103.83.157.20 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Singapore

运营商(isp): Centerhop SG

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	445/tcp [2019-06-21]1pkt	2019-06-21 22:18:36

相同子网IP讨论:

IP	类型	评论内容	时间
103.83.157.86	attackbotsspam	2020-06-20T22:56:56.087389lavrinenko.info sshd[15781]: Failed password for invalid user server from 103.83.157.86 port 54826 ssh2 2020-06-20T23:00:35.916542lavrinenko.info sshd[15919]: Invalid user ts3user from 103.83.157.86 port 55094 2020-06-20T23:00:35.927887lavrinenko.info sshd[15919]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.83.157.86 2020-06-20T23:00:35.916542lavrinenko.info sshd[15919]: Invalid user ts3user from 103.83.157.86 port 55094 2020-06-20T23:00:37.521560lavrinenko.info sshd[15919]: Failed password for invalid user ts3user from 103.83.157.86 port 55094 ssh2 ...	2020-06-21 04:09:19
103.83.157.108	attack	(sshd) Failed SSH login from 103.83.157.108 (SG/Singapore/-): 5 in the last 3600 secs	2020-06-20 18:04:36
103.83.157.86	attack	Jun 18 04:30:26 Server1 sshd[7606]: Invalid user pub from 103.83.157.86 port 46372 Jun 18 04:30:26 Server1 sshd[7606]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.83.157.86 Jun 18 04:30:29 Server1 sshd[7606]: Failed password for invalid user pub from 103.83.157.86 port 46372 ssh2 Jun 18 04:30:29 Server1 sshd[7606]: Received disconnect from 103.83.157.86 port 46372:11: Bye Bye [preauth] Jun 18 04:30:29 Server1 sshd[7606]: Disconnected from invalid user pub 103.83.157.86 port 46372 [preauth] Jun 18 04:34:43 Server1 sshd[7656]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.83.157.86 user=r.r ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=103.83.157.86	2020-06-19 18:21:26
103.83.157.39	attackbotsspam	TCP (SYN) 103.83.157.39:56143 -> port 11211, len 40	2020-06-01 03:38:08
103.83.157.161	attackspambots	Honeypot attack, port: 445, PTR: PTR record not found	2020-03-04 22:19:53
103.83.157.212	attack	Invalid user ubuntu from 103.83.157.212 port 41952	2020-01-15 04:47:09

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.83.157.20
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 40576
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;103.83.157.20.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019062100 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Jun 21 22:18:10 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 20.157.83.103.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 20.157.83.103.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
202.83.45.0	attack	[H1] Blocked by UFW	2020-09-14 03:19:52
69.28.234.130	attackspam	(sshd) Failed SSH login from 69.28.234.130 (CA/Canada/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 13 17:56:16 amsweb01 sshd[4282]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=69.28.234.130 user=root Sep 13 17:56:18 amsweb01 sshd[4282]: Failed password for root from 69.28.234.130 port 36501 ssh2 Sep 13 18:16:31 amsweb01 sshd[7175]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=69.28.234.130 user=root Sep 13 18:16:33 amsweb01 sshd[7175]: Failed password for root from 69.28.234.130 port 42526 ssh2 Sep 13 18:23:06 amsweb01 sshd[8125]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=69.28.234.130 user=root	2020-09-14 03:02:19
187.58.65.21	attack	Sep 13 18:18:01 host2 sshd[1355662]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.58.65.21 user=root Sep 13 18:18:03 host2 sshd[1355662]: Failed password for root from 187.58.65.21 port 6096 ssh2 Sep 13 18:22:18 host2 sshd[1356284]: Invalid user akihoro from 187.58.65.21 port 62615 Sep 13 18:22:18 host2 sshd[1356284]: Invalid user akihoro from 187.58.65.21 port 62615 ...	2020-09-14 03:10:37
93.64.5.34	attackbotsspam	Sep 13 11:18:17 propaganda sshd[34385]: Connection from 93.64.5.34 port 6534 on 10.0.0.161 port 22 rdomain "" Sep 13 11:18:17 propaganda sshd[34385]: Connection closed by 93.64.5.34 port 6534 [preauth]	2020-09-14 03:30:49
193.29.15.169	attackspambots	UDP 193.29.15.169:46174 -> port 53, len 64	2020-09-14 03:38:12
45.148.121.3	attackbots	2020-09-13 10:20:24,828 fail2ban.actions [13109]: NOTICE [phone] Unban 45.148.121.3 2020-09-13 18:39:38,281 fail2ban.actions [25284]: NOTICE [phone] Unban 45.148.121.3 ...	2020-09-14 03:34:24
185.87.108.147	attackspam	[2020-09-13 13:33:12] NOTICE[1239] chan_sip.c: Registration from '"1424"' failed for '185.87.108.147:56085' - Wrong password [2020-09-13 13:33:12] SECURITY[1264] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-09-13T13:33:12.778-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="1424",SessionID="0x7f4d480d6c18",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.87.108.147/56085",Challenge="7c2b0702",ReceivedChallenge="7c2b0702",ReceivedHash="bcd9fd03b87267e9c5780ca714ca514a" [2020-09-13 13:34:10] NOTICE[1239] chan_sip.c: Registration from '"1422"' failed for '185.87.108.147:11331' - Wrong password [2020-09-13 13:34:10] SECURITY[1264] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-09-13T13:34:10.603-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="1422",SessionID="0x7f4d482e4338",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UD ...	2020-09-14 03:16:04
221.209.17.222	attackspam	Sep 13 20:09:37 vm0 sshd[16852]: Failed password for root from 221.209.17.222 port 36079 ssh2 ...	2020-09-14 03:25:57
191.232.254.15	attackspambots	ssh brute force	2020-09-14 03:25:27
80.82.77.212	attack	ET CINS Active Threat Intelligence Poor Reputation IP group 66 - port: 1604 proto: udp cat: Misc Attackbytes: 72	2020-09-14 03:05:51
174.217.22.36	attackbotsspam	Brute forcing email accounts	2020-09-14 03:11:45
89.161.66.177	attackspam	Firewall Dropped Connection	2020-09-14 03:31:58
195.37.190.77	attackbots	TCP (SYN) 195.37.190.77:52008 -> port 853, len 44	2020-09-14 03:33:52
203.212.251.104	attackspam	Port probing on unauthorized port 23	2020-09-14 03:18:32
138.68.99.46	attackspambots	(sshd) Failed SSH login from 138.68.99.46 (DE/Germany/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 13 12:49:04 optimus sshd[3841]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.99.46 user=root Sep 13 12:49:06 optimus sshd[3841]: Failed password for root from 138.68.99.46 port 41436 ssh2 Sep 13 12:58:53 optimus sshd[7459]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.99.46 user=root Sep 13 12:58:55 optimus sshd[7459]: Failed password for root from 138.68.99.46 port 53490 ssh2 Sep 13 13:04:06 optimus sshd[9215]: Invalid user android from 138.68.99.46	2020-09-14 03:07:27

最近上报的IP列表

37.224.14.39	171.229.250.132	109.245.159.186	103.41.24.226
178.110.255.216	196.54.65.192	170.0.128.249	84.243.9.39
119.53.245.68	177.66.79.201	103.82.80.52	14.235.176.252
68.183.167.159	202.158.29.162	180.244.232.146	217.111.227.178
103.48.35.204	23.250.125.234	61.168.138.24	218.87.168.228