103.105.54.10 - IPInfo

基本信息:

城市(city): Sendangagung

省份(region): Yogyakarta

国家(country): Indonesia

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
103.105.54.76	attackspam	srvr1: (mod_security) mod_security (id:942100) triggered by 103.105.54.76 (ID/-/103-105-54-76.megadata.net.id): 1 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/08/21 12:05:20 [error] 482759#0: 840549 [client 103.105.54.76] ModSecurity: Access denied with code 406 (phase 2). [file "/etc/modsecurity.d/REQUEST-942-APPLICATION-ATTACK-SQLI.conf"] [line "45"] [id "942100"] [rev ""] [msg ""] [redacted] [severity "0"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-sqli"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/152/248/66"] [tag "PCI/6.5.2"] [redacted] [uri "/forum/viewthread.php"] [unique_id "159801152043.928417"] [ref ""], client: 103.105.54.76, [redacted] request: "GET /forum/viewthread.php?thread_id=1122%27%29+OR+++%288559%3D0 HTTP/1.1" [redacted]	2020-08-21 23:06:22
103.105.54.137	attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-19 02:37:27

类型

评论内容

时间

103.105.54.76

attackspam

srvr1: (mod_security) mod_security (id:942100) triggered by 103.105.54.76 (ID/-/103-105-54-76.megadata.net.id): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/08/21 12:05:20 [error] 482759#0: *840549 [client 103.105.54.76] ModSecurity: Access denied with code 406 (phase 2).  [file "/etc/modsecurity.d/REQUEST-942-APPLICATION-ATTACK-SQLI.conf"] [line "45"] [id "942100"] [rev ""] [msg ""] [redacted] [severity "0"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-sqli"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/152/248/66"] [tag "PCI/6.5.2"] [redacted] [uri "/forum/viewthread.php"] [unique_id "159801152043.928417"] [ref ""], client: 103.105.54.76, [redacted] request: "GET /forum/viewthread.php?thread_id=1122%27%29+OR+++%288559%3D0 HTTP/1.1" [redacted]

2020-08-21 23:06:22

103.105.54.137

attack

MultiHost/MultiPort Probe, Scan, Hack -

2020-02-19 02:37:27

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.105.54.10
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 53844
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;103.105.54.10.			IN	A

;; AUTHORITY SECTION:
.			298	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022031100 1800 900 604800 86400

;; Query time: 92 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Mar 11 16:16:03 CST 2022
;; MSG SIZE  rcvd: 106

HOST信息:

b'10.54.105.103.in-addr.arpa domain name pointer 103-105-54-10.megadata.net.id.
'

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
10.54.105.103.in-addr.arpa	name = 103-105-54-10.megadata.net.id.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
178.251.24.158	attackspambots	kidness.family 178.251.24.158 \[22/Jun/2019:22:49:08 +0200\] "POST /wp-login.php HTTP/1.1" 200 5615 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" kidness.family 178.251.24.158 \[22/Jun/2019:22:49:09 +0200\] "POST /wp-login.php HTTP/1.1" 200 5609 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-06-23 06:29:06
202.92.7.113	attackbots	xmlrpc attack	2019-06-23 06:16:44
85.128.142.103	attackbotsspam	xmlrpc attack	2019-06-23 06:29:32
185.36.81.176	attackbots	Jun 22 22:22:44 postfix/smtpd: warning: unknown[185.36.81.176]: SASL LOGIN authentication failed	2019-06-23 06:24:09
216.70.104.168	attackspambots	xmlrpc attack	2019-06-23 06:20:59
185.206.224.201	attackbots	Automatic report - Web App Attack	2019-06-23 06:19:26
177.137.160.106	attackspam	Jun 22 14:23:30 srv1 postfix/smtpd[16346]: connect from 177-137-160-106.rvnet.net.br[177.137.160.106] Jun x@x Jun 22 14:23:37 srv1 postfix/smtpd[16346]: lost connection after RCPT from 177-137-160-106.rvnet.net.br[177.137.160.106] Jun 22 14:23:37 srv1 postfix/smtpd[16346]: disconnect from 177-137-160-106.rvnet.net.br[177.137.160.106] Jun 22 15:31:59 srv1 postfix/smtpd[21566]: connect from 177-137-160-106.rvnet.net.br[177.137.160.106] Jun x@x Jun x@x Jun 22 15:32:12 srv1 postfix/smtpd[21566]: lost connection after RCPT from 177-137-160-106.rvnet.net.br[177.137.160.106] Jun 22 15:32:12 srv1 postfix/smtpd[21566]: disconnect from 177-137-160-106.rvnet.net.br[177.137.160.106] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=177.137.160.106	2019-06-23 06:08:04
66.85.228.185	attackbots	Telnet brute force and port scan	2019-06-23 05:57:55
142.4.196.141	attackbots	Unauthorized connection attempt from IP address 142.4.196.141 on Port 3389(RDP)	2019-06-23 06:21:17
98.142.107.242	attackspam	xmlrpc attack	2019-06-23 06:31:34
189.112.53.121	attack	Unauthorized connection attempt from IP address 189.112.53.121 on Port 445(SMB)	2019-06-23 06:00:31
72.52.150.93	attack	xmlrpc attack	2019-06-23 06:18:41
194.59.251.93	attackbotsspam	port scan and connect, tcp 443 (https)	2019-06-23 06:13:31
139.199.164.87	attack	Invalid user bahin from 139.199.164.87 port 36288	2019-06-23 06:02:08
155.4.242.166	attackbots	Jun 22 18:11:39 nginx sshd[8094]: Connection from 155.4.242.166 port 60618 on 10.23.102.80 port 22 Jun 22 18:12:03 nginx sshd[8094]: Invalid user super from 155.4.242.166	2019-06-23 06:10:40

最近上报的IP列表

103.105.49.187	103.105.54.69	103.105.97.85	103.106.168.19
103.106.168.26	103.106.192.28	103.106.194.142	103.106.22.189
103.106.235.145	148.240.125.171	103.106.236.223	103.106.242.159
103.106.7.217	103.107.132.185	103.107.175.150	103.107.181.33
103.107.182.41	103.107.182.48	103.107.237.91	103.107.244.224