103.93.161.161

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Indonesia

运营商(isp): PT Biznet Gio Nusantara

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Lines containing failures of 103.93.161.161 Jun 1 19:03:10 shared04 sshd[22043]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.93.161.161 user=r.r Jun 1 19:03:12 shared04 sshd[22043]: Failed password for r.r from 103.93.161.161 port 48432 ssh2 Jun 1 19:03:12 shared04 sshd[22043]: Received disconnect from 103.93.161.161 port 48432:11: Bye Bye [preauth] Jun 1 19:03:12 shared04 sshd[22043]: Disconnected from authenticating user r.r 103.93.161.161 port 48432 [preauth] Jun 1 19:07:00 shared04 sshd[23504]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.93.161.161 user=r.r Jun 1 19:07:02 shared04 sshd[23504]: Failed password for r.r from 103.93.161.161 port 33146 ssh2 Jun 1 19:07:02 shared04 sshd[23504]: Received disconnect from 103.93.161.161 port 33146:11: Bye Bye [preauth] Jun 1 19:07:02 shared04 sshd[23504]: Disconnected from authenticating user r.r 103.93.161.161 port 33146........ ------------------------------	2020-06-02 22:35:02
attackbotsspam	Jun 2 06:35:05 vps687878 sshd\[25327\]: Failed password for root from 103.93.161.161 port 51926 ssh2 Jun 2 06:37:15 vps687878 sshd\[25731\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.93.161.161 user=root Jun 2 06:37:17 vps687878 sshd\[25731\]: Failed password for root from 103.93.161.161 port 47760 ssh2 Jun 2 06:39:30 vps687878 sshd\[25983\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.93.161.161 user=root Jun 2 06:39:31 vps687878 sshd\[25983\]: Failed password for root from 103.93.161.161 port 43616 ssh2 ...	2020-06-02 16:11:02

类型

评论内容

时间

attackbots

Lines containing failures of 103.93.161.161
Jun  1 19:03:10 shared04 sshd[22043]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.93.161.161  user=r.r
Jun  1 19:03:12 shared04 sshd[22043]: Failed password for r.r from 103.93.161.161 port 48432 ssh2
Jun  1 19:03:12 shared04 sshd[22043]: Received disconnect from 103.93.161.161 port 48432:11: Bye Bye [preauth]
Jun  1 19:03:12 shared04 sshd[22043]: Disconnected from authenticating user r.r 103.93.161.161 port 48432 [preauth]
Jun  1 19:07:00 shared04 sshd[23504]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.93.161.161  user=r.r
Jun  1 19:07:02 shared04 sshd[23504]: Failed password for r.r from 103.93.161.161 port 33146 ssh2
Jun  1 19:07:02 shared04 sshd[23504]: Received disconnect from 103.93.161.161 port 33146:11: Bye Bye [preauth]
Jun  1 19:07:02 shared04 sshd[23504]: Disconnected from authenticating user r.r 103.93.161.161 port 33146........
------------------------------

2020-06-02 22:35:02

attackbotsspam

Jun  2 06:35:05 vps687878 sshd\[25327\]: Failed password for root from 103.93.161.161 port 51926 ssh2
Jun  2 06:37:15 vps687878 sshd\[25731\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.93.161.161  user=root
Jun  2 06:37:17 vps687878 sshd\[25731\]: Failed password for root from 103.93.161.161 port 47760 ssh2
Jun  2 06:39:30 vps687878 sshd\[25983\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.93.161.161  user=root
Jun  2 06:39:31 vps687878 sshd\[25983\]: Failed password for root from 103.93.161.161 port 43616 ssh2
...

2020-06-02 16:11:02

相同子网IP讨论:

IP	类型	评论内容	时间
103.93.161.234	attackspam	Sep 21 16:14:31 markkoudstaal sshd[24399]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.93.161.234 Sep 21 16:14:33 markkoudstaal sshd[24399]: Failed password for invalid user ez from 103.93.161.234 port 58744 ssh2 Sep 21 16:19:50 markkoudstaal sshd[24836]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.93.161.234	2019-09-21 22:23:50
103.93.161.234	attack	Sep 21 07:56:39 lnxweb61 sshd[24741]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.93.161.234	2019-09-21 16:48:19

类型

评论内容

时间

103.93.161.234

attackspam

Sep 21 16:14:31 markkoudstaal sshd[24399]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.93.161.234
Sep 21 16:14:33 markkoudstaal sshd[24399]: Failed password for invalid user ez from 103.93.161.234 port 58744 ssh2
Sep 21 16:19:50 markkoudstaal sshd[24836]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.93.161.234

2019-09-21 22:23:50

103.93.161.234

attack

Sep 21 07:56:39 lnxweb61 sshd[24741]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.93.161.234

2019-09-21 16:48:19

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.93.161.161
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 50733
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;103.93.161.161.			IN	A

;; AUTHORITY SECTION:
.			382	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020060200 1800 900 604800 86400

;; Query time: 72 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Jun 02 16:10:58 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 161.161.93.103.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 161.161.93.103.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
119.29.243.100	attack	Nov 17 15:43:15 herz-der-gamer sshd[28867]: Invalid user info from 119.29.243.100 port 35744 Nov 17 15:43:15 herz-der-gamer sshd[28867]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.243.100 Nov 17 15:43:15 herz-der-gamer sshd[28867]: Invalid user info from 119.29.243.100 port 35744 Nov 17 15:43:17 herz-der-gamer sshd[28867]: Failed password for invalid user info from 119.29.243.100 port 35744 ssh2 ...	2019-11-18 01:18:58
138.68.165.102	attackbots	Nov 17 18:09:14 lnxweb61 sshd[9323]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.165.102 Nov 17 18:09:17 lnxweb61 sshd[9323]: Failed password for invalid user ristl from 138.68.165.102 port 41884 ssh2 Nov 17 18:12:31 lnxweb61 sshd[12225]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.165.102	2019-11-18 01:17:46
139.155.118.190	attackbotsspam	Nov 17 17:58:02 vps647732 sshd[20392]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.118.190 Nov 17 17:58:04 vps647732 sshd[20392]: Failed password for invalid user q-1 from 139.155.118.190 port 58104 ssh2 ...	2019-11-18 01:06:27
201.116.12.217	attackbots	Nov 17 22:30:23 areeb-Workstation sshd[27835]: Failed password for backup from 201.116.12.217 port 33313 ssh2 ...	2019-11-18 01:04:41
218.28.168.4	attack	Nov 17 22:21:39 vibhu-HP-Z238-Microtower-Workstation sshd\[30497\]: Invalid user alf from 218.28.168.4 Nov 17 22:21:39 vibhu-HP-Z238-Microtower-Workstation sshd\[30497\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.28.168.4 Nov 17 22:21:40 vibhu-HP-Z238-Microtower-Workstation sshd\[30497\]: Failed password for invalid user alf from 218.28.168.4 port 15437 ssh2 Nov 17 22:26:37 vibhu-HP-Z238-Microtower-Workstation sshd\[30778\]: Invalid user crippen from 218.28.168.4 Nov 17 22:26:37 vibhu-HP-Z238-Microtower-Workstation sshd\[30778\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.28.168.4 ...	2019-11-18 01:00:27
121.142.111.226	attack	2019-11-17T16:52:33.184365abusebot-7.cloudsearch.cf sshd\[15402\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.142.111.226 user=root	2019-11-18 01:25:11
106.54.94.95	attackbotsspam	Nov 17 15:23:00 srv206 sshd[17756]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.94.95 user=root Nov 17 15:23:03 srv206 sshd[17756]: Failed password for root from 106.54.94.95 port 60290 ssh2 Nov 17 15:43:42 srv206 sshd[17853]: Invalid user tab from 106.54.94.95 ...	2019-11-18 00:59:26
128.199.90.245	attackbots	Nov 17 15:38:01 sd-53420 sshd\[29169\]: Invalid user fusao from 128.199.90.245 Nov 17 15:38:01 sd-53420 sshd\[29169\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.90.245 Nov 17 15:38:04 sd-53420 sshd\[29169\]: Failed password for invalid user fusao from 128.199.90.245 port 33346 ssh2 Nov 17 15:42:47 sd-53420 sshd\[30564\]: Invalid user royster from 128.199.90.245 Nov 17 15:42:47 sd-53420 sshd\[30564\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.90.245 ...	2019-11-18 01:27:21
72.93.29.214	attackspambots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/72.93.29.214/ US - 1H : (160) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : US NAME ASN : ASN701 IP : 72.93.29.214 CIDR : 72.93.0.0/16 PREFIX COUNT : 7223 UNIQUE IP COUNT : 40015360 ATTACKS DETECTED ASN701 : 1H - 1 3H - 2 6H - 2 12H - 5 24H - 6 DateTime : 2019-11-17 15:43:34 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-11-18 01:01:34
49.235.226.43	attackbotsspam	Nov 17 15:50:11 124388 sshd[31238]: Failed password for root from 49.235.226.43 port 49856 ssh2 Nov 17 15:54:57 124388 sshd[31264]: Invalid user webmaster from 49.235.226.43 port 52440 Nov 17 15:54:57 124388 sshd[31264]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.226.43 Nov 17 15:54:57 124388 sshd[31264]: Invalid user webmaster from 49.235.226.43 port 52440 Nov 17 15:54:59 124388 sshd[31264]: Failed password for invalid user webmaster from 49.235.226.43 port 52440 ssh2	2019-11-18 01:19:19
5.196.201.7	attackspam	Nov 17 17:32:03 mail postfix/smtpd[1310]: warning: unknown[5.196.201.7]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 17 17:32:57 mail postfix/smtpd[1948]: warning: unknown[5.196.201.7]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 17 17:33:02 mail postfix/smtpd[2893]: warning: unknown[5.196.201.7]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2019-11-18 00:55:39
185.234.218.210	attackbots	Nov 17 17:39:54 srv01 postfix/smtpd\[12146\]: warning: unknown\[185.234.218.210\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 17 17:40:01 srv01 postfix/smtpd\[12146\]: warning: unknown\[185.234.218.210\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 17 17:51:39 srv01 postfix/smtpd\[12146\]: warning: unknown\[185.234.218.210\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 17 17:52:37 srv01 postfix/smtpd\[12146\]: warning: unknown\[185.234.218.210\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 17 17:59:22 srv01 postfix/smtpd\[12146\]: warning: unknown\[185.234.218.210\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-11-18 01:24:50
81.171.85.101	attackbots	\[2019-11-17 11:59:02\] NOTICE\[2601\] chan_sip.c: Registration from '\' failed for '81.171.85.101:59850' - Wrong password \[2019-11-17 11:59:02\] SECURITY\[2634\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-11-17T11:59:02.379-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="9238",SessionID="0x7fdf2cd1cd48",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/81.171.85.101/59850",Challenge="275e1510",ReceivedChallenge="275e1510",ReceivedHash="91da1a2027504caca8267ac8a8f60865" \[2019-11-17 11:59:09\] NOTICE\[2601\] chan_sip.c: Registration from '\' failed for '81.171.85.101:60861' - Wrong password \[2019-11-17 11:59:09\] SECURITY\[2634\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-11-17T11:59:09.028-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="147",SessionID="0x7fdf2c745a48",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/81.171.85.1	2019-11-18 01:12:58
159.65.239.104	attack	Nov 17 17:30:30 server sshd\[31814\]: Invalid user jyl from 159.65.239.104 Nov 17 17:30:30 server sshd\[31814\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.239.104 Nov 17 17:30:32 server sshd\[31814\]: Failed password for invalid user jyl from 159.65.239.104 port 34164 ssh2 Nov 17 17:43:23 server sshd\[2540\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.239.104 user=root Nov 17 17:43:25 server sshd\[2540\]: Failed password for root from 159.65.239.104 port 59572 ssh2 ...	2019-11-18 01:10:58
122.228.208.113	attack	Port scan: Attack repeated for 24 hours	2019-11-18 01:16:55

最近上报的IP列表

153.111.177.241	135.3.92.79	141.137.39.123	200.136.83.153
160.10.204.46	81.67.110.138	51.50.234.94	200.70.33.244
181.27.204.122	203.107.34.108	88.16.121.218	151.161.183.44
164.198.104.150	113.190.233.129	53.129.109.234	39.123.99.225
206.10.200.48	222.214.158.4	116.168.176.109	223.60.223.102