103.148.79.139

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Indonesia

运营商(isp): Dinas Komunikasi Informasi Kota Tasikmalaya

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Government

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	1597117706 - 08/11/2020 05:48:26 Host: 103.148.79.139/103.148.79.139 Port: 445 TCP Blocked ...	2020-08-11 18:57:29

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.148.79.139
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 17385
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;103.148.79.139.			IN	A

;; AUTHORITY SECTION:
.			538	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020081100 1800 900 604800 86400

;; Query time: 25 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Aug 11 18:57:23 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 139.79.148.103.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 139.79.148.103.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
37.209.101.251	attack	Feb 5 07:03:21 sd-53420 sshd\[22005\]: User root from 37.209.101.251 not allowed because none of user's groups are listed in AllowGroups Feb 5 07:03:21 sd-53420 sshd\[22005\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.209.101.251 user=root Feb 5 07:03:24 sd-53420 sshd\[22005\]: Failed password for invalid user root from 37.209.101.251 port 47082 ssh2 Feb 5 07:06:48 sd-53420 sshd\[22361\]: Invalid user guest from 37.209.101.251 Feb 5 07:06:48 sd-53420 sshd\[22361\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.209.101.251 ...	2020-02-05 15:02:44
222.186.30.35	attack	SSH Bruteforce attempt	2020-02-05 14:50:42
117.193.245.29	attackbotsspam	$f2bV_matches	2020-02-05 14:25:59
217.194.205.108	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/217.194.205.108/ IL - 1H : (1) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : IL NAME ASN : ASN20623 IP : 217.194.205.108 CIDR : 217.194.192.0/20 PREFIX COUNT : 1 UNIQUE IP COUNT : 4096 ATTACKS DETECTED ASN20623 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 1 DateTime : 2020-02-05 05:53:20 INFO : HACK ! - Looking for resource vulnerabilities Scan Detected and Blocked by ADMIN - data recovery	2020-02-05 14:42:49
190.147.34.27	attackspambots	Unauthorized connection attempt detected from IP address 190.147.34.27 to port 2220 [J]	2020-02-05 14:54:40
222.186.30.167	attackspambots	2020-02-05T07:21:56.708518scmdmz1 sshd[2311]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.167 user=root 2020-02-05T07:21:58.848723scmdmz1 sshd[2311]: Failed password for root from 222.186.30.167 port 60010 ssh2 2020-02-05T07:22:01.625960scmdmz1 sshd[2311]: Failed password for root from 222.186.30.167 port 60010 ssh2 2020-02-05T07:21:56.708518scmdmz1 sshd[2311]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.167 user=root 2020-02-05T07:21:58.848723scmdmz1 sshd[2311]: Failed password for root from 222.186.30.167 port 60010 ssh2 2020-02-05T07:22:01.625960scmdmz1 sshd[2311]: Failed password for root from 222.186.30.167 port 60010 ssh2 2020-02-05T07:21:56.708518scmdmz1 sshd[2311]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.167 user=root 2020-02-05T07:21:58.848723scmdmz1 sshd[2311]: Failed password for root from 222.186.30.167 port 60010 ssh2 2020-02-0	2020-02-05 14:28:33
64.78.19.170	attackspambots	Feb 3 02:01:55 foo sshd[1064]: Address 64.78.19.170 maps to intermedia.net, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Feb 3 02:01:55 foo sshd[1064]: Invalid user drcomadmin from 64.78.19.170 Feb 3 02:01:55 foo sshd[1064]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=64.78.19.170 Feb 3 02:01:58 foo sshd[1064]: Failed password for invalid user drcomadmin from 64.78.19.170 port 60883 ssh2 Feb 3 02:01:58 foo sshd[1064]: Received disconnect from 64.78.19.170: 11: Bye Bye [preauth] Feb 3 02:02:00 foo sshd[1066]: Address 64.78.19.170 maps to intermedia.net, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Feb 3 02:02:00 foo sshd[1066]: Invalid user drcomadmin from 64.78.19.170 Feb 3 02:02:00 foo sshd[1066]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=64.78.19.170 Feb 3 02:02:01 foo sshd[1066]: Failed password for invalid user drco........ -------------------------------	2020-02-05 14:45:34
219.235.94.34	attack	Unauthorized connection attempt detected from IP address 219.235.94.34 to port 1433 [J]	2020-02-05 14:29:20
122.167.105.248	attack	Feb 5 05:52:46 grey postfix/smtpd\[20071\]: NOQUEUE: reject: RCPT from unknown\[122.167.105.248\]: 554 5.7.1 Service unavailable\; Client host \[122.167.105.248\] blocked using dul.dnsbl.sorbs.net\; Dynamic IP Addresses See: http://www.sorbs.net/lookup.shtml\?122.167.105.248\; from=\ to=\ proto=ESMTP helo=\ ...	2020-02-05 15:00:14
79.137.77.131	attackbotsspam	Feb 4 20:08:46 auw2 sshd\[964\]: Invalid user tesuser from 79.137.77.131 Feb 4 20:08:46 auw2 sshd\[964\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=131.ip-79-137-77.eu Feb 4 20:08:48 auw2 sshd\[964\]: Failed password for invalid user tesuser from 79.137.77.131 port 50140 ssh2 Feb 4 20:11:26 auw2 sshd\[1293\]: Invalid user hamish from 79.137.77.131 Feb 4 20:11:26 auw2 sshd\[1293\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=131.ip-79-137-77.eu	2020-02-05 15:05:01
88.152.231.197	attackbotsspam	(sshd) Failed SSH login from 88.152.231.197 (DE/Germany/ip-88-152-231-197.hsi03.unitymediagroup.de): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Feb 5 06:06:55 elude sshd[27107]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=88.152.231.197 user=backup Feb 5 06:06:56 elude sshd[27107]: Failed password for backup from 88.152.231.197 port 46371 ssh2 Feb 5 06:21:42 elude sshd[27952]: Invalid user activity from 88.152.231.197 port 47586 Feb 5 06:21:44 elude sshd[27952]: Failed password for invalid user activity from 88.152.231.197 port 47586 ssh2 Feb 5 06:24:42 elude sshd[28107]: Invalid user athos from 88.152.231.197 port 34164	2020-02-05 15:01:42
43.229.89.113	attackbotsspam	DATE:2020-02-05 05:52:21, IP:43.229.89.113, PORT:1433 MSSQL brute force auth on honeypot server (epe-honey1-hq)	2020-02-05 14:43:28
106.13.187.30	attackbots	Feb 5 07:01:57 legacy sshd[21565]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.187.30 Feb 5 07:01:59 legacy sshd[21565]: Failed password for invalid user jiangyan from 106.13.187.30 port 48850 ssh2 Feb 5 07:05:24 legacy sshd[21685]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.187.30 ...	2020-02-05 15:07:05
46.0.203.166	attack	$f2bV_matches	2020-02-05 14:39:05
2.185.220.235	attackspam	1580878369 - 02/05/2020 05:52:49 Host: 2.185.220.235/2.185.220.235 Port: 445 TCP Blocked	2020-02-05 14:58:27

最近上报的IP列表

217.219.4.249	72.23.185.188	125.161.152.54	180.180.237.78
177.81.25.22	110.171.126.243	110.244.75.71	87.153.129.66
85.180.251.15	214.101.20.23	112.84.95.237	189.88.114.8
152.63.94.109	173.242.45.63	146.31.185.222	62.210.205.76
177.21.138.111	114.101.247.87	156.96.117.189	58.219.252.129