103.140.131.20

基本信息:

城市(city): Serang

省份(region): Banten

国家(country): Indonesia

运营商(isp): PT Mitra Media Data

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Commercial

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	sshd login attampt	2020-04-26 20:09:49

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.140.131.20
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 25164
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;103.140.131.20.			IN	A

;; AUTHORITY SECTION:
.			567	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020041702 1800 900 604800 86400

;; Query time: 181 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Apr 18 05:26:50 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 20.131.140.103.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 20.131.140.103.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
159.89.99.68	attack	IP 159.89.99.68 attacked honeypot on port: 80 at 8/4/2020 7:55:34 AM	2020-08-05 00:08:05
111.118.135.132	attack	Dovecot Invalid User Login Attempt.	2020-08-05 00:24:20
210.19.35.122	attackbotsspam	08/04/2020-05:21:19.024668 210.19.35.122 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2020-08-04 23:57:27
157.245.103.173	attack	Erpressungsversuch! - Attempted extortion	2020-08-04 23:49:23
14.118.215.22	attack	Aug 4 10:04:07 master sshd[18725]: Failed password for root from 14.118.215.22 port 41338 ssh2 Aug 4 10:12:22 master sshd[18950]: Failed password for root from 14.118.215.22 port 59102 ssh2 Aug 4 10:15:18 master sshd[19040]: Failed password for root from 14.118.215.22 port 60528 ssh2 Aug 4 10:21:10 master sshd[19188]: Failed password for root from 14.118.215.22 port 35152 ssh2 Aug 4 10:26:39 master sshd[19285]: Failed password for root from 14.118.215.22 port 37996 ssh2 Aug 4 10:32:02 master sshd[19770]: Failed password for root from 14.118.215.22 port 40838 ssh2 Aug 4 10:40:27 master sshd[20026]: Failed password for root from 14.118.215.22 port 45090 ssh2 Aug 4 10:43:24 master sshd[20060]: Failed password for root from 14.118.215.22 port 46514 ssh2 Aug 4 10:46:11 master sshd[20142]: Failed password for root from 14.118.215.22 port 47936 ssh2 Aug 4 10:49:06 master sshd[20172]: Failed password for root from 14.118.215.22 port 49364 ssh2	2020-08-05 00:10:06
220.112.50.249	attack	Aug 4 09:12:52 XXX sshd[15892]: Invalid user admin from 220.112.50.249 Aug 4 09:12:53 XXX sshd[15892]: Received disconnect from 220.112.50.249: 11: Bye Bye [preauth] Aug 4 09:13:14 XXX sshd[15896]: Invalid user admin from 220.112.50.249 Aug 4 09:13:14 XXX sshd[15896]: Received disconnect from 220.112.50.249: 11: Bye Bye [preauth] Aug 4 09:13:37 XXX sshd[15923]: Invalid user admin from 220.112.50.249 Aug 4 09:13:37 XXX sshd[15923]: Received disconnect from 220.112.50.249: 11: Bye Bye [preauth] Aug 4 09:13:58 XXX sshd[16108]: Invalid user admin from 220.112.50.249 Aug 4 09:13:59 XXX sshd[16108]: Received disconnect from 220.112.50.249: 11: Bye Bye [preauth] Aug 4 09:14:20 XXX sshd[16112]: Invalid user admin from 220.112.50.249 Aug 4 09:14:20 XXX sshd[16112]: Received disconnect from 220.112.50.249: 11: Bye Bye [preauth] Aug 4 09:14:41 XXX sshd[16127]: Invalid user admin from 220.112.50.249 Aug 4 09:14:42 XXX sshd[16127]: Received disconnect from 220.112.50.249........ -------------------------------	2020-08-05 00:14:35
111.161.74.118	attackspambots	Aug 4 12:08:52 ny01 sshd[18390]: Failed password for root from 111.161.74.118 port 52108 ssh2 Aug 4 12:09:47 ny01 sshd[18485]: Failed password for root from 111.161.74.118 port 32884 ssh2	2020-08-05 00:19:55
89.137.164.230	attack	89.137.164.230 - - [04/Aug/2020:16:24:08 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" 89.137.164.230 - - [04/Aug/2020:16:24:10 +0100] "POST /wp-login.php HTTP/1.1" 200 6071 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" 89.137.164.230 - - [04/Aug/2020:16:25:33 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" ...	2020-08-04 23:58:55
171.249.11.60	attackspambots	1596532885 - 08/04/2020 11:21:25 Host: 171.249.11.60/171.249.11.60 Port: 445 TCP Blocked	2020-08-04 23:48:40
176.107.133.228	attackbots	Aug 4 11:35:51 master sshd[21925]: Failed password for root from 176.107.133.228 port 54368 ssh2 Aug 4 11:47:31 master sshd[22218]: Failed password for root from 176.107.133.228 port 35078 ssh2 Aug 4 11:52:57 master sshd[22366]: Failed password for root from 176.107.133.228 port 48274 ssh2 Aug 4 11:58:17 master sshd[22491]: Failed password for root from 176.107.133.228 port 34568 ssh2 Aug 4 12:03:28 master sshd[23018]: Failed password for root from 176.107.133.228 port 47666 ssh2 Aug 4 12:08:41 master sshd[23127]: Failed password for root from 176.107.133.228 port 33010 ssh2 Aug 4 12:13:48 master sshd[23316]: Failed password for root from 176.107.133.228 port 47624 ssh2 Aug 4 12:18:50 master sshd[23441]: Failed password for root from 176.107.133.228 port 60828 ssh2	2020-08-05 00:12:04
121.183.203.60	attackspam	Aug 4 15:21:30 jumpserver sshd[14756]: Failed password for root from 121.183.203.60 port 38162 ssh2 Aug 4 15:23:57 jumpserver sshd[14803]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.183.203.60 user=root Aug 4 15:23:59 jumpserver sshd[14803]: Failed password for root from 121.183.203.60 port 46438 ssh2 ...	2020-08-04 23:54:22
148.235.57.184	attackbotsspam	Aug 4 13:46:30 vps333114 sshd[18653]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.235.57.184 user=root Aug 4 13:46:32 vps333114 sshd[18653]: Failed password for root from 148.235.57.184 port 35240 ssh2 ...	2020-08-05 00:10:21
104.131.72.150	attackbotsspam	104.131.72.150 - - \[04/Aug/2020:11:21:30 +0200\] "GET / HTTP/1.0" 301 178 "-" "Mozilla/5.0 \(compatible\; NetcraftSurveyAgent/1.0\; +info@netcraft.com\)" ...	2020-08-04 23:43:35
194.26.29.117	attackbotsspam	08/04/2020-11:32:36.638021 194.26.29.117 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-08-04 23:44:51
183.109.124.137	attackbotsspam	(sshd) Failed SSH login from 183.109.124.137 (KR/South Korea/-): 5 in the last 3600 secs	2020-08-05 00:11:46

最近上报的IP列表

97.9.49.137	94.177.225.152	121.122.66.4	132.184.61.242
222.20.64.242	72.142.57.17	4.14.27.4	221.66.123.73
107.133.183.95	220.200.226.115	3.223.219.165	60.155.178.5
77.76.193.222	146.185.182.192	216.182.253.199	139.20.214.246
218.133.161.138	179.135.113.174	71.250.72.115	112.83.167.39