159.65.103.149

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Jul 22 23:24:24 artelis kernel: [177393.109085] [UFW BLOCK] IN=eth0 OUT= MAC=c2:45:3b:cb:6e:17:ec:38:73:0c:18:30:08:00 SRC=159.65.103.149 DST=167.99.196.43 LEN=44 TOS=0x00 PREC=0x00 TTL=46 ID=57737 PROTO=TCP SPT=38725 DPT=21 WINDOW=1024 RES=0x00 SYN URGP=0 Jul 22 23:24:24 artelis kernel: [177393.109254] [UFW BLOCK] IN=eth0 OUT= MAC=c2:45:3b:cb:6e:17:ec:38:73:0c:18:30:08:00 SRC=159.65.103.149 DST=167.99.196.43 LEN=44 TOS=0x00 PREC=0x00 TTL=38 ID=1877 PROTO=TCP SPT=38725 DPT=1723 WINDOW=1024 RES=0x00 SYN URGP=0 Jul 22 23:24:24 artelis kernel: [177393.112308] [UFW BLOCK] IN=eth0 OUT= MAC=c2:45:3b:cb:6e:17:ec:38:73:0c:70:30:08:00 SRC=159.65.103.149 DST=167.99.196.43 LEN=44 TOS=0x00 PREC=0x00 TTL=37 ID=62683 PROTO=TCP SPT=38725 DPT=3306 WINDOW=1024 RES=0x00 SYN URGP=0 Jul 22 23:24:24 artelis kernel: [177393.112333] [UFW BLOCK] IN=eth0 OUT= MAC=c2:45:3b:cb:6e:17:ec:38:73:0c:70:30:08:00 SRC=159.65.103.149 DST=167.99.196.43 LEN=44 TOS=0x00 PREC=0x00 TTL=38 ID=46373 PROTO=TCP SPT=38725 DPT=1 ...	2019-07-23 10:31:56

Type

Details

Datetime

attack

Jul 22 23:24:24 artelis kernel: [177393.109085] [UFW BLOCK] IN=eth0 OUT= MAC=c2:45:3b:cb:6e:17:ec:38:73:0c:18:30:08:00 SRC=159.65.103.149 DST=167.99.196.43 LEN=44 TOS=0x00 PREC=0x00 TTL=46 ID=57737 PROTO=TCP SPT=38725 DPT=21 WINDOW=1024 RES=0x00 SYN URGP=0 
Jul 22 23:24:24 artelis kernel: [177393.109254] [UFW BLOCK] IN=eth0 OUT= MAC=c2:45:3b:cb:6e:17:ec:38:73:0c:18:30:08:00 SRC=159.65.103.149 DST=167.99.196.43 LEN=44 TOS=0x00 PREC=0x00 TTL=38 ID=1877 PROTO=TCP SPT=38725 DPT=1723 WINDOW=1024 RES=0x00 SYN URGP=0 
Jul 22 23:24:24 artelis kernel: [177393.112308] [UFW BLOCK] IN=eth0 OUT= MAC=c2:45:3b:cb:6e:17:ec:38:73:0c:70:30:08:00 SRC=159.65.103.149 DST=167.99.196.43 LEN=44 TOS=0x00 PREC=0x00 TTL=37 ID=62683 PROTO=TCP SPT=38725 DPT=3306 WINDOW=1024 RES=0x00 SYN URGP=0 
Jul 22 23:24:24 artelis kernel: [177393.112333] [UFW BLOCK] IN=eth0 OUT= MAC=c2:45:3b:cb:6e:17:ec:38:73:0c:70:30:08:00 SRC=159.65.103.149 DST=167.99.196.43 LEN=44 TOS=0x00 PREC=0x00 TTL=38 ID=46373 PROTO=TCP SPT=38725 DPT=1
...

2019-07-23 10:31:56

Comments on same subnet:

IP	Type	Details	Datetime
159.65.103.219	attack	Unauthorized SSH login attempts	2020-04-19 04:01:55

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 159.65.103.149
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 16610
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;159.65.103.149.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019072201 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Jul 23 10:31:48 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 149.103.65.159.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 149.103.65.159.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
168.90.71.82	attack	Jan 10 05:51:06 grey postfix/smtpd\[32651\]: NOQUEUE: reject: RCPT from CableLink-168-90-71-82.host.InterCable.net\[168.90.71.82\]: 554 5.7.1 Service unavailable\; Client host \[168.90.71.82\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[168.90.71.82\]\; from=\ to=\ proto=ESMTP helo=\ ...	2020-01-10 17:44:49
14.239.204.101	attackbots	firewall-block, port(s): 1433/tcp	2020-01-10 17:48:07
169.197.108.190	attackspambots	unauthorized access on port 443 [https] FO	2020-01-10 17:58:06
58.246.51.190	attack	Jan 10 10:30:29 vps647732 sshd[18596]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.246.51.190 Jan 10 10:30:31 vps647732 sshd[18596]: Failed password for invalid user admin from 58.246.51.190 port 14344 ssh2 ...	2020-01-10 17:43:33
117.247.180.249	attackbots	1578631829 - 01/10/2020 05:50:29 Host: 117.247.180.249/117.247.180.249 Port: 445 TCP Blocked	2020-01-10 18:13:19
35.230.162.59	attackspambots	WordPress wp-login brute force :: 35.230.162.59 0.084 BYPASS [10/Jan/2020:07:17:14 0000] [censored_2] "POST /wp-login.php HTTP/1.1" 200 2287 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-01-10 17:46:54
58.236.139.20	attackbotsspam	$f2bV_matches	2020-01-10 18:09:46
198.108.66.164	attackspam	unauthorized access on port 443 [https] FO	2020-01-10 17:56:14
106.13.52.234	attackbotsspam	[ssh] SSH attack	2020-01-10 17:47:22
209.141.62.7	attackbotsspam	SIP/5060 Probe, BF, Hack -	2020-01-10 17:55:47
193.218.140.93	attackbots	Jan 10 04:38:36 roki sshd[9503]: Invalid user zfo from 193.218.140.93 Jan 10 04:38:36 roki sshd[9503]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.218.140.93 Jan 10 04:38:39 roki sshd[9503]: Failed password for invalid user zfo from 193.218.140.93 port 55960 ssh2 Jan 10 05:50:37 roki sshd[14296]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.218.140.93 user=root Jan 10 05:50:38 roki sshd[14296]: Failed password for root from 193.218.140.93 port 45736 ssh2 ...	2020-01-10 18:06:46
112.78.178.135	attack	1578631841 - 01/10/2020 05:50:41 Host: 112.78.178.135/112.78.178.135 Port: 445 TCP Blocked	2020-01-10 18:05:39
49.88.112.61	attackbotsspam	Jan 10 10:52:41 markkoudstaal sshd[22166]: Failed password for root from 49.88.112.61 port 30093 ssh2 Jan 10 10:52:44 markkoudstaal sshd[22166]: Failed password for root from 49.88.112.61 port 30093 ssh2 Jan 10 10:52:47 markkoudstaal sshd[22166]: Failed password for root from 49.88.112.61 port 30093 ssh2 Jan 10 10:52:50 markkoudstaal sshd[22166]: Failed password for root from 49.88.112.61 port 30093 ssh2	2020-01-10 18:10:59
222.186.52.189	attack	Unauthorized connection attempt detected from IP address 222.186.52.189 to port 22 [T]	2020-01-10 17:35:01
103.83.36.101	attackbotsspam	01/10/2020-06:50:00.465114 103.83.36.101 Protocol: 6 ET POLICY Cleartext WordPress Login	2020-01-10 17:53:47

Recently Reported IPs

66.228.43.195	51.15.210.228	13.232.137.235	189.41.166.101
179.83.28.121	114.46.106.179	202.170.57.245	188.162.132.2
119.207.126.21	189.112.216.104	193.56.28.173	156.222.219.168
197.232.80.251	130.255.125.225	177.221.109.25	77.234.46.222
104.200.144.191	82.31.96.103	174.138.40.132	54.38.30.26