103.42.91.4 - IPInfo

基本信息:

城市(city): Delhi

省份(region): National Capital Territory of Delhi

国家(country): India

运营商(isp): YPT Entertainment House Pvt Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Unauthorized connection attempt from IP address 103.42.91.4 on Port 445(SMB)	2020-08-06 00:31:56
attackspam	Unauthorized connection attempt: SRC=103.42.91.4 ...	2020-06-25 21:36:17
attack	20/3/6@08:27:52: FAIL: Alarm-Network address from=103.42.91.4 20/3/6@08:27:52: FAIL: Alarm-Network address from=103.42.91.4 ...	2020-03-07 04:43:19

类型

评论内容

时间

attackspambots

Unauthorized connection attempt from IP address 103.42.91.4 on Port 445(SMB)

2020-08-06 00:31:56

attackspam

Unauthorized connection attempt: SRC=103.42.91.4
...

2020-06-25 21:36:17

attack

20/3/6@08:27:52: FAIL: Alarm-Network address from=103.42.91.4
20/3/6@08:27:52: FAIL: Alarm-Network address from=103.42.91.4
...

2020-03-07 04:43:19

相同子网IP讨论:

IP	类型	评论内容	时间
103.42.91.25	attackbots	Jul 29 15:09:16 vps639187 sshd\[18294\]: Invalid user sunwendi from 103.42.91.25 port 60416 Jul 29 15:09:16 vps639187 sshd\[18294\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.42.91.25 Jul 29 15:09:18 vps639187 sshd\[18294\]: Failed password for invalid user sunwendi from 103.42.91.25 port 60416 ssh2 ...	2020-07-30 03:48:36

类型

评论内容

时间

103.42.91.25

attackbots

Jul 29 15:09:16 vps639187 sshd\[18294\]: Invalid user sunwendi from 103.42.91.25 port 60416
Jul 29 15:09:16 vps639187 sshd\[18294\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.42.91.25
Jul 29 15:09:18 vps639187 sshd\[18294\]: Failed password for invalid user sunwendi from 103.42.91.25 port 60416 ssh2
...

2020-07-30 03:48:36

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.42.91.4
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 45866
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;103.42.91.4.			IN	A

;; AUTHORITY SECTION:
.			393	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020030601 1800 900 604800 86400

;; Query time: 56 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Mar 07 04:43:14 CST 2020
;; MSG SIZE  rcvd: 115

HOST信息:

Host 4.91.42.103.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 100.100.2.138, trying next server
;; Got SERVFAIL reply from 100.100.2.138, trying next server
Server:		100.100.2.136
Address:	100.100.2.136#53

** server can't find 4.91.42.103.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
154.204.27.162	attackspambots	Apr 6 15:51:50 www sshd[17977]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.204.27.162 user=r.r Apr 6 15:51:52 www sshd[17977]: Failed password for r.r from 154.204.27.162 port 49292 ssh2 Apr 6 16:04:22 www sshd[20976]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.204.27.162 user=r.r Apr 6 16:04:24 www sshd[20976]: Failed password for r.r from 154.204.27.162 port 48194 ssh2 Apr 6 16:08:41 www sshd[21993]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.204.27.162 user=r.r Apr 6 16:08:42 www sshd[21993]: Failed password for r.r from 154.204.27.162 port 54184 ssh2 Apr 6 16:15:48 www sshd[24074]: Invalid user a from 154.204.27.162 Apr 6 16:15:48 www sshd[24074]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.204.27.162 Apr 6 16:15:50 www sshd[24074]: Failed password for invalid u........ -------------------------------	2020-04-07 20:17:02
180.168.141.246	attackbots	detected by Fail2Ban	2020-04-07 20:19:26
221.226.43.62	attack	Apr 7 10:34:32 sshd\[13023\]: Invalid user admin from 221.226.43.62Apr 7 10:34:35 sshd\[13023\]: Failed password for invalid user admin from 221.226.43.62 port 37067 ssh2 ...	2020-04-07 19:47:43
118.175.173.161	attackspam	Unauthorized connection attempt from IP address 118.175.173.161 on Port 445(SMB)	2020-04-07 19:56:31
184.154.139.15	attackspambots	fell into ViewStateTrap:paris	2020-04-07 20:07:57
27.3.224.102	attack	Unauthorized connection attempt from IP address 27.3.224.102 on Port 445(SMB)	2020-04-07 20:06:29
210.211.109.161	attackspam	Unauthorized connection attempt from IP address 210.211.109.161 on Port 445(SMB)	2020-04-07 19:42:33
106.13.178.153	attack	Apr 7 09:02:56 server sshd\[10906\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.178.153 user=root Apr 7 09:02:57 server sshd\[10906\]: Failed password for root from 106.13.178.153 port 34764 ssh2 Apr 7 09:14:44 server sshd\[13557\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.178.153 user=root Apr 7 09:14:47 server sshd\[13557\]: Failed password for root from 106.13.178.153 port 34040 ssh2 Apr 7 09:21:16 server sshd\[15592\]: Invalid user servers from 106.13.178.153 Apr 7 09:21:16 server sshd\[15592\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.178.153 ...	2020-04-07 19:43:02
175.139.191.169	attackspam	Apr 7 11:50:15 prox sshd[32498]: Failed password for root from 175.139.191.169 port 46144 ssh2 Apr 7 11:57:32 prox sshd[9568]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.191.169	2020-04-07 20:09:11
43.242.74.39	attackspam	Apr 7 04:25:52 Tower sshd[18104]: Connection from 43.242.74.39 port 42144 on 192.168.10.220 port 22 rdomain "" Apr 7 04:25:56 Tower sshd[18104]: Invalid user testftp from 43.242.74.39 port 42144 Apr 7 04:25:56 Tower sshd[18104]: error: Could not get shadow information for NOUSER Apr 7 04:25:56 Tower sshd[18104]: Failed password for invalid user testftp from 43.242.74.39 port 42144 ssh2 Apr 7 04:25:56 Tower sshd[18104]: Received disconnect from 43.242.74.39 port 42144:11: Bye Bye [preauth] Apr 7 04:25:56 Tower sshd[18104]: Disconnected from invalid user testftp 43.242.74.39 port 42144 [preauth]	2020-04-07 20:14:22
14.189.58.169	attack	Unauthorized connection attempt from IP address 14.189.58.169 on Port 445(SMB)	2020-04-07 19:40:09
123.207.235.247	attackspam	$f2bV_matches	2020-04-07 19:46:47
174.82.233.182	attack	Apr 7 05:35:40 server1 sshd\[12403\]: Failed password for invalid user teampspeak3 from 174.82.233.182 port 48660 ssh2 Apr 7 05:39:25 server1 sshd\[14239\]: Invalid user ofbiz from 174.82.233.182 Apr 7 05:39:25 server1 sshd\[14239\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.82.233.182 Apr 7 05:39:27 server1 sshd\[14239\]: Failed password for invalid user ofbiz from 174.82.233.182 port 58998 ssh2 Apr 7 05:43:21 server1 sshd\[15720\]: Invalid user test from 174.82.233.182 ...	2020-04-07 19:46:34
27.72.45.154	attackspambots	Unauthorized connection attempt from IP address 27.72.45.154 on Port 445(SMB)	2020-04-07 19:41:59
121.229.54.116	attackbots	$f2bV_matches	2020-04-07 19:48:20

最近上报的IP列表

92.240.207.149	198.162.235.8	69.135.42.89	189.165.225.162
79.59.181.227	187.104.151.97	17.17.203.79	104.178.20.209
207.143.87.14	31.38.218.153	177.201.15.82	45.173.6.82
32.4.93.93	131.50.156.84	103.9.78.175	88.172.241.92
182.164.99.139	93.1.155.133	14.18.107.236	82.215.180.164