159.203.102.122

Basic Info

City: unknown

Region: unknown

Country: United States of America

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Oct 5 11:12:14 vpn01 sshd[28703]: Failed password for root from 159.203.102.122 port 35830 ssh2 ...	2020-10-06 00:19:38
attack	Oct 5 10:04:50 vpn01 sshd[26137]: Failed password for root from 159.203.102.122 port 60760 ssh2 ...	2020-10-05 16:19:12
attackspambots	scans once in preceeding hours on the ports (in chronological order) 27839 resulting in total of 9 scans from 159.203.0.0/16 block.	2020-09-10 22:45:11
attackbots	Port scan denied	2020-09-10 14:20:23
attack	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-09-10 05:02:57
attack	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-09-03 00:57:02
attackbotsspam	firewall-block, port(s): 25457/tcp	2020-09-02 16:21:58
attackbots	Fail2Ban Ban Triggered	2020-09-02 09:25:09
attackspambots	Time: Tue Aug 25 04:10:51 2020 +0000 IP: 159.203.102.122 (-) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Aug 25 03:50:43 ca-16-ede1 sshd[31550]: Invalid user carlos from 159.203.102.122 port 58314 Aug 25 03:50:45 ca-16-ede1 sshd[31550]: Failed password for invalid user carlos from 159.203.102.122 port 58314 ssh2 Aug 25 04:06:27 ca-16-ede1 sshd[33693]: Invalid user miner from 159.203.102.122 port 57602 Aug 25 04:06:29 ca-16-ede1 sshd[33693]: Failed password for invalid user miner from 159.203.102.122 port 57602 ssh2 Aug 25 04:10:47 ca-16-ede1 sshd[34290]: Invalid user oracle from 159.203.102.122 port 36176	2020-08-25 12:42:41
attackbots	TCP (SYN) 159.203.102.122:40323 -> port 31347, len 44	2020-08-22 19:10:02
attack	2020-08-17T21:54:09.088571shield sshd\[17629\]: Invalid user guest from 159.203.102.122 port 47352 2020-08-17T21:54:09.095432shield sshd\[17629\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.102.122 2020-08-17T21:54:10.947445shield sshd\[17629\]: Failed password for invalid user guest from 159.203.102.122 port 47352 ssh2 2020-08-17T21:58:35.356983shield sshd\[18033\]: Invalid user marlon from 159.203.102.122 port 58274 2020-08-17T21:58:35.364900shield sshd\[18033\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.102.122	2020-08-18 06:00:22
attackspambots	TCP (SYN) 159.203.102.122:58584 -> port 7935, len 44	2020-08-14 08:46:12
attack	Aug 4 05:35:43 rush sshd[8187]: Failed password for root from 159.203.102.122 port 57236 ssh2 Aug 4 05:39:51 rush sshd[8256]: Failed password for root from 159.203.102.122 port 39964 ssh2 ...	2020-08-04 13:54:41
attack	firewall-block, port(s): 2844/tcp	2020-08-01 00:24:54
attackbots	SIP/5060 Probe, BF, Hack -	2020-07-27 17:55:50
attack	2020-07-22T03:03:22.914716vps773228.ovh.net sshd[23498]: Invalid user star from 159.203.102.122 port 55208 2020-07-22T03:03:22.935450vps773228.ovh.net sshd[23498]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.102.122 2020-07-22T03:03:22.914716vps773228.ovh.net sshd[23498]: Invalid user star from 159.203.102.122 port 55208 2020-07-22T03:03:25.210270vps773228.ovh.net sshd[23498]: Failed password for invalid user star from 159.203.102.122 port 55208 ssh2 2020-07-22T03:07:02.437409vps773228.ovh.net sshd[23538]: Invalid user mysql from 159.203.102.122 port 49132 ...	2020-07-22 09:33:33
attackbots	2020-07-20T15:39:25.221242shield sshd\[26563\]: Invalid user mb from 159.203.102.122 port 51890 2020-07-20T15:39:25.230958shield sshd\[26563\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.102.122 2020-07-20T15:39:27.061208shield sshd\[26563\]: Failed password for invalid user mb from 159.203.102.122 port 51890 ssh2 2020-07-20T15:48:10.072175shield sshd\[27697\]: Invalid user starbound from 159.203.102.122 port 56000 2020-07-20T15:48:10.082287shield sshd\[27697\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.102.122	2020-07-20 23:49:46
attack	Jul 17 20:03:27 hidden sshd[44334]: Invalid user app from 159.203.102.122 port 58138 Jul 17 20:03:27 hidden sshd[44334]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.102.122 Jul 17 20:03:29 hidden sshd[44334]: Failed password for invalid user app from 159.203.102.122 port 58138 ssh2	2020-07-19 04:50:35
attackbots	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-07-18T05:03:39Z and 2020-07-18T05:14:14Z	2020-07-18 14:18:04
attackspam	scans once in preceeding hours on the ports (in chronological order) 21833 resulting in total of 5 scans from 159.203.0.0/16 block.	2020-07-08 21:40:02
attack	trying to access non-authorized port	2020-07-07 01:06:24
attack	SIP/5060 Probe, BF, Hack -	2020-07-06 15:11:58
attackbots	2020-07-04T21:28:28.213878mail.standpoint.com.ua sshd[21702]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.102.122 2020-07-04T21:28:28.210882mail.standpoint.com.ua sshd[21702]: Invalid user cacti from 159.203.102.122 port 52672 2020-07-04T21:28:30.391415mail.standpoint.com.ua sshd[21702]: Failed password for invalid user cacti from 159.203.102.122 port 52672 ssh2 2020-07-04T21:30:49.522934mail.standpoint.com.ua sshd[22016]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.102.122 user=root 2020-07-04T21:30:51.058407mail.standpoint.com.ua sshd[22016]: Failed password for root from 159.203.102.122 port 55892 ssh2 ...	2020-07-05 02:34:39
attack	firewall-block, port(s): 11080/tcp	2020-07-02 09:08:37
attack	Jun 29 13:18:13 home sshd[6930]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.102.122 Jun 29 13:18:15 home sshd[6930]: Failed password for invalid user testuser from 159.203.102.122 port 53720 ssh2 Jun 29 13:22:30 home sshd[7341]: Failed password for root from 159.203.102.122 port 52664 ssh2 ...	2020-06-29 19:34:23
attack	SSH Brute-Force reported by Fail2Ban	2020-06-28 04:45:13
attackbotsspam	Jun 18 19:06:55 vps639187 sshd\[16398\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.102.122 user=root Jun 18 19:06:56 vps639187 sshd\[16398\]: Failed password for root from 159.203.102.122 port 44630 ssh2 Jun 18 19:10:29 vps639187 sshd\[16455\]: Invalid user gw from 159.203.102.122 port 40238 Jun 18 19:10:29 vps639187 sshd\[16455\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.102.122 ...	2020-06-19 04:18:47
attack	Ssh brute force	2020-06-15 08:29:11
attackspambots	Jun 12 12:01:19 dignus sshd[5323]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.102.122 user=root Jun 12 12:01:21 dignus sshd[5323]: Failed password for root from 159.203.102.122 port 54934 ssh2 Jun 12 12:05:30 dignus sshd[5908]: Invalid user HQ from 159.203.102.122 port 58320 Jun 12 12:05:30 dignus sshd[5908]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.102.122 Jun 12 12:05:31 dignus sshd[5908]: Failed password for invalid user HQ from 159.203.102.122 port 58320 ssh2 ...	2020-06-13 04:37:57
attackspambots	Jun 7 22:41:08 ns382633 sshd\[2497\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.102.122 user=root Jun 7 22:41:10 ns382633 sshd\[2497\]: Failed password for root from 159.203.102.122 port 53228 ssh2 Jun 7 22:54:20 ns382633 sshd\[4648\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.102.122 user=root Jun 7 22:54:22 ns382633 sshd\[4648\]: Failed password for root from 159.203.102.122 port 46270 ssh2 Jun 7 22:58:42 ns382633 sshd\[5570\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.102.122 user=root	2020-06-08 07:30:35

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 159.203.102.122
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 11977
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;159.203.102.122.		IN	A

;; AUTHORITY SECTION:
.			592	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020060200 1800 900 604800 86400

;; Query time: 202 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Jun 02 16:51:07 CST 2020
;; MSG SIZE  rcvd: 119

Host info

Host 122.102.203.159.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 122.102.203.159.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
167.206.202.137	attackspambots	Unauthorised access (Apr 24) SRC=167.206.202.137 LEN=52 TTL=118 ID=19597 DF TCP DPT=445 WINDOW=8192 SYN	2020-04-25 00:47:42
201.159.154.204	attackbotsspam	SSH brute force attempt	2020-04-25 00:25:13
93.174.93.5	attack	Brute force attack attempt	2020-04-25 00:13:55
189.115.207.174	attack	Automatic report - Port Scan Attack	2020-04-25 00:10:07
85.51.12.244	attackbots	Apr 24 15:51:08 vpn01 sshd[27258]: Failed password for root from 85.51.12.244 port 57054 ssh2 ...	2020-04-25 00:48:12
176.31.250.160	attack	Brute-force attempt banned	2020-04-25 00:27:32
111.161.74.118	attackbots	Apr 24 15:46:20 [host] kernel: [4365019.645097] [U Apr 24 15:50:57 [host] kernel: [4365296.380855] [U Apr 24 15:51:42 [host] kernel: [4365341.754217] [U Apr 24 15:51:44 [host] kernel: [4365343.404070] [U Apr 24 15:51:48 [host] kernel: [4365347.805120] [U Apr 24 15:51:50 [host] kernel: [4365349.455674] [U	2020-04-25 00:23:00
223.71.167.164	attack	[MK-Root1] Blocked by UFW	2020-04-25 00:29:57
14.18.92.6	attackbots	Apr 24 14:02:56 dev0-dcde-rnet sshd[7989]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.18.92.6 Apr 24 14:02:57 dev0-dcde-rnet sshd[7989]: Failed password for invalid user amarco from 14.18.92.6 port 34608 ssh2 Apr 24 14:04:58 dev0-dcde-rnet sshd[8043]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.18.92.6	2020-04-25 00:27:10
162.243.237.90	attackbots	Apr 24 16:07:26 santamaria sshd\[23992\]: Invalid user test from 162.243.237.90 Apr 24 16:07:26 santamaria sshd\[23992\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.237.90 Apr 24 16:07:28 santamaria sshd\[23992\]: Failed password for invalid user test from 162.243.237.90 port 36559 ssh2 ...	2020-04-25 00:19:16
191.235.93.236	attackbots	Apr 24 16:50:59 mail sshd\[12944\]: Invalid user download from 191.235.93.236 Apr 24 16:50:59 mail sshd\[12944\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.235.93.236 Apr 24 16:51:01 mail sshd\[12944\]: Failed password for invalid user download from 191.235.93.236 port 60094 ssh2 ...	2020-04-25 00:42:20
111.10.24.147	attackbotsspam	$f2bV_matches	2020-04-25 00:17:31
163.172.158.172	attackbotsspam	Lines containing failures of 163.172.158.172 auth.log:Apr 24 10:19:39 omfg sshd[918]: Connection from 163.172.158.172 port 57084 on 78.46.60.50 port 22 auth.log:Apr 24 10:19:39 omfg sshd[912]: Connection from 163.172.158.172 port 39468 on 78.46.60.16 port 22 auth.log:Apr 24 10:19:39 omfg sshd[915]: Connection from 163.172.158.172 port 40578 on 78.46.60.40 port 22 auth.log:Apr 24 10:19:39 omfg sshd[915]: Did not receive identification string from 163.172.158.172 port 40578 auth.log:Apr 24 10:19:39 omfg sshd[912]: Did not receive identification string from 163.172.158.172 port 39468 auth.log:Apr 24 10:19:39 omfg sshd[917]: Connection from 163.172.158.172 port 52520 on 78.46.60.53 port 22 auth.log:Apr 24 10:19:39 omfg sshd[917]: Did not receive identification string from 163.172.158.172 port 52520 auth.log:Apr 24 10:19:39 omfg sshd[916]: Connection from 163.172.158.172 port 53914 on 78.46.60.42 port 22 auth.log:Apr 24 10:19:39 omfg sshd[916]: Did not receive identification ........ ------------------------------	2020-04-25 00:29:08
46.198.212.139	attackspambots	DATE:2020-04-24 14:04:22, IP:46.198.212.139, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-04-25 00:48:38
45.134.179.57	attackspam	Apr 24 18:02:05 debian-2gb-nbg1-2 kernel: \[10003068.750054\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.134.179.57 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=61146 PROTO=TCP SPT=51596 DPT=629 WINDOW=1024 RES=0x00 SYN URGP=0	2020-04-25 00:20:19

Recently Reported IPs

36.117.86.205	147.147.98.35	165.22.94.154	182.23.23.42
134.95.133.94	149.13.189.30	209.34.109.94	133.37.124.186
197.189.252.27	64.20.72.77	190.148.55.231	68.226.21.8
14.164.51.80	17.118.44.187	254.10.13.148	139.176.236.136
38.68.36.196	120.141.100.223	1.121.231.53	190.151.29.121