159.203.80.144

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Automatic report - Web App Attack	2019-07-02 03:03:52
attackspam	wp brute-force	2019-06-25 08:07:16
attackspam	WordPress login Brute force / Web App Attack on client site.	2019-06-24 17:49:13

相同子网IP讨论:

IP	类型	评论内容	时间
159.203.80.185	attack	scans once in preceeding hours on the ports (in chronological order) 1766 resulting in total of 4 scans from 159.203.0.0/16 block.	2020-04-26 00:15:09
159.203.80.185	attackspam	Fail2Ban Ban Triggered	2020-04-23 05:15:09
159.203.80.185	attack	SIP/5060 Probe, BF, Hack -	2020-04-21 18:11:19
159.203.80.185	attackspambots	Fail2Ban Ban Triggered	2020-04-15 20:46:06

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 159.203.80.144
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 32230
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;159.203.80.144.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019060900 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Jun 09 20:59:09 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 144.80.203.159.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 144.80.203.159.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
128.14.133.58	attackbotsspam	Jun 7 06:48:31 debian kernel: [404271.151107] [UFW BLOCK] IN=eth0 OUT= MAC=52:54:00:be:e4:65:08:e8:4f:6e:48:0c:08:00 SRC=128.14.133.58 DST=89.252.131.35 LEN=40 TOS=0x00 PREC=0x00 TTL=240 ID=10171 PROTO=TCP SPT=18284 DPT=8080 WINDOW=1024 RES=0x00 SYN URGP=0	2020-06-07 18:31:50
38.102.172.47	attackspambots	2020-06-07T11:35:01.385021sd-86998 sshd[36395]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=38.102.172.47 user=root 2020-06-07T11:35:03.079700sd-86998 sshd[36395]: Failed password for root from 38.102.172.47 port 25928 ssh2 2020-06-07T11:38:38.052739sd-86998 sshd[36889]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=38.102.172.47 user=root 2020-06-07T11:38:40.541398sd-86998 sshd[36889]: Failed password for root from 38.102.172.47 port 21950 ssh2 2020-06-07T11:42:18.894178sd-86998 sshd[37393]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=38.102.172.47 user=root 2020-06-07T11:42:20.584900sd-86998 sshd[37393]: Failed password for root from 38.102.172.47 port 17956 ssh2 ...	2020-06-07 18:05:18
85.93.12.254	attackspam	[Sun Jun 7 02:58:00 2020 GMT] Cinch Home Services [RDNS_NONE], Subject: Never pay for covered home repairs again.	2020-06-07 18:17:09
121.123.99.132	attackbots	Hits on port : 445	2020-06-07 18:13:42
222.186.52.39	attackbotsspam	07.06.2020 10:15:36 SSH access blocked by firewall	2020-06-07 18:20:50
70.37.75.157	attackbots	Jun 7 02:11:46 propaganda sshd[10075]: Connection from 70.37.75.157 port 52312 on 10.0.0.160 port 22 rdomain "" Jun 7 02:11:46 propaganda sshd[10075]: Connection closed by 70.37.75.157 port 52312 [preauth]	2020-06-07 18:05:00
86.156.81.238	attackspambots	Hits on port : 8000	2020-06-07 18:14:10
193.70.12.240	attack	SSH Brute-Forcing (server2)	2020-06-07 18:00:21
111.231.139.30	attackbotsspam	SSH bruteforce	2020-06-07 18:27:30
218.92.0.184	attackbotsspam	Jun 7 11:38:44 abendstille sshd\[3414\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.184 user=root Jun 7 11:38:46 abendstille sshd\[3414\]: Failed password for root from 218.92.0.184 port 6685 ssh2 Jun 7 11:38:49 abendstille sshd\[3414\]: Failed password for root from 218.92.0.184 port 6685 ssh2 Jun 7 11:39:07 abendstille sshd\[3703\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.184 user=root Jun 7 11:39:09 abendstille sshd\[3703\]: Failed password for root from 218.92.0.184 port 35523 ssh2 ...	2020-06-07 18:02:42
138.197.213.233	attackbotsspam	Jun 6 20:30:13 kapalua sshd\[23679\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.213.233 user=root Jun 6 20:30:15 kapalua sshd\[23679\]: Failed password for root from 138.197.213.233 port 40060 ssh2 Jun 6 20:32:32 kapalua sshd\[23826\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.213.233 user=root Jun 6 20:32:34 kapalua sshd\[23826\]: Failed password for root from 138.197.213.233 port 52186 ssh2 Jun 6 20:34:59 kapalua sshd\[24014\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.213.233 user=root	2020-06-07 18:33:54
112.85.42.173	attackbotsspam	2020-06-07T06:08:12.604033ns386461 sshd\[20418\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.173 user=root 2020-06-07T06:08:14.327055ns386461 sshd\[20418\]: Failed password for root from 112.85.42.173 port 40544 ssh2 2020-06-07T06:08:30.223921ns386461 sshd\[20750\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.173 user=root 2020-06-07T06:08:32.418936ns386461 sshd\[20750\]: Failed password for root from 112.85.42.173 port 64846 ssh2 2020-06-07T12:12:15.832893ns386461 sshd\[29128\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.173 user=root ...	2020-06-07 18:24:25
84.38.186.29	attackspambots	Jun 7 13:17:13 debian kernel: [427592.111970] [UFW BLOCK] IN=eth0 OUT= MAC=52:54:00:be:e4:65:08:e8:4f:6e:48:0c:08:00 SRC=84.38.186.29 DST=89.252.131.35 LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=3777 PROTO=TCP SPT=30763 DPT=3392 WINDOW=1024 RES=0x00 SYN URGP=0	2020-06-07 18:17:59
210.123.141.241	attackspam	odoo8 ...	2020-06-07 17:57:01
47.15.144.228	attackbots	Attempts to probe web pages for vulnerable PHP or other applications	2020-06-07 18:36:23

最近上报的IP列表

115.151.234.146	188.16.149.122	205.243.122.119	160.116.248.136
145.102.6.55	37.185.249.38	113.107.172.59	161.0.153.164
45.125.239.211	90.46.110.208	68.225.190.5	116.255.222.228
36.121.136.146	177.80.109.246	45.33.33.120	91.10.177.252
61.136.82.164	73.12.40.150	199.249.230.122	194.157.209.233