103.139.44.130

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Viet Nam

运营商(isp): Trung Hieu Services Trading Investment Company Limited

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Port scan on 6 port(s): 3090 3375 3403 5389 8899 33894	2020-02-29 23:22:46

相同子网IP讨论:

IP	类型	评论内容	时间
103.139.44.90	attack	Auto Detect Rule! proto TCP (SYN), 103.139.44.90:48829->gjan.info:3389, len 40	2020-08-19 03:10:02
103.139.44.90	attackbotsspam	Unauthorized connection attempt from IP address 103.139.44.90 on Port 3389(RDP)	2020-08-06 01:12:29
103.139.44.210	attackspam	Jun 7 03:31:44 mail postfix/postscreen[31795]: DNSBL rank 3 for [103.139.44.210]:59910 ...	2020-06-29 05:17:47
103.139.44.210	attack	Jun 6 07:19:20 mail postfix/smtpd[73955]: warning: unknown[103.139.44.210]: SASL LOGIN authentication failed: generic failure Jun 6 07:19:21 mail postfix/smtpd[73955]: warning: unknown[103.139.44.210]: SASL LOGIN authentication failed: generic failure Jun 6 07:19:23 mail postfix/smtpd[73955]: warning: unknown[103.139.44.210]: SASL LOGIN authentication failed: generic failure ...	2020-06-06 15:41:46
103.139.44.210	attackspam	Unauthorized connection attempt detected from IP address 103.139.44.210 to port 25	2020-06-05 14:56:40
103.139.44.210	attackbotsspam	2020-06-04T01:26:01.009692www postfix/smtpd[16129]: warning: unknown[103.139.44.210]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2020-06-04T01:26:09.230288www postfix/smtpd[16129]: warning: unknown[103.139.44.210]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2020-06-04T01:26:22.274870www postfix/smtpd[16129]: warning: unknown[103.139.44.210]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-06-04 07:43:22
103.139.44.210	attack	Unauthorized connection attempt detected from IP address 103.139.44.210 to port 25	2020-06-04 02:36:11
103.139.44.210	attack	2020-06-03T11:59:01+02:00 exim[4041]: fixed_login authenticator failed for (User) [103.139.44.210]: 535 Incorrect authentication data (set_id=jim@mail.sma.hu)	2020-06-03 18:50:58
103.139.44.159	attackbots	2020-06-02T15:19:10.428004vps773228.ovh.net sshd[12488]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.139.44.159 user=root 2020-06-02T15:19:12.696979vps773228.ovh.net sshd[12488]: Failed password for root from 103.139.44.159 port 65167 ssh2 2020-06-02T15:19:10.428004vps773228.ovh.net sshd[12488]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.139.44.159 user=root 2020-06-02T15:19:12.696979vps773228.ovh.net sshd[12488]: Failed password for root from 103.139.44.159 port 65167 ssh2 2020-06-02T15:19:12.997781vps773228.ovh.net sshd[12488]: error: Received disconnect from 103.139.44.159 port 65167:3: com.jcraft.jsch.JSchException: Auth fail [preauth] ...	2020-06-03 00:14:37
103.139.44.210	attackbots	May 29 07:09:25 mail postfix/smtpd\[5149\]: warning: unknown\[103.139.44.210\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 29 07:09:32 mail postfix/smtpd\[5149\]: warning: unknown\[103.139.44.210\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 29 07:09:35 mail postfix/smtpd\[5274\]: warning: unknown\[103.139.44.210\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-05-29 16:06:22
103.139.44.210	attack	May 26 02:06:05 mail postfix/smtpd[57254]: warning: unknown[103.139.44.210]: SASL LOGIN authentication failed: generic failure May 26 02:06:06 mail postfix/smtpd[57254]: warning: unknown[103.139.44.210]: SASL LOGIN authentication failed: generic failure May 26 02:06:07 mail postfix/smtpd[57254]: warning: unknown[103.139.44.210]: SASL LOGIN authentication failed: generic failure ...	2020-05-26 11:41:45
103.139.44.210	attackspam	May 22 16:56:45 localhost postfix/smtpd[52743]: warning: unknown[103.139.44.210]: SASL LOGIN authentication failed: authentication failure May 22 16:56:48 localhost postfix/smtpd[52743]: warning: unknown[103.139.44.210]: SASL LOGIN authentication failed: authentication failure May 22 16:56:52 localhost postfix/smtpd[52743]: warning: unknown[103.139.44.210]: SASL LOGIN authentication failed: authentication failure ...	2020-05-22 22:10:22
103.139.44.210	attack	May 16 04:41:40 h2779839 postfix/smtpd[18519]: warning: unknown[103.139.44.210]: SASL LOGIN authentication failed: authentication failure May 16 04:41:43 h2779839 postfix/smtpd[18519]: warning: unknown[103.139.44.210]: SASL LOGIN authentication failed: authentication failure May 16 04:41:44 h2779839 postfix/smtpd[18519]: warning: unknown[103.139.44.210]: SASL LOGIN authentication failed: authentication failure May 16 04:41:45 h2779839 postfix/smtpd[18519]: warning: unknown[103.139.44.210]: SASL LOGIN authentication failed: authentication failure May 16 04:41:47 h2779839 postfix/smtpd[18519]: warning: unknown[103.139.44.210]: SASL LOGIN authentication failed: authentication failure ...	2020-05-16 22:02:32
103.139.44.55	attack	SMTP brute-force	2020-05-04 15:24:31
103.139.44.122	attack	Invalid user ubnt from 103.139.44.122 port 51170	2020-04-19 03:43:58

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.139.44.130
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 28848
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;103.139.44.130.			IN	A

;; AUTHORITY SECTION:
.			534	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020022900 1800 900 604800 86400

;; Query time: 103 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Feb 29 23:22:43 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 130.44.139.103.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 130.44.139.103.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
106.13.233.102	attack	Dec 9 14:35:34 Tower sshd[25521]: Connection from 106.13.233.102 port 36062 on 192.168.10.220 port 22 Dec 9 14:35:36 Tower sshd[25521]: Invalid user test from 106.13.233.102 port 36062 Dec 9 14:35:36 Tower sshd[25521]: error: Could not get shadow information for NOUSER Dec 9 14:35:36 Tower sshd[25521]: Failed password for invalid user test from 106.13.233.102 port 36062 ssh2 Dec 9 14:35:36 Tower sshd[25521]: Received disconnect from 106.13.233.102 port 36062:11: Bye Bye [preauth] Dec 9 14:35:36 Tower sshd[25521]: Disconnected from invalid user test 106.13.233.102 port 36062 [preauth]	2019-12-10 04:43:17
185.139.236.20	attack	Dec 9 22:28:11 gw1 sshd[26786]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.139.236.20 Dec 9 22:28:13 gw1 sshd[26786]: Failed password for invalid user kip from 185.139.236.20 port 50482 ssh2 ...	2019-12-10 04:36:26
188.162.44.31	attack	Unauthorized connection attempt from IP address 188.162.44.31 on Port 445(SMB)	2019-12-10 05:03:47
132.232.38.247	attackbotsspam	Dec 9 21:12:48 localhost sshd\[7598\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.38.247 user=root Dec 9 21:12:51 localhost sshd\[7598\]: Failed password for root from 132.232.38.247 port 25659 ssh2 Dec 9 21:19:13 localhost sshd\[8267\]: Invalid user mailtest from 132.232.38.247 port 31616 Dec 9 21:19:13 localhost sshd\[8267\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.38.247	2019-12-10 04:33:11
106.12.94.5	attackbots	Dec 9 16:16:10 srv01 sshd[21220]: Invalid user lorensen from 106.12.94.5 port 59406 Dec 9 16:16:10 srv01 sshd[21220]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.94.5 Dec 9 16:16:10 srv01 sshd[21220]: Invalid user lorensen from 106.12.94.5 port 59406 Dec 9 16:16:13 srv01 sshd[21220]: Failed password for invalid user lorensen from 106.12.94.5 port 59406 ssh2 Dec 9 16:23:38 srv01 sshd[21883]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.94.5 user=root Dec 9 16:23:40 srv01 sshd[21883]: Failed password for root from 106.12.94.5 port 58010 ssh2 ...	2019-12-10 05:08:21
196.192.110.67	attack	Dec 9 16:08:45 srv01 sshd[20473]: Invalid user dordahl from 196.192.110.67 port 56758 Dec 9 16:08:45 srv01 sshd[20473]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.192.110.67 Dec 9 16:08:45 srv01 sshd[20473]: Invalid user dordahl from 196.192.110.67 port 56758 Dec 9 16:08:47 srv01 sshd[20473]: Failed password for invalid user dordahl from 196.192.110.67 port 56758 ssh2 Dec 9 16:16:21 srv01 sshd[21227]: Invalid user rpm from 196.192.110.67 port 42322 ...	2019-12-10 05:05:42
61.244.196.102	attack	fail2ban honeypot	2019-12-10 04:27:27
106.13.12.210	attackbots	Dec 9 21:39:32 v22018076622670303 sshd\[1448\]: Invalid user azilina from 106.13.12.210 port 32916 Dec 9 21:39:32 v22018076622670303 sshd\[1448\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.12.210 Dec 9 21:39:33 v22018076622670303 sshd\[1448\]: Failed password for invalid user azilina from 106.13.12.210 port 32916 ssh2 ...	2019-12-10 04:48:38
54.39.147.2	attackbotsspam	detected by Fail2Ban	2019-12-10 05:04:43
217.24.242.37	attackbots	[munged]::80 217.24.242.37 - - [09/Dec/2019:16:00:30 +0100] "POST /[munged]: HTTP/1.1" 200 4226 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::80 217.24.242.37 - - [09/Dec/2019:16:00:31 +0100] "POST /[munged]: HTTP/1.1" 200 4225 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::80 217.24.242.37 - - [09/Dec/2019:16:00:33 +0100] "POST /[munged]: HTTP/1.1" 200 4225 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::80 217.24.242.37 - - [09/Dec/2019:16:00:35 +0100] "POST /[munged]: HTTP/1.1" 200 4225 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::80 217.24.242.37 - - [09/Dec/2019:16:00:36 +0100] "POST /[munged]: HTTP/1.1" 200 4225 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::80 217.24.242.37 - - [09/Dec/2019:16:00:37 +0100]	2019-12-10 04:50:59
51.38.37.128	attackbotsspam	$f2bV_matches	2019-12-10 04:47:17
103.92.104.235	attackbotsspam	2019-12-09T20:30:38.854183abusebot-8.cloudsearch.cf sshd\[21402\]: Invalid user pituley from 103.92.104.235 port 35342	2019-12-10 04:31:16
114.69.249.83	attackbotsspam	Unauthorized connection attempt detected from IP address 114.69.249.83 to port 445	2019-12-10 04:31:58
218.92.0.164	attack	Dec 9 15:58:26 linuxvps sshd\[63541\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.164 user=root Dec 9 15:58:28 linuxvps sshd\[63541\]: Failed password for root from 218.92.0.164 port 20083 ssh2 Dec 9 15:58:31 linuxvps sshd\[63541\]: Failed password for root from 218.92.0.164 port 20083 ssh2 Dec 9 15:58:33 linuxvps sshd\[63541\]: Failed password for root from 218.92.0.164 port 20083 ssh2 Dec 9 15:58:43 linuxvps sshd\[63735\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.164 user=root	2019-12-10 05:00:59
104.206.128.26	attackspambots	port scan and connect, tcp 3306 (mysql)	2019-12-10 05:11:18

最近上报的IP列表

87.166.58.219	122.116.58.35	91.199.118.136	172.81.224.233
193.29.15.107	79.56.21.170	207.148.85.151	193.164.133.20
109.185.181.156	168.195.253.57	177.86.172.203	122.116.242.8
190.8.52.93	203.228.51.2	122.116.225.237	106.3.44.235
85.99.96.209	91.192.244.66	201.111.126.137	223.167.32.245