159.203.42.143

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	From CCTV User Interface Log ...::ffff:159.203.42.143 - - [17/Apr/2020:06:55:06 +0000] "GET / HTTP/1.1" 200 955 ...	2020-04-17 23:09:30
attackbots	Unauthorized connection attempt detected from IP address 159.203.42.143 to port 80 [J]	2020-01-16 07:36:19
attackbotsspam	Web Probe / Attack NCT	2019-07-16 05:56:36
attackspambots	Automatic report - Web App Attack	2019-07-07 12:09:30

相同子网IP讨论:

IP	类型	评论内容	时间
159.203.42.157	attack	May 10 22:48:36 meumeu sshd[20945]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.42.157 May 10 22:48:38 meumeu sshd[20945]: Failed password for invalid user q3 from 159.203.42.157 port 59352 ssh2 May 10 22:52:41 meumeu sshd[21771]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.42.157 ...	2020-05-11 05:07:10
159.203.42.130	attackspambots	firewall-block, port(s): 23/tcp	2020-02-18 19:40:47
159.203.42.130	attack	DATE:2020-02-17 20:36:03, IP:159.203.42.130, PORT:telnet - Telnet brute force auth on a honeypot server (epe-dc)	2020-02-18 04:27:08
159.203.42.130	attackbotsspam	Unauthorized connection attempt detected from IP address 159.203.42.130 to port 23 [J]	2020-02-04 19:02:16
159.203.42.75	attackbots	ports scanning	2019-06-23 13:42:53

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 159.203.42.143
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 60906
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;159.203.42.143.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019051600 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu May 16 16:15:34 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 143.42.203.159.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 143.42.203.159.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
49.88.112.114	attack	Nov 24 11:49:21 auw2 sshd\[23493\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.114 user=root Nov 24 11:49:23 auw2 sshd\[23493\]: Failed password for root from 49.88.112.114 port 49149 ssh2 Nov 24 11:49:24 auw2 sshd\[23493\]: Failed password for root from 49.88.112.114 port 49149 ssh2 Nov 24 11:49:27 auw2 sshd\[23493\]: Failed password for root from 49.88.112.114 port 49149 ssh2 Nov 24 11:50:07 auw2 sshd\[23564\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.114 user=root	2019-11-25 06:02:43
1.54.206.54	attack	Attempt to attack host OS, exploiting network vulnerabilities, on 24-11-2019 14:45:22.	2019-11-25 05:50:22
24.140.49.7	attackspambots	Nov 24 09:38:03 TORMINT sshd\[10781\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=24.140.49.7 user=root Nov 24 09:38:05 TORMINT sshd\[10781\]: Failed password for root from 24.140.49.7 port 42622 ssh2 Nov 24 09:45:09 TORMINT sshd\[11125\]: Invalid user gehrls from 24.140.49.7 Nov 24 09:45:09 TORMINT sshd\[11125\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=24.140.49.7 ...	2019-11-25 05:56:57
222.186.175.155	attack	2019-11-22 07:17:58 -> 2019-11-24 10:14:12 : 88 login attempts (222.186.175.155)	2019-11-25 06:09:38
51.15.46.184	attack	Nov 24 18:51:10 marvibiene sshd[5296]: Invalid user leslee from 51.15.46.184 port 57660 Nov 24 18:51:10 marvibiene sshd[5296]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.15.46.184 Nov 24 18:51:10 marvibiene sshd[5296]: Invalid user leslee from 51.15.46.184 port 57660 Nov 24 18:51:12 marvibiene sshd[5296]: Failed password for invalid user leslee from 51.15.46.184 port 57660 ssh2 ...	2019-11-25 05:54:32
219.148.65.58	attackspam	Port 1433 Scan	2019-11-25 06:21:39
92.119.160.15	attackbots	Nov 24 16:45:43 h2177944 kernel: \[7485695.745920\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.119.160.15 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=30983 PROTO=TCP SPT=43852 DPT=3337 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 24 16:46:38 h2177944 kernel: \[7485750.495109\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.119.160.15 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=52118 PROTO=TCP SPT=43852 DPT=7000 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 24 16:47:06 h2177944 kernel: \[7485779.116096\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.119.160.15 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=45889 PROTO=TCP SPT=43852 DPT=1002 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 24 16:49:12 h2177944 kernel: \[7485904.262583\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.119.160.15 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=50607 PROTO=TCP SPT=43852 DPT=3308 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 24 16:49:14 h2177944 kernel: \[7485906.393151\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.119.160.15 DST=85.214.117.9	2019-11-25 06:07:46
82.64.15.106	attackbots	Nov 24 19:03:11 work-partkepr sshd\[23324\]: Invalid user pi from 82.64.15.106 port 49562 Nov 24 19:03:11 work-partkepr sshd\[23322\]: Invalid user pi from 82.64.15.106 port 49558 ...	2019-11-25 06:14:17
63.88.23.153	attackspambots	63.88.23.153 was recorded 7 times by 5 hosts attempting to connect to the following ports: 80. Incident counter (4h, 24h, all-time): 7, 65, 583	2019-11-25 05:56:35
34.92.140.95	attackbotsspam	Nov 24 21:27:03 sbg01 sshd[23421]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=34.92.140.95 Nov 24 21:27:05 sbg01 sshd[23421]: Failed password for invalid user arwind from 34.92.140.95 port 35008 ssh2 Nov 24 21:35:53 sbg01 sshd[23448]: Failed password for root from 34.92.140.95 port 43556 ssh2	2019-11-25 06:09:09
117.2.166.67	attackbotsspam	Unauthorized connection attempt from IP address 117.2.166.67 on Port 445(SMB)	2019-11-25 05:53:52
167.99.83.237	attack	2019-11-24T16:25:21.1962361495-001 sshd\[62369\]: Invalid user ryu from 167.99.83.237 port 59258 2019-11-24T16:25:21.2046111495-001 sshd\[62369\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.83.237 2019-11-24T16:25:22.7076181495-001 sshd\[62369\]: Failed password for invalid user ryu from 167.99.83.237 port 59258 ssh2 2019-11-24T16:30:57.4714061495-001 sshd\[62541\]: Invalid user strock from 167.99.83.237 port 38068 2019-11-24T16:30:57.4809441495-001 sshd\[62541\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.83.237 2019-11-24T16:30:59.7772171495-001 sshd\[62541\]: Failed password for invalid user strock from 167.99.83.237 port 38068 ssh2 ...	2019-11-25 06:20:02
54.38.183.181	attackbots	Oct 30 17:27:01 vtv3 sshd[13018]: Invalid user aecpro from 54.38.183.181 port 34454 Oct 30 17:27:01 vtv3 sshd[13018]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.183.181 Oct 30 17:27:03 vtv3 sshd[13018]: Failed password for invalid user aecpro from 54.38.183.181 port 34454 ssh2 Oct 30 17:30:56 vtv3 sshd[15097]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.183.181 user=root Oct 30 17:30:58 vtv3 sshd[15097]: Failed password for root from 54.38.183.181 port 44130 ssh2 Nov 24 16:34:25 vtv3 sshd[32427]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.183.181 Nov 24 16:34:27 vtv3 sshd[32427]: Failed password for invalid user server from 54.38.183.181 port 38778 ssh2 Nov 24 16:40:30 vtv3 sshd[3423]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.183.181 Nov 24 16:53:59 vtv3 sshd[10923]: pam_unix(sshd:auth): authentication fa	2019-11-25 06:15:10
81.22.45.25	attackspambots	11/24/2019-17:13:01.216232 81.22.45.25 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-11-25 06:18:26
46.101.73.64	attackbotsspam	2019-11-24T19:30:01.305254shield sshd\[3651\]: Invalid user 1qazasd from 46.101.73.64 port 60396 2019-11-24T19:30:01.309779shield sshd\[3651\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.73.64 2019-11-24T19:30:03.817004shield sshd\[3651\]: Failed password for invalid user 1qazasd from 46.101.73.64 port 60396 ssh2 2019-11-24T19:35:55.147833shield sshd\[5487\]: Invalid user moldskred from 46.101.73.64 port 39920 2019-11-24T19:35:55.152426shield sshd\[5487\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.73.64	2019-11-25 06:07:12

最近上报的IP列表

46.166.162.53	201.163.176.203	195.128.158.1	83.221.0.35
196.219.61.99	167.206.202.139	64.222.199.18	110.232.75.242
40.193.14.188	118.123.173.18	117.252.0.162	57.88.137.157
115.78.9.126	210.14.16.230	101.109.119.58	117.2.59.168
129.204.215.126	113.167.101.187	108.197.223.33	80.82.62.234