103.119.145.4 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Indonesia

运营商(isp): PT Bali Towerindo Sentra TBK

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	web Attack on Wordpress site	2019-11-30 07:07:47

相同子网IP讨论:

IP	类型	评论内容	时间
103.119.145.10	attackspam	Unauthorized connection attempt from IP address 103.119.145.10 on Port 445(SMB)	2020-07-04 09:26:28
103.119.145.130	attackspam	Sep 8 10:14:13 vpn01 sshd\[15900\]: Invalid user testuser from 103.119.145.130 Sep 8 10:14:13 vpn01 sshd\[15900\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.119.145.130 Sep 8 10:14:15 vpn01 sshd\[15900\]: Failed password for invalid user testuser from 103.119.145.130 port 58978 ssh2	2019-09-08 20:12:20
103.119.145.130	attackbots	SSH Brute-Force reported by Fail2Ban	2019-09-08 00:24:44
103.119.145.130	attackspam	Sep 5 16:43:37 lvps83-169-44-148 sshd[21479]: reveeclipse mapping checking getaddrinfo for ip-145-130.balifiber.id [103.119.145.130] failed - POSSIBLE BREAK-IN ATTEMPT! Sep 5 16:43:37 lvps83-169-44-148 sshd[21479]: Invalid user deployer from 103.119.145.130 Sep 5 16:43:37 lvps83-169-44-148 sshd[21479]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.119.145.130 Sep 5 16:43:40 lvps83-169-44-148 sshd[21479]: Failed password for invalid user deployer from 103.119.145.130 port 38904 ssh2 Sep 5 17:21:26 lvps83-169-44-148 sshd[25494]: reveeclipse mapping checking getaddrinfo for ip-145-130.balifiber.id [103.119.145.130] failed - POSSIBLE BREAK-IN ATTEMPT! Sep 5 17:21:26 lvps83-169-44-148 sshd[25494]: Invalid user minecraft from 103.119.145.130 Sep 5 17:21:26 lvps83-169-44-148 sshd[25494]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.119.145.130 Sep 5 17:21:28 lvps83-169-44-148........ -------------------------------	2019-09-06 05:46:40

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.119.145.4
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 32462
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;103.119.145.4.			IN	A

;; AUTHORITY SECTION:
.			315	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019112901 1800 900 604800 86400

;; Query time: 55 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Nov 30 07:07:44 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

4.145.119.103.in-addr.arpa domain name pointer ip-145-4.balifiber.id.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
4.145.119.103.in-addr.arpa	name = ip-145-4.balifiber.id.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
101.231.201.50	attackspambots	Aug 3 18:57:03 www5 sshd\[31109\]: Invalid user suser from 101.231.201.50 Aug 3 18:57:03 www5 sshd\[31109\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.231.201.50 Aug 3 18:57:05 www5 sshd\[31109\]: Failed password for invalid user suser from 101.231.201.50 port 21753 ssh2 ...	2019-08-04 01:27:48
187.58.65.21	attack	Aug 3 17:36:32 dedicated sshd[3538]: Invalid user stephanie from 187.58.65.21 port 58700	2019-08-04 01:10:31
186.206.134.122	attackbotsspam	Aug 3 17:35:49 localhost sshd\[11856\]: Invalid user vnc from 186.206.134.122 port 37986 Aug 3 17:35:49 localhost sshd\[11856\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.206.134.122 Aug 3 17:35:51 localhost sshd\[11856\]: Failed password for invalid user vnc from 186.206.134.122 port 37986 ssh2 Aug 3 17:41:48 localhost sshd\[12126\]: Invalid user jboss from 186.206.134.122 port 57540 Aug 3 17:41:48 localhost sshd\[12126\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.206.134.122 ...	2019-08-04 01:55:51
51.68.190.223	attackspam	Aug 3 12:36:40 aat-srv002 sshd[14793]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.190.223 Aug 3 12:36:41 aat-srv002 sshd[14793]: Failed password for invalid user philip from 51.68.190.223 port 56818 ssh2 Aug 3 12:42:41 aat-srv002 sshd[14954]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.190.223 Aug 3 12:42:42 aat-srv002 sshd[14954]: Failed password for invalid user cam from 51.68.190.223 port 53548 ssh2 ...	2019-08-04 01:49:44
49.88.112.66	attackbotsspam	2019-08-03T16:24:57.264721abusebot.cloudsearch.cf sshd\[14682\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.66 user=root	2019-08-04 00:55:22
77.40.90.124	attackspam	Brute force attempt	2019-08-04 00:35:04
195.211.84.103	attackspambots	Automatic report - Port Scan Attack	2019-08-04 01:16:38
106.13.63.134	attack	2019-08-01T23:21:25.169420mail.arvenenaske.de sshd[5389]: Invalid user user from 106.13.63.134 port 46794 2019-08-01T23:21:25.175728mail.arvenenaske.de sshd[5389]: pam_sss(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.63.134 user=user 2019-08-01T23:21:25.176648mail.arvenenaske.de sshd[5389]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.63.134 2019-08-01T23:21:25.169420mail.arvenenaske.de sshd[5389]: Invalid user user from 106.13.63.134 port 46794 2019-08-01T23:21:27.199429mail.arvenenaske.de sshd[5389]: Failed password for invalid user user from 106.13.63.134 port 46794 ssh2 2019-08-01T23:25:36.952635mail.arvenenaske.de sshd[5401]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.63.134 user=r.r 2019-08-01T23:25:39.101107mail.arvenenaske.de sshd[5401]: Failed password for r.r from 106.13.63.134 port 57456 ssh2 2019-08-01T23:29:47.368707........ ------------------------------	2019-08-04 00:39:42
177.10.241.75	attackspam	failed_logins	2019-08-04 01:20:40
65.111.162.182	attack	2019-08-03T16:35:58.007774abusebot-6.cloudsearch.cf sshd\[2120\]: Invalid user uftp from 65.111.162.182 port 34818	2019-08-04 00:47:23
5.188.86.114	attackspam	08/03/2019-12:53:00.029360 5.188.86.114 Protocol: 6 ET CINS Active Threat Intelligence Poor Reputation IP group 6	2019-08-04 01:28:28
37.52.9.242	attack	Aug 3 16:53:02 mail sshd\[12875\]: Invalid user melisenda from 37.52.9.242 port 54280 Aug 3 16:53:02 mail sshd\[12875\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.52.9.242 ...	2019-08-04 01:08:59
77.247.110.216	attackspam	\[2019-08-03 13:28:27\] NOTICE\[2288\] chan_sip.c: Registration from '"120" \' failed for '77.247.110.216:5997' - Wrong password \[2019-08-03 13:28:27\] SECURITY\[2326\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-08-03T13:28:27.850-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="120",SessionID="0x7ff4d07e79a8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/77.247.110.216/5997",Challenge="477991d6",ReceivedChallenge="477991d6",ReceivedHash="e2d13159e89a19454a22a18e3736fc2b" \[2019-08-03 13:28:27\] NOTICE\[2288\] chan_sip.c: Registration from '"120" \' failed for '77.247.110.216:5997' - Wrong password \[2019-08-03 13:28:27\] SECURITY\[2326\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-08-03T13:28:27.944-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="120",SessionID="0x7ff4d0348688",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/7	2019-08-04 01:49:14
103.82.221.190	attackspam	Aug 2 10:18:24 sanyalnet-awsem3-1 sshd[29865]: Connection from 103.82.221.190 port 51106 on 172.30.0.184 port 22 Aug 2 10:18:26 sanyalnet-awsem3-1 sshd[29865]: Invalid user system from 103.82.221.190 Aug 2 10:18:26 sanyalnet-awsem3-1 sshd[29865]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.82.221.190 Aug 2 10:18:27 sanyalnet-awsem3-1 sshd[29865]: Failed password for invalid user system from 103.82.221.190 port 51106 ssh2 Aug 2 10:18:27 sanyalnet-awsem3-1 sshd[29865]: Received disconnect from 103.82.221.190: 11: Bye Bye [preauth] Aug 2 10:36:35 sanyalnet-awsem3-1 sshd[30631]: Connection from 103.82.221.190 port 50546 on 172.30.0.184 port 22 Aug 2 10:36:37 sanyalnet-awsem3-1 sshd[30631]: User r.r from 103.82.221.190 not allowed because not listed in AllowUsers Aug 2 10:36:37 sanyalnet-awsem3-1 sshd[30631]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.82.221.190 user=r......... -------------------------------	2019-08-04 01:22:54
219.145.144.65	attackbots	This IP address was blacklisted for the following reason: /demo/wp-login.php @ 2019-07-31T15:21:23+02:00.	2019-08-04 01:34:17

最近上报的IP列表

91.192.44.102	173.245.52.169	143.150.168.117	124.235.138.121
124.160.236.194	94.158.39.231	27.71.232.142	212.232.40.60
111.38.216.94	13.82.225.162	36.65.75.121	186.115.158.26
124.163.225.179	178.125.74.196	45.143.221.26	189.129.106.19
171.235.61.38	220.150.232.53	41.79.65.177	212.8.242.135