159.203.13.64 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Canada

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Jul 24 12:01:11 srv-ubuntu-dev3 sshd[103862]: Invalid user vogel from 159.203.13.64 Jul 24 12:01:11 srv-ubuntu-dev3 sshd[103862]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.13.64 Jul 24 12:01:11 srv-ubuntu-dev3 sshd[103862]: Invalid user vogel from 159.203.13.64 Jul 24 12:01:14 srv-ubuntu-dev3 sshd[103862]: Failed password for invalid user vogel from 159.203.13.64 port 38206 ssh2 Jul 24 12:05:09 srv-ubuntu-dev3 sshd[104294]: Invalid user ubuntu from 159.203.13.64 Jul 24 12:05:09 srv-ubuntu-dev3 sshd[104294]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.13.64 Jul 24 12:05:09 srv-ubuntu-dev3 sshd[104294]: Invalid user ubuntu from 159.203.13.64 Jul 24 12:05:11 srv-ubuntu-dev3 sshd[104294]: Failed password for invalid user ubuntu from 159.203.13.64 port 51874 ssh2 Jul 24 12:08:55 srv-ubuntu-dev3 sshd[104688]: Invalid user salman from 159.203.13.64 ...	2020-07-24 18:12:48
attack	(sshd) Failed SSH login from 159.203.13.64 (CA/Canada/-): 5 in the last 3600 secs	2020-07-22 12:41:25
attackbotsspam	Jul 14 05:55:48 ArkNodeAT sshd\[4422\]: Invalid user tang from 159.203.13.64 Jul 14 05:55:48 ArkNodeAT sshd\[4422\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.13.64 Jul 14 05:55:51 ArkNodeAT sshd\[4422\]: Failed password for invalid user tang from 159.203.13.64 port 45532 ssh2	2020-07-14 12:39:54
attackbots	Jul 4 17:11:06 django-0 sshd[31140]: Invalid user teamspeak from 159.203.13.64 ...	2020-07-05 02:23:44
attackbots	SSH Bruteforce Attempt (failed auth)	2020-06-28 02:48:18
attackbotsspam	Jun 4 18:52:55 php1 sshd\[6696\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.13.64 user=root Jun 4 18:52:57 php1 sshd\[6696\]: Failed password for root from 159.203.13.64 port 48778 ssh2 Jun 4 18:56:10 php1 sshd\[6961\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.13.64 user=root Jun 4 18:56:12 php1 sshd\[6961\]: Failed password for root from 159.203.13.64 port 51766 ssh2 Jun 4 18:59:31 php1 sshd\[7170\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.13.64 user=root	2020-06-05 13:09:42
attackspam	May 22 09:05:55 Ubuntu-1404-trusty-64-minimal sshd\[22995\]: Invalid user uyj from 159.203.13.64 May 22 09:05:55 Ubuntu-1404-trusty-64-minimal sshd\[22995\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.13.64 May 22 09:05:57 Ubuntu-1404-trusty-64-minimal sshd\[22995\]: Failed password for invalid user uyj from 159.203.13.64 port 58234 ssh2 May 22 09:19:20 Ubuntu-1404-trusty-64-minimal sshd\[30916\]: Invalid user sjs from 159.203.13.64 May 22 09:19:20 Ubuntu-1404-trusty-64-minimal sshd\[30916\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.13.64	2020-05-22 17:04:12
attackspambots	May 16 04:34:02 ovpn sshd\[14144\]: Invalid user abc1234 from 159.203.13.64 May 16 04:34:02 ovpn sshd\[14144\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.13.64 May 16 04:34:05 ovpn sshd\[14144\]: Failed password for invalid user abc1234 from 159.203.13.64 port 58082 ssh2 May 16 04:38:37 ovpn sshd\[15245\]: Invalid user wwwadmin from 159.203.13.64 May 16 04:38:37 ovpn sshd\[15245\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.13.64	2020-05-16 22:52:45
attackspambots	2020-05-14T22:48:22.086928v22018076590370373 sshd[767]: Failed password for invalid user test from 159.203.13.64 port 32800 ssh2 2020-05-14T22:51:33.415070v22018076590370373 sshd[9053]: Invalid user weblogic from 159.203.13.64 port 41738 2020-05-14T22:51:33.422483v22018076590370373 sshd[9053]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.13.64 2020-05-14T22:51:33.415070v22018076590370373 sshd[9053]: Invalid user weblogic from 159.203.13.64 port 41738 2020-05-14T22:51:35.529750v22018076590370373 sshd[9053]: Failed password for invalid user weblogic from 159.203.13.64 port 41738 ssh2 ...	2020-05-15 09:08:08
attackspambots	$f2bV_matches	2020-05-11 17:35:01

相同子网IP讨论:

IP	类型	评论内容	时间
159.203.13.59	attack	scans once in preceeding hours on the ports (in chronological order) 2886 resulting in total of 5 scans from 159.203.0.0/16 block.	2020-09-17 23:13:55
159.203.13.59	attack	2020-09-17T08:52:05.999577ks3355764 sshd[22288]: Failed password for root from 159.203.13.59 port 55544 ssh2 2020-09-17T08:53:55.041649ks3355764 sshd[22305]: Invalid user admin from 159.203.13.59 port 55420 ...	2020-09-17 15:20:22
159.203.13.59	attackbotsspam	Sep 16 17:53:57 george sshd[20824]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.13.59 user=root Sep 16 17:53:58 george sshd[20824]: Failed password for root from 159.203.13.59 port 50106 ssh2 Sep 16 17:57:35 george sshd[22678]: Invalid user ppm778 from 159.203.13.59 port 50178 Sep 16 17:57:35 george sshd[22678]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.13.59 Sep 16 17:57:37 george sshd[22678]: Failed password for invalid user ppm778 from 159.203.13.59 port 50178 ssh2 ...	2020-09-17 06:27:57
159.203.13.59	attack	Unauthorized connection attempt detected from IP address 159.203.13.59 to port 7800 [T]	2020-08-31 18:01:51
159.203.13.59	attackspam	Aug 17 15:06:48 rancher-0 sshd[1127419]: Invalid user atv from 159.203.13.59 port 60630 ...	2020-08-17 22:21:26
159.203.13.59	attackspambots	Aug 16 20:22:19 marvibiene sshd[7823]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.13.59 user=root Aug 16 20:22:21 marvibiene sshd[7823]: Failed password for root from 159.203.13.59 port 54932 ssh2 Aug 16 20:32:44 marvibiene sshd[7978]: Invalid user paloma from 159.203.13.59 port 53698	2020-08-17 06:06:27
159.203.133.182	attack	Failed password for invalid user diego from 159.203.133.182 port 46446 ssh2	2020-06-30 23:18:32
159.203.133.182	attackspambots	$f2bV_matches	2020-06-15 13:50:30
159.203.133.182	attackspambots	2020-05-03T21:30:17.474770abusebot.cloudsearch.cf sshd[24000]: Invalid user wa from 159.203.133.182 port 53397 2020-05-03T21:30:17.481741abusebot.cloudsearch.cf sshd[24000]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.133.182 2020-05-03T21:30:17.474770abusebot.cloudsearch.cf sshd[24000]: Invalid user wa from 159.203.133.182 port 53397 2020-05-03T21:30:19.598323abusebot.cloudsearch.cf sshd[24000]: Failed password for invalid user wa from 159.203.133.182 port 53397 ssh2 2020-05-03T21:33:13.738574abusebot.cloudsearch.cf sshd[24196]: Invalid user unicorn from 159.203.133.182 port 53756 2020-05-03T21:33:13.744309abusebot.cloudsearch.cf sshd[24196]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.133.182 2020-05-03T21:33:13.738574abusebot.cloudsearch.cf sshd[24196]: Invalid user unicorn from 159.203.133.182 port 53756 2020-05-03T21:33:16.357419abusebot.cloudsearch.cf sshd[24196]: Failed passwo ...	2020-05-04 05:56:29
159.203.133.182	attackbotsspam	Apr 16 16:48:57 ncomp sshd[30177]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.133.182 user=root Apr 16 16:48:59 ncomp sshd[30177]: Failed password for root from 159.203.133.182 port 60996 ssh2 Apr 16 17:00:49 ncomp sshd[30389]: Invalid user ubuntu from 159.203.133.182	2020-04-17 00:10:28
159.203.139.128	attack	Mar 1 05:58:50 amit sshd\[12218\]: Invalid user glassfish1 from 159.203.139.128 Mar 1 05:58:50 amit sshd\[12218\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.139.128 Mar 1 05:58:51 amit sshd\[12218\]: Failed password for invalid user glassfish1 from 159.203.139.128 port 47124 ssh2 ...	2020-03-01 13:16:56
159.203.13.141	attack	DATE:2020-02-22 16:10:49, IP:159.203.13.141, PORT:ssh SSH brute force auth (docker-dc)	2020-02-23 00:07:44
159.203.139.128	attackbotsspam	Feb 21 16:28:08 dedicated sshd[21302]: Invalid user student from 159.203.139.128 port 50310	2020-02-21 23:42:58
159.203.13.141	attackspambots	Feb 17 05:40:38 ns382633 sshd\[31625\]: Invalid user nava from 159.203.13.141 port 49894 Feb 17 05:40:38 ns382633 sshd\[31625\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.13.141 Feb 17 05:40:40 ns382633 sshd\[31625\]: Failed password for invalid user nava from 159.203.13.141 port 49894 ssh2 Feb 17 05:58:57 ns382633 sshd\[1761\]: Invalid user rdp from 159.203.13.141 port 38276 Feb 17 05:58:57 ns382633 sshd\[1761\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.13.141	2020-02-17 14:25:57
159.203.133.182	attackbotsspam	(sshd) Failed SSH login from 159.203.133.182 (US/United States/-): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Feb 8 15:20:26 ubnt-55d23 sshd[14348]: Invalid user flb from 159.203.133.182 port 58657 Feb 8 15:20:27 ubnt-55d23 sshd[14348]: Failed password for invalid user flb from 159.203.133.182 port 58657 ssh2	2020-02-09 06:27:44

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 159.203.13.64
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10824
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;159.203.13.64.			IN	A

;; AUTHORITY SECTION:
.			325	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020051100 1800 900 604800 86400

;; Query time: 96 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon May 11 17:34:57 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 64.13.203.159.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 64.13.203.159.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
167.99.10.162	attack	www.goldgier.de 167.99.10.162 [12/Sep/2020:12:29:13 +0200] "POST /wp-login.php HTTP/1.1" 200 8762 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" www.goldgier.de 167.99.10.162 [12/Sep/2020:12:29:14 +0200] "POST /wp-login.php HTTP/1.1" 200 8762 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-09-12 22:57:08
165.22.57.175	attack	Sep 12 08:06:02 Tower sshd[22869]: Connection from 165.22.57.175 port 44876 on 192.168.10.220 port 22 rdomain "" Sep 12 08:06:04 Tower sshd[22869]: Failed password for root from 165.22.57.175 port 44876 ssh2 Sep 12 08:06:04 Tower sshd[22869]: Received disconnect from 165.22.57.175 port 44876:11: Bye Bye [preauth] Sep 12 08:06:04 Tower sshd[22869]: Disconnected from authenticating user root 165.22.57.175 port 44876 [preauth]	2020-09-12 22:33:51
45.161.152.36	attack	Invalid user liza from 45.161.152.36 port 41366	2020-09-12 23:10:09
46.101.165.62	attackbotsspam	Sep 12 05:08:57 logopedia-1vcpu-1gb-nyc1-01 sshd[254627]: Failed password for root from 46.101.165.62 port 38966 ssh2 ...	2020-09-12 22:46:54
103.76.191.93	attackbotsspam	Port Scan ...	2020-09-12 23:00:45
196.216.228.34	attack	Sep 12 16:35:44 haigwepa sshd[31083]: Failed password for root from 196.216.228.34 port 43598 ssh2 ...	2020-09-12 22:49:24
163.172.133.23	attackbots	Fail2Ban Ban Triggered	2020-09-12 22:35:53
157.230.2.208	attack	Sep 12 11:01:29 icinga sshd[30055]: Failed password for root from 157.230.2.208 port 46990 ssh2 Sep 12 11:08:29 icinga sshd[40243]: Failed password for root from 157.230.2.208 port 58074 ssh2 ...	2020-09-12 22:51:31
220.127.148.8	attackbots	Sep 12 08:21:13 root sshd[31089]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.127.148.8 ...	2020-09-12 23:05:13
88.80.20.86	attack	Sep 12 11:23:27 marvibiene sshd[29907]: Failed password for root from 88.80.20.86 port 41495 ssh2 Sep 12 11:23:30 marvibiene sshd[29907]: Failed password for root from 88.80.20.86 port 41495 ssh2 Sep 12 11:23:33 marvibiene sshd[29907]: Failed password for root from 88.80.20.86 port 41495 ssh2 Sep 12 11:23:38 marvibiene sshd[29907]: Failed password for root from 88.80.20.86 port 41495 ssh2	2020-09-12 23:06:11
54.37.14.3	attackbotsspam	Invalid user dovecot from 54.37.14.3 port 39994	2020-09-12 22:58:45
3.7.233.194	attackspambots	$f2bV_matches	2020-09-12 22:51:51
106.12.165.253	attackspam	SSH_attack	2020-09-12 22:46:16
87.107.59.207	attack	1599843321 - 09/11/2020 23:55:21 Host: 87.107.59.207/87.107.59.207 Port: 23 TCP Blocked ...	2020-09-12 22:53:04
45.129.33.40	attack	[H1.VM8] Blocked by UFW	2020-09-12 22:35:39

最近上报的IP列表

167.95.232.118	249.213.21.61	221.217.171.180	179.218.43.141
55.8.100.149	238.73.15.74	72.255.8.97	137.19.229.141
182.89.100.101	241.119.26.174	144.123.90.174	81.234.122.194
191.41.27.61	14.176.32.228	32.26.224.202	61.196.184.140
16.150.2.193	125.204.174.118	29.106.6.217	37.49.226.236