159.203.201.22

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	firewall-block, port(s): 4848/tcp	2020-01-29 13:58:47
attackbots	01/02/2020-11:10:03.123669 159.203.201.22 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2020-01-02 22:50:10
attack	19631/tcp 32430/tcp 5432/tcp... [2019-09-25/11-25]49pkt,45pt.(tcp),1pt.(udp)	2019-11-26 01:01:57
attack	ET DROP Dshield Block Listed Source group 1 - port: 389 proto: TCP cat: Misc Attack	2019-11-23 17:07:40
attackspambots	11/07/2019-15:38:24.122940 159.203.201.22 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-11-08 06:32:47
attackbotsspam	firewall-block, port(s): 2082/tcp	2019-09-26 07:11:58

相同子网IP讨论:

IP	类型	评论内容	时间
159.203.201.6	attackspambots	Unauthorized connection attempt from IP address 159.203.201.6 on Port 587(SMTP-MSA)	2020-01-31 16:47:30
159.203.201.23	attack	01/31/2020-00:56:46.614661 159.203.201.23 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2020-01-31 14:16:05
159.203.201.194	attackbots	Port 56662 scan denied	2020-01-31 13:56:44
159.203.201.44	attack	01/30/2020-16:34:41.797165 159.203.201.44 Protocol: 17 GPL SNMP public access udp	2020-01-31 10:04:52
159.203.201.47	attackbotsspam	Unauthorized connection attempt detected from IP address 159.203.201.47 to port 8091 [T]	2020-01-30 17:22:53
159.203.201.145	attack	SIP Server BruteForce Attack	2020-01-30 10:21:30
159.203.201.6	attack	Automatic report - Banned IP Access	2020-01-30 09:48:14
159.203.201.249	attackspambots	46830/tcp 45188/tcp 49154/tcp... [2019-11-30/2020-01-29]53pkt,40pt.(tcp),3pt.(udp)	2020-01-30 00:23:30
159.203.201.8	attackspam	28587/tcp 55735/tcp 27107/tcp... [2019-12-01/2020-01-29]35pkt,30pt.(tcp),3pt.(udp)	2020-01-30 00:21:48
159.203.201.218	attack	Port Scan detected from 159.203.201.218 (US/United States/zg-0911a-7.stretchoid.com). 4 hits in the last 230 seconds	2020-01-29 20:03:27
159.203.201.15	attackspam	unauthorized connection attempt	2020-01-29 17:59:15
159.203.201.179	attack	Port 10643 scan denied	2020-01-29 15:27:25
159.203.201.213	attackspambots	Unauthorized connection attempt detected from IP address 159.203.201.213 to port 465 [J]	2020-01-29 08:31:22
159.203.201.38	attackspambots	unauthorized connection attempt	2020-01-28 17:35:45
159.203.201.201	attack	unauthorized access on port 443 [https] FO	2020-01-28 15:27:19

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 159.203.201.22
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 55215
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;159.203.201.22.			IN	A

;; AUTHORITY SECTION:
.			570	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019092503 1800 900 604800 86400

;; Query time: 103 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Sep 26 07:11:55 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

22.201.203.159.in-addr.arpa domain name pointer zg-0911b-40.stretchoid.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
22.201.203.159.in-addr.arpa	name = zg-0911b-40.stretchoid.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
203.245.29.159	attackspam		2020-08-03 21:20:34
222.186.31.83	attack	Brute-force attempt banned	2020-08-03 21:14:09
192.99.11.195	attack	Aug 3 13:30:58 ip-172-31-61-156 sshd[3478]: Failed password for root from 192.99.11.195 port 37685 ssh2 Aug 3 13:35:12 ip-172-31-61-156 sshd[3645]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.99.11.195 user=root Aug 3 13:35:15 ip-172-31-61-156 sshd[3645]: Failed password for root from 192.99.11.195 port 43841 ssh2 Aug 3 13:35:12 ip-172-31-61-156 sshd[3645]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.99.11.195 user=root Aug 3 13:35:15 ip-172-31-61-156 sshd[3645]: Failed password for root from 192.99.11.195 port 43841 ssh2 ...	2020-08-03 21:53:09
178.32.248.121	attackspambots	Aug 3 00:11:38 srv05 sshd[11583]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.32.248.121 user=r.r Aug 3 00:11:40 srv05 sshd[11583]: Failed password for r.r from 178.32.248.121 port 54230 ssh2 Aug 3 00:11:40 srv05 sshd[11583]: Received disconnect from 178.32.248.121: 11: Bye Bye [preauth] Aug 3 00:16:01 srv05 sshd[11801]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.32.248.121 user=r.r Aug 3 00:16:03 srv05 sshd[11801]: Failed password for r.r from 178.32.248.121 port 47516 ssh2 Aug 3 00:16:03 srv05 sshd[11801]: Received disconnect from 178.32.248.121: 11: Bye Bye [preauth] Aug 3 00:19:50 srv05 sshd[11942]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.32.248.121 user=r.r Aug 3 00:19:52 srv05 sshd[11942]: Failed password for r.r from 178.32.248.121 port 59124 ssh2 Aug 3 00:19:52 srv05 sshd[11942]: Received disconnect from........ -------------------------------	2020-08-03 21:28:09
201.131.180.170	attackbotsspam	(smtpauth) Failed SMTP AUTH login from 201.131.180.170 (BR/Brazil/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-08-03 16:57:50 plain authenticator failed for ([201.131.180.170]) [201.131.180.170]: 535 Incorrect authentication data (set_id=info)	2020-08-03 21:15:22
185.46.17.114	attack	Port Scan ...	2020-08-03 21:33:12
200.186.127.210	attack	Aug 3 15:01:02 ns381471 sshd[4588]: Failed password for root from 200.186.127.210 port 53748 ssh2	2020-08-03 21:29:11
106.13.232.79	attackspam	Aug 3 07:55:06 scivo sshd[9151]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.232.79 user=r.r Aug 3 07:55:08 scivo sshd[9151]: Failed password for r.r from 106.13.232.79 port 37864 ssh2 Aug 3 07:55:08 scivo sshd[9151]: Received disconnect from 106.13.232.79: 11: Bye Bye [preauth] Aug 3 08:22:37 scivo sshd[10515]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.232.79 user=r.r Aug 3 08:22:40 scivo sshd[10515]: Failed password for r.r from 106.13.232.79 port 58514 ssh2 Aug 3 08:22:40 scivo sshd[10515]: Received disconnect from 106.13.232.79: 11: Bye Bye [preauth] Aug 3 08:28:29 scivo sshd[10799]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.232.79 user=r.r Aug 3 08:28:31 scivo sshd[10799]: Failed password for r.r from 106.13.232.79 port 38242 ssh2 Aug 3 08:28:31 scivo sshd[10799]: Received disconnect from 106.13.232........ -------------------------------	2020-08-03 21:46:35
94.102.51.95	attackbotsspam	08/03/2020-09:15:08.789769 94.102.51.95 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-08-03 21:16:26
165.227.86.14	attackspambots	165.227.86.14 - - [03/Aug/2020:14:51:12 +0200] "POST /wp-login.php HTTP/1.1" 200 3434 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-03 21:51:11
104.198.16.231	attackbotsspam	Aug 3 15:21:21 abendstille sshd\[545\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.198.16.231 user=root Aug 3 15:21:24 abendstille sshd\[545\]: Failed password for root from 104.198.16.231 port 49928 ssh2 Aug 3 15:25:28 abendstille sshd\[4555\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.198.16.231 user=root Aug 3 15:25:30 abendstille sshd\[4555\]: Failed password for root from 104.198.16.231 port 60974 ssh2 Aug 3 15:29:29 abendstille sshd\[8353\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.198.16.231 user=root ...	2020-08-03 21:34:26
162.243.128.193	attackspam	Port scan: Attack repeated for 24 hours	2020-08-03 21:24:15
58.23.212.134	attack	Aug 3 14:06:44 vpn01 sshd[26231]: Failed password for root from 58.23.212.134 port 58978 ssh2 ...	2020-08-03 21:14:39
103.145.12.177	attackbots	[2020-08-03 08:27:16] NOTICE[1248] chan_sip.c: Registration from '"1017" ' failed for '103.145.12.177:5272' - Wrong password [2020-08-03 08:27:16] SECURITY[1275] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-08-03T08:27:16.831-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="1017",SessionID="0x7f27203cfef8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/103.145.12.177/5272",Challenge="782df7f8",ReceivedChallenge="782df7f8",ReceivedHash="8da3e16a2705dd399ba0da2201f7e6a4" [2020-08-03 08:27:16] NOTICE[1248] chan_sip.c: Registration from '"1017" ' failed for '103.145.12.177:5272' - Wrong password [2020-08-03 08:27:16] SECURITY[1275] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-08-03T08:27:16.973-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="1017",SessionID="0x7f2720091b18",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP ...	2020-08-03 21:45:49
89.248.172.16	attackbotsspam	scans once in preceeding hours on the ports (in chronological order) 2455 resulting in total of 59 scans from 89.248.160.0-89.248.174.255 block.	2020-08-03 21:43:14

最近上报的IP列表

187.189.111.136	154.168.135.185	37.87.23.119	78.186.65.174
39.96.3.240	141.255.109.79	185.227.138.70	185.46.121.194
18.188.140.237	124.152.108.166	86.12.108.29	1.32.40.24
96.118.215.76	27.210.158.137	192.99.233.219	141.92.70.82
43.241.145.101	212.189.147.201	122.94.204.196	242.0.84.107