103.252.5.93 - IPInfo

基本信息:

城市(city): Thane

省份(region): Maharashtra

国家(country): India

运营商(isp): HighLand

主机名(hostname): unknown

机构(organization): Threesa Infoway Pvt.Ltd.

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	445/tcp [2019-07-10]1pkt	2019-07-11 00:02:42

相同子网IP讨论:

IP	类型	评论内容	时间
103.252.51.154	attackbotsspam	20 attempts against mh-ssh on pcx	2020-09-23 01:36:58
103.252.51.154	attack	20 attempts against mh-ssh on pcx	2020-09-22 17:39:14
103.252.52.185	attackspambots	Email rejected due to spam filtering	2020-09-08 22:22:36
103.252.52.185	attackspambots	Email rejected due to spam filtering	2020-09-08 14:11:33
103.252.52.185	attack	Email rejected due to spam filtering	2020-09-08 06:42:40
103.252.51.64	attackspam	Cluster member 67.227.229.95 (US/United States/host.cjthedj97.me) said, DENY 103.252.51.64, Reason:[(mod_security) mod_security (id:210350) triggered by 103.252.51.64 (ID/Indonesia/-): 1 in the last 3600 secs]; Ports: *; Direction: inout; Trigger: LF_CLUSTER	2020-07-29 17:52:56
103.252.53.21	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/103.252.53.21/ IN - 1H : (48) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : IN NAME ASN : ASN138798 IP : 103.252.53.21 CIDR : 103.252.53.0/24 PREFIX COUNT : 14 UNIQUE IP COUNT : 3584 ATTACKS DETECTED ASN138798 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 1 DateTime : 2019-11-23 07:28:47 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-11-23 15:50:05
103.252.51.227	attackspambots	Oct 7 21:47:20 dev0-dcde-rnet sshd[31431]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.252.51.227 Oct 7 21:47:21 dev0-dcde-rnet sshd[31431]: Failed password for invalid user p4ssw0rd@2017 from 103.252.51.227 port 60866 ssh2 Oct 7 21:51:43 dev0-dcde-rnet sshd[31439]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.252.51.227	2019-10-08 05:30:20
103.252.5.183	attackspambots	Automatic report - Port Scan Attack	2019-09-26 01:45:44

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.252.5.93
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44468
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;103.252.5.93.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019071000 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Jul 11 00:02:23 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 93.5.252.103.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 67.207.67.2, trying next server
Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 93.5.252.103.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
59.99.81.161	attack	445/tcp [2019-07-30]1pkt	2019-07-31 00:03:35
202.159.17.212	attack	Jul 30 19:18:52 webhost01 sshd[31049]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.159.17.212 Jul 30 19:18:53 webhost01 sshd[31049]: Failed password for invalid user geesoo from 202.159.17.212 port 34858 ssh2 ...	2019-07-31 01:15:47
165.227.143.37	attackspambots	Jul 30 18:36:26 SilenceServices sshd[25150]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.143.37 Jul 30 18:36:28 SilenceServices sshd[25150]: Failed password for invalid user shoutcast from 165.227.143.37 port 53420 ssh2 Jul 30 18:40:45 SilenceServices sshd[28447]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.143.37	2019-07-31 01:01:42
142.44.247.87	attackspambots	2019-07-30T15:45:02.418470abusebot-4.cloudsearch.cf sshd\[25200\]: Invalid user ravi from 142.44.247.87 port 50246	2019-07-31 00:07:26
212.237.53.252	attack	Jul 30 18:47:39 mail sshd\[2979\]: Invalid user rtkit from 212.237.53.252\ Jul 30 18:47:41 mail sshd\[2979\]: Failed password for invalid user rtkit from 212.237.53.252 port 41086 ssh2\ Jul 30 18:52:31 mail sshd\[2990\]: Invalid user main from 212.237.53.252\ Jul 30 18:52:32 mail sshd\[2990\]: Failed password for invalid user main from 212.237.53.252 port 37278 ssh2\ Jul 30 18:57:16 mail sshd\[3008\]: Invalid user proxyuser from 212.237.53.252\ Jul 30 18:57:18 mail sshd\[3008\]: Failed password for invalid user proxyuser from 212.237.53.252 port 33432 ssh2\	2019-07-31 01:20:51
184.22.139.8	attackbots	445/tcp [2019-07-30]1pkt	2019-07-30 23:38:10
94.23.0.64	attack	Jul 30 17:28:47 MK-Soft-Root1 sshd\[7605\]: Invalid user hhchen from 94.23.0.64 port 57275 Jul 30 17:28:47 MK-Soft-Root1 sshd\[7605\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.23.0.64 Jul 30 17:28:49 MK-Soft-Root1 sshd\[7605\]: Failed password for invalid user hhchen from 94.23.0.64 port 57275 ssh2 ...	2019-07-30 23:35:08
162.243.253.67	attackbots	Jul 30 16:44:20 MK-Soft-VM7 sshd\[29223\]: Invalid user nagios from 162.243.253.67 port 41483 Jul 30 16:44:20 MK-Soft-VM7 sshd\[29223\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.253.67 Jul 30 16:44:22 MK-Soft-VM7 sshd\[29223\]: Failed password for invalid user nagios from 162.243.253.67 port 41483 ssh2 ...	2019-07-31 01:17:49
37.6.117.155	attackbots	23/tcp [2019-07-30]1pkt	2019-07-31 01:24:19
92.87.16.249	attack	Automatic report - Port Scan Attack	2019-07-31 01:37:13
112.85.42.88	attackbotsspam	pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.88 user=root Failed password for root from 112.85.42.88 port 49321 ssh2 Failed password for root from 112.85.42.88 port 49321 ssh2 Failed password for root from 112.85.42.88 port 49321 ssh2 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.88 user=root	2019-07-31 01:39:00
49.69.152.54	attackspambots	Jul 30 03:32:12 lgrs-web sshd[6155]: Bad protocol version identification '' from 49.69.152.54 port 50989 Jul 30 03:32:13 lgrs-web sshd[6156]: Invalid user osbash from 49.69.152.54 port 51138 Jul 30 03:32:14 lgrs-web sshd[6156]: Connection closed by 49.69.152.54 port 51138 [preauth] Jul 30 03:32:16 lgrs-web sshd[6158]: Invalid user plexuser from 49.69.152.54 port 51664 Jul 30 03:32:16 lgrs-web sshd[6158]: Connection closed by 49.69.152.54 port 51664 [preauth] Jul 30 03:32:18 lgrs-web sshd[6162]: Invalid user pi from 49.69.152.54 port 52119 Jul 30 03:32:18 lgrs-web sshd[6162]: Connection closed by 49.69.152.54 port 52119 [preauth] Jul 30 03:32:20 lgrs-web sshd[6164]: Invalid user pi from 49.69.152.54 port 52655 Jul 30 03:32:20 lgrs-web sshd[6164]: Connection closed by 49.69.152.54 port 52655 [preauth] Jul 30 03:32:23 lgrs-web sshd[6168]: Invalid user pi from 49.69.152.54 port 53237 Jul 30 03:32:23 lgrs-web sshd[6168]: Connection closed by 49.69.152.54 port 53237 [preauth]........ -------------------------------	2019-07-31 01:32:03
82.117.249.123	attack	445/tcp [2019-07-30]1pkt	2019-07-31 01:28:27
173.219.80.40	attackspam	Jul 30 16:07:02 site3 sshd\[100403\]: Invalid user hduser from 173.219.80.40 Jul 30 16:07:02 site3 sshd\[100403\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=173.219.80.40 Jul 30 16:07:04 site3 sshd\[100403\]: Failed password for invalid user hduser from 173.219.80.40 port 50792 ssh2 Jul 30 16:13:05 site3 sshd\[100534\]: Invalid user toor from 173.219.80.40 Jul 30 16:13:05 site3 sshd\[100534\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=173.219.80.40 ...	2019-07-31 00:18:51
138.197.180.16	attackbotsspam	Jul 30 08:49:39 cac1d2 sshd\[14050\]: Invalid user support from 138.197.180.16 port 56574 Jul 30 08:49:39 cac1d2 sshd\[14050\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.180.16 Jul 30 08:49:41 cac1d2 sshd\[14050\]: Failed password for invalid user support from 138.197.180.16 port 56574 ssh2 ...	2019-07-31 00:43:10

最近上报的IP列表

80.211.59.50	178.184.59.246	31.8.44.196	208.78.111.134
118.123.130.42	5.182.210.220	205.185.60.142	177.215.178.212
114.43.93.226	54.95.160.70	68.183.224.118	90.181.198.41
115.20.202.63	241.148.26.119	243.222.145.102	162.243.11.197
183.223.244.77	195.251.176.214	212.66.15.213	83.147.15.138