103.104.17.139

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Philippines

运营商(isp): Level 6 Crown 7 Building

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Commercial

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	SSH Brute Force	2020-04-29 14:03:42
attackbots	Dec 8 04:21:56 ws12vmsma01 sshd[44378]: Invalid user jens from 103.104.17.139 Dec 8 04:21:58 ws12vmsma01 sshd[44378]: Failed password for invalid user jens from 103.104.17.139 port 35404 ssh2 Dec 8 04:28:15 ws12vmsma01 sshd[45293]: Invalid user prashant from 103.104.17.139 ...	2019-12-08 16:57:42
attack	Nov 9 22:41:24 hanapaa sshd\[27120\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.104.17.139 user=root Nov 9 22:41:26 hanapaa sshd\[27120\]: Failed password for root from 103.104.17.139 port 49054 ssh2 Nov 9 22:45:54 hanapaa sshd\[27464\]: Invalid user fstab from 103.104.17.139 Nov 9 22:45:54 hanapaa sshd\[27464\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.104.17.139 Nov 9 22:45:55 hanapaa sshd\[27464\]: Failed password for invalid user fstab from 103.104.17.139 port 59996 ssh2	2019-11-10 22:02:17
attackbotsspam	Nov 6 22:30:43 lnxmysql61 sshd[24223]: Failed password for root from 103.104.17.139 port 55994 ssh2 Nov 6 22:30:43 lnxmysql61 sshd[24223]: Failed password for root from 103.104.17.139 port 55994 ssh2	2019-11-07 05:32:19
attack	SSH Brute Force	2019-11-01 12:24:10
attackspam	Oct 12 07:55:29 vtv3 sshd\[26546\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.104.17.139 user=root Oct 12 07:55:31 vtv3 sshd\[26546\]: Failed password for root from 103.104.17.139 port 42136 ssh2 Oct 12 07:59:47 vtv3 sshd\[28664\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.104.17.139 user=root Oct 12 07:59:49 vtv3 sshd\[28664\]: Failed password for root from 103.104.17.139 port 53766 ssh2 Oct 12 08:04:09 vtv3 sshd\[31338\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.104.17.139 user=root Oct 12 08:17:11 vtv3 sshd\[6964\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.104.17.139 user=root Oct 12 08:17:13 vtv3 sshd\[6964\]: Failed password for root from 103.104.17.139 port 43780 ssh2 Oct 12 08:21:45 vtv3 sshd\[9753\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rho	2019-10-12 16:12:23
attack	Oct 10 00:53:57 icinga sshd[2151]: Failed password for root from 103.104.17.139 port 43108 ssh2 ...	2019-10-10 07:17:01
attackbotsspam	Sep 30 18:53:06 webhost01 sshd[11802]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.104.17.139 Sep 30 18:53:08 webhost01 sshd[11802]: Failed password for invalid user spamers from 103.104.17.139 port 54390 ssh2 ...	2019-09-30 20:06:20
attackspambots	Sep 27 23:51:27 hcbbdb sshd\[14956\]: Invalid user arkserver from 103.104.17.139 Sep 27 23:51:27 hcbbdb sshd\[14956\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.104.17.139 Sep 27 23:51:29 hcbbdb sshd\[14956\]: Failed password for invalid user arkserver from 103.104.17.139 port 52464 ssh2 Sep 27 23:56:08 hcbbdb sshd\[15519\]: Invalid user webadmin from 103.104.17.139 Sep 27 23:56:08 hcbbdb sshd\[15519\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.104.17.139	2019-09-28 08:03:19
attackspam	Sep 27 09:57:23 tux-35-217 sshd\[31439\]: Invalid user uw from 103.104.17.139 port 56658 Sep 27 09:57:23 tux-35-217 sshd\[31439\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.104.17.139 Sep 27 09:57:25 tux-35-217 sshd\[31439\]: Failed password for invalid user uw from 103.104.17.139 port 56658 ssh2 Sep 27 10:02:12 tux-35-217 sshd\[31441\]: Invalid user emmanuel from 103.104.17.139 port 41214 Sep 27 10:02:12 tux-35-217 sshd\[31441\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.104.17.139 ...	2019-09-27 16:09:39
attackspam	2019-09-25T02:42:06.2198911495-001 sshd\[32615\]: Failed password for invalid user yuanwd from 103.104.17.139 port 53262 ssh2 2019-09-25T02:56:35.3201651495-001 sshd\[33599\]: Invalid user admin from 103.104.17.139 port 34794 2019-09-25T02:56:35.3275691495-001 sshd\[33599\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.104.17.139 2019-09-25T02:56:37.5929701495-001 sshd\[33599\]: Failed password for invalid user admin from 103.104.17.139 port 34794 ssh2 2019-09-25T03:01:21.0306131495-001 sshd\[33926\]: Invalid user samba from 103.104.17.139 port 47348 2019-09-25T03:01:21.0390841495-001 sshd\[33926\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.104.17.139 ...	2019-09-25 15:15:58
attackbotsspam	Sep 24 06:57:54 taivassalofi sshd[103653]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.104.17.139 Sep 24 06:57:56 taivassalofi sshd[103653]: Failed password for invalid user ubnt from 103.104.17.139 port 48232 ssh2 ...	2019-09-24 12:52:57
attack	Sep 21 12:27:44 eddieflores sshd\[26572\]: Invalid user ubuntu from 103.104.17.139 Sep 21 12:27:44 eddieflores sshd\[26572\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.104.17.139 Sep 21 12:27:46 eddieflores sshd\[26572\]: Failed password for invalid user ubuntu from 103.104.17.139 port 49450 ssh2 Sep 21 12:32:36 eddieflores sshd\[27106\]: Invalid user afaq from 103.104.17.139 Sep 21 12:32:36 eddieflores sshd\[27106\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.104.17.139	2019-09-22 06:38:20
attackbots	Sep 11 10:39:52 aat-srv002 sshd[20488]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.104.17.139 Sep 11 10:39:54 aat-srv002 sshd[20488]: Failed password for invalid user chris from 103.104.17.139 port 52222 ssh2 Sep 11 10:47:40 aat-srv002 sshd[20762]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.104.17.139 Sep 11 10:47:42 aat-srv002 sshd[20762]: Failed password for invalid user ftpusr from 103.104.17.139 port 34836 ssh2 ...	2019-09-11 23:52:37
attack	Aug 26 03:52:37 tdfoods sshd\[945\]: Invalid user anamaria from 103.104.17.139 Aug 26 03:52:37 tdfoods sshd\[945\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.104.17.139 Aug 26 03:52:39 tdfoods sshd\[945\]: Failed password for invalid user anamaria from 103.104.17.139 port 42288 ssh2 Aug 26 03:57:33 tdfoods sshd\[1557\]: Invalid user muh from 103.104.17.139 Aug 26 03:57:33 tdfoods sshd\[1557\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.104.17.139	2019-08-26 22:08:05
attackbotsspam	Aug 18 14:53:27 server sshd[4974]: Failed password for invalid user manuela from 103.104.17.139 port 43932 ssh2 Aug 18 14:58:52 server sshd[5465]: Failed password for invalid user game from 103.104.17.139 port 39138 ssh2 Aug 18 15:03:36 server sshd[5889]: Failed password for invalid user petra from 103.104.17.139 port 57740 ssh2	2019-08-18 22:08:30
attackspambots	Aug 16 04:02:17 MK-Soft-VM7 sshd\[8155\]: Invalid user temp1 from 103.104.17.139 port 39968 Aug 16 04:02:17 MK-Soft-VM7 sshd\[8155\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.104.17.139 Aug 16 04:02:19 MK-Soft-VM7 sshd\[8155\]: Failed password for invalid user temp1 from 103.104.17.139 port 39968 ssh2 ...	2019-08-16 12:07:06
attack	Aug 13 14:47:22 XXX sshd[53545]: Invalid user master from 103.104.17.139 port 42464	2019-08-13 22:35:38
attack	Aug 11 02:03:31 MK-Soft-Root1 sshd\[19890\]: Invalid user ci from 103.104.17.139 port 45276 Aug 11 02:03:31 MK-Soft-Root1 sshd\[19890\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.104.17.139 Aug 11 02:03:33 MK-Soft-Root1 sshd\[19890\]: Failed password for invalid user ci from 103.104.17.139 port 45276 ssh2 ...	2019-08-11 13:14:34
attackbotsspam	Aug 9 01:45:21 lnxded64 sshd[15180]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.104.17.139	2019-08-09 13:13:36
attackspam	Aug 7 19:45:53 debian sshd\[5608\]: Invalid user jenkins from 103.104.17.139 port 47856 Aug 7 19:45:53 debian sshd\[5608\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.104.17.139 Aug 7 19:45:55 debian sshd\[5608\]: Failed password for invalid user jenkins from 103.104.17.139 port 47856 ssh2 ...	2019-08-08 08:22:53
attackspambots	SSH/22 MH Probe, BF, Hack -	2019-08-07 17:03:12

相同子网IP讨论:

IP	类型	评论内容	时间
103.104.17.4	attackbots	Unauthorized connection attempt from IP address 103.104.17.4 on Port 445(SMB)	2020-01-14 05:03:18
103.104.17.4	attack	unauthorized connection attempt	2020-01-12 16:04:32
103.104.17.4	attackbots	Unauthorized connection attempt from IP address 103.104.17.4 on Port 445(SMB)	2019-10-31 04:24:16

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.104.17.139
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 25284
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;103.104.17.139.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019080700 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Aug 07 17:03:04 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

139.17.104.103.in-addr.arpa domain name pointer 103-104-17-139.static.rise.as.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
139.17.104.103.in-addr.arpa	name = 103-104-17-139.static.rise.as.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
97.74.24.174	attack	Probing for vulnerable PHP code /1v3qgyi9.php	2019-11-20 05:26:30
106.12.5.35	attackbots	5x Failed Password	2019-11-20 05:41:26
180.100.214.87	attack	Nov 19 11:11:21 web1 sshd\[29411\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.100.214.87 user=root Nov 19 11:11:23 web1 sshd\[29411\]: Failed password for root from 180.100.214.87 port 52726 ssh2 Nov 19 11:14:51 web1 sshd\[29715\]: Invalid user usman from 180.100.214.87 Nov 19 11:14:51 web1 sshd\[29715\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.100.214.87 Nov 19 11:14:53 web1 sshd\[29715\]: Failed password for invalid user usman from 180.100.214.87 port 59644 ssh2	2019-11-20 05:27:22
5.189.155.14	attackbotsspam	[Tue Nov 19 18:14:49.352426 2019] [:error] [pid 169845] [client 5.189.155.14:61000] [client 5.189.155.14] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "91"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 8)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "ws24vmsma01.ufn.edu.br"] [uri "/"] [unique_id "XdRbSWmZP48sGhKj7fEPNgAAAAU"] ...	2019-11-20 05:33:53
91.217.194.85	attack	2019-11-19T21:11:14.668816shield sshd\[4473\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.217.194.85 user=root 2019-11-19T21:11:16.818695shield sshd\[4473\]: Failed password for root from 91.217.194.85 port 58320 ssh2 2019-11-19T21:14:58.857586shield sshd\[5076\]: Invalid user sevenstars from 91.217.194.85 port 36890 2019-11-19T21:14:58.861751shield sshd\[5076\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.217.194.85 2019-11-19T21:15:01.426401shield sshd\[5076\]: Failed password for invalid user sevenstars from 91.217.194.85 port 36890 ssh2	2019-11-20 05:23:16
122.228.19.80	attackspam	Connection by 122.228.19.80 on port: 7779 got caught by honeypot at 11/19/2019 8:14:46 PM	2019-11-20 05:38:26
159.65.137.127	attackbotsspam	Nov 20 01:10:53 lcl-usvr-02 sshd[11687]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.137.127 user=root Nov 20 01:10:55 lcl-usvr-02 sshd[11687]: Failed password for root from 159.65.137.127 port 63034 ssh2 ...	2019-11-20 05:11:43
140.246.205.156	attack	Nov 19 22:15:03 localhost sshd\[30447\]: Invalid user names from 140.246.205.156 port 4056 Nov 19 22:15:03 localhost sshd\[30447\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.246.205.156 Nov 19 22:15:05 localhost sshd\[30447\]: Failed password for invalid user names from 140.246.205.156 port 4056 ssh2	2019-11-20 05:17:28
183.238.193.227	attack	Invalid user mail1 from 183.238.193.227 port 57866	2019-11-20 05:05:20
185.164.41.127	attackspam	Automatic report - Port Scan Attack	2019-11-20 05:36:25
15.165.26.233	attack	Nov 19 21:59:03 ovpn sshd\[19653\]: Invalid user apache from 15.165.26.233 Nov 19 21:59:03 ovpn sshd\[19653\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=15.165.26.233 Nov 19 21:59:05 ovpn sshd\[19653\]: Failed password for invalid user apache from 15.165.26.233 port 51924 ssh2 Nov 19 22:14:49 ovpn sshd\[23744\]: Invalid user wferlitz from 15.165.26.233 Nov 19 22:14:49 ovpn sshd\[23744\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=15.165.26.233	2019-11-20 05:32:22
106.12.130.148	attack	2019-11-19T22:11:01.691353 sshd[20640]: Invalid user guest from 106.12.130.148 port 59244 2019-11-19T22:11:01.705075 sshd[20640]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.130.148 2019-11-19T22:11:01.691353 sshd[20640]: Invalid user guest from 106.12.130.148 port 59244 2019-11-19T22:11:03.401767 sshd[20640]: Failed password for invalid user guest from 106.12.130.148 port 59244 ssh2 2019-11-19T22:15:02.940009 sshd[20670]: Invalid user reuschel from 106.12.130.148 port 37526 ...	2019-11-20 05:20:33
59.63.208.54	attackspam	Nov 19 11:10:54 wbs sshd\[16566\]: Invalid user colantoni from 59.63.208.54 Nov 19 11:10:54 wbs sshd\[16566\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.63.208.54 Nov 19 11:10:56 wbs sshd\[16566\]: Failed password for invalid user colantoni from 59.63.208.54 port 39594 ssh2 Nov 19 11:14:53 wbs sshd\[16925\]: Invalid user ftp from 59.63.208.54 Nov 19 11:14:53 wbs sshd\[16925\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.63.208.54	2019-11-20 05:29:13
209.17.96.146	attackbots	209.17.96.146 was recorded 5 times by 5 hosts attempting to connect to the following ports: 9092,5906,502,3389,6443. Incident counter (4h, 24h, all-time): 5, 49, 578	2019-11-20 05:35:23
198.108.67.90	attackbotsspam	198.108.67.90 was recorded 5 times by 5 hosts attempting to connect to the following ports: 5209,9136,2087,8779,2232. Incident counter (4h, 24h, all-time): 5, 20, 212	2019-11-20 05:24:11

最近上报的IP列表

202.0.59.168	22.104.101.95	132.226.126.160	248.172.70.201
220.76.81.190	225.87.248.25	72.188.108.186	49.33.73.59
32.156.243.65	79.45.51.105	41.236.63.109	72.89.234.162
230.58.79.95	182.148.253.174	217.139.119.29	181.247.110.64
177.27.20.251	203.1.214.24	154.85.16.56	134.76.55.16

基本信息:

用户上报:

相同子网IP讨论:

WHOIS信息:

DIG信息:

HOST信息:

NSLOOKUP信息:

相关IP信息:

最新评论:

最近上报的IP列表