103.105.54.42 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): None

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
103.105.54.76	attackspam	srvr1: (mod_security) mod_security (id:942100) triggered by 103.105.54.76 (ID/-/103-105-54-76.megadata.net.id): 1 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/08/21 12:05:20 [error] 482759#0: 840549 [client 103.105.54.76] ModSecurity: Access denied with code 406 (phase 2). [file "/etc/modsecurity.d/REQUEST-942-APPLICATION-ATTACK-SQLI.conf"] [line "45"] [id "942100"] [rev ""] [msg ""] [redacted] [severity "0"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-sqli"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/152/248/66"] [tag "PCI/6.5.2"] [redacted] [uri "/forum/viewthread.php"] [unique_id "159801152043.928417"] [ref ""], client: 103.105.54.76, [redacted] request: "GET /forum/viewthread.php?thread_id=1122%27%29+OR+++%288559%3D0 HTTP/1.1" [redacted]	2020-08-21 23:06:22
103.105.54.137	attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-19 02:37:27

类型

评论内容

时间

103.105.54.76

attackspam

srvr1: (mod_security) mod_security (id:942100) triggered by 103.105.54.76 (ID/-/103-105-54-76.megadata.net.id): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/08/21 12:05:20 [error] 482759#0: *840549 [client 103.105.54.76] ModSecurity: Access denied with code 406 (phase 2).  [file "/etc/modsecurity.d/REQUEST-942-APPLICATION-ATTACK-SQLI.conf"] [line "45"] [id "942100"] [rev ""] [msg ""] [redacted] [severity "0"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-sqli"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/152/248/66"] [tag "PCI/6.5.2"] [redacted] [uri "/forum/viewthread.php"] [unique_id "159801152043.928417"] [ref ""], client: 103.105.54.76, [redacted] request: "GET /forum/viewthread.php?thread_id=1122%27%29+OR+++%288559%3D0 HTTP/1.1" [redacted]

2020-08-21 23:06:22

103.105.54.137

attack

MultiHost/MultiPort Probe, Scan, Hack -

2020-02-19 02:37:27

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.105.54.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 30399
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;103.105.54.42.			IN	A

;; AUTHORITY SECTION:
.			120	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022600 1800 900 604800 86400

;; Query time: 16 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Feb 26 23:45:01 CST 2022
;; MSG SIZE  rcvd: 106

HOST信息:

42.54.105.103.in-addr.arpa domain name pointer 103-105-54-42.megadata.net.id.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
42.54.105.103.in-addr.arpa	name = 103-105-54-42.megadata.net.id.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
45.148.10.62	attackbots	Brute force attempt	2019-12-17 01:55:16
106.13.53.173	attack	Dec 16 06:45:22 eddieflores sshd\[25365\]: Invalid user test from 106.13.53.173 Dec 16 06:45:22 eddieflores sshd\[25365\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.53.173 Dec 16 06:45:23 eddieflores sshd\[25365\]: Failed password for invalid user test from 106.13.53.173 port 44974 ssh2 Dec 16 06:53:38 eddieflores sshd\[26715\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.53.173 user=root Dec 16 06:53:41 eddieflores sshd\[26715\]: Failed password for root from 106.13.53.173 port 47050 ssh2	2019-12-17 01:59:04
47.202.7.30	attackbots	Dec 16 18:25:05 MK-Soft-Root2 sshd[16256]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=47.202.7.30 Dec 16 18:25:07 MK-Soft-Root2 sshd[16256]: Failed password for invalid user isaak from 47.202.7.30 port 55234 ssh2 ...	2019-12-17 01:46:49
109.89.98.42	attackspam	Telnet Server BruteForce Attack	2019-12-17 01:45:44
180.76.246.149	attackbots	Dec 16 07:06:54 kapalua sshd\[16868\]: Invalid user hung999 from 180.76.246.149 Dec 16 07:06:54 kapalua sshd\[16868\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.246.149 Dec 16 07:06:56 kapalua sshd\[16868\]: Failed password for invalid user hung999 from 180.76.246.149 port 59606 ssh2 Dec 16 07:15:03 kapalua sshd\[17825\]: Invalid user test2015 from 180.76.246.149 Dec 16 07:15:03 kapalua sshd\[17825\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.246.149	2019-12-17 02:05:29
122.51.220.247	attack	Invalid user cummings from 122.51.220.247 port 53274	2019-12-17 01:51:36
185.156.177.98	attack	RDP Brute-Force	2019-12-17 01:42:30
168.243.91.19	attackspam	Dec 16 07:33:07 sachi sshd\[17021\]: Invalid user fitzsimons from 168.243.91.19 Dec 16 07:33:07 sachi sshd\[17021\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.243.91.19 Dec 16 07:33:09 sachi sshd\[17021\]: Failed password for invalid user fitzsimons from 168.243.91.19 port 53331 ssh2 Dec 16 07:39:29 sachi sshd\[17715\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.243.91.19 user=sshd Dec 16 07:39:31 sachi sshd\[17715\]: Failed password for sshd from 168.243.91.19 port 56873 ssh2	2019-12-17 01:53:09
113.199.40.202	attackbots	Dec 16 06:38:05 kapalua sshd\[14020\]: Invalid user omae from 113.199.40.202 Dec 16 06:38:05 kapalua sshd\[14020\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.199.40.202 Dec 16 06:38:07 kapalua sshd\[14020\]: Failed password for invalid user omae from 113.199.40.202 port 56974 ssh2 Dec 16 06:44:52 kapalua sshd\[14748\]: Invalid user wwwrun from 113.199.40.202 Dec 16 06:44:52 kapalua sshd\[14748\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.199.40.202	2019-12-17 02:19:38
104.131.14.14	attackbots	Dec 16 18:15:01 vpn01 sshd[15710]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.14.14 Dec 16 18:15:04 vpn01 sshd[15710]: Failed password for invalid user yank from 104.131.14.14 port 37409 ssh2 ...	2019-12-17 01:44:09
98.143.144.2	attackspam	(imapd) Failed IMAP login from 98.143.144.2 (US/United States/98.143.144.2.static.quadranet.com): 1 in the last 3600 secs	2019-12-17 01:46:17
35.234.204.188	attack	Too many connections or unauthorized access detected from Arctic banned ip	2019-12-17 01:56:04
49.88.112.68	attackspambots	Dec 16 19:54:46 sauna sshd[192863]: Failed password for root from 49.88.112.68 port 13186 ssh2 ...	2019-12-17 02:11:36
203.125.145.58	attackspambots	Dec 16 18:57:45 vps647732 sshd[27291]: Failed password for root from 203.125.145.58 port 34744 ssh2 ...	2019-12-17 02:13:34
113.179.159.75	attack	1576507393 - 12/16/2019 15:43:13 Host: 113.179.159.75/113.179.159.75 Port: 445 TCP Blocked	2019-12-17 02:18:32

最近上报的IP列表

103.105.54.161	103.105.54.46	103.105.55.128	103.105.54.26
103.105.55.54	103.105.55.20	103.105.55.5	103.105.54.73
103.105.54.39	103.105.55.238	103.105.64.146	103.105.64.169
103.105.64.114	103.105.64.150	103.105.64.145	103.105.64.153
103.105.64.61	103.105.64.149	103.105.64.57	103.105.64.201