103.139.45.230

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Viet Nam

运营商(isp): Trung Hieu Services Trading Investment Company Limited

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	firewall-block, port(s): 3389/tcp	2019-09-06 05:39:00
attack	TCP 3389 (RDP)	2019-08-30 03:31:33

相同子网IP讨论:

IP	类型	评论内容	时间
103.139.45.122	attack	Sep 29 09:21:08 ns308116 postfix/smtpd[2008]: warning: unknown[103.139.45.122]: SASL LOGIN authentication failed: authentication failure Sep 29 09:21:08 ns308116 postfix/smtpd[2008]: warning: unknown[103.139.45.122]: SASL LOGIN authentication failed: authentication failure Sep 29 09:21:10 ns308116 postfix/smtpd[2008]: warning: unknown[103.139.45.122]: SASL LOGIN authentication failed: authentication failure Sep 29 09:21:10 ns308116 postfix/smtpd[2008]: warning: unknown[103.139.45.122]: SASL LOGIN authentication failed: authentication failure Sep 29 09:21:11 ns308116 postfix/smtpd[2008]: warning: unknown[103.139.45.122]: SASL LOGIN authentication failed: authentication failure Sep 29 09:21:11 ns308116 postfix/smtpd[2008]: warning: unknown[103.139.45.122]: SASL LOGIN authentication failed: authentication failure ...	2020-09-29 22:56:18
103.139.45.122	attack	MAIL: User Login Brute Force Attempt	2020-09-29 15:15:19
103.139.45.122	attackbotsspam	Sep 13 15:53:55 localhost postfix/smtpd\[15747\]: warning: unknown\[103.139.45.122\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 13 15:54:05 localhost postfix/smtpd\[15735\]: warning: unknown\[103.139.45.122\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 13 15:54:19 localhost postfix/smtpd\[15747\]: warning: unknown\[103.139.45.122\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 13 15:54:37 localhost postfix/smtpd\[15747\]: warning: unknown\[103.139.45.122\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 13 15:54:46 localhost postfix/smtpd\[15735\]: warning: unknown\[103.139.45.122\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-09-14 00:57:14
103.139.45.122	attack	Sep 12 20:11:56 Host-KLAX-C postfix/smtpd[146495]: lost connection after AUTH from unknown[103.139.45.122] Sep 12 20:11:59 Host-KLAX-C postfix/smtpd[146495]: lost connection after AUTH from unknown[103.139.45.122] Sep 12 20:12:02 Host-KLAX-C postfix/smtpd[146495]: lost connection after AUTH from unknown[103.139.45.122] Sep 12 20:12:05 Host-KLAX-C postfix/smtpd[146495]: lost connection after AUTH from unknown[103.139.45.122] Sep 12 20:12:07 Host-KLAX-C postfix/smtpd[146495]: lost connection after AUTH from unknown[103.139.45.122] Sep 12 20:12:09 Host-KLAX-C postfix/smtpd[146495]: lost connection after AUTH from unknown[103.139.45.122] Sep 12 20:12:12 Host-KLAX-C postfix/smtpd[146495]: lost connection after AUTH from unknown[103.139.45.122] Sep 12 20:12:14 Host-KLAX-C postfix/smtpd[146495]: lost connection after AUTH from unknown[103.139.45.122] Sep 12 20:12:15 Host-KLAX-C postfix/smtpd[146495]: lost connection after AUTH from unknown[103.139.45.122] Sep 12 20:12:17 Host-KLAX-C postfix/s ...	2020-09-13 16:47:14
103.139.45.75	attack	MAIL: User Login Brute Force Attempt	2020-09-01 00:54:36
103.139.45.244	attackbotsspam	Aug 1 14:17:47 localhost postfix/smtpd\[595\]: warning: unknown\[103.139.45.244\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 1 14:17:55 localhost postfix/smtpd\[415\]: warning: unknown\[103.139.45.244\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 1 14:18:07 localhost postfix/smtpd\[595\]: warning: unknown\[103.139.45.244\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 1 14:18:24 localhost postfix/smtpd\[595\]: warning: unknown\[103.139.45.244\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 1 14:18:33 localhost postfix/smtpd\[415\]: warning: unknown\[103.139.45.244\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-08-02 01:28:50
103.139.45.129	attack	" "	2020-07-01 10:06:34
103.139.45.185	attackspambots	Unauthorized connection attempt detected from IP address 103.139.45.185 to port 3389 [T]	2020-06-09 16:34:46
103.139.45.228	attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-05-25 00:39:18
103.139.45.118	attack	Fail2Ban Ban Triggered	2020-05-21 20:39:50
103.139.45.115	attackbotsspam	Scan detected 2020.05.01 21:11:22 blocked until 2020.05.26 17:42:45 by Honeypot	2020-05-02 19:09:49
103.139.45.115	attack	Spam detected 2020.05.01 21:11:28 blocked until 2020.05.26 17:42:51 by HoneyPot	2020-05-02 03:14:57
103.139.45.115	attack	2020-04-24T21:57:55.872081linuxbox-skyline auth[56146]: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=web3 rhost=103.139.45.115 ...	2020-04-25 13:20:54
103.139.45.115	attackbotsspam	Port Scan: Events[2] countPorts[1]: 25 ..	2020-04-19 01:07:55
103.139.45.115	attack	abuse	2020-04-14 16:34:55

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.139.45.230
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 42645
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;103.139.45.230.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019082901 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Aug 30 03:31:27 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 230.45.139.103.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 230.45.139.103.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
177.220.178.246	attackspam	(sshd) Failed SSH login from 177.220.178.246 (BR/Brazil/246.178.220.177.rfc6598.dynamic.copelfibra.com.br): 5 in the last 3600 secs	2020-09-16 02:25:58
111.229.85.222	attackbots	vps:pam-generic	2020-09-16 02:41:33
181.40.122.2	attackbotsspam	SSH Brute-Forcing (server1)	2020-09-16 02:41:02
5.135.180.185	attackspambots	20 attempts against mh-ssh on pcx	2020-09-16 02:41:49
81.68.100.138	attackbotsspam	(sshd) Failed SSH login from 81.68.100.138 (CN/China/-): 5 in the last 3600 secs	2020-09-16 02:33:10
154.180.78.59	attack	200x100MB request	2020-09-16 02:27:34
104.248.130.10	attack	2020-09-15T19:29:07.405866n23.at sshd[2270618]: Failed password for root from 104.248.130.10 port 35014 ssh2 2020-09-15T19:32:41.912417n23.at sshd[2273782]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.130.10 user=root 2020-09-15T19:32:44.317227n23.at sshd[2273782]: Failed password for root from 104.248.130.10 port 47248 ssh2 ...	2020-09-16 02:20:45
167.56.252.141	attackbots	Icarus honeypot on github	2020-09-16 02:35:40
87.110.181.30	attack	$f2bV_matches	2020-09-16 02:24:47
45.129.33.154	attackbotsspam	"Persistent port scanning"	2020-09-16 02:28:34
83.103.59.192	attack	Sep 15 20:35:51 h2829583 sshd[22485]: Failed password for root from 83.103.59.192 port 33030 ssh2	2020-09-16 02:39:59
175.193.13.3	attackbotsspam	(sshd) Failed SSH login from 175.193.13.3 (KR/South Korea/-): 5 in the last 3600 secs	2020-09-16 02:15:16
185.172.110.208	attackbotsspam	TCP Port Scanning	2020-09-16 02:39:04
216.218.206.67	attack	1600184709 - 09/15/2020 22:45:09 Host: scan-06.shadowserver.org/216.218.206.67 Port: 21 TCP Blocked ...	2020-09-16 02:34:35
159.89.89.65	attackbotsspam	Sep 15 18:54:01 ns382633 sshd\[12327\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.89.65 user=root Sep 15 18:54:03 ns382633 sshd\[12327\]: Failed password for root from 159.89.89.65 port 51940 ssh2 Sep 15 18:57:17 ns382633 sshd\[13017\]: Invalid user easton from 159.89.89.65 port 37674 Sep 15 18:57:17 ns382633 sshd\[13017\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.89.65 Sep 15 18:57:19 ns382633 sshd\[13017\]: Failed password for invalid user easton from 159.89.89.65 port 37674 ssh2	2020-09-16 02:45:34

最近上报的IP列表

88.250.37.191	200.54.159.123	178.62.240.29	43.254.220.13
180.168.47.238	103.90.97.197	185.165.169.152	177.161.120.32
137.59.1.236	83.103.2.58	14.177.164.39	80.30.139.227
36.7.87.130	109.184.160.174	120.29.44.211	134.73.76.198
213.14.214.229	106.12.48.30	87.202.191.63	103.95.13.216