103.139.44.216

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Viet Nam

运营商(isp): Trung Hieu Services Trading Investment Company Limited

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	" "	2019-11-15 17:20:24

相同子网IP讨论:

IP	类型	评论内容	时间
103.139.44.90	attack	Auto Detect Rule! proto TCP (SYN), 103.139.44.90:48829->gjan.info:3389, len 40	2020-08-19 03:10:02
103.139.44.90	attackbotsspam	Unauthorized connection attempt from IP address 103.139.44.90 on Port 3389(RDP)	2020-08-06 01:12:29
103.139.44.210	attackspam	Jun 7 03:31:44 mail postfix/postscreen[31795]: DNSBL rank 3 for [103.139.44.210]:59910 ...	2020-06-29 05:17:47
103.139.44.210	attack	Jun 6 07:19:20 mail postfix/smtpd[73955]: warning: unknown[103.139.44.210]: SASL LOGIN authentication failed: generic failure Jun 6 07:19:21 mail postfix/smtpd[73955]: warning: unknown[103.139.44.210]: SASL LOGIN authentication failed: generic failure Jun 6 07:19:23 mail postfix/smtpd[73955]: warning: unknown[103.139.44.210]: SASL LOGIN authentication failed: generic failure ...	2020-06-06 15:41:46
103.139.44.210	attackspam	Unauthorized connection attempt detected from IP address 103.139.44.210 to port 25	2020-06-05 14:56:40
103.139.44.210	attackbotsspam	2020-06-04T01:26:01.009692www postfix/smtpd[16129]: warning: unknown[103.139.44.210]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2020-06-04T01:26:09.230288www postfix/smtpd[16129]: warning: unknown[103.139.44.210]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2020-06-04T01:26:22.274870www postfix/smtpd[16129]: warning: unknown[103.139.44.210]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-06-04 07:43:22
103.139.44.210	attack	Unauthorized connection attempt detected from IP address 103.139.44.210 to port 25	2020-06-04 02:36:11
103.139.44.210	attack	2020-06-03T11:59:01+02:00 exim[4041]: fixed_login authenticator failed for (User) [103.139.44.210]: 535 Incorrect authentication data (set_id=jim@mail.sma.hu)	2020-06-03 18:50:58
103.139.44.159	attackbots	2020-06-02T15:19:10.428004vps773228.ovh.net sshd[12488]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.139.44.159 user=root 2020-06-02T15:19:12.696979vps773228.ovh.net sshd[12488]: Failed password for root from 103.139.44.159 port 65167 ssh2 2020-06-02T15:19:10.428004vps773228.ovh.net sshd[12488]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.139.44.159 user=root 2020-06-02T15:19:12.696979vps773228.ovh.net sshd[12488]: Failed password for root from 103.139.44.159 port 65167 ssh2 2020-06-02T15:19:12.997781vps773228.ovh.net sshd[12488]: error: Received disconnect from 103.139.44.159 port 65167:3: com.jcraft.jsch.JSchException: Auth fail [preauth] ...	2020-06-03 00:14:37
103.139.44.210	attackbots	May 29 07:09:25 mail postfix/smtpd\[5149\]: warning: unknown\[103.139.44.210\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 29 07:09:32 mail postfix/smtpd\[5149\]: warning: unknown\[103.139.44.210\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 29 07:09:35 mail postfix/smtpd\[5274\]: warning: unknown\[103.139.44.210\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-05-29 16:06:22
103.139.44.210	attack	May 26 02:06:05 mail postfix/smtpd[57254]: warning: unknown[103.139.44.210]: SASL LOGIN authentication failed: generic failure May 26 02:06:06 mail postfix/smtpd[57254]: warning: unknown[103.139.44.210]: SASL LOGIN authentication failed: generic failure May 26 02:06:07 mail postfix/smtpd[57254]: warning: unknown[103.139.44.210]: SASL LOGIN authentication failed: generic failure ...	2020-05-26 11:41:45
103.139.44.210	attackspam	May 22 16:56:45 localhost postfix/smtpd[52743]: warning: unknown[103.139.44.210]: SASL LOGIN authentication failed: authentication failure May 22 16:56:48 localhost postfix/smtpd[52743]: warning: unknown[103.139.44.210]: SASL LOGIN authentication failed: authentication failure May 22 16:56:52 localhost postfix/smtpd[52743]: warning: unknown[103.139.44.210]: SASL LOGIN authentication failed: authentication failure ...	2020-05-22 22:10:22
103.139.44.210	attack	May 16 04:41:40 h2779839 postfix/smtpd[18519]: warning: unknown[103.139.44.210]: SASL LOGIN authentication failed: authentication failure May 16 04:41:43 h2779839 postfix/smtpd[18519]: warning: unknown[103.139.44.210]: SASL LOGIN authentication failed: authentication failure May 16 04:41:44 h2779839 postfix/smtpd[18519]: warning: unknown[103.139.44.210]: SASL LOGIN authentication failed: authentication failure May 16 04:41:45 h2779839 postfix/smtpd[18519]: warning: unknown[103.139.44.210]: SASL LOGIN authentication failed: authentication failure May 16 04:41:47 h2779839 postfix/smtpd[18519]: warning: unknown[103.139.44.210]: SASL LOGIN authentication failed: authentication failure ...	2020-05-16 22:02:32
103.139.44.55	attack	SMTP brute-force	2020-05-04 15:24:31
103.139.44.122	attack	Invalid user ubnt from 103.139.44.122 port 51170	2020-04-19 03:43:58

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.139.44.216
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 53397
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;103.139.44.216.			IN	A

;; AUTHORITY SECTION:
.			434	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019111500 1800 900 604800 86400

;; Query time: 111 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Nov 15 17:20:20 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 216.44.139.103.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 216.44.139.103.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
52.173.253.120	attackbots	Invalid user tomcat from 52.173.253.120 port 1792	2020-09-02 06:35:09
105.107.151.28	attackspam	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-09-02 06:32:08
149.200.186.60	attackbots	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-09-02 06:08:07
206.189.38.105	attackspambots	SSH Invalid Login	2020-09-02 06:10:43
200.46.4.237	attackbotsspam	2020-09-01 11:43:07.921575-0500 localhost smtpd[1384]: NOQUEUE: reject: RCPT from unknown[200.46.4.237]: 554 5.7.1 Service unavailable; Client host [200.46.4.237] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/200.46.4.237 / https://www.spamhaus.org/sbl/query/SBLCSS; from= to= proto=ESMTP helo=<[200.46.4.237]>	2020-09-02 06:03:29
112.160.126.50	attackspambots	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-09-02 06:09:25
103.25.251.233	attackbotsspam	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-09-02 06:21:35
112.85.42.180	attackbotsspam	Sep 2 00:06:41 marvibiene sshd[12905]: Failed password for root from 112.85.42.180 port 60807 ssh2 Sep 2 00:06:47 marvibiene sshd[12905]: Failed password for root from 112.85.42.180 port 60807 ssh2 Sep 2 00:06:53 marvibiene sshd[12905]: Failed password for root from 112.85.42.180 port 60807 ssh2 Sep 2 00:06:58 marvibiene sshd[12905]: Failed password for root from 112.85.42.180 port 60807 ssh2	2020-09-02 06:11:29
64.227.97.122	attack	Invalid user lz from 64.227.97.122 port 52794	2020-09-02 06:14:02
124.160.83.138	attackspam	Aug 27 23:57:38 server sshd[16040]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.160.83.138 Aug 27 23:57:41 server sshd[16040]: Failed password for invalid user dspace from 124.160.83.138 port 42154 ssh2 Aug 28 00:13:23 server sshd[17465]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.160.83.138 Aug 28 00:13:26 server sshd[17465]: Failed password for invalid user sn from 124.160.83.138 port 60568 ssh2	2020-09-02 06:34:40
176.124.231.76	attack	php WP PHPmyadamin ABUSE blocked for 12h	2020-09-02 06:07:45
222.186.180.130	attackbotsspam	Sep 1 15:29:54 dignus sshd[7483]: Failed password for root from 222.186.180.130 port 31808 ssh2 Sep 1 15:29:56 dignus sshd[7483]: Failed password for root from 222.186.180.130 port 31808 ssh2 Sep 1 15:29:59 dignus sshd[7512]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.130 user=root Sep 1 15:30:01 dignus sshd[7512]: Failed password for root from 222.186.180.130 port 41550 ssh2 Sep 1 15:30:03 dignus sshd[7512]: Failed password for root from 222.186.180.130 port 41550 ssh2 ...	2020-09-02 06:31:27
200.125.190.170	attackspambots	Sep 1 22:00:25 journals sshd\[68610\]: Invalid user marketing from 200.125.190.170 Sep 1 22:00:25 journals sshd\[68610\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.125.190.170 Sep 1 22:00:27 journals sshd\[68610\]: Failed password for invalid user marketing from 200.125.190.170 port 48998 ssh2 Sep 1 22:05:17 journals sshd\[69183\]: Invalid user bash from 200.125.190.170 Sep 1 22:05:17 journals sshd\[69183\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.125.190.170 ...	2020-09-02 06:27:38
129.211.138.177	attackspam	Jul 26 12:12:44 server sshd[26217]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.138.177 Jul 26 12:12:45 server sshd[26217]: Failed password for invalid user zav from 129.211.138.177 port 60348 ssh2 Jul 26 12:27:55 server sshd[26829]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.138.177 Jul 26 12:27:56 server sshd[26829]: Failed password for invalid user jethro from 129.211.138.177 port 57922 ssh2	2020-09-02 06:08:28
198.199.72.47	attackspambots	Port scan: Attack repeated for 24 hours	2020-09-02 06:30:44

最近上报的IP列表

138.219.97.217	24.199.24.67	2.180.9.63	121.6.219.85
95.10.206.159	110.168.14.206	61.158.198.137	65.246.159.62
125.42.237.24	6.236.224.91	39.96.201.119	82.114.67.197
49.235.240.21	150.138.249.209	117.232.71.2	64.39.99.185
37.9.171.141	179.97.60.201	220.128.241.139	137.101.142.233