103.105.54.39 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): None

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
103.105.54.76	attackspam	srvr1: (mod_security) mod_security (id:942100) triggered by 103.105.54.76 (ID/-/103-105-54-76.megadata.net.id): 1 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/08/21 12:05:20 [error] 482759#0: 840549 [client 103.105.54.76] ModSecurity: Access denied with code 406 (phase 2). [file "/etc/modsecurity.d/REQUEST-942-APPLICATION-ATTACK-SQLI.conf"] [line "45"] [id "942100"] [rev ""] [msg ""] [redacted] [severity "0"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-sqli"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/152/248/66"] [tag "PCI/6.5.2"] [redacted] [uri "/forum/viewthread.php"] [unique_id "159801152043.928417"] [ref ""], client: 103.105.54.76, [redacted] request: "GET /forum/viewthread.php?thread_id=1122%27%29+OR+++%288559%3D0 HTTP/1.1" [redacted]	2020-08-21 23:06:22
103.105.54.137	attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-19 02:37:27

类型

评论内容

时间

103.105.54.76

attackspam

srvr1: (mod_security) mod_security (id:942100) triggered by 103.105.54.76 (ID/-/103-105-54-76.megadata.net.id): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/08/21 12:05:20 [error] 482759#0: *840549 [client 103.105.54.76] ModSecurity: Access denied with code 406 (phase 2).  [file "/etc/modsecurity.d/REQUEST-942-APPLICATION-ATTACK-SQLI.conf"] [line "45"] [id "942100"] [rev ""] [msg ""] [redacted] [severity "0"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-sqli"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/152/248/66"] [tag "PCI/6.5.2"] [redacted] [uri "/forum/viewthread.php"] [unique_id "159801152043.928417"] [ref ""], client: 103.105.54.76, [redacted] request: "GET /forum/viewthread.php?thread_id=1122%27%29+OR+++%288559%3D0 HTTP/1.1" [redacted]

2020-08-21 23:06:22

103.105.54.137

attack

MultiHost/MultiPort Probe, Scan, Hack -

2020-02-19 02:37:27

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.105.54.39
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 3277
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;103.105.54.39.			IN	A

;; AUTHORITY SECTION:
.			397	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022600 1800 900 604800 86400

;; Query time: 81 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Feb 26 23:45:01 CST 2022
;; MSG SIZE  rcvd: 106

HOST信息:

39.54.105.103.in-addr.arpa domain name pointer 103-105-54-39.megadata.net.id.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
39.54.105.103.in-addr.arpa	name = 103-105-54-39.megadata.net.id.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
82.64.138.80	attack	SSH bruteforce	2020-03-14 08:19:35
106.12.219.184	attackspambots	Invalid user paul from 106.12.219.184 port 37048	2020-03-14 08:46:58
217.9.94.74	attackspam	Mar 13 18:39:26 ws12vmsma01 sshd[53364]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.9.94.74 Mar 13 18:39:26 ws12vmsma01 sshd[53364]: Invalid user pi from 217.9.94.74 Mar 13 18:39:28 ws12vmsma01 sshd[53364]: Failed password for invalid user pi from 217.9.94.74 port 39050 ssh2 ...	2020-03-14 08:13:42
198.144.149.187	attackbots	2020-03-13 16:13:50 H=(tech9.technosolo.info) [198.144.149.187]:54394 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.2, 127.0.0.3) (https://www.spamhaus.org/sbl/query/SBL476536) 2020-03-13 16:13:52 H=(tech9.technosolo.info) [198.144.149.187]:54394 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.3, 127.0.0.2) (https://www.spamhaus.org/sbl/query/SBLCSS) 2020-03-13 16:13:52 H=(tech9.technosolo.info) [198.144.149.187]:54394 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.3, 127.0.0.2) (https://www.spamhaus.org/sbl/query/SBLCSS) ...	2020-03-14 08:23:14
190.213.0.117	attackspam	2020-03-13 22:12:34 H=$\[190.213.0.117\]$ \[190.213.0.117\]:4228 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed 2020-03-13 22:13:31 H=$\[190.213.0.117\]$ \[190.213.0.117\]:4248 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed 2020-03-13 22:14:01 H=$\[190.213.0.117\]$ \[190.213.0.117\]:4235 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed ...	2020-03-14 08:17:19
222.186.173.154	attackspambots	2020-03-13T14:36:28.468779homeassistant sshd[3632]: Failed password for root from 222.186.173.154 port 64826 ssh2 2020-03-14T00:16:47.327161homeassistant sshd[19592]: Failed none for root from 222.186.173.154 port 37594 ssh2 2020-03-14T00:16:47.562260homeassistant sshd[19592]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.154 user=root ...	2020-03-14 08:26:44
68.183.19.63	attackspam	Invalid user zpsserver from 68.183.19.63 port 51916	2020-03-14 08:20:30
185.86.167.118	attack	xmlrpc attack	2020-03-14 08:23:27
158.46.187.32	attackspam	Chat Spam	2020-03-14 08:18:49
77.247.110.97	attack	[2020-03-13 20:03:38] NOTICE[1148][C-00011647] chan_sip.c: Call from '' (77.247.110.97:61573) to extension '666301148566101002' rejected because extension not found in context 'public'. [2020-03-13 20:03:38] SECURITY[1163] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-03-13T20:03:38.298-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="666301148566101002",SessionID="0x7fd82c43c848",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/77.247.110.97/61573",ACLName="no_extension_match" [2020-03-13 20:03:55] NOTICE[1148][C-00011649] chan_sip.c: Call from '' (77.247.110.97:59442) to extension '147801148914258001' rejected because extension not found in context 'public'. [2020-03-13 20:03:55] SECURITY[1163] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-03-13T20:03:55.392-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="147801148914258001",SessionID="0x7fd82c40d3d8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddres ...	2020-03-14 08:14:48
159.89.3.172	attackspambots	DATE:2020-03-13 22:30:14, IP:159.89.3.172, PORT:ssh SSH brute force auth (docker-dc)	2020-03-14 08:24:42
197.214.114.90	attack	Mar 13 21:12:02 src: 197.214.114.90 signature match: "MISC MS Terminal Server communication attempt" (sid: 100077) tcp port: 3389	2020-03-14 08:16:56
125.124.30.186	attackbots	$f2bV_matches	2020-03-14 08:30:10
77.83.87.22	attackspam	20 attempts against mh_ha-misbehave-ban on pole	2020-03-14 08:42:10
106.12.118.30	attack	SASL PLAIN auth failed: ruser=...	2020-03-14 08:20:10

最近上报的IP列表

103.105.54.73	103.105.55.238	103.105.64.146	103.105.64.169
103.105.64.114	103.105.64.150	103.105.64.145	103.105.64.153
103.105.64.61	103.105.64.149	103.105.64.57	103.105.64.201
103.11.107.214	103.11.107.198	103.11.107.134	103.11.107.140
103.11.107.202	103.11.107.212	103.11.107.217	103.11.107.210