103.44.144.53 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): National Computer Network and Information

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Commercial

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	2020-01-09T07:43:49.361Z CLOSE host=103.44.144.53 port=48564 fd=4 time=20.018 bytes=21 ...	2020-03-03 22:56:17
attackbots	suspicious action Sat, 22 Feb 2020 10:12:13 -0300	2020-02-22 22:47:31
attack	Automatic report - Banned IP Access	2019-11-29 13:20:59
attackspambots	port scan and connect, tcp 22 (ssh)	2019-08-03 21:44:52
attackbotsspam	Jul 30 08:05:53 aragorn sshd[3978]: Invalid user DUP from 103.44.144.53 Jul 30 08:05:55 aragorn sshd[3980]: Invalid user roOT from 103.44.144.53 Jul 30 08:22:50 aragorn sshd[6748]: Invalid user DUP from 103.44.144.53 Jul 30 08:22:52 aragorn sshd[6750]: Invalid user roOT from 103.44.144.53 ...	2019-07-30 20:39:04
attack	19/7/29@02:43:35: FAIL: IoT-SSH address from=103.44.144.53 ...	2019-07-29 21:16:46
attackbotsspam	Probing for vulnerable services	2019-07-16 15:20:54

相同子网IP讨论:

IP	类型	评论内容	时间
103.44.144.4	attackbotsspam	ET SCAN Suspicious inbound to MSSQL port 1433 - port: 1433 proto: TCP cat: Potentially Bad Traffic	2020-04-23 19:59:13
103.44.144.62	attack	Unauthorized connection attempt detected from IP address 103.44.144.62 to port 1433 [J]	2020-01-05 03:31:47
103.44.144.62	attackbotsspam	port scan and connect, tcp 1433 (ms-sql-s)	2019-11-09 13:40:27
103.44.144.62	attackbots	Portscan or hack attempt detected by psad/fwsnort	2019-10-23 02:12:28
103.44.144.62	attack	445/tcp 445/tcp 445/tcp [2019-06-22/26]3pkt	2019-06-26 22:58:23

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.44.144.53
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1347
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;103.44.144.53.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019050101 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Thu May 02 10:32:00 +08 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 53.144.44.103.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 53.144.44.103.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
120.92.94.95	attackspam	Banned for a week because repeated abuses, for example SSH, but not only	2020-10-10 04:35:54
103.114.208.198	attack	Oct 9 21:43:03 inter-technics sshd[9128]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.114.208.198 user=root Oct 9 21:43:05 inter-technics sshd[9128]: Failed password for root from 103.114.208.198 port 45792 ssh2 Oct 9 21:43:49 inter-technics sshd[9167]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.114.208.198 user=root Oct 9 21:43:52 inter-technics sshd[9167]: Failed password for root from 103.114.208.198 port 50049 ssh2 Oct 9 21:44:35 inter-technics sshd[9240]: Invalid user student1 from 103.114.208.198 port 54308 ...	2020-10-10 04:58:33
88.152.210.198	attack	DATE:2020-10-09 00:25:03, IP:88.152.210.198, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-10-10 04:32:47
195.95.215.157	attackbots	(sshd) Failed SSH login from 195.95.215.157 (RU/Russia/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 9 13:24:54 server2 sshd[22543]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.95.215.157 user=root Oct 9 13:24:56 server2 sshd[22543]: Failed password for root from 195.95.215.157 port 55940 ssh2 Oct 9 13:28:34 server2 sshd[24440]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.95.215.157 user=nagios Oct 9 13:28:37 server2 sshd[24440]: Failed password for nagios from 195.95.215.157 port 38730 ssh2 Oct 9 13:30:03 server2 sshd[25074]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.95.215.157 user=root	2020-10-10 04:32:07
43.226.144.63	attackbots	SSH login attempts.	2020-10-10 04:48:25
184.168.193.205	attackspambots	184.168.193.205 - - \[08/Oct/2020:23:48:53 +0300\] "POST /WORDPRESS/xmlrpc.php HTTP/1.1" 404 564 "-" "Mozilla/5.0 $Windows NT 10.0\; Win64\; x64$ AppleWebKit/537.36 $KHTML, like Gecko$ Chrome/60.0.3112.113 Safari/537.36" "-" 184.168.193.205 - - \[08/Oct/2020:23:48:53 +0300\] "POST /wordpress/xmlrpc.php HTTP/1.1" 200 443 "-" "Mozilla/5.0 $Windows NT 10.0\; Win64\; x64$ AppleWebKit/537.36 $KHTML, like Gecko$ Chrome/60.0.3112.113 Safari/537.36" "-" ...	2020-10-10 04:36:35
118.25.195.244	attack	$f2bV_matches	2020-10-10 04:56:45
83.48.101.184	attackspambots	Oct 9 18:32:01 buvik sshd[28900]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=83.48.101.184 Oct 9 18:32:03 buvik sshd[28900]: Failed password for invalid user ts3bot from 83.48.101.184 port 40478 ssh2 Oct 9 18:35:39 buvik sshd[29345]: Invalid user server from 83.48.101.184 ...	2020-10-10 04:53:58
96.3.82.185	attackspambots	Brute forcing email accounts	2020-10-10 04:31:07
118.24.139.160	attackspambots	SSH login attempts.	2020-10-10 04:32:20
188.166.247.82	attack	SSH bruteforce	2020-10-10 04:47:39
54.37.21.211	attack	54.37.21.211 - - [09/Oct/2020:21:18:38 +0200] "GET /wp-login.php HTTP/1.1" 200 2566 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 54.37.21.211 - - [09/Oct/2020:21:18:38 +0200] "POST /wp-login.php HTTP/1.1" 200 2698 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 54.37.21.211 - - [09/Oct/2020:21:18:38 +0200] "GET /wp-login.php HTTP/1.1" 200 2566 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 54.37.21.211 - - [09/Oct/2020:21:18:38 +0200] "POST /wp-login.php HTTP/1.1" 200 2697 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 54.37.21.211 - - [09/Oct/2020:21:18:38 +0200] "GET /wp-login.php HTTP/1.1" 200 2566 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 54.37.21.211 - - [09/Oct/2020:21:18:38 +0200] "POST /wp-login.php HTTP/1.1" 200 2696 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/6 ...	2020-10-10 04:55:39
141.98.81.197	attack	Oct 9 16:09:51 mail sshd\[60123\]: Invalid user user from 141.98.81.197 Oct 9 16:09:51 mail sshd\[60123\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.98.81.197 ...	2020-10-10 04:50:18
59.144.48.34	attackspam	k+ssh-bruteforce	2020-10-10 05:03:10
165.169.15.242	attack	Attempting admin logins	2020-10-10 05:02:24

最近上报的IP列表

115.17.160.156	114.116.67.151	63.10.82.221	42.97.139.248
30.121.242.222	222.217.221.181	85.187.15.3	181.158.126.240
202.75.100.26	201.226.239.98	31.145.150.194	125.227.91.97
207.180.222.104	5.157.96.66	212.47.228.121	235.230.33.3
186.74.190.46	191.113.168.101	78.56.102.89	140.149.185.140