103.56.139.41 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Hong Kong

运营商(isp): RM 107A Fuk Keung Industrial Bldg Mongkok Hong Kong

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Commercial

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	445/tcp 445/tcp 445/tcp [2019-07-02/10]3pkt	2019-07-10 22:34:19
attack	Unauthorized connection attempt from IP address 103.56.139.41 on Port 445(SMB)	2019-07-08 11:12:22

相同子网IP讨论:

IP	类型	评论内容	时间
103.56.139.241	attack	Sep 16 10:22:45 mc1 kernel: \[1172714.922862\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=103.56.139.241 DST=159.69.205.51 LEN=52 TOS=0x02 PREC=0x00 TTL=115 ID=23077 DF PROTO=TCP SPT=59461 DPT=80 WINDOW=8192 RES=0x00 CWR ECE SYN URGP=0 Sep 16 10:22:48 mc1 kernel: \[1172717.919524\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=103.56.139.241 DST=159.69.205.51 LEN=52 TOS=0x02 PREC=0x00 TTL=115 ID=23078 DF PROTO=TCP SPT=59461 DPT=80 WINDOW=8192 RES=0x00 CWR ECE SYN URGP=0 Sep 16 10:22:48 mc1 kernel: \[1172717.933460\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=103.56.139.241 DST=159.69.205.51 LEN=52 TOS=0x02 PREC=0x00 TTL=115 ID=23079 DF PROTO=TCP SPT=59915 DPT=8080 WINDOW=8192 RES=0x00 CWR ECE SYN URGP=0 ...	2019-09-16 23:07:51

类型

评论内容

时间

103.56.139.241

attack

Sep 16 10:22:45 mc1 kernel: \[1172714.922862\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=103.56.139.241 DST=159.69.205.51 LEN=52 TOS=0x02 PREC=0x00 TTL=115 ID=23077 DF PROTO=TCP SPT=59461 DPT=80 WINDOW=8192 RES=0x00 CWR ECE SYN URGP=0 
Sep 16 10:22:48 mc1 kernel: \[1172717.919524\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=103.56.139.241 DST=159.69.205.51 LEN=52 TOS=0x02 PREC=0x00 TTL=115 ID=23078 DF PROTO=TCP SPT=59461 DPT=80 WINDOW=8192 RES=0x00 CWR ECE SYN URGP=0 
Sep 16 10:22:48 mc1 kernel: \[1172717.933460\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=103.56.139.241 DST=159.69.205.51 LEN=52 TOS=0x02 PREC=0x00 TTL=115 ID=23079 DF PROTO=TCP SPT=59915 DPT=8080 WINDOW=8192 RES=0x00 CWR ECE SYN URGP=0 
...

2019-09-16 23:07:51

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.56.139.41
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63654
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;103.56.139.41.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019070701 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Jul 08 11:12:08 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 41.139.56.103.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 41.139.56.103.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
111.231.116.149	attackspambots	$f2bV_matches	2020-06-27 08:20:57
39.33.181.7	attackbots	Email rejected due to spam filtering	2020-06-27 08:41:53
190.145.254.138	attackbots	Tried sshing with brute force.	2020-06-27 08:36:54
45.134.179.57	attackbots	Jun 27 02:47:44 debian-2gb-nbg1-2 kernel: \[15477518.489915\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.134.179.57 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=53451 PROTO=TCP SPT=54740 DPT=7791 WINDOW=1024 RES=0x00 SYN URGP=0	2020-06-27 08:56:23
142.93.74.248	attackspambots	firewall-block, port(s): 20512/tcp	2020-06-27 08:48:34
92.63.197.61	attackbots	[MK-VM3] Blocked by UFW	2020-06-27 08:40:36
206.253.167.10	attackbots	Jun 27 00:32:17 roki-contabo sshd\[15644\]: Invalid user delta from 206.253.167.10 Jun 27 00:32:18 roki-contabo sshd\[15644\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.253.167.10 Jun 27 00:32:20 roki-contabo sshd\[15644\]: Failed password for invalid user delta from 206.253.167.10 port 33880 ssh2 Jun 27 00:34:25 roki-contabo sshd\[15693\]: Invalid user adam from 206.253.167.10 Jun 27 00:34:25 roki-contabo sshd\[15693\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.253.167.10 ...	2020-06-27 08:47:58
45.232.37.154	attack	Email rejected due to spam filtering	2020-06-27 08:46:06
193.35.51.13	attack	Jun 27 00:08:10 mailserver postfix/smtps/smtpd[95286]: disconnect from unknown[193.35.51.13] Jun 27 02:21:19 mailserver postfix/smtps/smtpd[96200]: connect from unknown[193.35.51.13] Jun 27 02:21:21 mailserver dovecot: auth-worker(96194): sql([hidden],193.35.51.13): unknown user Jun 27 02:21:23 mailserver postfix/smtps/smtpd[96200]: warning: unknown[193.35.51.13]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 27 02:21:23 mailserver postfix/smtps/smtpd[96200]: lost connection after AUTH from unknown[193.35.51.13] Jun 27 02:21:23 mailserver postfix/smtps/smtpd[96200]: disconnect from unknown[193.35.51.13] Jun 27 02:21:23 mailserver postfix/smtps/smtpd[96200]: connect from unknown[193.35.51.13] Jun 27 02:21:28 mailserver postfix/smtps/smtpd[96200]: lost connection after AUTH from unknown[193.35.51.13] Jun 27 02:21:28 mailserver postfix/smtps/smtpd[96200]: disconnect from unknown[193.35.51.13] Jun 27 02:21:28 mailserver postfix/smtps/smtpd[96200]: connect from unknown[193.35.51.13]	2020-06-27 08:43:45
193.33.240.91	attackbots	Jun 26 22:54:17 localhost sshd\[11474\]: Invalid user frz from 193.33.240.91 port 54635 Jun 26 22:54:17 localhost sshd\[11474\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.33.240.91 Jun 26 22:54:18 localhost sshd\[11474\]: Failed password for invalid user frz from 193.33.240.91 port 54635 ssh2 ...	2020-06-27 08:51:28
203.159.249.215	attack	Jun 27 00:00:54 ip-172-31-61-156 sshd[21467]: Invalid user fernando from 203.159.249.215 Jun 27 00:00:54 ip-172-31-61-156 sshd[21467]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.159.249.215 Jun 27 00:00:54 ip-172-31-61-156 sshd[21467]: Invalid user fernando from 203.159.249.215 Jun 27 00:00:57 ip-172-31-61-156 sshd[21467]: Failed password for invalid user fernando from 203.159.249.215 port 39438 ssh2 Jun 27 00:04:57 ip-172-31-61-156 sshd[21709]: Invalid user admin from 203.159.249.215 ...	2020-06-27 08:27:33
59.27.124.26	attackbotsspam	Jun 26 21:34:38 ws19vmsma01 sshd[243977]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.27.124.26 Jun 26 21:34:40 ws19vmsma01 sshd[243977]: Failed password for invalid user xerxes from 59.27.124.26 port 43920 ssh2 ...	2020-06-27 08:35:51
36.32.182.24	attackspambots	Port probing on unauthorized port 26	2020-06-27 08:50:18
181.123.108.238	attack	SSH brute force	2020-06-27 08:27:53
125.21.227.181	attackspam	20 attempts against mh-ssh on echoip	2020-06-27 08:56:00

最近上报的IP列表

37.49.230.21	189.201.197.150	88.28.195.181	192.82.65.62
111.93.241.28	177.23.62.127	168.187.87.196	222.211.191.196
206.108.183.7	31.134.105.211	220.133.78.147	114.184.166.220
203.210.205.254	14.176.228.174	4.4.62.118	191.53.252.175
182.105.246.89	179.113.86.209	177.21.131.122	216.204.174.226