103.19.80.99 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Indonesia

运营商(isp): PT Integrasi Logistik Cipta Solusi

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Commercial

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-10 08:28:31,925 INFO [amun_request_handler] PortScan Detected on Port: 445 (103.19.80.99)	2019-07-10 19:58:22

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.19.80.99
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 9114
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;103.19.80.99.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019071000 1800 900 604800 86400

;; Query time: 4 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Jul 10 19:58:15 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 99.80.19.103.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 99.80.19.103.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
222.186.175.151	attackbots	F2B jail: sshd. Time: 2019-11-06 09:26:24, Reported by: VKReport	2019-11-06 16:27:35
2.50.245.59	attackspambots	" "	2019-11-06 16:05:33
168.90.209.180	attackspam	Automatic report - Port Scan Attack	2019-11-06 16:20:02
178.33.12.237	attack	Nov 6 09:12:52 legacy sshd[21724]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.33.12.237 Nov 6 09:12:54 legacy sshd[21724]: Failed password for invalid user user from 178.33.12.237 port 49472 ssh2 Nov 6 09:16:59 legacy sshd[21903]: Failed password for root from 178.33.12.237 port 42198 ssh2 ...	2019-11-06 16:19:17
184.105.139.68	attackbots	scan z	2019-11-06 16:42:29
101.36.151.78	attackspam	2019-11-06T07:59:21.336213hub.schaetter.us sshd\[6234\]: Invalid user test from 101.36.151.78 port 44046 2019-11-06T07:59:21.346355hub.schaetter.us sshd\[6234\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.36.151.78 2019-11-06T07:59:23.321982hub.schaetter.us sshd\[6234\]: Failed password for invalid user test from 101.36.151.78 port 44046 ssh2 2019-11-06T08:04:18.638843hub.schaetter.us sshd\[6301\]: Invalid user user3 from 101.36.151.78 port 51084 2019-11-06T08:04:18.645558hub.schaetter.us sshd\[6301\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.36.151.78 ...	2019-11-06 16:12:57
140.115.145.140	attackspam	Nov 4 04:43:41 PiServer sshd[19569]: Failed password for r.r from 140.115.145.140 port 42676 ssh2 Nov 4 04:50:27 PiServer sshd[19985]: Failed password for r.r from 140.115.145.140 port 38368 ssh2 Nov 4 04:55:00 PiServer sshd[20266]: Failed password for r.r from 140.115.145.140 port 50150 ssh2 Nov 4 04:59:24 PiServer sshd[20510]: Invalid user ghm from 140.115.145.140 Nov 4 04:59:26 PiServer sshd[20510]: Failed password for invalid user ghm from 140.115.145.140 port 33700 ssh2 Nov 4 05:03:41 PiServer sshd[20747]: Failed password for r.r from 140.115.145.140 port 45468 ssh2 Nov 4 05:34:30 PiServer sshd[22433]: Failed password for r.r from 140.115.145.140 port 43250 ssh2 Nov 4 05:39:02 PiServer sshd[22742]: Failed password for r.r from 140.115.145.140 port 55014 ssh2 Nov 4 05:43:17 PiServer sshd[23027]: Invalid user aplusbiz from 140.115.145.140 Nov 4 05:43:18 PiServer sshd[23027]: Failed password for invalid user aplusbiz from 140.115.145.140 port 38566 ssh2 Nov ........ ------------------------------	2019-11-06 16:21:29
92.222.77.175	attackspambots	Nov 5 19:30:35 srv2 sshd\[9091\]: Invalid user IBM from 92.222.77.175 Nov 5 19:30:35 srv2 sshd\[9091\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.222.77.175 Nov 5 19:30:37 srv2 sshd\[9091\]: Failed password for invalid user IBM from 92.222.77.175 port 60800 ssh2 Nov 5 19:43:35 srv2 sshd\[9291\]: Invalid user marui from 92.222.77.175 Nov 5 19:43:35 srv2 sshd\[9291\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.222.77.175 Nov 5 19:43:37 srv2 sshd\[9291\]: Failed password for invalid user marui from 92.222.77.175 port 39766 ssh2 Nov 5 19:56:34 srv2 sshd\[9465\]: Invalid user centos from 92.222.77.175 Nov 5 19:56:34 srv2 sshd\[9465\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.222.77.175 Nov 5 19:56:36 srv2 sshd\[9465\]: Failed password for invalid user centos from 92.222.77.175 port 46952 ssh2 Nov 5 20:09:38 srv2 sshd\[9635\]: I ...	2019-11-06 16:33:13
128.199.212.82	attack	Nov 6 09:04:38 * sshd[12487]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.212.82 Nov 6 09:04:40 * sshd[12487]: Failed password for invalid user apl from 128.199.212.82 port 37668 ssh2	2019-11-06 16:31:39
139.180.216.190	attack	[Wed Nov 06 13:27:53.600569 2019] [:error] [pid 682:tid 140114221315840] [client 139.180.216.190:39314] [client 139.180.216.190] ModSecurity: Access denied with code 403 (phase 1). Match of "within %{tx.allowed_http_versions}" against "REQUEST_PROTOCOL" required. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "972"] [id "920430"] [msg "HTTP protocol version is not allowed by policy"] [data "HTTP/1.0"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/POLICY/PROTOCOL_NOT_ALLOWED"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A6"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "XcJn6R0WPDkEpcCzdXYvVQAAAAI"] ...	2019-11-06 16:32:25
134.175.39.246	attackbotsspam	Nov 5 22:18:13 hanapaa sshd\[24637\]: Invalid user xlc2011 from 134.175.39.246 Nov 5 22:18:13 hanapaa sshd\[24637\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.39.246 Nov 5 22:18:15 hanapaa sshd\[24637\]: Failed password for invalid user xlc2011 from 134.175.39.246 port 33510 ssh2 Nov 5 22:22:48 hanapaa sshd\[24994\]: Invalid user kyu from 134.175.39.246 Nov 5 22:22:48 hanapaa sshd\[24994\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.39.246	2019-11-06 16:28:24
200.194.28.116	attackspam	Nov 6 07:46:51 marvibiene sshd[48026]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.194.28.116 user=root Nov 6 07:46:53 marvibiene sshd[48026]: Failed password for root from 200.194.28.116 port 37258 ssh2 Nov 6 07:46:55 marvibiene sshd[48026]: Failed password for root from 200.194.28.116 port 37258 ssh2 Nov 6 07:46:51 marvibiene sshd[48026]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.194.28.116 user=root Nov 6 07:46:53 marvibiene sshd[48026]: Failed password for root from 200.194.28.116 port 37258 ssh2 Nov 6 07:46:55 marvibiene sshd[48026]: Failed password for root from 200.194.28.116 port 37258 ssh2 ...	2019-11-06 16:16:51
41.207.182.133	attackbotsspam	Nov 6 08:19:13 ArkNodeAT sshd\[9700\]: Invalid user joomla from 41.207.182.133 Nov 6 08:19:13 ArkNodeAT sshd\[9700\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.207.182.133 Nov 6 08:19:15 ArkNodeAT sshd\[9700\]: Failed password for invalid user joomla from 41.207.182.133 port 51492 ssh2	2019-11-06 16:07:45
175.211.105.99	attackbots	Automatic report - Banned IP Access	2019-11-06 16:29:39
78.46.147.205	attackbots	Nov 6 14:36:52 webhost01 sshd[18986]: Failed password for root from 78.46.147.205 port 42166 ssh2 ...	2019-11-06 16:12:01

最近上报的IP列表

180.175.8.88	122.194.75.247	36.37.91.98	210.212.162.117
49.88.160.104	139.167.185.75	87.250.224.101	79.185.149.37
62.33.138.133	142.147.109.140	62.57.162.175	39.74.88.17
118.69.54.89	152.44.109.210	192.241.191.23	123.27.191.29
89.171.167.106	142.11.222.183	87.255.87.88	198.89.126.44