159.203.161.63

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Request: "GET / HTTP/2.0"	2019-06-22 05:20:19

相同子网IP讨论:

IP	类型	评论内容	时间
159.203.161.38	attack	Feb 17 15:29:43 legacy sshd[5337]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.161.38 Feb 17 15:29:46 legacy sshd[5337]: Failed password for invalid user isriordan from 159.203.161.38 port 35034 ssh2 Feb 17 15:33:16 legacy sshd[5540]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.161.38 ...	2020-02-18 01:08:18
159.203.161.141	attack	Feb 10 02:00:20 server sshd\[15394\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.161.141 user=root Feb 10 02:00:22 server sshd\[15394\]: Failed password for root from 159.203.161.141 port 58010 ssh2 Feb 10 02:00:58 server sshd\[15417\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.161.141 user=root Feb 10 02:01:00 server sshd\[15417\]: Failed password for root from 159.203.161.141 port 38962 ssh2 Feb 10 02:01:36 server sshd\[15499\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.161.141 user=root ...	2020-02-10 07:26:06
159.203.161.141	attackspam	Lines containing failures of 159.203.161.141 Feb 6 14:52:53 kvm05 sshd[9694]: Did not receive identification string from 159.203.161.141 port 59626 Feb 6 14:53:29 kvm05 sshd[9765]: Received disconnect from 159.203.161.141 port 33908:11: Normal Shutdown, Thank you for playing [preauth] Feb 6 14:53:29 kvm05 sshd[9765]: Disconnected from authenticating user r.r 159.203.161.141 port 33908 [preauth] Feb 6 14:54:08 kvm05 sshd[9839]: Received disconnect from 159.203.161.141 port 47584:11: Normal Shutdown, Thank you for playing [preauth] Feb 6 14:54:08 kvm05 sshd[9839]: Disconnected from authenticating user r.r 159.203.161.141 port 47584 [preauth] Feb 6 14:54:46 kvm05 sshd[9964]: Received disconnect from 159.203.161.141 port 33024:11: Normal Shutdown, Thank you for playing [preauth] Feb 6 14:54:46 kvm05 sshd[9964]: Disconnected from authenticating user r.r 159.203.161.141 port 33024 [preauth] Feb 6 14:55:22 kvm05 sshd[10161]: Invalid user admin from 159.203.161.141 port ........ ------------------------------	2020-02-09 22:55:15
159.203.161.141	attack	Feb 8 19:25:27 targaryen sshd[12469]: Invalid user admin from 159.203.161.141 Feb 8 19:26:03 targaryen sshd[12473]: Invalid user admin from 159.203.161.141 Feb 8 19:26:38 targaryen sshd[12477]: Invalid user ubuntu from 159.203.161.141 Feb 8 19:27:47 targaryen sshd[12482]: Invalid user user from 159.203.161.141 ...	2020-02-09 09:13:07
159.203.161.141	attack	Feb 8 20:53:09 localhost sshd\[25167\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.161.141 user=root Feb 8 20:53:11 localhost sshd\[25167\]: Failed password for root from 159.203.161.141 port 48772 ssh2 Feb 8 20:53:46 localhost sshd\[25169\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.161.141 user=root Feb 8 20:53:48 localhost sshd\[25169\]: Failed password for root from 159.203.161.141 port 57674 ssh2 Feb 8 20:54:23 localhost sshd\[25179\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.161.141 user=root ...	2020-02-09 04:15:49
159.203.161.141	attackspam	Feb 8 13:41:06 tor-proxy-04 sshd\[26186\]: User root from 159.203.161.141 not allowed because not listed in AllowUsers Feb 8 13:41:42 tor-proxy-04 sshd\[26190\]: User root from 159.203.161.141 not allowed because not listed in AllowUsers Feb 8 13:42:18 tor-proxy-04 sshd\[26194\]: User root from 159.203.161.141 not allowed because not listed in AllowUsers ...	2020-02-08 20:44:49
159.203.161.141	attackbots	Feb 6 21:53:17 debian-2gb-nbg1-2 kernel: \[3281640.825188\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=159.203.161.141 DST=195.201.40.59 LEN=48 TOS=0x00 PREC=0x00 TTL=117 ID=1666 PROTO=TCP SPT=57393 DPT=22 WINDOW=65535 RES=0x00 SYN URGP=0	2020-02-07 04:56:02
159.203.161.8	attackspam	DigitalOcean BotNet attack - 10s of requests to non-existent pages - :443/app-ads.txt - typically bursts of 8 requests per second - undefined, XSS attacks node-superagent/4.1.0	2020-01-02 06:53:55

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 159.203.161.63
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 61237
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;159.203.161.63.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019062101 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Jun 22 05:20:15 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 63.161.203.159.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 63.161.203.159.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
51.178.82.80	attackbotsspam	Invalid user jp from 51.178.82.80 port 52098	2020-04-21 03:46:39
167.172.249.58	attackbots	(sshd) Failed SSH login from 167.172.249.58 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Apr 20 21:49:07 amsweb01 sshd[14954]: User admin from 167.172.249.58 not allowed because not listed in AllowUsers Apr 20 21:49:07 amsweb01 sshd[14954]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.172.249.58 user=admin Apr 20 21:49:09 amsweb01 sshd[14954]: Failed password for invalid user admin from 167.172.249.58 port 53602 ssh2 Apr 20 21:58:00 amsweb01 sshd[25466]: Invalid user oo from 167.172.249.58 port 42444 Apr 20 21:58:03 amsweb01 sshd[25466]: Failed password for invalid user oo from 167.172.249.58 port 42444 ssh2	2020-04-21 04:00:31
121.174.147.44	attackspambots	Unauthorized connection attempt detected, IP banned.	2020-04-21 04:17:43
111.93.71.219	attackspam	Apr 20 15:53:12 ny01 sshd[11499]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.93.71.219 Apr 20 15:53:14 ny01 sshd[11499]: Failed password for invalid user test from 111.93.71.219 port 59320 ssh2 Apr 20 15:57:46 ny01 sshd[12415]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.93.71.219	2020-04-21 04:15:48
89.248.174.151	attackspambots	Invalid user admin from 89.248.174.151 port 38114	2020-04-21 03:40:38
37.49.226.184	attackbots	Invalid user admin from 37.49.226.184 port 57796	2020-04-21 03:55:32
185.50.149.5	attackbotsspam	Apr 20 20:57:56 mail postfix/smtpd\[26713\]: warning: unknown\[185.50.149.5\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Apr 20 22:02:14 mail postfix/smtpd\[27725\]: warning: unknown\[185.50.149.5\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Apr 20 22:02:32 mail postfix/smtpd\[27835\]: warning: unknown\[185.50.149.5\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Apr 20 22:05:47 mail postfix/smtpd\[27973\]: warning: unknown\[185.50.149.5\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\	2020-04-21 04:14:53
206.189.80.118	attackspam	Apr 20 22:11:21 vps sshd[977479]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.80.118 user=root Apr 20 22:11:23 vps sshd[977479]: Failed password for root from 206.189.80.118 port 51930 ssh2 Apr 20 22:14:14 vps sshd[989990]: Invalid user user from 206.189.80.118 port 39082 Apr 20 22:14:14 vps sshd[989990]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.80.118 Apr 20 22:14:16 vps sshd[989990]: Failed password for invalid user user from 206.189.80.118 port 39082 ssh2 ...	2020-04-21 04:16:07
103.104.119.107	attack	Wordpress Admin Login attack	2020-04-21 04:01:53
49.234.87.24	attack	Apr 20 19:34:20 vmd48417 sshd[31320]: Failed password for root from 49.234.87.24 port 42110 ssh2	2020-04-21 03:50:44
68.183.19.84	attackspambots	bruteforce detected	2020-04-21 04:03:52
87.228.206.227	attack	Invalid user ny from 87.228.206.227 port 37598	2020-04-21 03:41:47
117.55.241.178	attackbotsspam	Apr 20 21:53:01 vps sshd[882271]: Invalid user john from 117.55.241.178 port 55640 Apr 20 21:53:01 vps sshd[882271]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.55.241.178 Apr 20 21:53:04 vps sshd[882271]: Failed password for invalid user john from 117.55.241.178 port 55640 ssh2 Apr 20 21:57:55 vps sshd[906055]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.55.241.178 user=root Apr 20 21:57:57 vps sshd[906055]: Failed password for root from 117.55.241.178 port 33215 ssh2 ...	2020-04-21 04:05:42
218.92.0.200	attackbots	Apr 20 21:58:00 pve1 sshd[21882]: Failed password for root from 218.92.0.200 port 21337 ssh2 Apr 20 21:58:03 pve1 sshd[21882]: Failed password for root from 218.92.0.200 port 21337 ssh2 ...	2020-04-21 04:00:06
2.119.3.137	attackspam	Apr 20 21:57:49 DAAP sshd[26384]: Invalid user nd from 2.119.3.137 port 55508 Apr 20 21:57:49 DAAP sshd[26383]: Invalid user nd from 2.119.3.137 port 55507 Apr 20 21:57:49 DAAP sshd[26384]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.119.3.137 Apr 20 21:57:49 DAAP sshd[26384]: Invalid user nd from 2.119.3.137 port 55508 Apr 20 21:57:51 DAAP sshd[26384]: Failed password for invalid user nd from 2.119.3.137 port 55508 ssh2 Apr 20 21:57:49 DAAP sshd[26383]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.119.3.137 Apr 20 21:57:49 DAAP sshd[26383]: Invalid user nd from 2.119.3.137 port 55507 Apr 20 21:57:51 DAAP sshd[26383]: Failed password for invalid user nd from 2.119.3.137 port 55507 ssh2 ...	2020-04-21 04:12:13

最近上报的IP列表

115.217.103.185	142.93.163.193	190.79.4.37	77.246.165.9
35.241.136.232	79.52.212.140	218.108.73.131	54.193.66.148
122.136.125.5	13.57.221.224	219.157.239.119	200.196.41.183
91.210.218.199	187.223.108.219	25.134.146.26	51.89.130.124
210.234.140.176	18.215.155.208	41.96.51.87	47.205.52.254