 07:07:51 elude sshd[27414]: Invalid user staff from 159.203.111.100 port 38743	2020-02-27 19:04:17
attackbotsspam	Feb 12 20:59:33 auw2 sshd\[1309\]: Invalid user images from 159.203.111.100 Feb 12 20:59:33 auw2 sshd\[1309\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.111.100 Feb 12 20:59:36 auw2 sshd\[1309\]: Failed password for invalid user images from 159.203.111.100 port 52518 ssh2 Feb 12 21:02:57 auw2 sshd\[1601\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.111.100 user=root Feb 12 21:02:59 auw2 sshd\[1601\]: Failed password for root from 159.203.111.100 port 38475 ssh2	2020-02-13 17:04:43
attackbots	Jan 31 21:24:16 lnxmysql61 sshd[1215]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.111.100	2020-02-01 05:33:17

相同子网IP讨论:

IP	类型	评论内容	时间
159.203.111.218	attackspam	No UA	2019-10-18 19:47:16
159.203.111.65	attack	[portscan] tcp/22 [SSH] [scan/connect: 3 time(s)] *(RWIN=65535)(07172048)	2019-07-18 07:39:06

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 159.203.111.100
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 54330
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;159.203.111.100.		IN	A

;; AUTHORITY SECTION:
.			2922	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019032801 1800 900 604800 86400

;; Query time: 111 msec
;; SERVER: 183.60.82.98#53(183.60.82.98)
;; WHEN: Fri Mar 29 02:49:42 CST 2019
;; MSG SIZE  rcvd: 119

HOST信息:

Host 100.111.203.159.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 100.111.203.159.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
64.252.142.148	attackspam	Automatic report generated by Wazuh	2020-01-04 18:08:30
183.82.126.180	attackspambots	20/1/4@03:47:36: FAIL: Alarm-Network address from=183.82.126.180 20/1/4@03:47:36: FAIL: Alarm-Network address from=183.82.126.180 ...	2020-01-04 18:10:52
62.165.30.221	attackspambots	Jan 4 04:17:42 debian sshd[27780]: Unable to negotiate with 62.165.30.221 port 32718: no matching key exchange method found. Their offer: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 [preauth] Jan 4 04:20:46 debian sshd[27902]: Unable to negotiate with 62.165.30.221 port 51711: no matching key exchange method found. Their offer: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 [preauth] ...	2020-01-04 17:35:11
129.204.2.182	attackspambots	Jan 4 07:03:37 IngegnereFirenze sshd[31032]: Failed password for invalid user m from 129.204.2.182 port 59137 ssh2 ...	2020-01-04 17:32:57
107.170.204.148	attackbots	Jan 4 04:30:55 onepro3 sshd[12351]: Failed password for invalid user vwm from 107.170.204.148 port 50130 ssh2 Jan 4 04:35:51 onepro3 sshd[12406]: Failed password for invalid user uisfs from 107.170.204.148 port 54478 ssh2 Jan 4 04:38:38 onepro3 sshd[12455]: Failed password for invalid user mannan from 107.170.204.148 port 55078 ssh2	2020-01-04 17:54:47
118.70.117.60	attackspam	Unauthorized connection attempt detected from IP address 118.70.117.60 to port 445	2020-01-04 17:37:45
190.181.140.110	attack	Automatic report - SSH Brute-Force Attack	2020-01-04 18:19:37
123.51.162.52	attackspam	Jan 4 06:30:35 vps670341 sshd[8478]: Invalid user oracle from 123.51.162.52 port 53374	2020-01-04 18:13:38
118.99.179.164	attackbots	Automatic report - Port Scan Attack	2020-01-04 17:38:49
201.22.171.54	attack	Automatic report - Port Scan Attack	2020-01-04 17:52:14
121.101.130.163	attack	Telnet/23 MH Probe, BF, Hack -	2020-01-04 18:18:29
103.79.169.7	attack	Jan 2 03:25:30 nbi-636 sshd[9618]: Invalid user ruan from 103.79.169.7 port 54362 Jan 2 03:25:32 nbi-636 sshd[9618]: Failed password for invalid user ruan from 103.79.169.7 port 54362 ssh2 Jan 2 03:25:33 nbi-636 sshd[9618]: Received disconnect from 103.79.169.7 port 54362:11: Bye Bye [preauth] Jan 2 03:25:33 nbi-636 sshd[9618]: Disconnected from 103.79.169.7 port 54362 [preauth] Jan 2 03:41:01 nbi-636 sshd[12059]: Invalid user nt from 103.79.169.7 port 49740 Jan 2 03:41:03 nbi-636 sshd[12059]: Failed password for invalid user nt from 103.79.169.7 port 49740 ssh2 Jan 2 03:41:03 nbi-636 sshd[12059]: Received disconnect from 103.79.169.7 port 49740:11: Bye Bye [preauth] Jan 2 03:41:03 nbi-636 sshd[12059]: Disconnected from 103.79.169.7 port 49740 [preauth] Jan 2 03:43:59 nbi-636 sshd[12539]: Invalid user edu from 103.79.169.7 port 43834 Jan 2 03:44:01 nbi-636 sshd[12539]: Failed password for invalid user edu from 103.79.169.7 port 43834 ssh2 Jan 2 03:44:01 nbi-6........ -------------------------------	2020-01-04 17:46:57
114.143.162.53	attack	20/1/3@23:48:22: FAIL: Alarm-Network address from=114.143.162.53 ...	2020-01-04 18:03:55
79.114.225.163	attackbotsspam	Honeypot attack, port: 23, PTR: 79-114-225-163.rdsnet.ro.	2020-01-04 18:07:54
123.241.26.243	attackbots	Honeypot attack, port: 81, PTR: 123-241-26-243.cctv.dynamic.tbcnet.net.tw.	2020-01-04 17:48:41

最近上报的IP列表

186.134.2.239	27.150.169.16	193.112.90.84	186.60.226.239
177.23.90.10	80.211.30.19	14.136.201.82	108.179.209.201
51.68.121.63	107.170.192.139	188.83.163.6	142.93.213.218
77.247.109.137	208.97.138.220	204.93.97.9	198.38.90.219
122.232.210.76	88.119.128.68	108.179.217.251	211.157.146.54