103.139.45.230

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Viet Nam

运营商(isp): Trung Hieu Services Trading Investment Company Limited

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	firewall-block, port(s): 3389/tcp	2019-09-06 05:39:00
attack	TCP 3389 (RDP)	2019-08-30 03:31:33

相同子网IP讨论:

IP	类型	评论内容	时间
103.139.45.122	attack	Sep 29 09:21:08 ns308116 postfix/smtpd[2008]: warning: unknown[103.139.45.122]: SASL LOGIN authentication failed: authentication failure Sep 29 09:21:08 ns308116 postfix/smtpd[2008]: warning: unknown[103.139.45.122]: SASL LOGIN authentication failed: authentication failure Sep 29 09:21:10 ns308116 postfix/smtpd[2008]: warning: unknown[103.139.45.122]: SASL LOGIN authentication failed: authentication failure Sep 29 09:21:10 ns308116 postfix/smtpd[2008]: warning: unknown[103.139.45.122]: SASL LOGIN authentication failed: authentication failure Sep 29 09:21:11 ns308116 postfix/smtpd[2008]: warning: unknown[103.139.45.122]: SASL LOGIN authentication failed: authentication failure Sep 29 09:21:11 ns308116 postfix/smtpd[2008]: warning: unknown[103.139.45.122]: SASL LOGIN authentication failed: authentication failure ...	2020-09-29 22:56:18
103.139.45.122	attack	MAIL: User Login Brute Force Attempt	2020-09-29 15:15:19
103.139.45.122	attackbotsspam	Sep 13 15:53:55 localhost postfix/smtpd\[15747\]: warning: unknown\[103.139.45.122\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 13 15:54:05 localhost postfix/smtpd\[15735\]: warning: unknown\[103.139.45.122\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 13 15:54:19 localhost postfix/smtpd\[15747\]: warning: unknown\[103.139.45.122\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 13 15:54:37 localhost postfix/smtpd\[15747\]: warning: unknown\[103.139.45.122\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 13 15:54:46 localhost postfix/smtpd\[15735\]: warning: unknown\[103.139.45.122\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-09-14 00:57:14
103.139.45.122	attack	Sep 12 20:11:56 Host-KLAX-C postfix/smtpd[146495]: lost connection after AUTH from unknown[103.139.45.122] Sep 12 20:11:59 Host-KLAX-C postfix/smtpd[146495]: lost connection after AUTH from unknown[103.139.45.122] Sep 12 20:12:02 Host-KLAX-C postfix/smtpd[146495]: lost connection after AUTH from unknown[103.139.45.122] Sep 12 20:12:05 Host-KLAX-C postfix/smtpd[146495]: lost connection after AUTH from unknown[103.139.45.122] Sep 12 20:12:07 Host-KLAX-C postfix/smtpd[146495]: lost connection after AUTH from unknown[103.139.45.122] Sep 12 20:12:09 Host-KLAX-C postfix/smtpd[146495]: lost connection after AUTH from unknown[103.139.45.122] Sep 12 20:12:12 Host-KLAX-C postfix/smtpd[146495]: lost connection after AUTH from unknown[103.139.45.122] Sep 12 20:12:14 Host-KLAX-C postfix/smtpd[146495]: lost connection after AUTH from unknown[103.139.45.122] Sep 12 20:12:15 Host-KLAX-C postfix/smtpd[146495]: lost connection after AUTH from unknown[103.139.45.122] Sep 12 20:12:17 Host-KLAX-C postfix/s ...	2020-09-13 16:47:14
103.139.45.75	attack	MAIL: User Login Brute Force Attempt	2020-09-01 00:54:36
103.139.45.244	attackbotsspam	Aug 1 14:17:47 localhost postfix/smtpd\[595\]: warning: unknown\[103.139.45.244\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 1 14:17:55 localhost postfix/smtpd\[415\]: warning: unknown\[103.139.45.244\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 1 14:18:07 localhost postfix/smtpd\[595\]: warning: unknown\[103.139.45.244\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 1 14:18:24 localhost postfix/smtpd\[595\]: warning: unknown\[103.139.45.244\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 1 14:18:33 localhost postfix/smtpd\[415\]: warning: unknown\[103.139.45.244\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-08-02 01:28:50
103.139.45.129	attack	" "	2020-07-01 10:06:34
103.139.45.185	attackspambots	Unauthorized connection attempt detected from IP address 103.139.45.185 to port 3389 [T]	2020-06-09 16:34:46
103.139.45.228	attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-05-25 00:39:18
103.139.45.118	attack	Fail2Ban Ban Triggered	2020-05-21 20:39:50
103.139.45.115	attackbotsspam	Scan detected 2020.05.01 21:11:22 blocked until 2020.05.26 17:42:45 by Honeypot	2020-05-02 19:09:49
103.139.45.115	attack	Spam detected 2020.05.01 21:11:28 blocked until 2020.05.26 17:42:51 by HoneyPot	2020-05-02 03:14:57
103.139.45.115	attack	2020-04-24T21:57:55.872081linuxbox-skyline auth[56146]: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=web3 rhost=103.139.45.115 ...	2020-04-25 13:20:54
103.139.45.115	attackbotsspam	Port Scan: Events[2] countPorts[1]: 25 ..	2020-04-19 01:07:55
103.139.45.115	attack	abuse	2020-04-14 16:34:55

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.139.45.230
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 42645
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;103.139.45.230.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019082901 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Aug 30 03:31:27 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 230.45.139.103.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 230.45.139.103.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
201.97.121.237	attack	Unauthorized connection attempt from IP address 201.97.121.237 on Port 445(SMB)	2020-03-11 04:35:19
37.49.227.109	attack	37.49.227.109 was recorded 5 times by 5 hosts attempting to connect to the following ports: 2362. Incident counter (4h, 24h, all-time): 5, 26, 2565	2020-03-11 04:56:05
176.107.198.29	attackbotsspam	Automatic report - Port Scan Attack	2020-03-11 04:35:44
158.46.187.234	attackbotsspam	Chat Spam	2020-03-11 04:57:49
106.13.182.60	attack	Mar 10 21:38:45 ns382633 sshd\[8442\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.182.60 user=root Mar 10 21:38:47 ns382633 sshd\[8442\]: Failed password for root from 106.13.182.60 port 58352 ssh2 Mar 10 21:46:48 ns382633 sshd\[10033\]: Invalid user daddy from 106.13.182.60 port 50574 Mar 10 21:46:48 ns382633 sshd\[10033\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.182.60 Mar 10 21:46:50 ns382633 sshd\[10033\]: Failed password for invalid user daddy from 106.13.182.60 port 50574 ssh2	2020-03-11 04:49:52
120.70.97.233	attackspambots	$f2bV_matches	2020-03-11 04:57:10
189.237.200.5	attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-03-11 04:40:06
116.247.81.99	attack	Mar 10 21:28:44 sd-53420 sshd\[30650\]: Invalid user system from 116.247.81.99 Mar 10 21:28:44 sd-53420 sshd\[30650\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.247.81.99 Mar 10 21:28:46 sd-53420 sshd\[30650\]: Failed password for invalid user system from 116.247.81.99 port 33823 ssh2 Mar 10 21:32:44 sd-53420 sshd\[31101\]: User root from 116.247.81.99 not allowed because none of user's groups are listed in AllowGroups Mar 10 21:32:44 sd-53420 sshd\[31101\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.247.81.99 user=root ...	2020-03-11 04:43:57
201.242.90.251	attackspam	Unauthorized connection attempt from IP address 201.242.90.251 on Port 445(SMB)	2020-03-11 04:50:42
213.246.195.204	attackspam	Suspicious access to SMTP/POP/IMAP services.	2020-03-11 05:09:09
65.52.144.101	attackspam	Total attacks: 2	2020-03-11 05:05:33
79.138.26.158	attack	suspicious action Tue, 10 Mar 2020 15:15:09 -0300	2020-03-11 04:54:33
185.172.110.238	attack	185.172.110.238 was recorded 5 times by 5 hosts attempting to connect to the following ports: 3702. Incident counter (4h, 24h, all-time): 5, 24, 230	2020-03-11 05:07:04
106.10.71.170	attack	Multiple failed FTP logins	2020-03-11 05:03:41
47.20.216.248	attack	This IP hacked into my account.	2020-03-11 05:06:55

最近上报的IP列表

88.250.37.191	200.54.159.123	178.62.240.29	43.254.220.13
180.168.47.238	103.90.97.197	185.165.169.152	177.161.120.32
137.59.1.236	83.103.2.58	14.177.164.39	80.30.139.227
36.7.87.130	109.184.160.174	120.29.44.211	134.73.76.198
213.14.214.229	106.12.48.30	87.202.191.63	103.95.13.216