159.203.124.114

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States of America

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	2033/tcp 2103/tcp 2203/tcp... [2020-04-23/06-18]40pkt,16pt.(tcp)	2020-06-20 05:58:23
attackspambots	Port scan: Attack repeated for 24 hours	2020-05-04 13:30:07
attackbots	30022/tcp 20022/tcp [2020-04-12/23]2pkt	2020-04-24 01:48:19

相同子网IP讨论:

IP	类型	评论内容	时间
159.203.124.234	attackbots	Invalid user anderson from 159.203.124.234 port 36539	2020-09-26 07:56:59
159.203.124.234	attack	Sep 25 09:29:50 marvibiene sshd[19834]: Invalid user uno50 from 159.203.124.234 port 46471 Sep 25 09:29:50 marvibiene sshd[19834]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.124.234 Sep 25 09:29:50 marvibiene sshd[19834]: Invalid user uno50 from 159.203.124.234 port 46471 Sep 25 09:29:51 marvibiene sshd[19834]: Failed password for invalid user uno50 from 159.203.124.234 port 46471 ssh2	2020-09-26 01:12:12
159.203.124.234	attackbotsspam	Sep 25 08:26:41 ncomp sshd[28821]: Invalid user auditor from 159.203.124.234 port 43689 Sep 25 08:26:41 ncomp sshd[28821]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.124.234 Sep 25 08:26:41 ncomp sshd[28821]: Invalid user auditor from 159.203.124.234 port 43689 Sep 25 08:26:44 ncomp sshd[28821]: Failed password for invalid user auditor from 159.203.124.234 port 43689 ssh2	2020-09-25 16:49:12
159.203.124.234	attackbotsspam	Sep 22 13:20:55 ws12vmsma01 sshd[4924]: Invalid user worker from 159.203.124.234 Sep 22 13:20:57 ws12vmsma01 sshd[4924]: Failed password for invalid user worker from 159.203.124.234 port 59582 ssh2 Sep 22 13:26:26 ws12vmsma01 sshd[5687]: Invalid user admin from 159.203.124.234 ...	2020-09-23 00:57:11
159.203.124.234	attack	Sep 22 05:29:37 nextcloud sshd\[1220\]: Invalid user q from 159.203.124.234 Sep 22 05:29:37 nextcloud sshd\[1220\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.124.234 Sep 22 05:29:38 nextcloud sshd\[1220\]: Failed password for invalid user q from 159.203.124.234 port 35936 ssh2	2020-09-22 16:58:39
159.203.124.234	attack	Too many connections or unauthorized access detected from Arctic banned ip	2020-08-31 20:12:46
159.203.124.234	attackspambots	Bruteforce detected by fail2ban	2020-08-25 23:43:04
159.203.124.234	attackspambots	Aug 23 22:32:52 dev0-dcde-rnet sshd[12994]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.124.234 Aug 23 22:32:54 dev0-dcde-rnet sshd[12994]: Failed password for invalid user simeon from 159.203.124.234 port 51235 ssh2 Aug 23 22:34:39 dev0-dcde-rnet sshd[13011]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.124.234	2020-08-24 05:28:34
159.203.124.234	attackspam	Aug 23 15:31:37 XXX sshd[5963]: Invalid user summer from 159.203.124.234 port 36938	2020-08-24 00:12:02
159.203.124.234	attackbotsspam	Port Scan detected from 159.203.124.234 (US/United States/New Jersey/Clifton/new-iisocial.com). 4 hits in the last 30 seconds	2020-08-13 14:22:20
159.203.124.234	attack	2020-08-08T14:31:56.371342vps1033 sshd[20195]: Failed password for root from 159.203.124.234 port 54035 ssh2 2020-08-08T14:34:14.893210vps1033 sshd[25468]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.124.234 user=root 2020-08-08T14:34:16.899724vps1033 sshd[25468]: Failed password for root from 159.203.124.234 port 42210 ssh2 2020-08-08T14:36:35.165694vps1033 sshd[30279]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.124.234 user=root 2020-08-08T14:36:37.197185vps1033 sshd[30279]: Failed password for root from 159.203.124.234 port 58619 ssh2 ...	2020-08-08 22:43:07
159.203.124.234	attack	Exploited Host.	2020-07-28 07:46:16
159.203.124.234	attackbotsspam	Connection to SSH Honeypot - Detected by HoneypotDB	2020-07-17 12:06:42
159.203.124.234	attackbotsspam	Jul 13 21:42:00 game-panel sshd[32685]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.124.234 Jul 13 21:42:02 game-panel sshd[32685]: Failed password for invalid user jayani from 159.203.124.234 port 39961 ssh2 Jul 13 21:45:50 game-panel sshd[465]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.124.234	2020-07-14 06:04:35
159.203.124.234	attackbots	Jul 9 21:36:30 124388 sshd[5467]: Invalid user whtest from 159.203.124.234 port 41722 Jul 9 21:36:30 124388 sshd[5467]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.124.234 Jul 9 21:36:30 124388 sshd[5467]: Invalid user whtest from 159.203.124.234 port 41722 Jul 9 21:36:32 124388 sshd[5467]: Failed password for invalid user whtest from 159.203.124.234 port 41722 ssh2 Jul 9 21:40:09 124388 sshd[5796]: Invalid user guinness from 159.203.124.234 port 40007	2020-07-10 06:25:51

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 159.203.124.114
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 43122
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;159.203.124.114.		IN	A

;; AUTHORITY SECTION:
.			434	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020042300 1800 900 604800 86400

;; Query time: 244 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Apr 24 01:48:15 CST 2020
;; MSG SIZE  rcvd: 119

HOST信息:

Host 114.124.203.159.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 114.124.203.159.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
193.27.228.198	attack	06/29/2020-00:53:26.253312 193.27.228.198 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-06-29 15:17:41
213.217.0.224	attackspam	Fail2Ban Ban Triggered HTTP Exploit Attempt	2020-06-29 15:24:08
91.121.86.22	attack	Jun 29 00:21:48 ny01 sshd[21102]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.121.86.22 Jun 29 00:21:50 ny01 sshd[21102]: Failed password for invalid user qno from 91.121.86.22 port 44082 ssh2 Jun 29 00:24:48 ny01 sshd[21471]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.121.86.22	2020-06-29 15:02:14
82.208.133.133	attack	SSH Brute-Force. Ports scanning.	2020-06-29 15:31:19
62.234.167.126	attackbotsspam	Failed password for invalid user oracle from 62.234.167.126 port 23484 ssh2	2020-06-29 15:26:14
3.7.150.36	attackspam	$f2bV_matches	2020-06-29 15:23:46
192.241.230.251	attackbots	192.241.230.251 - - \[29/Jun/2020:07:47:59 +0200\] "GET /manager/text/list HTTP/1.1" 404 136 "-" "Mozilla/5.0 zgrab/0.x" ...	2020-06-29 15:16:06
103.195.142.153	attack	$f2bV_matches	2020-06-29 15:35:34
223.205.238.132	attackspam	1593402851 - 06/29/2020 05:54:11 Host: 223.205.238.132/223.205.238.132 Port: 445 TCP Blocked	2020-06-29 15:19:03
49.88.112.77	attack	Jun 29 03:54:35 localhost sshd\[30477\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.77 user=root Jun 29 03:54:37 localhost sshd\[30477\]: Failed password for root from 49.88.112.77 port 40641 ssh2 Jun 29 03:54:40 localhost sshd\[30477\]: Failed password for root from 49.88.112.77 port 40641 ssh2 ...	2020-06-29 15:38:57
42.62.114.98	attackbots	Jun 29 08:07:50 inter-technics sshd[26186]: Invalid user es from 42.62.114.98 port 35136 Jun 29 08:07:50 inter-technics sshd[26186]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.62.114.98 Jun 29 08:07:50 inter-technics sshd[26186]: Invalid user es from 42.62.114.98 port 35136 Jun 29 08:07:53 inter-technics sshd[26186]: Failed password for invalid user es from 42.62.114.98 port 35136 ssh2 Jun 29 08:11:49 inter-technics sshd[26448]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.62.114.98 user=root Jun 29 08:11:51 inter-technics sshd[26448]: Failed password for root from 42.62.114.98 port 48262 ssh2 ...	2020-06-29 15:21:55
61.177.172.61	attackbots	Jun 29 04:30:21 firewall sshd[12854]: Failed password for root from 61.177.172.61 port 65288 ssh2 Jun 29 04:30:24 firewall sshd[12854]: Failed password for root from 61.177.172.61 port 65288 ssh2 Jun 29 04:30:28 firewall sshd[12854]: Failed password for root from 61.177.172.61 port 65288 ssh2 ...	2020-06-29 15:30:50
45.191.135.215	attack	Automatic report - Port Scan Attack	2020-06-29 15:10:46
95.251.8.222	attackbotsspam	Automatic report - Port Scan Attack	2020-06-29 15:34:27
223.71.167.166	attackbots	Jun 29 08:52:33 debian-2gb-nbg1-2 kernel: \[15672197.829342\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=223.71.167.166 DST=195.201.40.59 LEN=44 TOS=0x04 PREC=0x00 TTL=113 ID=12747 PROTO=TCP SPT=30152 DPT=3542 WINDOW=29200 RES=0x00 SYN URGP=0	2020-06-29 15:15:29

最近上报的IP列表

37.252.91.61	178.184.81.247	220.189.107.44	49.48.189.34
42.118.145.74	5.45.69.188	251.30.255.195	185.82.76.220
182.107.202.69	121.127.230.240	40.79.64.109	120.53.22.204
113.179.20.79	91.78.42.75	178.128.248.121	125.212.172.122
219.79.123.202	185.7.180.47	186.178.17.191	148.243.54.129