103.129.254.19

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Hong Kong

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.129.254.19
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 53237
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;103.129.254.19.			IN	A

;; AUTHORITY SECTION:
.			135	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2023102100 1800 900 604800 86400

;; Query time: 63 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Oct 22 00:55:57 CST 2023
;; MSG SIZE  rcvd: 107

HOST信息:

Host 19.254.129.103.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 19.254.129.103.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
185.220.101.9	attackspam	Time: Fri Sep 11 08:15:25 2020 +0000 IP: 185.220.101.9 (DE/Germany/-) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Sep 11 08:15:15 vps3 sshd[29284]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.220.101.9 user=root Sep 11 08:15:17 vps3 sshd[29284]: Failed password for root from 185.220.101.9 port 27742 ssh2 Sep 11 08:15:19 vps3 sshd[29284]: Failed password for root from 185.220.101.9 port 27742 ssh2 Sep 11 08:15:22 vps3 sshd[29284]: Failed password for root from 185.220.101.9 port 27742 ssh2 Sep 11 08:15:24 vps3 sshd[29284]: Failed password for root from 185.220.101.9 port 27742 ssh2	2020-09-11 16:29:11
45.148.10.186	attackspam	TCP (SYN) 45.148.10.186:57476 -> port 4567, len 44	2020-09-11 16:33:51
141.85.216.231	attack	141.85.216.231 - - \[11/Sep/2020:03:38:04 +0200\] "POST /wp-login.php HTTP/1.0" 200 4128 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 141.85.216.231 - - \[11/Sep/2020:03:38:05 +0200\] "POST /wp-login.php HTTP/1.0" 200 4134 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 141.85.216.231 - - \[11/Sep/2020:03:38:06 +0200\] "POST /xmlrpc.php HTTP/1.0" 200 736 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2020-09-11 16:53:37
116.87.91.32	attack	Port Scan ...	2020-09-11 16:48:30
211.22.154.223	attackbotsspam	2020-09-10T22:30:03+0200 Failed SSH Authentication/Brute Force Attack. (Server 9)	2020-09-11 16:34:26
88.86.4.124	attackbots	Automatic report - XMLRPC Attack	2020-09-11 16:26:43
103.145.13.205	attackbotsspam	[2020-09-10 21:04:54] NOTICE[1239][C-0000107e] chan_sip.c: Call from '' (103.145.13.205:5070) to extension '+972595897084' rejected because extension not found in context 'public'. [2020-09-10 21:04:54] SECURITY[1264] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-09-10T21:04:54.767-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="+972595897084",SessionID="0x7f4d480f08c8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/103.145.13.205/5070",ACLName="no_extension_match" [2020-09-10 21:12:54] NOTICE[1239][C-00001091] chan_sip.c: Call from '' (103.145.13.205:5078) to extension '972595897084' rejected because extension not found in context 'public'. [2020-09-10 21:12:54] SECURITY[1264] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-09-10T21:12:54.766-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="972595897084",SessionID="0x7f4d484dbdb8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/103.145.13 ...	2020-09-11 16:21:56
183.129.163.142	attackbotsspam	5x Failed Password	2020-09-11 16:24:48
92.63.196.33	attackspam	TCP (SYN) 92.63.196.33:56920 -> port 33389, len 44	2020-09-11 16:29:40
18.18.248.17	attack	2020-09-11T07:19[Censored Hostname] sshd[18071]: Failed password for root from 18.18.248.17 port 8432 ssh2 2020-09-11T07:19[Censored Hostname] sshd[18071]: Failed password for root from 18.18.248.17 port 8432 ssh2 2020-09-11T07:19[Censored Hostname] sshd[18071]: Failed password for root from 18.18.248.17 port 8432 ssh2[...]	2020-09-11 16:38:44
149.91.98.249	attackbotsspam	Sep 10 23:01:05 vps639187 sshd\[26199\]: Invalid user admin from 149.91.98.249 port 1768 Sep 10 23:01:05 vps639187 sshd\[26199\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.91.98.249 Sep 10 23:01:07 vps639187 sshd\[26199\]: Failed password for invalid user admin from 149.91.98.249 port 1768 ssh2 ...	2020-09-11 16:43:41
106.75.214.102	attackbots	Lines containing failures of 106.75.214.102 Sep 9 20:46:14 www sshd[7425]: Invalid user nx from 106.75.214.102 port 33308 Sep 9 20:46:14 www sshd[7425]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.214.102 Sep 9 20:46:16 www sshd[7425]: Failed password for invalid user nx from 106.75.214.102 port 33308 ssh2 Sep 9 20:46:16 www sshd[7425]: Received disconnect from 106.75.214.102 port 33308:11: Bye Bye [preauth] Sep 9 20:46:16 www sshd[7425]: Disconnected from invalid user nx 106.75.214.102 port 33308 [preauth] Sep 9 20:48:45 www sshd[7762]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.214.102 user=r.r Sep 9 20:48:47 www sshd[7762]: Failed password for r.r from 106.75.214.102 port 58240 ssh2 Sep 9 20:48:47 www sshd[7762]: Received disconnect from 106.75.214.102 port 58240:11: Bye Bye [preauth] Sep 9 20:48:47 www sshd[7762]: Disconnected from authenticating user r.r ........ ------------------------------	2020-09-11 16:23:01
117.79.132.166	attackspambots	Sep 11 10:00:50 haigwepa sshd[30170]: Failed password for root from 117.79.132.166 port 35122 ssh2 ...	2020-09-11 16:37:14
119.93.115.89	attackspam	SMB Server BruteForce Attack	2020-09-11 16:46:19
77.89.228.66	attackspam	srvr1: (mod_security) mod_security (id:920350) triggered by 77.89.228.66 (MD/-/static.77.89.228.66.tmg.md): 1 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/09/11 04:49:37 [error] 12751#0: 37039 [client 77.89.228.66] ModSecurity: Access denied with code 406 (phase 2). Matched "Operator `Rx' with parameter `^[\d.:]+$' against variable `REQUEST_HEADERS:Host' [redacted] [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "718"] [id "920350"] [rev ""] [msg "Host header is a numeric IP address"] [redacted] [severity "4"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [redacted] [uri "/"] [unique_id "159979257768.597769"] [ref "o0,13v21,13"], client: 77.89.228.66, [redacted] request: "GET / HTTP/1.1" [redacted]	2020-09-11 16:36:59

最近上报的IP列表

103.129.49.115	103.129.44.133	103.129.29.194	103.129.42.177
103.129.47.58	103.129.255.47	103.129.242.192	103.129.3.132
103.129.237.146	103.129.23.41	103.129.221.34	103.129.229.128
103.129.221.116	103.129.211.27	103.129.212.102	103.129.197.174
103.129.201.101	103.129.205.65	103.129.194.205	103.129.18.166