103.139.212.8 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Yunduan Interchange (Beijing) Computer Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Commercial

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Attempted connection to port 1433.	2020-08-27 17:28:54

相同子网IP讨论:

IP	类型	评论内容	时间
103.139.212.208	attackbotsspam	[H1.VM10] Blocked by UFW	2020-10-01 03:04:53
103.139.212.208	attackspambots	[H1.VM10] Blocked by UFW	2020-09-30 19:18:22
103.139.212.205	attackbots	Found on Alienvault / proto=6 . srcport=4051 . dstport=8443 . (3339)	2020-09-25 07:10:18
103.139.212.213	attackspam	443	2020-09-02 05:08:44
103.139.212.212	attackspambots	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2020-09-01 02:36:38
103.139.212.213	attackspam	Excessive Port-Scanning	2020-08-23 12:05:32
103.139.212.21	attackbots	SSH Brute Force	2020-05-10 02:04:35
103.139.212.21	attackspam	SSH invalid-user multiple login try	2020-05-08 15:47:20
103.139.212.20	attackspam	Unauthorized connection attempt detected from IP address 103.139.212.20 to port 1433 [J]	2020-01-06 14:47:31

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.139.212.8
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 33800
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;103.139.212.8.			IN	A

;; AUTHORITY SECTION:
.			422	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020082700 1800 900 604800 86400

;; Query time: 26 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Aug 27 17:28:47 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 8.212.139.103.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 8.212.139.103.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
54.36.126.81	attack	Jul 23 22:19:23 OPSO sshd\[11086\]: Invalid user usuario from 54.36.126.81 port 31396 Jul 23 22:19:23 OPSO sshd\[11086\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.36.126.81 Jul 23 22:19:26 OPSO sshd\[11086\]: Failed password for invalid user usuario from 54.36.126.81 port 31396 ssh2 Jul 23 22:23:37 OPSO sshd\[11855\]: Invalid user customer from 54.36.126.81 port 26422 Jul 23 22:23:37 OPSO sshd\[11855\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.36.126.81	2019-07-24 04:35:17
14.225.3.37	attack	DATE:2019-07-23 22:18:03, IP:14.225.3.37, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc-bis)	2019-07-24 05:11:22
43.243.128.213	attackspambots	Jul 23 22:41:27 giegler sshd[25216]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.243.128.213 user=root Jul 23 22:41:28 giegler sshd[25216]: Failed password for root from 43.243.128.213 port 32884 ssh2	2019-07-24 04:48:25
139.59.105.141	attackbotsspam	Jul 23 20:14:20 ip-172-31-62-245 sshd\[1922\]: Invalid user asecruc from 139.59.105.141\ Jul 23 20:14:22 ip-172-31-62-245 sshd\[1922\]: Failed password for invalid user asecruc from 139.59.105.141 port 42618 ssh2\ Jul 23 20:18:34 ip-172-31-62-245 sshd\[1953\]: Invalid user my from 139.59.105.141\ Jul 23 20:18:36 ip-172-31-62-245 sshd\[1953\]: Failed password for invalid user my from 139.59.105.141 port 59986 ssh2\ Jul 23 20:22:57 ip-172-31-62-245 sshd\[1986\]: Invalid user shift from 139.59.105.141\	2019-07-24 04:49:16
153.36.240.126	attack	2019-07-21 13:24:06 -> 2019-07-23 13:08:37 : 27 login attempts (153.36.240.126)	2019-07-24 05:09:11
77.247.110.238	attackspambots	SIP Server BruteForce Attack	2019-07-24 05:10:00
61.218.250.211	attackbots	WordPress login Brute force / Web App Attack on client site.	2019-07-24 04:52:54
85.93.133.178	attackspam	Jul 23 23:48:29 yabzik sshd[17080]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.93.133.178 Jul 23 23:48:31 yabzik sshd[17080]: Failed password for invalid user dana from 85.93.133.178 port 34205 ssh2 Jul 23 23:53:46 yabzik sshd[18743]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.93.133.178	2019-07-24 05:08:03
106.13.10.159	attackspam	Jul 23 22:23:11 * sshd[26073]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.10.159 Jul 23 22:23:13 * sshd[26073]: Failed password for invalid user downloads from 106.13.10.159 port 53124 ssh2	2019-07-24 04:45:08
54.37.232.131	attackspambots	Jul 23 22:21:00 SilenceServices sshd[26172]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.232.131 Jul 23 22:21:02 SilenceServices sshd[26172]: Failed password for invalid user steam from 54.37.232.131 port 38872 ssh2 Jul 23 22:22:14 SilenceServices sshd[26891]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.232.131	2019-07-24 05:03:43
77.247.108.142	attackbots	23.07.2019 20:24:22 Connection to port 5060 blocked by firewall	2019-07-24 05:03:10
203.186.158.178	attackbots	Jul 23 20:18:46 localhost sshd\[21666\]: Invalid user test from 203.186.158.178 port 52993 Jul 23 20:18:46 localhost sshd\[21666\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.186.158.178 Jul 23 20:18:48 localhost sshd\[21666\]: Failed password for invalid user test from 203.186.158.178 port 52993 ssh2 Jul 23 20:23:38 localhost sshd\[21876\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.186.158.178 user=root Jul 23 20:23:40 localhost sshd\[21876\]: Failed password for root from 203.186.158.178 port 28003 ssh2 ...	2019-07-24 04:34:38
1.168.147.1	attackbotsspam	Jul 22 09:41:54 localhost kernel: [15047107.872699] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=1.168.147.1 DST=[mungedIP2] LEN=40 TOS=0x00 PREC=0x00 TTL=52 ID=20838 PROTO=TCP SPT=16701 DPT=37215 WINDOW=14666 RES=0x00 SYN URGP=0 Jul 22 09:41:54 localhost kernel: [15047107.872727] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=1.168.147.1 DST=[mungedIP2] LEN=40 TOS=0x00 PREC=0x00 TTL=52 ID=20838 PROTO=TCP SPT=16701 DPT=37215 SEQ=758669438 ACK=0 WINDOW=14666 RES=0x00 SYN URGP=0 Jul 23 16:22:02 localhost kernel: [15157516.161375] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=1.168.147.1 DST=[mungedIP2] LEN=40 TOS=0x00 PREC=0x00 TTL=51 ID=33145 PROTO=TCP SPT=28659 DPT=37215 WINDOW=30696 RES=0x00 SYN URGP=0 Jul 23 16:22:02 localhost kernel: [15157516.161384] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=1.168.147.1 DST=[mungedIP2] LEN=40 TOS=0x00 PREC=0	2019-07-24 05:12:05
51.75.29.61	attackspambots	Jul 23 22:22:58 * sshd[26022]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.29.61 Jul 23 22:23:00 * sshd[26022]: Failed password for invalid user csserver from 51.75.29.61 port 36544 ssh2	2019-07-24 04:48:07
148.70.223.53	attack	Jul 23 15:17:47 aat-srv002 sshd[25321]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.223.53 Jul 23 15:17:49 aat-srv002 sshd[25321]: Failed password for invalid user ds from 148.70.223.53 port 41618 ssh2 Jul 23 15:23:14 aat-srv002 sshd[25470]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.223.53 Jul 23 15:23:17 aat-srv002 sshd[25470]: Failed password for invalid user user from 148.70.223.53 port 36380 ssh2 ...	2019-07-24 04:43:03

最近上报的IP列表

107.1.23.234	51.83.139.10	125.26.221.41	180.244.80.153
121.41.45.198	221.146.86.206	119.123.76.136	5.123.111.16
180.233.123.221	118.173.203.124	180.214.236.70	219.131.60.198
147.50.12.218	45.74.156.16	43.250.158.88	42.113.203.18
188.169.45.223	188.165.42.43	171.103.46.190	41.36.25.16