159.203.81.93 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	GET /cdn-cgi/l/chk_jschl?jschl_vc=cf3ade18febb93d4b59312c846673503&pass=1577313047.283-vpQ294J8It&jschl_answer=207	2019-12-27 00:17:05
attackbotsspam	Automatic report - Banned IP Access	2019-11-08 20:13:49
attack	Automatic report - Banned IP Access	2019-10-04 12:31:28
attack	/setup.cgi	2019-09-07 15:09:26

相同子网IP讨论:

IP	类型	评论内容	时间
159.203.81.28	attack	" "	2020-09-24 01:50:17
159.203.81.28	attackbots	TCP (SYN) 159.203.81.28:48992 -> port 16326, len 44	2020-09-23 17:56:13
159.203.81.28	attackbots	TCP (SYN) 159.203.81.28:49656 -> port 8489, len 44	2020-09-12 03:40:08
159.203.81.28	attack	TCP port : 1398	2020-09-11 19:43:46
159.203.81.28	attackspam	Fail2Ban Ban Triggered	2020-08-27 01:14:43
159.203.81.28	attackspam	" "	2020-08-17 23:55:17
159.203.81.46	attackspambots	[ThuJul3014:09:55.7187202020][:error][pid20522:tid47647161321216][client159.203.81.46:52708][client159.203.81.46]ModSecurity:Accessdeniedwithcode403\(phase2\).Matchof"rx\(\^w3c-\\|systran\\\\\\\\\)\)"against"REQUEST_HEADERS:User-Agent"required.[file"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf"][line"237"][id"331039"][rev"1"][msg"Atomicorp.comWAFRules:SuspiciousUnusualUserAgent\(Python-urllib\).DisablethisruleifyouusePython-urllib."][severity"CRITICAL"][hostname"support-ticino.ch"][uri"/wp-content/plugins/wpdiscuz/assets/js/wpdiscuz-mu-backend.js"][unique_id"XyK4k1@f8OX1xLO8BWy-TwAAAQA"][ThuJul3014:09:56.6209612020][:error][pid20594:tid47647167624960][client159.203.81.46:56976][client159.203.81.46]ModSecurity:Accessdeniedwithcode403\(phase2\).Matchof"rx\(\^w3c-\\|systran\\\\\\\\\)\)"against"REQUEST_HEADERS:User-Agent"required.[file"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf"][line"237"][id"331039"][rev"1"][msg"Atomicorp.comWAFRules:SuspiciousUnusualUser	2020-07-30 20:19:54
159.203.81.28	attackspam	TCP (SYN) 159.203.81.28:58578 -> port 18745, len 44	2020-07-07 01:06:38
159.203.81.28	attackbotsspam	Fail2Ban Ban Triggered	2020-06-28 19:59:24
159.203.81.28	attackbotsspam	scans once in preceeding hours on the ports (in chronological order) 24302 resulting in total of 2 scans from 159.203.0.0/16 block.	2020-06-12 21:55:59
159.203.81.198	attackbots	Trys to register extensions to pbx by brute force	2020-06-09 20:04:36
159.203.81.28	attack	" "	2020-06-07 03:15:14
159.203.81.28	attack	firewall-block, port(s): 5539/tcp	2020-05-22 01:20:00
159.203.81.28	attackbotsspam	1651/tcp 8598/tcp 20661/tcp... [2020-04-12/05-06]65pkt,23pt.(tcp)	2020-05-07 03:32:42
159.203.81.28	attackbots	Jan 1 10:47:31 ncomp sshd[29596]: Invalid user malena from 159.203.81.28 Jan 1 10:47:31 ncomp sshd[29596]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.81.28 Jan 1 10:47:31 ncomp sshd[29596]: Invalid user malena from 159.203.81.28 Jan 1 10:47:34 ncomp sshd[29596]: Failed password for invalid user malena from 159.203.81.28 port 56335 ssh2	2020-01-01 17:02:07

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 159.203.81.93
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 13559
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;159.203.81.93.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019090700 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Sep 07 15:09:15 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 93.81.203.159.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 93.81.203.159.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
45.248.71.169	attackspam	Invalid user admin from 45.248.71.169 port 39306	2020-06-23 15:02:36
180.108.196.203	attackbots	Invalid user utente from 180.108.196.203 port 25797	2020-06-23 14:53:17
42.236.10.91	attackbotsspam	Automated report (2020-06-23T12:58:37+08:00). Scraper detected at this address.	2020-06-23 14:58:39
185.143.75.153	attackspambots	2020-06-23T08:31:34.169378www postfix/smtpd[17016]: warning: unknown[185.143.75.153]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2020-06-23T08:32:19.251586www postfix/smtpd[17016]: warning: unknown[185.143.75.153]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2020-06-23T08:33:04.457242www postfix/smtpd[17016]: warning: unknown[185.143.75.153]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-06-23 14:36:03
36.71.232.8	attackspambots	36.71.232.8 - - \[23/Jun/2020:08:11:46 +0200\] "POST /wp-login.php HTTP/1.0" 200 5508 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 36.71.232.8 - - \[23/Jun/2020:08:11:50 +0200\] "POST /wp-login.php HTTP/1.0" 200 5345 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 36.71.232.8 - - \[23/Jun/2020:08:11:54 +0200\] "POST /wp-login.php HTTP/1.0" 200 5385 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2020-06-23 14:42:16
103.236.134.13	attackbots	Port scan denied	2020-06-23 14:51:52
222.186.175.215	attackbots	2020-06-23T08:22:30.281273sd-86998 sshd[2898]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.215 user=root 2020-06-23T08:22:31.668891sd-86998 sshd[2898]: Failed password for root from 222.186.175.215 port 57638 ssh2 2020-06-23T08:22:34.817147sd-86998 sshd[2898]: Failed password for root from 222.186.175.215 port 57638 ssh2 2020-06-23T08:22:30.281273sd-86998 sshd[2898]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.215 user=root 2020-06-23T08:22:31.668891sd-86998 sshd[2898]: Failed password for root from 222.186.175.215 port 57638 ssh2 2020-06-23T08:22:34.817147sd-86998 sshd[2898]: Failed password for root from 222.186.175.215 port 57638 ssh2 2020-06-23T08:22:30.281273sd-86998 sshd[2898]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.215 user=root 2020-06-23T08:22:31.668891sd-86998 sshd[2898]: Failed password for root from 2 ...	2020-06-23 14:26:05
124.128.54.250	attackbotsspam	Jun 23 03:55:23 ip-172-31-61-156 sshd[21492]: Invalid user localadmin from 124.128.54.250 Jun 23 03:55:25 ip-172-31-61-156 sshd[21492]: Failed password for invalid user localadmin from 124.128.54.250 port 36409 ssh2 Jun 23 03:55:23 ip-172-31-61-156 sshd[21492]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.128.54.250 Jun 23 03:55:23 ip-172-31-61-156 sshd[21492]: Invalid user localadmin from 124.128.54.250 Jun 23 03:55:25 ip-172-31-61-156 sshd[21492]: Failed password for invalid user localadmin from 124.128.54.250 port 36409 ssh2 ...	2020-06-23 14:28:02
192.241.224.229	attackbots	Port Scan detected! ...	2020-06-23 14:46:57
201.149.13.50	attackbots	2020-06-23T06:01:50.185619abusebot-2.cloudsearch.cf sshd[6524]: Invalid user backup from 201.149.13.50 port 29622 2020-06-23T06:01:50.192188abusebot-2.cloudsearch.cf sshd[6524]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.149.13.50 2020-06-23T06:01:50.185619abusebot-2.cloudsearch.cf sshd[6524]: Invalid user backup from 201.149.13.50 port 29622 2020-06-23T06:01:52.352358abusebot-2.cloudsearch.cf sshd[6524]: Failed password for invalid user backup from 201.149.13.50 port 29622 ssh2 2020-06-23T06:05:18.979114abusebot-2.cloudsearch.cf sshd[6572]: Invalid user ben from 201.149.13.50 port 21889 2020-06-23T06:05:18.988764abusebot-2.cloudsearch.cf sshd[6572]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.149.13.50 2020-06-23T06:05:18.979114abusebot-2.cloudsearch.cf sshd[6572]: Invalid user ben from 201.149.13.50 port 21889 2020-06-23T06:05:21.369733abusebot-2.cloudsearch.cf sshd[6572]: Failed password ...	2020-06-23 14:25:02
51.83.66.171	attack	TCP (SYN) 51.83.66.171:44259 -> port 9444, len 44	2020-06-23 14:46:21
77.210.180.10	attack	Jun 23 03:55:32 vps1 sshd[1834545]: Invalid user superman from 77.210.180.10 port 43250 Jun 23 03:55:33 vps1 sshd[1834545]: Failed password for invalid user superman from 77.210.180.10 port 43250 ssh2 ...	2020-06-23 14:21:10
88.88.40.133	attack	Jun 23 07:19:40 sso sshd[9363]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=88.88.40.133 Jun 23 07:19:42 sso sshd[9363]: Failed password for invalid user yoyo from 88.88.40.133 port 39968 ssh2 ...	2020-06-23 14:24:21
124.156.105.47	attackspambots	Jun 22 19:32:18 kapalua sshd\[29888\]: Invalid user liumin from 124.156.105.47 Jun 22 19:32:18 kapalua sshd\[29888\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.156.105.47 Jun 22 19:32:20 kapalua sshd\[29888\]: Failed password for invalid user liumin from 124.156.105.47 port 58274 ssh2 Jun 22 19:34:02 kapalua sshd\[30044\]: Invalid user mtb from 124.156.105.47 Jun 22 19:34:02 kapalua sshd\[30044\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.156.105.47	2020-06-23 14:24:09
178.213.204.229	attackbots	20/6/22@23:54:59: FAIL: Alarm-Network address from=178.213.204.229 20/6/22@23:54:59: FAIL: Alarm-Network address from=178.213.204.229 ...	2020-06-23 14:50:10

最近上报的IP列表

253.34.184.185	217.140.134.124	167.15.251.125	124.191.104.248
102.36.2.201	234.99.222.38	112.215.71.42	239.134.67.4
42.9.165.115	235.13.248.171	221.131.94.144	203.49.174.159
206.239.201.38	117.193.42.200	195.34.235.202	102.120.179.97
49.83.95.96	80.211.247.136	86.55.243.203	72.59.104.111