103.131.200.143

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Thailand

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
103.131.200.96	attackbotsspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/103.131.200.96/ TH - 1H : (20) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : TH NAME ASN : ASN138156 IP : 103.131.200.96 CIDR : 103.131.200.0/24 PREFIX COUNT : 4 UNIQUE IP COUNT : 1024 ATTACKS DETECTED ASN138156 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 1 DateTime : 2019-10-27 04:46:30 INFO : Port MAX SCAN Scan Detected and Blocked by ADMIN - data recovery	2019-10-27 18:52:54

类型

评论内容

时间

103.131.200.96

attackbotsspam

IP Ban Report :  
 https://help-dysk.pl/wordpress-firewall-plugins/ip/103.131.200.96/ 
 
 TH - 1H : (20)  
 Protection Against DDoS WordPress plugin :  
 "odzyskiwanie danych help-dysk" 
 IP Address Ranges by Country : TH 
 NAME ASN : ASN138156 
 
 IP : 103.131.200.96 
 
 CIDR : 103.131.200.0/24 
 
 PREFIX COUNT : 4 
 
 UNIQUE IP COUNT : 1024 
 
 
 ATTACKS DETECTED ASN138156 :  
  1H - 1 
  3H - 1 
  6H - 1 
 12H - 1 
 24H - 1 
 
 DateTime : 2019-10-27 04:46:30 
 
 INFO : Port MAX SCAN Scan Detected and Blocked by ADMIN  - data recovery

2019-10-27 18:52:54

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.131.200.143
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 42510
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;103.131.200.143.		IN	A

;; AUTHORITY SECTION:
.			366	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022031801 1800 900 604800 86400

;; Query time: 19 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Mar 19 08:49:57 CST 2022
;; MSG SIZE  rcvd: 108

HOST信息:

143.200.131.103.in-addr.arpa domain name pointer 103-131-200-143.static.idc.csne.co.th.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
143.200.131.103.in-addr.arpa	name = 103-131-200-143.static.idc.csne.co.th.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
40.73.6.1	attack	Jun 29 18:19:49 nextcloud sshd\[14155\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.73.6.1 user=root Jun 29 18:19:50 nextcloud sshd\[14155\]: Failed password for root from 40.73.6.1 port 29678 ssh2 Jun 29 18:45:16 nextcloud sshd\[15413\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.73.6.1 user=root	2020-06-30 01:01:47
40.118.226.96	attackspambots	Jun 29 14:34:41 gestao sshd[22725]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.118.226.96 Jun 29 14:34:44 gestao sshd[22725]: Failed password for invalid user darwin from 40.118.226.96 port 41052 ssh2 Jun 29 14:38:25 gestao sshd[22869]: Failed password for root from 40.118.226.96 port 41448 ssh2 ...	2020-06-30 01:13:02
161.35.206.174	attack	\[Mon Jun 29 15:30:45 2020\] \[error\] \[client 161.35.206.174\] client denied by server configuration: /var/www/html/default/ \[Mon Jun 29 15:30:45 2020\] \[error\] \[client 161.35.206.174\] client denied by server configuration: /var/www/html/default/.noindex.html \[Mon Jun 29 15:30:53 2020\] \[error\] \[client 161.35.206.174\] client denied by server configuration: /var/www/html/default/ \[Mon Jun 29 15:30:53 2020\] \[error\] \[client 161.35.206.174\] client denied by server configuration: /var/www/html/default/.noindex.html ...	2020-06-30 00:51:39
123.31.27.102	attackspambots	Jun 29 14:09:23 marvibiene sshd[24837]: Invalid user yiyuan from 123.31.27.102 port 38300 Jun 29 14:09:23 marvibiene sshd[24837]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.31.27.102 Jun 29 14:09:23 marvibiene sshd[24837]: Invalid user yiyuan from 123.31.27.102 port 38300 Jun 29 14:09:25 marvibiene sshd[24837]: Failed password for invalid user yiyuan from 123.31.27.102 port 38300 ssh2 ...	2020-06-30 00:41:39
182.242.143.38	attackspambots	Scanned 290 unique addresses for 2 unique TCP ports in 24 hours (ports 2060,31042)	2020-06-30 01:21:53
197.229.1.26	attackspam	Jun 29 13:08:56 server postfix/smtpd[8032]: NOQUEUE: reject: RCPT from 8ta-229-1-26.telkomadsl.co.za[197.229.1.26]: 554 5.7.1 Service unavailable; Client host [197.229.1.26] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/197.229.1.26; from= to= proto=ESMTP helo=<8ta-229-1-113.telkomadsl.co.za>	2020-06-30 01:21:28
196.200.146.3	attack	TCP (SYN) 196.200.146.3:53101 -> port 22, len 44	2020-06-30 01:10:16
185.39.10.38	attackbotsspam	Jun 29 18:07:24 debian-2gb-nbg1-2 kernel: \[15705486.272978\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=185.39.10.38 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=53712 PROTO=TCP SPT=51740 DPT=12741 WINDOW=1024 RES=0x00 SYN URGP=0	2020-06-30 00:53:36
129.211.111.239	attack	Jun 29 17:35:51 nextcloud sshd\[15923\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.111.239 user=root Jun 29 17:35:52 nextcloud sshd\[15923\]: Failed password for root from 129.211.111.239 port 37792 ssh2 Jun 29 17:41:20 nextcloud sshd\[22755\]: Invalid user ftp_id from 129.211.111.239 Jun 29 17:41:20 nextcloud sshd\[22755\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.111.239	2020-06-30 00:47:44
113.161.62.158	attack	'IP reached maximum auth failures for a one day block'	2020-06-30 00:54:08
148.72.209.9	attackbotsspam	C1,WP GET /suche/wp-login.php	2020-06-30 00:47:14
191.5.130.69	attackbotsspam	Jun 29 13:07:25 roki-contabo sshd\[14455\]: Invalid user cdk from 191.5.130.69 Jun 29 13:07:25 roki-contabo sshd\[14455\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.5.130.69 Jun 29 13:07:27 roki-contabo sshd\[14455\]: Failed password for invalid user cdk from 191.5.130.69 port 34530 ssh2 Jun 29 13:09:20 roki-contabo sshd\[14491\]: Invalid user mdb from 191.5.130.69 Jun 29 13:09:20 roki-contabo sshd\[14491\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.5.130.69 ...	2020-06-30 00:54:25
109.125.240.73	attack	xmlrpc attack	2020-06-30 00:58:47
66.84.122.131	attackspambots	Jun 29 14:09:27 server2 sshd\[26640\]: Invalid user admin from 66.84.122.131 Jun 29 14:09:29 server2 sshd\[26642\]: User root from 66.84.122.131 not allowed because not listed in AllowUsers Jun 29 14:09:30 server2 sshd\[26644\]: Invalid user admin from 66.84.122.131 Jun 29 14:09:31 server2 sshd\[26646\]: Invalid user admin from 66.84.122.131 Jun 29 14:09:33 server2 sshd\[26648\]: Invalid user admin from 66.84.122.131 Jun 29 14:09:34 server2 sshd\[26650\]: User apache from 66.84.122.131 not allowed because not listed in AllowUsers	2020-06-30 00:42:50
45.174.11.107	attack	Unauthorized connection attempt detected from IP address 45.174.11.107 to port 23	2020-06-30 01:03:46

最近上报的IP列表

103.130.218.4	103.132.235.162	103.133.214.138	103.137.184.174
103.138.96.34	103.139.103.7	103.139.2.6	103.139.3.10
103.14.120.241	103.14.120.246	103.14.34.102	103.14.42.54
103.14.96.91	103.14.99.15	103.141.108.122	103.141.96.112
103.141.96.52	103.141.96.6	103.141.96.80	103.141.97.113