159.203.201.214

基本信息:

城市(city): San Francisco

省份(region): California

国家(country): United States

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	SMB Server BruteForce Attack	2019-12-30 18:49:02
attack	Port Scan detected from 159.203.201.214 (US/United States/zg-0911a-249.stretchoid.com). 4 hits in the last 261 seconds	2019-12-14 14:14:52
attackspambots	Unauthorized SSH login attempts	2019-11-30 17:12:07
attack	" "	2019-09-20 02:26:58

相同子网IP讨论:

IP	类型	评论内容	时间
159.203.201.6	attackspambots	Unauthorized connection attempt from IP address 159.203.201.6 on Port 587(SMTP-MSA)	2020-01-31 16:47:30
159.203.201.23	attack	01/31/2020-00:56:46.614661 159.203.201.23 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2020-01-31 14:16:05
159.203.201.194	attackbots	Port 56662 scan denied	2020-01-31 13:56:44
159.203.201.44	attack	01/30/2020-16:34:41.797165 159.203.201.44 Protocol: 17 GPL SNMP public access udp	2020-01-31 10:04:52
159.203.201.47	attackbotsspam	Unauthorized connection attempt detected from IP address 159.203.201.47 to port 8091 [T]	2020-01-30 17:22:53
159.203.201.145	attack	SIP Server BruteForce Attack	2020-01-30 10:21:30
159.203.201.6	attack	Automatic report - Banned IP Access	2020-01-30 09:48:14
159.203.201.249	attackspambots	46830/tcp 45188/tcp 49154/tcp... [2019-11-30/2020-01-29]53pkt,40pt.(tcp),3pt.(udp)	2020-01-30 00:23:30
159.203.201.8	attackspam	28587/tcp 55735/tcp 27107/tcp... [2019-12-01/2020-01-29]35pkt,30pt.(tcp),3pt.(udp)	2020-01-30 00:21:48
159.203.201.218	attack	Port Scan detected from 159.203.201.218 (US/United States/zg-0911a-7.stretchoid.com). 4 hits in the last 230 seconds	2020-01-29 20:03:27
159.203.201.15	attackspam	unauthorized connection attempt	2020-01-29 17:59:15
159.203.201.179	attack	Port 10643 scan denied	2020-01-29 15:27:25
159.203.201.22	attackspambots	firewall-block, port(s): 4848/tcp	2020-01-29 13:58:47
159.203.201.213	attackspambots	Unauthorized connection attempt detected from IP address 159.203.201.213 to port 465 [J]	2020-01-29 08:31:22
159.203.201.38	attackspambots	unauthorized connection attempt	2020-01-28 17:35:45

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 159.203.201.214
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 26530
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;159.203.201.214.		IN	A

;; AUTHORITY SECTION:
.			411	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019091902 1800 900 604800 86400

;; Query time: 498 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Sep 20 02:26:55 CST 2019
;; MSG SIZE  rcvd: 119

HOST信息:

214.201.203.159.in-addr.arpa domain name pointer zg-0911a-249.stretchoid.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
214.201.203.159.in-addr.arpa	name = zg-0911a-249.stretchoid.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
174.140.249.49	attackspambots	(From darren@custompicsfromairplane.com) Hello Aerial Impressions will be photographing businesses and homes in Vineland, New Jersey and throughout most of the USA from Sept 17th. Aerial photos of Ledden Family Chiropractic Center can make a great addition to your marketing material and photos of your home will make a awesome wall hanging. We shoot 30+ images from various aspects from an airplane (we do not use drones) and deliver digitally free from any copyright. Only $249 per location. For more info, schedule and bookings please visit www.custompicsfromairplane.com Regards Aerial Impressions	2019-09-13 05:18:16
147.135.209.139	attack	Sep 12 20:23:08 hb sshd\[31267\]: Invalid user christian from 147.135.209.139 Sep 12 20:23:08 hb sshd\[31267\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.ip-147-135-209.eu Sep 12 20:23:11 hb sshd\[31267\]: Failed password for invalid user christian from 147.135.209.139 port 52836 ssh2 Sep 12 20:28:59 hb sshd\[31833\]: Invalid user admin from 147.135.209.139 Sep 12 20:28:59 hb sshd\[31833\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.ip-147-135-209.eu	2019-09-13 04:46:56
1.170.93.116	attackspambots	23/tcp 23/tcp 23/tcp [2019-09-09/12]3pkt	2019-09-13 05:01:33
104.248.58.71	attack	$f2bV_matches	2019-09-13 04:34:04
178.32.47.97	attackspambots	Sep 12 22:57:53 andromeda sshd\[45725\]: Invalid user odoo from 178.32.47.97 port 39156 Sep 12 22:57:53 andromeda sshd\[45725\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.32.47.97 Sep 12 22:57:55 andromeda sshd\[45725\]: Failed password for invalid user odoo from 178.32.47.97 port 39156 ssh2	2019-09-13 05:01:15
193.32.160.145	attackspambots	Sep 12 21:14:15 albuquerque postfix/smtpd\[12651\]: NOQUEUE: reject: RCPT from unknown\[193.32.160.145\]: 554 5.7.1 Service unavailable\; Client host \[193.32.160.145\] blocked using sbl-xbl.spamhaus.org\; https://www.spamhaus.org/sbl/query/SBLCSS\; from=\ to=\ proto=ESMTP helo=\<\[193.32.160.145\]\>Sep 12 21:14:15 albuquerque postfix/smtpd\[12651\]: NOQUEUE: reject: RCPT from unknown\[193.32.160.145\]: 554 5.7.1 Service unavailable\; Client host \[193.32.160.145\] blocked using sbl-xbl.spamhaus.org\; https://www.spamhaus.org/sbl/query/SBLCSS\; from=\ to=\ proto=ESMTP helo=\<\[193.32.160.145\]\>Sep 12 21:14:15 albuquerque postfix/smtpd\[12651\]: NOQUEUE: reject: RCPT from unknown\[193.32.160.145\]: 554 5.7.1 Service unavailable\; Client host \[193.32.160.145\] blocked using sbl-xbl.spamhaus.org\; https://www.spamhaus.org/sbl/query/SBLCSS\; from=\ to=\	2019-09-13 04:27:30
78.186.9.144	attack	34567/tcp 34567/tcp 34567/tcp... [2019-09-06/12]6pkt,1pt.(tcp)	2019-09-13 05:04:36
114.38.10.58	attackspambots	23/tcp 23/tcp [2019-09-10/12]2pkt	2019-09-13 04:59:03
121.166.187.237	attack	Sep 12 17:05:54 lenivpn01 kernel: \[533553.956427\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:2f:6c:1b:d2:74:7f:6e:37:e3:08:00 SRC=121.166.187.237 DST=195.201.121.15 LEN=60 TOS=0x00 PREC=0x00 TTL=47 ID=32712 DF PROTO=TCP SPT=56248 DPT=22 WINDOW=29200 RES=0x00 SYN URGP=0 Sep 12 17:05:55 lenivpn01 kernel: \[533554.961447\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:2f:6c:1b:d2:74:7f:6e:37:e3:08:00 SRC=121.166.187.237 DST=195.201.121.15 LEN=60 TOS=0x00 PREC=0x00 TTL=47 ID=32713 DF PROTO=TCP SPT=56248 DPT=22 WINDOW=29200 RES=0x00 SYN URGP=0 Sep 12 17:05:57 lenivpn01 kernel: \[533556.977574\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:2f:6c:1b:d2:74:7f:6e:37:e3:08:00 SRC=121.166.187.237 DST=195.201.121.15 LEN=60 TOS=0x00 PREC=0x00 TTL=47 ID=32714 DF PROTO=TCP SPT=56248 DPT=22 WINDOW=29200 RES=0x00 SYN URGP=0 ...	2019-09-13 04:51:22
39.89.97.206	attackbotsspam	2323/tcp 23/tcp [2019-09-10/11]2pkt	2019-09-13 04:45:19
178.128.100.70	attackbots	Sep 12 21:48:44 microserver sshd[39559]: Invalid user cssserver from 178.128.100.70 port 47278 Sep 12 21:48:44 microserver sshd[39559]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.100.70 Sep 12 21:48:46 microserver sshd[39559]: Failed password for invalid user cssserver from 178.128.100.70 port 47278 ssh2 Sep 12 21:55:39 microserver sshd[40782]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.100.70 user=root Sep 12 21:55:42 microserver sshd[40782]: Failed password for root from 178.128.100.70 port 54276 ssh2 Sep 12 22:09:22 microserver sshd[42389]: Invalid user testsftp from 178.128.100.70 port 39694 Sep 12 22:09:22 microserver sshd[42389]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.100.70 Sep 12 22:09:23 microserver sshd[42389]: Failed password for invalid user testsftp from 178.128.100.70 port 39694 ssh2 Sep 12 22:16:36 microserver sshd[43584]: Invalid us	2019-09-13 05:14:30
92.119.160.143	attack	09/12/2019-16:51:41.678923 92.119.160.143 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-09-13 05:20:02
51.255.83.44	attack	Port Scan detected from 51.255.83.44 (FR/France/plex1.domin8.media). 4 hits in the last 85 seconds	2019-09-13 05:07:38
112.81.113.58	attackspam	Scanning random ports - tries to find possible vulnerable services	2019-09-13 05:11:11
179.191.65.122	attackbots	Sep 12 20:16:11 ns37 sshd[3453]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.191.65.122	2019-09-13 05:08:09

最近上报的IP列表

189.123.149.42	146.159.129.4	197.52.121.235	116.153.114.149
192.210.203.190	91.96.83.97	191.83.125.41	189.35.147.184
12.97.239.46	148.74.202.64	83.113.45.145	113.220.233.112
85.131.49.52	95.143.175.24	113.215.57.12	123.55.24.204
54.39.169.53	92.218.234.205	194.38.131.8	213.237.82.58