103.139.45.122

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Viet Nam

运营商(isp): Trung Hieu Services Trading Investment Company Limited

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Sep 29 09:21:08 ns308116 postfix/smtpd[2008]: warning: unknown[103.139.45.122]: SASL LOGIN authentication failed: authentication failure Sep 29 09:21:08 ns308116 postfix/smtpd[2008]: warning: unknown[103.139.45.122]: SASL LOGIN authentication failed: authentication failure Sep 29 09:21:10 ns308116 postfix/smtpd[2008]: warning: unknown[103.139.45.122]: SASL LOGIN authentication failed: authentication failure Sep 29 09:21:10 ns308116 postfix/smtpd[2008]: warning: unknown[103.139.45.122]: SASL LOGIN authentication failed: authentication failure Sep 29 09:21:11 ns308116 postfix/smtpd[2008]: warning: unknown[103.139.45.122]: SASL LOGIN authentication failed: authentication failure Sep 29 09:21:11 ns308116 postfix/smtpd[2008]: warning: unknown[103.139.45.122]: SASL LOGIN authentication failed: authentication failure ...	2020-09-29 22:56:18
attack	MAIL: User Login Brute Force Attempt	2020-09-29 15:15:19
attackbotsspam	Sep 13 15:53:55 localhost postfix/smtpd\[15747\]: warning: unknown\[103.139.45.122\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 13 15:54:05 localhost postfix/smtpd\[15735\]: warning: unknown\[103.139.45.122\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 13 15:54:19 localhost postfix/smtpd\[15747\]: warning: unknown\[103.139.45.122\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 13 15:54:37 localhost postfix/smtpd\[15747\]: warning: unknown\[103.139.45.122\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 13 15:54:46 localhost postfix/smtpd\[15735\]: warning: unknown\[103.139.45.122\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-09-14 00:57:14
attack	Sep 12 20:11:56 Host-KLAX-C postfix/smtpd[146495]: lost connection after AUTH from unknown[103.139.45.122] Sep 12 20:11:59 Host-KLAX-C postfix/smtpd[146495]: lost connection after AUTH from unknown[103.139.45.122] Sep 12 20:12:02 Host-KLAX-C postfix/smtpd[146495]: lost connection after AUTH from unknown[103.139.45.122] Sep 12 20:12:05 Host-KLAX-C postfix/smtpd[146495]: lost connection after AUTH from unknown[103.139.45.122] Sep 12 20:12:07 Host-KLAX-C postfix/smtpd[146495]: lost connection after AUTH from unknown[103.139.45.122] Sep 12 20:12:09 Host-KLAX-C postfix/smtpd[146495]: lost connection after AUTH from unknown[103.139.45.122] Sep 12 20:12:12 Host-KLAX-C postfix/smtpd[146495]: lost connection after AUTH from unknown[103.139.45.122] Sep 12 20:12:14 Host-KLAX-C postfix/smtpd[146495]: lost connection after AUTH from unknown[103.139.45.122] Sep 12 20:12:15 Host-KLAX-C postfix/smtpd[146495]: lost connection after AUTH from unknown[103.139.45.122] Sep 12 20:12:17 Host-KLAX-C postfix/s ...	2020-09-13 16:47:14

相同子网IP讨论:

IP	类型	评论内容	时间
103.139.45.75	attack	MAIL: User Login Brute Force Attempt	2020-09-01 00:54:36
103.139.45.244	attackbotsspam	Aug 1 14:17:47 localhost postfix/smtpd\[595\]: warning: unknown\[103.139.45.244\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 1 14:17:55 localhost postfix/smtpd\[415\]: warning: unknown\[103.139.45.244\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 1 14:18:07 localhost postfix/smtpd\[595\]: warning: unknown\[103.139.45.244\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 1 14:18:24 localhost postfix/smtpd\[595\]: warning: unknown\[103.139.45.244\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 1 14:18:33 localhost postfix/smtpd\[415\]: warning: unknown\[103.139.45.244\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-08-02 01:28:50
103.139.45.129	attack	" "	2020-07-01 10:06:34
103.139.45.185	attackspambots	Unauthorized connection attempt detected from IP address 103.139.45.185 to port 3389 [T]	2020-06-09 16:34:46
103.139.45.228	attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-05-25 00:39:18
103.139.45.118	attack	Fail2Ban Ban Triggered	2020-05-21 20:39:50
103.139.45.115	attackbotsspam	Scan detected 2020.05.01 21:11:22 blocked until 2020.05.26 17:42:45 by Honeypot	2020-05-02 19:09:49
103.139.45.115	attack	Spam detected 2020.05.01 21:11:28 blocked until 2020.05.26 17:42:51 by HoneyPot	2020-05-02 03:14:57
103.139.45.115	attack	2020-04-24T21:57:55.872081linuxbox-skyline auth[56146]: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=web3 rhost=103.139.45.115 ...	2020-04-25 13:20:54
103.139.45.115	attackbotsspam	Port Scan: Events[2] countPorts[1]: 25 ..	2020-04-19 01:07:55
103.139.45.115	attack	abuse	2020-04-14 16:34:55
103.139.45.115	attack	IP: 103.139.45.115 Ports affected Simple Mail Transfer (25) Abuse Confidence rating 100% Found in DNSBL('s) ASN Details AS135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP Vietnam (VN) CIDR 103.139.44.0/23 Log Date: 12/04/2020 3:59:36 AM UTC	2020-04-12 12:47:34
103.139.45.215	attackspambots	" "	2020-04-07 06:00:15
103.139.45.115	attackspam	smtp probe/invalid login attempt	2020-04-07 01:29:39
103.139.45.215	attackspam	Unauthorized connection attempt from IP address 103.139.45.215 on Port 3389(RDP)	2020-03-09 07:32:18

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.139.45.122
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 19931
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;103.139.45.122.			IN	A

;; AUTHORITY SECTION:
.			434	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020091300 1800 900 604800 86400

;; Query time: 110 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Sep 13 16:47:06 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 122.45.139.103.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		100.100.2.138
Address:	100.100.2.138#53

** server can't find 122.45.139.103.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
197.220.72.99	attackbotsspam	(smtpauth) Failed SMTP AUTH login from 197.220.72.99 (SO/Somalia/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-05-24 08:24:38 plain authenticator failed for ([197.220.72.99]) [197.220.72.99]: 535 Incorrect authentication data (set_id=hisham@sanabelco.com)	2020-05-24 13:15:38
167.99.137.75	attack	k+ssh-bruteforce	2020-05-24 13:00:29
91.222.112.178	attackspambots	20/5/23@23:55:17: FAIL: Alarm-Telnet address from=91.222.112.178 ...	2020-05-24 12:49:43
14.29.242.66	attackbots	May 24 05:54:53 debian-2gb-nbg1-2 kernel: \[12551303.371506\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=14.29.242.66 DST=195.201.40.59 LEN=44 TOS=0x00 PREC=0x00 TTL=233 ID=61454 PROTO=TCP SPT=49227 DPT=17310 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-24 13:09:06
210.121.223.61	attack	May 23 18:42:09 sachi sshd\[25427\]: Invalid user hgw from 210.121.223.61 May 23 18:42:09 sachi sshd\[25427\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.121.223.61 May 23 18:42:10 sachi sshd\[25427\]: Failed password for invalid user hgw from 210.121.223.61 port 52516 ssh2 May 23 18:46:07 sachi sshd\[25777\]: Invalid user fti from 210.121.223.61 May 23 18:46:07 sachi sshd\[25777\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.121.223.61	2020-05-24 12:47:55
195.154.179.3	attack	diesunddas.net 195.154.179.3 [24/May/2020:05:55:14 +0200] "POST /xmlrpc.php HTTP/1.0" 301 495 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" diesunddas.net 195.154.179.3 [24/May/2020:05:55:16 +0200] "POST /xmlrpc.php HTTP/1.0" 200 3739 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36"	2020-05-24 12:48:26
82.165.65.108	attackbots	SSH Login Bruteforce	2020-05-24 12:43:45
175.106.17.99	attackbotsspam	175.106.17.99 - - \[24/May/2020:05:55:05 +0200\] "POST /wp-login.php HTTP/1.0" 200 5508 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 175.106.17.99 - - \[24/May/2020:05:55:15 +0200\] "POST /wp-login.php HTTP/1.0" 200 5345 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 175.106.17.99 - - \[24/May/2020:05:55:20 +0200\] "POST /xmlrpc.php HTTP/1.0" 200 736 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2020-05-24 12:45:39
106.13.215.17	attackspambots	Invalid user kvn from 106.13.215.17 port 52670	2020-05-24 13:06:55
65.34.120.176	attackspam	Port Scan detected from 65.34.120.176 (US/United States/Florida/Cantonment/-). 4 hits in the last 150 seconds	2020-05-24 12:57:30
183.89.214.144	attack	(imapd) Failed IMAP login from 183.89.214.144 (TH/Thailand/mx-ll-183.89.214-144.dynamic.3bb.in.th): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: May 24 08:24:58 ir1 dovecot[2885757]: imap-login: Disconnected (auth failed, 1 attempts in 6 secs): user=, method=PLAIN, rip=183.89.214.144, lip=5.63.12.44, TLS: Connection closed, session=<9ekT01ym8J63WdaQ>	2020-05-24 13:06:15
192.144.171.165	attackspambots	Invalid user roe from 192.144.171.165 port 46276	2020-05-24 13:23:13
152.136.178.37	attackbots	SSH Bruteforce attack	2020-05-24 13:18:48
14.63.162.98	attackspambots	May 24 06:46:19 OPSO sshd\[22349\]: Invalid user yzj from 14.63.162.98 port 61000 May 24 06:46:19 OPSO sshd\[22349\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.63.162.98 May 24 06:46:21 OPSO sshd\[22349\]: Failed password for invalid user yzj from 14.63.162.98 port 61000 ssh2 May 24 06:49:48 OPSO sshd\[22679\]: Invalid user vux from 14.63.162.98 port 58181 May 24 06:49:48 OPSO sshd\[22679\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.63.162.98	2020-05-24 13:18:31
77.237.77.56	attackbots	May 24 05:46:55 vps339862 kernel: \[9510930.648910\] \[iptables\] PORT DENIED: IN=eth0 OUT= MAC=fa:16:3e:65:a1:f6:06:39:8f:aa:3b:a2:08:00 SRC=77.237.77.56 DST=51.254.206.43 LEN=40 TOS=0x00 PREC=0x00 TTL=232 ID=54321 PROTO=TCP SPT=52949 DPT=6379 SEQ=2287967843 ACK=0 WINDOW=65535 RES=0x00 SYN URGP=0 May 24 05:47:30 vps339862 kernel: \[9510966.172413\] \[iptables\] PORT DENIED: IN=eth0 OUT= MAC=fa:16:3e:65:a1:f6:06:39:8f:aa:3b:a2:08:00 SRC=77.237.77.56 DST=51.254.206.43 LEN=40 TOS=0x00 PREC=0x00 TTL=232 ID=54321 PROTO=TCP SPT=54171 DPT=6380 SEQ=3285319251 ACK=0 WINDOW=65535 RES=0x00 SYN URGP=0 May 24 05:49:35 vps339862 kernel: \[9511091.464506\] \[iptables\] PORT DENIED: IN=eth0 OUT= MAC=fa:16:3e:65:a1:f6:06:39:8f:aa:3b:a2:08:00 SRC=77.237.77.56 DST=51.254.206.43 LEN=40 TOS=0x00 PREC=0x00 TTL=232 ID=54321 PROTO=TCP SPT=46025 DPT=2375 SEQ=3293690972 ACK=0 WINDOW=65535 RES=0x00 SYN URGP=0 May 24 05:54:53 vps339862 kernel: \[9511409.098769\] \[iptables\] PORT DENIED: IN=eth0 OUT= MAC=fa:1 ...	2020-05-24 13:09:31

最近上报的IP列表

27.5.47.149	185.247.224.55	77.240.99.55	252.254.58.50
92.231.228.66	116.35.27.7	23.92.229.228	103.214.202.3
174.246.165.39	45.77.139.41	163.172.182.67	117.220.170.193
45.80.210.113	138.122.97.242	103.237.57.250	103.237.56.242
103.25.132.180	103.18.167.171	72.195.34.58	180.38.226.183