103.103.128.48

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Taiwan, Province of China

运营商(isp): Serverfield International Dedicated Server Provider

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	(sshd) Failed SSH login from 103.103.128.48 (TW/Taiwan/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 21 13:10:50 server2 sshd[3433]: Invalid user ic from 103.103.128.48 port 33146 Oct 21 13:10:53 server2 sshd[3433]: Failed password for invalid user ic from 103.103.128.48 port 33146 ssh2 Oct 21 13:28:27 server2 sshd[3848]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.103.128.48 user=root Oct 21 13:28:29 server2 sshd[3848]: Failed password for root from 103.103.128.48 port 43850 ssh2 Oct 21 13:43:01 server2 sshd[4286]: Invalid user wunder from 103.103.128.48 port 55620	2019-10-21 22:31:19

类型

评论内容

时间

attack

(sshd) Failed SSH login from 103.103.128.48 (TW/Taiwan/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 21 13:10:50 server2 sshd[3433]: Invalid user ic from 103.103.128.48 port 33146
Oct 21 13:10:53 server2 sshd[3433]: Failed password for invalid user ic from 103.103.128.48 port 33146 ssh2
Oct 21 13:28:27 server2 sshd[3848]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.103.128.48  user=root
Oct 21 13:28:29 server2 sshd[3848]: Failed password for root from 103.103.128.48 port 43850 ssh2
Oct 21 13:43:01 server2 sshd[4286]: Invalid user wunder from 103.103.128.48 port 55620

2019-10-21 22:31:19

相同子网IP讨论:

IP	类型	评论内容	时间
103.103.128.201	attackspam	2019-11-30T23:33:12.107Z CLOSE host=103.103.128.201 port=42086 fd=4 time=20.020 bytes=20 ...	2020-03-04 02:02:47
103.103.128.61	attackbots	$f2bV_matches	2019-12-28 22:14:26
103.103.128.61	attackspam	Dec 25 12:51:33 server sshd\[26669\]: Invalid user yousan from 103.103.128.61 Dec 25 12:51:33 server sshd\[26669\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.103.128.61 Dec 25 12:51:36 server sshd\[26669\]: Failed password for invalid user yousan from 103.103.128.61 port 48778 ssh2 Dec 25 22:19:52 server sshd\[15810\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.103.128.61 user=root Dec 25 22:19:54 server sshd\[15810\]: Failed password for root from 103.103.128.61 port 46152 ssh2 ...	2019-12-26 03:23:55
103.103.128.61	attack	Dec 20 07:41:31 heissa sshd\[7512\]: Invalid user guest from 103.103.128.61 port 59510 Dec 20 07:41:31 heissa sshd\[7512\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.103.128.61 Dec 20 07:41:33 heissa sshd\[7512\]: Failed password for invalid user guest from 103.103.128.61 port 59510 ssh2 Dec 20 07:51:25 heissa sshd\[9056\]: Invalid user aakermann from 103.103.128.61 port 37932 Dec 20 07:51:25 heissa sshd\[9056\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.103.128.61	2019-12-20 16:32:48
103.103.128.61	attack	Invalid user ident from 103.103.128.61 port 52544	2019-12-17 03:18:34
103.103.128.241	attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2019-11-16 03:47:00
103.103.128.28	attackspambots	vps1:pam-generic	2019-07-10 02:08:24

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.103.128.48
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 11341
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;103.103.128.48.			IN	A

;; AUTHORITY SECTION:
.			540	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019102100 1800 900 604800 86400

;; Query time: 184 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Oct 21 22:31:14 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 48.128.103.103.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 48.128.103.103.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
103.219.112.251	attackbotsspam	Aug 18 08:23:21 dedicated sshd[19125]: Invalid user monique from 103.219.112.251 port 60672	2019-08-18 14:51:08
211.46.223.240	attack	Aug 18 09:14:11 srv-4 sshd\[32014\]: Invalid user yarn from 211.46.223.240 Aug 18 09:14:11 srv-4 sshd\[32014\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.46.223.240 Aug 18 09:14:13 srv-4 sshd\[32014\]: Failed password for invalid user yarn from 211.46.223.240 port 40531 ssh2 ...	2019-08-18 14:49:27
31.128.253.137	attackbots	Aug 18 06:57:59 www5 sshd\[20766\]: Invalid user usuario from 31.128.253.137 Aug 18 06:57:59 www5 sshd\[20766\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=31.128.253.137 Aug 18 06:58:02 www5 sshd\[20766\]: Failed password for invalid user usuario from 31.128.253.137 port 46368 ssh2 ...	2019-08-18 14:56:18
49.69.244.152	attackbots	Aug 18 04:24:41 ip-172-31-62-245 sshd\[27134\]: Invalid user supervisor from 49.69.244.152\ Aug 18 04:24:43 ip-172-31-62-245 sshd\[27134\]: Failed password for invalid user supervisor from 49.69.244.152 port 44118 ssh2\ Aug 18 04:24:45 ip-172-31-62-245 sshd\[27134\]: Failed password for invalid user supervisor from 49.69.244.152 port 44118 ssh2\ Aug 18 04:24:49 ip-172-31-62-245 sshd\[27134\]: Failed password for invalid user supervisor from 49.69.244.152 port 44118 ssh2\ Aug 18 04:24:52 ip-172-31-62-245 sshd\[27134\]: Failed password for invalid user supervisor from 49.69.244.152 port 44118 ssh2\	2019-08-18 14:10:16
62.210.149.30	attack	\[2019-08-18 02:19:58\] SECURITY\[2326\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-08-18T02:19:58.746-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="790301112342186069",SessionID="0x7ff4d004fe18",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/62.210.149.30/55051",ACLName="no_extension_match" \[2019-08-18 02:20:14\] SECURITY\[2326\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-08-18T02:20:14.989-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="790401112342186069",SessionID="0x7ff4d07952f8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/62.210.149.30/54746",ACLName="no_extension_match" \[2019-08-18 02:20:31\] SECURITY\[2326\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-08-18T02:20:31.410-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="790501112342186069",SessionID="0x7ff4d0348688",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/62.210.149.30/56521",ACLNam	2019-08-18 14:31:43
37.187.195.209	attack	Aug 18 06:31:56 rpi sshd[15611]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.187.195.209 Aug 18 06:31:58 rpi sshd[15611]: Failed password for invalid user 1234567 from 37.187.195.209 port 39587 ssh2	2019-08-18 14:20:37
172.245.36.116	attackspambots	Aug 18 08:01:56 SilenceServices sshd[27063]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.245.36.116 Aug 18 08:01:58 SilenceServices sshd[27063]: Failed password for invalid user sxt from 172.245.36.116 port 34524 ssh2 Aug 18 08:06:29 SilenceServices sshd[30634]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.245.36.116	2019-08-18 14:11:07
138.219.192.98	attack	Invalid user hades from 138.219.192.98 port 38383	2019-08-18 13:59:08
202.28.64.1	attack	Aug 18 06:13:04 hcbbdb sshd\[16952\]: Invalid user walid from 202.28.64.1 Aug 18 06:13:04 hcbbdb sshd\[16952\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.28.64.1 Aug 18 06:13:06 hcbbdb sshd\[16952\]: Failed password for invalid user walid from 202.28.64.1 port 19807 ssh2 Aug 18 06:18:29 hcbbdb sshd\[17516\]: Invalid user arnold from 202.28.64.1 Aug 18 06:18:29 hcbbdb sshd\[17516\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.28.64.1	2019-08-18 14:36:29
98.213.58.68	attack	web-1 [ssh] SSH Attack	2019-08-18 14:40:06
14.161.18.58	attackbots	SMB Server BruteForce Attack	2019-08-18 14:45:01
103.85.93.118	attackspam	Aug 18 01:27:58 aat-srv002 sshd[3647]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.85.93.118 Aug 18 01:28:00 aat-srv002 sshd[3647]: Failed password for invalid user Qwerty123 from 103.85.93.118 port 49240 ssh2 Aug 18 01:33:35 aat-srv002 sshd[3928]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.85.93.118 Aug 18 01:33:37 aat-srv002 sshd[3928]: Failed password for invalid user elsa from 103.85.93.118 port 40046 ssh2 ...	2019-08-18 14:44:25
103.207.39.21	attackbots	18.08.2019 06:35:39 SMTP access blocked by firewall	2019-08-18 14:48:01
138.197.147.233	attackbotsspam	Aug 18 09:13:43 srv-4 sshd\[32021\]: Invalid user shuai from 138.197.147.233 Aug 18 09:13:43 srv-4 sshd\[32021\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.147.233 Aug 18 09:13:45 srv-4 sshd\[32021\]: Failed password for invalid user shuai from 138.197.147.233 port 38692 ssh2 ...	2019-08-18 14:43:44
114.7.120.10	attackspam	Aug 18 01:47:00 plusreed sshd[4465]: Invalid user sdtdserver from 114.7.120.10 ...	2019-08-18 14:01:06

最近上报的IP列表

198.71.230.37	114.143.73.155	41.249.231.249	124.109.40.108
103.215.80.81	45.12.204.42	35.220.128.86	173.230.149.181
35.220.173.180	134.255.31.150	45.166.106.184	124.156.172.11
181.10.210.99	1.53.55.76	2.31.33.92	196.223.124.49
115.1.109.123	120.194.79.14	142.120.235.12	134.209.4.129