103.94.5.18 - IPInfo

基本信息:

城市(city): Jakarta

省份(region): Jakarta

国家(country): Indonesia

运营商(isp): CV. Tunas Dua Serangkai

主机名(hostname): unknown

机构(organization): PT INDONESIA COMNETS PLUS

使用类型(Usage Type): Commercial

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	"Account brute force using dictionary attack against Exchange Online"	2019-08-06 06:56:42

相同子网IP讨论:

IP	类型	评论内容	时间
103.94.5.250	attack	Unauthorized connection attempt from IP address 103.94.5.250 on Port 445(SMB)	2020-01-14 05:12:19
103.94.5.42	attackspam	Automatic report - Banned IP Access	2020-01-03 19:48:49
103.94.5.42	attack	Dec 24 10:54:41 vibhu-HP-Z238-Microtower-Workstation sshd\[6355\]: Invalid user schatz from 103.94.5.42 Dec 24 10:54:41 vibhu-HP-Z238-Microtower-Workstation sshd\[6355\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.94.5.42 Dec 24 10:54:43 vibhu-HP-Z238-Microtower-Workstation sshd\[6355\]: Failed password for invalid user schatz from 103.94.5.42 port 48688 ssh2 Dec 24 10:57:59 vibhu-HP-Z238-Microtower-Workstation sshd\[6519\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.94.5.42 user=root Dec 24 10:58:02 vibhu-HP-Z238-Microtower-Workstation sshd\[6519\]: Failed password for root from 103.94.5.42 port 47844 ssh2 ...	2019-12-24 13:33:51
103.94.5.42	attack	Dec 17 18:05:04 loxhost sshd\[12817\]: Invalid user truche from 103.94.5.42 port 37134 Dec 17 18:05:04 loxhost sshd\[12817\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.94.5.42 Dec 17 18:05:06 loxhost sshd\[12817\]: Failed password for invalid user truche from 103.94.5.42 port 37134 ssh2 Dec 17 18:11:19 loxhost sshd\[13070\]: Invalid user shynique from 103.94.5.42 port 45938 Dec 17 18:11:19 loxhost sshd\[13070\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.94.5.42 ...	2019-12-18 01:30:35
103.94.5.42	attack	Dec 14 17:22:43 eventyay sshd[7307]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.94.5.42 Dec 14 17:22:45 eventyay sshd[7307]: Failed password for invalid user lisa from 103.94.5.42 port 32808 ssh2 Dec 14 17:29:36 eventyay sshd[7571]: Failed password for backup from 103.94.5.42 port 43002 ssh2 ...	2019-12-15 00:38:39
103.94.56.152	attack	Automatic report - Port Scan Attack	2019-12-12 22:13:55
103.94.5.42	attackspambots	Dec 7 00:49:26 ny01 sshd[26791]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.94.5.42 Dec 7 00:49:28 ny01 sshd[26791]: Failed password for invalid user mosse from 103.94.5.42 port 51398 ssh2 Dec 7 00:56:16 ny01 sshd[27950]: Failed password for root from 103.94.5.42 port 60226 ssh2	2019-12-07 14:08:13
103.94.5.42	attackbotsspam	$f2bV_matches	2019-12-07 07:27:00
103.94.5.42	attackspambots	Dec 6 17:24:33 OPSO sshd\[30818\]: Invalid user blough from 103.94.5.42 port 34434 Dec 6 17:24:33 OPSO sshd\[30818\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.94.5.42 Dec 6 17:24:36 OPSO sshd\[30818\]: Failed password for invalid user blough from 103.94.5.42 port 34434 ssh2 Dec 6 17:31:22 OPSO sshd\[32153\]: Invalid user mpiuser from 103.94.5.42 port 44378 Dec 6 17:31:22 OPSO sshd\[32153\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.94.5.42	2019-12-07 00:31:52
103.94.5.42	attackspam	$f2bV_matches	2019-12-02 17:17:18
103.94.5.42	attackspambots	Nov 30 09:37:09 vps647732 sshd[27655]: Failed password for root from 103.94.5.42 port 44832 ssh2 ...	2019-11-30 16:52:51
103.94.5.42	attackbots	Nov 30 11:25:20 areeb-Workstation sshd[16322]: Failed password for root from 103.94.5.42 port 55286 ssh2 ...	2019-11-30 14:12:09
103.94.5.42	attackspambots	SSH invalid-user multiple login try	2019-11-26 21:29:41
103.94.5.42	attack	2019-11-11T23:16:17.406222abusebot-6.cloudsearch.cf sshd\[19832\]: Invalid user guest from 103.94.5.42 port 51732	2019-11-12 07:46:15
103.94.5.42	attackspam	$f2bV_matches	2019-11-09 01:19:56

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.94.5.18
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63441
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;103.94.5.18.			IN	A

;; AUTHORITY SECTION:
.			2206	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019040402 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Fri Apr 05 07:43:35 +08 2019
;; MSG SIZE  rcvd: 115

HOST信息:

Host 18.5.94.103.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 18.5.94.103.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
159.89.111.136	attack	Jul 25 19:06:49 vps200512 sshd\[18087\]: Invalid user conectar from 159.89.111.136 Jul 25 19:06:49 vps200512 sshd\[18087\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.111.136 Jul 25 19:06:51 vps200512 sshd\[18087\]: Failed password for invalid user conectar from 159.89.111.136 port 59578 ssh2 Jul 25 19:11:05 vps200512 sshd\[18250\]: Invalid user vb from 159.89.111.136 Jul 25 19:11:05 vps200512 sshd\[18250\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.111.136	2019-07-26 07:16:14
222.186.15.217	attackbotsspam	Jul 25 18:27:23 aat-srv002 sshd[9604]: Failed password for root from 222.186.15.217 port 61625 ssh2 Jul 25 18:27:25 aat-srv002 sshd[9604]: Failed password for root from 222.186.15.217 port 61625 ssh2 Jul 25 18:27:27 aat-srv002 sshd[9604]: Failed password for root from 222.186.15.217 port 61625 ssh2 Jul 25 18:27:41 aat-srv002 sshd[9626]: Failed password for root from 222.186.15.217 port 59728 ssh2 ...	2019-07-26 07:29:19
47.91.41.194	attackbotsspam	20 attempts against mh-ssh on plane.magehost.pro	2019-07-26 07:09:33
106.39.44.11	attackbots	Jul 25 23:11:07 work-partkepr sshd\[23804\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.39.44.11 user=root Jul 25 23:11:08 work-partkepr sshd\[23804\]: Failed password for root from 106.39.44.11 port 1724 ssh2 ...	2019-07-26 07:17:10
27.7.247.177	attack	445/tcp [2019-07-25]1pkt	2019-07-26 07:11:39
162.241.178.219	attackspambots	2019-07-25T23:10:33.876247abusebot.cloudsearch.cf sshd\[19508\]: Invalid user in from 162.241.178.219 port 38020	2019-07-26 07:36:59
222.186.15.110	attackspam	Jul 25 19:10:57 TORMINT sshd\[12089\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.15.110 user=root Jul 25 19:10:59 TORMINT sshd\[12089\]: Failed password for root from 222.186.15.110 port 26055 ssh2 Jul 25 19:11:05 TORMINT sshd\[12093\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.15.110 user=root ...	2019-07-26 07:15:22
43.247.180.234	attack	Jul 25 19:27:30 plusreed sshd[30795]: Invalid user odoo from 43.247.180.234 ...	2019-07-26 07:27:39
66.165.213.100	attackspambots	Jul 26 00:29:58 mail sshd\[1564\]: Invalid user xu from 66.165.213.100 port 52229 Jul 26 00:29:58 mail sshd\[1564\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.165.213.100 ...	2019-07-26 07:46:29
176.235.94.90	attackbots	445/tcp [2019-07-25]1pkt	2019-07-26 07:04:51
14.189.204.70	attackspambots	445/tcp [2019-07-25]1pkt	2019-07-26 07:09:59
103.254.13.160	attackbots	103.254.13.160 - - [26/Jul/2019:01:10:09 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 103.254.13.160 - - [26/Jul/2019:01:10:13 +0200] "POST /wp-login.php HTTP/1.1" 200 1503 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 103.254.13.160 - - [26/Jul/2019:01:10:14 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 103.254.13.160 - - [26/Jul/2019:01:10:16 +0200] "POST /wp-login.php HTTP/1.1" 200 1486 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 103.254.13.160 - - [26/Jul/2019:01:10:18 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 103.254.13.160 - - [26/Jul/2019:01:10:22 +0200] "POST /wp-login.php HTTP/1.1" 200 1486 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-07-26 07:45:56
139.59.79.94	attack	139.59.79.94 - - [26/Jul/2019:01:10:59 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.79.94 - - [26/Jul/2019:01:11:00 +0200] "POST /wp-login.php HTTP/1.1" 200 1503 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.79.94 - - [26/Jul/2019:01:11:00 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.79.94 - - [26/Jul/2019:01:11:01 +0200] "POST /wp-login.php HTTP/1.1" 200 1486 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.79.94 - - [26/Jul/2019:01:11:02 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.79.94 - - [26/Jul/2019:01:11:03 +0200] "POST /wp-login.php HTTP/1.1" 200 1486 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-07-26 07:18:14
36.152.65.201	attack	Automatic report - Port Scan Attack	2019-07-26 07:13:41
218.92.0.204	attackbots	Jul 25 23:26:17 MK-Soft-VM6 sshd\[17625\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.204 user=root Jul 25 23:26:19 MK-Soft-VM6 sshd\[17625\]: Failed password for root from 218.92.0.204 port 24208 ssh2 Jul 25 23:26:23 MK-Soft-VM6 sshd\[17625\]: Failed password for root from 218.92.0.204 port 24208 ssh2 ...	2019-07-26 07:37:29

最近上报的IP列表

185.49.99.216	195.70.44.11	186.93.121.173	197.45.155.10
219.68.62.85	213.82.190.238	72.89.17.122	170.233.47.242
103.16.62.66	196.52.43.99	109.116.220.186	152.170.108.110
52.250.104.214	36.72.219.214	62.12.115.116	59.48.153.231
193.32.161.12	185.237.99.248	139.199.14.186	194.63.140.52