103.221.254.54

基本信息:

城市(city): Dhaka

省份(region): Dhaka Division

国家(country): Bangladesh

运营商(isp): University of Dhaka

主机名(hostname): unknown

机构(organization): university of dhaka

使用类型(Usage Type): University/College/School

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	spam	2020-04-15 16:09:14
attack	spam	2020-01-24 14:57:25
attackbots	Brute force attack stopped by firewall	2019-12-12 09:28:49
attack	Autoban 103.221.254.54 AUTH/CONNECT	2019-11-18 19:19:17
attackbots	IP: 103.221.254.54 ASN: AS135524 university of dhaka Port: Simple Mail Transfer 25 Found in one or more Blacklists Date: 14/09/2019 6:20:54 PM UTC	2019-09-15 04:33:53

相同子网IP讨论:

IP	类型	评论内容	时间
103.221.254.2	attackbotsspam	Aug 26 04:41:19 shivevps sshd[25517]: Bad protocol version identification '\024' from 103.221.254.2 port 41324 Aug 26 04:42:26 shivevps sshd[27031]: Bad protocol version identification '\024' from 103.221.254.2 port 42971 Aug 26 04:44:17 shivevps sshd[30935]: Bad protocol version identification '\024' from 103.221.254.2 port 45328 Aug 26 04:45:52 shivevps sshd[32400]: Bad protocol version identification '\024' from 103.221.254.2 port 47721 ...	2020-08-26 15:01:38
103.221.254.12	attackbotsspam	Dovecot Invalid User Login Attempt.	2020-08-19 22:05:41
103.221.254.102	attackbots	Unauthorized access detected from black listed ip!	2020-05-29 19:50:26
103.221.254.125	attackspam	Apr 25 05:57:02 web01.agentur-b-2.de postfix/smtpd[923801]: NOQUEUE: reject: RCPT from unknown[103.221.254.125]: 554 5.7.1 Service unavailable; Client host [103.221.254.125] blocked using zen.spamhaus.org; https://www.spamhaus.org/sbl/query/SBLCSS / https://www.spamhaus.org/query/ip/103.221.254.125; from= to=<2c.thomssen@rhythm-and-arts.de> proto=ESMTP helo= Apr 25 05:57:02 web01.agentur-b-2.de postfix/smtpd[923801]: NOQUEUE: reject: RCPT from unknown[103.221.254.125]: 554 5.7.1 Service unavailable; Client host [103.221.254.125] blocked using zen.spamhaus.org; https://www.spamhaus.org/sbl/query/SBLCSS / https://www.spamhaus.org/query/ip/103.221.254.125; from= to=<3c.thomssen@rhythm-and-arts.de> proto=ESMTP helo= Apr 25 05:57:02 web01.agentur-b-2.de postfix/smtpd[923801]: NOQUEUE: reject: RCPT from unknown[103.221.254.125]: 554 5.7.1 Service unavailable; Client host [103.221.254.125] blocked using zen.spamhaus.org; https://www.spa	2020-04-25 13:45:54
103.221.254.73	attackspam	spam	2020-04-06 13:30:40
103.221.254.125	attackbots	IP was detected trying to Brute-Force SSH, FTP, Web Apps, Port-Scan or Hacking.	2020-03-22 08:07:12
103.221.254.125	attackbots	spam	2020-03-01 19:47:19
103.221.254.4	attackbotsspam	Feb 13 05:45:44 MK-Soft-Root1 sshd[24429]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.221.254.4 Feb 13 05:45:46 MK-Soft-Root1 sshd[24429]: Failed password for invalid user supervisor from 103.221.254.4 port 57353 ssh2 ...	2020-02-13 20:58:53
103.221.254.70	attack	" "	2020-02-13 00:14:53
103.221.254.73	attackbots	B: f2b postfix aggressive 3x	2020-02-01 10:50:32
103.221.254.24	attackbots	Unauthorized connection attempt detected from IP address 103.221.254.24 to port 8080 [T]	2020-01-17 09:03:57
103.221.254.12	attack	email spam	2019-12-19 20:18:36
103.221.254.125	attack	email spam	2019-12-19 17:09:36
103.221.254.12	attackbotsspam	Autoban 103.221.254.12 AUTH/CONNECT	2019-11-18 19:21:47
103.221.254.125	attack	Autoban 103.221.254.125 AUTH/CONNECT	2019-11-18 19:20:29

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.221.254.54
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 3193
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;103.221.254.54.			IN	A

;; AUTHORITY SECTION:
.			2743	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019043000 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Tue Apr 30 20:28:00 +08 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 54.254.221.103.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 54.254.221.103.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
189.15.87.85	attack	Automatic report - Port Scan Attack	2020-08-05 23:25:23
61.177.172.168	attackspam	Aug 5 12:22:15 firewall sshd[12144]: Failed password for root from 61.177.172.168 port 55188 ssh2 Aug 5 12:22:18 firewall sshd[12144]: Failed password for root from 61.177.172.168 port 55188 ssh2 Aug 5 12:22:22 firewall sshd[12144]: Failed password for root from 61.177.172.168 port 55188 ssh2 ...	2020-08-05 23:22:36
81.68.145.65	attackbotsspam	Aug 5 14:12:17 [host] sshd[3367]: pam_unix(sshd:a Aug 5 14:12:20 [host] sshd[3367]: Failed password Aug 5 14:17:40 [host] sshd[3505]: pam_unix(sshd:a	2020-08-05 23:04:29
91.121.101.77	attackspambots	91.121.101.77 - - [05/Aug/2020:14:45:42 +0100] "POST /wp-login.php HTTP/1.1" 200 1875 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 91.121.101.77 - - [05/Aug/2020:14:45:43 +0100] "POST /wp-login.php HTTP/1.1" 200 1875 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 91.121.101.77 - - [05/Aug/2020:14:45:43 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-05 23:24:32
111.229.194.130	attackspambots	Aug 5 16:56:58 ns382633 sshd\[14022\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.194.130 user=root Aug 5 16:56:59 ns382633 sshd\[14022\]: Failed password for root from 111.229.194.130 port 47544 ssh2 Aug 5 17:02:01 ns382633 sshd\[14824\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.194.130 user=root Aug 5 17:02:03 ns382633 sshd\[14824\]: Failed password for root from 111.229.194.130 port 34976 ssh2 Aug 5 17:03:39 ns382633 sshd\[14960\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.194.130 user=root	2020-08-05 23:30:53
5.9.177.157	attackspam	Aug 4 17:03:53 h2040555 sshd[2918]: Failed password for r.r from 5.9.177.157 port 50900 ssh2 Aug 4 17:03:53 h2040555 sshd[2918]: Received disconnect from 5.9.177.157: 11: Bye Bye [preauth] Aug 4 17:11:38 h2040555 sshd[3088]: Failed password for r.r from 5.9.177.157 port 45988 ssh2 Aug 4 17:11:38 h2040555 sshd[3088]: Received disconnect from 5.9.177.157: 11: Bye Bye [preauth] Aug 4 17:16:35 h2040555 sshd[3129]: Failed password for r.r from 5.9.177.157 port 34268 ssh2 Aug 4 17:16:35 h2040555 sshd[3129]: Received disconnect from 5.9.177.157: 11: Bye Bye [preauth] Aug 4 17:20:54 h2040555 sshd[3370]: Failed password for r.r from 5.9.177.157 port 50444 ssh2 Aug 4 17:20:54 h2040555 sshd[3370]: Received disconnect from 5.9.177.157: 11: Bye Bye [preauth] Aug 4 17:25:04 h2040555 sshd[3422]: Failed password for r.r from 5.9.177.157 port 38366 ssh2 Aug 4 17:25:04 h2040555 sshd[3422]: Received disconnect from 5.9.177.157: 11: Bye Bye [preauth] ........ ----------------------------------------------- https://ww	2020-08-05 23:40:36
103.148.20.60	attack	Attempts against non-existent wp-login	2020-08-05 23:04:15
222.186.30.167	attackspambots	2020-08-05T15:22:27.953725shield sshd\[3996\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.167 user=root 2020-08-05T15:22:29.474073shield sshd\[3996\]: Failed password for root from 222.186.30.167 port 22852 ssh2 2020-08-05T15:22:31.874104shield sshd\[3996\]: Failed password for root from 222.186.30.167 port 22852 ssh2 2020-08-05T15:22:36.565739shield sshd\[3996\]: Failed password for root from 222.186.30.167 port 22852 ssh2 2020-08-05T15:22:48.875387shield sshd\[4050\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.167 user=root	2020-08-05 23:38:47
103.81.86.49	attack	Aug 5 14:33:36 marvibiene sshd[19981]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.81.86.49 user=root Aug 5 14:33:39 marvibiene sshd[19981]: Failed password for root from 103.81.86.49 port 33193 ssh2 Aug 5 14:40:33 marvibiene sshd[20131]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.81.86.49 user=root Aug 5 14:40:35 marvibiene sshd[20131]: Failed password for root from 103.81.86.49 port 54046 ssh2	2020-08-05 23:17:39
128.127.90.34	attack	2020-08-05T14:52:45.976343shield sshd\[586\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.127.90.34 user=root 2020-08-05T14:52:48.194013shield sshd\[586\]: Failed password for root from 128.127.90.34 port 47374 ssh2 2020-08-05T14:57:05.749619shield sshd\[1296\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.127.90.34 user=root 2020-08-05T14:57:07.329163shield sshd\[1296\]: Failed password for root from 128.127.90.34 port 52363 ssh2 2020-08-05T15:01:21.958629shield sshd\[1786\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.127.90.34 user=root	2020-08-05 23:38:04
213.178.252.23	attackspam	Aug 5 08:28:01 ny01 sshd[31427]: Failed password for root from 213.178.252.23 port 39380 ssh2 Aug 5 08:33:01 ny01 sshd[32254]: Failed password for root from 213.178.252.23 port 49220 ssh2	2020-08-05 23:05:01
114.237.217.87	attackbots	Port probing on unauthorized port 8080	2020-08-05 22:59:37
199.76.38.123	attack	Aug 5 17:16:00 amit sshd\[20767\]: Invalid user pi from 199.76.38.123 Aug 5 17:16:00 amit sshd\[20767\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=199.76.38.123 Aug 5 17:16:00 amit sshd\[20794\]: Invalid user pi from 199.76.38.123 ...	2020-08-05 23:18:20
200.71.186.58	attack	SMB Server BruteForce Attack	2020-08-05 23:11:24
114.32.200.188	attackbotsspam	Telnet Server BruteForce Attack	2020-08-05 23:22:12

最近上报的IP列表

69.90.33.15	222.94.212.209	196.81.36.239	93.119.104.66
93.153.122.55	1.6.21.106	134.209.248.205	56.235.142.189
211.72.180.2	180.124.213.187	169.1.16.214	107.29.38.227
81.22.45.201	215.63.210.253	5.94.66.38	129.150.68.200
178.239.208.32	168.227.56.130	211.167.71.195	99.180.82.27