159.203.74.94 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States of America

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	20/4/24@23:59:23: FAIL: Alarm-Intrusion address from=159.203.74.94 ...	2020-04-25 12:28:20
attackspam	20/4/24@02:54:14: FAIL: Alarm-Intrusion address from=159.203.74.94 ...	2020-04-24 15:17:03
attackbots	20/4/19@08:05:51: FAIL: Alarm-Intrusion address from=159.203.74.94 ...	2020-04-19 20:24:52

类型

评论内容

时间

attackspambots

20/4/24@23:59:23: FAIL: Alarm-Intrusion address from=159.203.74.94
...

2020-04-25 12:28:20

attackspam

20/4/24@02:54:14: FAIL: Alarm-Intrusion address from=159.203.74.94
...

2020-04-24 15:17:03

attackbots

20/4/19@08:05:51: FAIL: Alarm-Intrusion address from=159.203.74.94
...

2020-04-19 20:24:52

相同子网IP讨论:

IP	类型	评论内容	时间
159.203.74.227	attackbots	Invalid user vz from 159.203.74.227 port 43554	2020-10-13 22:33:18
159.203.74.227	attackspambots	Oct 12 22:55:14 mavik sshd[13085]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.74.227 user=root Oct 12 22:55:16 mavik sshd[13085]: Failed password for root from 159.203.74.227 port 35866 ssh2 Oct 12 22:59:31 mavik sshd[13749]: Invalid user wildaliz from 159.203.74.227 Oct 12 22:59:31 mavik sshd[13749]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.74.227 Oct 12 22:59:33 mavik sshd[13749]: Failed password for invalid user wildaliz from 159.203.74.227 port 39348 ssh2 ...	2020-10-13 06:39:35
159.203.74.227	attackspambots	[N3.H3.VM3] Port Scanner Detected Blocked by UFW	2020-09-28 01:32:50
159.203.74.227	attackbotsspam	Sep 27 11:24:43 PorscheCustomer sshd[19202]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.74.227 Sep 27 11:24:44 PorscheCustomer sshd[19202]: Failed password for invalid user vpn from 159.203.74.227 port 53320 ssh2 Sep 27 11:29:36 PorscheCustomer sshd[19267]: Failed password for root from 159.203.74.227 port 33264 ssh2 ...	2020-09-27 17:36:49
159.203.74.227	attackbotsspam	Sep 5 21:40:08 minden010 sshd[31495]: Failed password for root from 159.203.74.227 port 44090 ssh2 Sep 5 21:44:52 minden010 sshd[1051]: Failed password for root from 159.203.74.227 port 52152 ssh2 ...	2020-09-06 04:21:46
159.203.74.227	attackspam	SSH Brute-Force attacks	2020-09-05 20:10:39
159.203.74.227	attackspam	32354/tcp 17856/tcp 704/tcp... [2020-06-29/08-29]109pkt,41pt.(tcp)	2020-08-30 03:20:29
159.203.74.227	attackbots	Invalid user oracle from 159.203.74.227 port 56104	2020-08-29 05:18:35
159.203.74.227	attackspambots	1598424639 - 08/26/2020 08:50:39 Host: 159.203.74.227/159.203.74.227 Port: 704 TCP Blocked ...	2020-08-26 17:27:09
159.203.74.227	attack	Port scan: Attack repeated for 24 hours	2020-08-05 07:16:33
159.203.74.227	attack	2020-07-29T04:37:30.296812linuxbox-skyline sshd[84060]: Invalid user redmine from 159.203.74.227 port 60202 ...	2020-07-29 19:14:02
159.203.74.227	attackbots	Invalid user fotos from 159.203.74.227 port 45330	2020-07-25 13:25:36
159.203.74.227	attackbotsspam	Invalid user zzg from 159.203.74.227 port 60552	2020-07-18 20:07:32
159.203.74.227	attackspam	Jul 17 03:03:05 lanister sshd[11305]: Invalid user debian from 159.203.74.227 Jul 17 03:03:05 lanister sshd[11305]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.74.227 Jul 17 03:03:05 lanister sshd[11305]: Invalid user debian from 159.203.74.227 Jul 17 03:03:07 lanister sshd[11305]: Failed password for invalid user debian from 159.203.74.227 port 32844 ssh2	2020-07-17 15:03:44
159.203.74.159	attackbots	Jul 15 09:23:48 rama sshd[889480]: Invalid user omega from 159.203.74.159 Jul 15 09:23:48 rama sshd[889480]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.74.159 Jul 15 09:23:50 rama sshd[889480]: Failed password for invalid user omega from 159.203.74.159 port 50340 ssh2 Jul 15 09:23:50 rama sshd[889480]: Received disconnect from 159.203.74.159: 11: Bye Bye [preauth] Jul 15 10:02:19 rama sshd[901008]: Invalid user sakurai from 159.203.74.159 Jul 15 10:02:19 rama sshd[901008]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.74.159 Jul 15 10:02:21 rama sshd[901008]: Failed password for invalid user sakurai from 159.203.74.159 port 51048 ssh2 Jul 15 10:02:22 rama sshd[901008]: Received disconnect from 159.203.74.159: 11: Bye Bye [preauth] Jul 15 10:05:25 rama sshd[902022]: Invalid user zrs from 159.203.74.159 Jul 15 10:05:25 rama sshd[902022]: pam_unix(sshd:auth): authentica........ -------------------------------	2020-07-16 04:27:12

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 159.203.74.94
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 58231
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;159.203.74.94.			IN	A

;; AUTHORITY SECTION:
.			592	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020041900 1800 900 604800 86400

;; Query time: 108 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Apr 19 20:24:48 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 94.74.203.159.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 94.74.203.159.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
177.139.142.39	attackspam	Automatic report - Port Scan Attack	2019-11-18 00:25:36
72.93.29.214	attackspambots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/72.93.29.214/ US - 1H : (160) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : US NAME ASN : ASN701 IP : 72.93.29.214 CIDR : 72.93.0.0/16 PREFIX COUNT : 7223 UNIQUE IP COUNT : 40015360 ATTACKS DETECTED ASN701 : 1H - 1 3H - 2 6H - 2 12H - 5 24H - 6 DateTime : 2019-11-17 15:43:34 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-11-18 01:01:34
89.248.168.217	attack	firewall-block, port(s): 1025/udp, 1028/udp, 1031/udp	2019-11-18 00:46:55
213.136.109.67	attackspam	$f2bV_matches	2019-11-18 00:50:55
220.233.114.211	attack	Automatic report - Banned IP Access	2019-11-18 00:30:11
103.218.242.10	attack	SSH Brute-Force reported by Fail2Ban	2019-11-18 00:19:42
183.89.237.103	attackbotsspam	FTP brute force ...	2019-11-18 00:33:29
156.223.254.41	attack	$f2bV_matches	2019-11-18 00:43:47
110.80.142.84	attackbots	Nov 17 17:26:39 dev0-dcde-rnet sshd[21334]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.80.142.84 Nov 17 17:26:41 dev0-dcde-rnet sshd[21334]: Failed password for invalid user antolin from 110.80.142.84 port 37364 ssh2 Nov 17 17:31:35 dev0-dcde-rnet sshd[21338]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.80.142.84	2019-11-18 00:36:22
106.12.137.55	attackspambots	Nov 17 16:44:31 nextcloud sshd\[15986\]: Invalid user hambone from 106.12.137.55 Nov 17 16:44:31 nextcloud sshd\[15986\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.137.55 Nov 17 16:44:33 nextcloud sshd\[15986\]: Failed password for invalid user hambone from 106.12.137.55 port 48344 ssh2 ...	2019-11-18 00:33:54
139.59.77.237	attack	Automatic report - Banned IP Access	2019-11-18 00:30:36
181.49.254.230	attack	Nov 17 11:49:00 linuxvps sshd\[61635\]: Invalid user sadayuki from 181.49.254.230 Nov 17 11:49:00 linuxvps sshd\[61635\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.49.254.230 Nov 17 11:49:02 linuxvps sshd\[61635\]: Failed password for invalid user sadayuki from 181.49.254.230 port 48546 ssh2 Nov 17 11:53:23 linuxvps sshd\[64386\]: Invalid user tunnicliff from 181.49.254.230 Nov 17 11:53:23 linuxvps sshd\[64386\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.49.254.230	2019-11-18 00:58:18
172.105.89.161	attack	172.105.89.161 was recorded 12 times by 11 hosts attempting to connect to the following ports: 26712,28248. Incident counter (4h, 24h, all-time): 12, 84, 1172	2019-11-18 00:37:14
111.250.2.80	attackbotsspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/111.250.2.80/ TW - 1H : (160) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : TW NAME ASN : ASN3462 IP : 111.250.2.80 CIDR : 111.250.0.0/16 PREFIX COUNT : 390 UNIQUE IP COUNT : 12267520 ATTACKS DETECTED ASN3462 : 1H - 5 3H - 11 6H - 26 12H - 50 24H - 135 DateTime : 2019-11-17 17:28:31 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-11-18 00:47:37
187.110.127.118	attackbotsspam	$f2bV_matches	2019-11-18 00:23:12

最近上报的IP列表

194.40.19.40	16.91.198.24	4.248.115.9	219.180.15.243
15.184.34.54	32.177.222.255	52.226.208.148	132.232.31.157
49.235.247.78	189.26.149.28	200.199.182.184	50.210.197.174
199.218.173.97	222.10.156.31	201.76.184.110	89.248.174.151
68.97.124.189	117.67.92.58	74.9.37.35	5.77.6.203