103.99.1.249 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Vietnam

运营商(isp): VPSOnline Ltd

主机名(hostname): unknown

机构(organization): VIETNAM POSTS AND TELECOMMUNICATIONS GROUP

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Oct 20 20:46:42 lcl-usvr-01 sshd[12690]: refused connect from 103.99.1.249 (103.99.1.249) Oct 20 20:46:42 lcl-usvr-01 sshd[12691]: refused connect from 103.99.1.249 (103.99.1.249)	2019-10-21 01:45:37
attackbots	Oct 11 19:20:02 lcl-usvr-02 sshd[13681]: Invalid user 1234 from 103.99.1.249 port 50844 ...	2019-10-11 21:47:09

类型

评论内容

时间

attackbots

Oct 20 20:46:42 lcl-usvr-01 sshd[12690]: refused connect from 103.99.1.249 (103.99.1.249)
Oct 20 20:46:42 lcl-usvr-01 sshd[12691]: refused connect from 103.99.1.249 (103.99.1.249)

2019-10-21 01:45:37

attackbots

Oct 11 19:20:02 lcl-usvr-02 sshd[13681]: Invalid user 1234 from 103.99.1.249 port 50844
...

2019-10-11 21:47:09

相同子网IP讨论:

IP	类型	评论内容	时间
103.99.188.168	attack	Automatic report - Port Scan Attack	2020-10-06 07:05:00
103.99.188.168	attackspambots	Automatic report - Port Scan Attack	2020-10-05 23:17:51
103.99.188.168	attack	Automatic report - Port Scan Attack	2020-10-05 15:16:13
103.99.109.108	attackbotsspam	SMB Server BruteForce Attack	2020-10-04 07:08:15
103.99.109.108	attack	SMB Server BruteForce Attack	2020-10-03 23:21:44
103.99.109.108	attackspambots	445/tcp 445/tcp 445/tcp... [2020-09-19/10-02]10pkt,1pt.(tcp)	2020-10-03 15:05:54
103.99.189.17	attackbots	Oct 1 13:12:43 mail.srvfarm.net postfix/smtps/smtpd[3882226]: warning: unknown[103.99.189.17]: SASL PLAIN authentication failed: Oct 1 13:12:44 mail.srvfarm.net postfix/smtps/smtpd[3882226]: lost connection after AUTH from unknown[103.99.189.17] Oct 1 13:18:19 mail.srvfarm.net postfix/smtps/smtpd[3882224]: warning: unknown[103.99.189.17]: SASL PLAIN authentication failed: Oct 1 13:18:19 mail.srvfarm.net postfix/smtps/smtpd[3882224]: lost connection after AUTH from unknown[103.99.189.17] Oct 1 13:21:41 mail.srvfarm.net postfix/smtps/smtpd[3882225]: warning: unknown[103.99.189.17]: SASL PLAIN authentication failed:	2020-10-02 06:45:30
103.99.189.17	attack	Oct 1 13:12:43 mail.srvfarm.net postfix/smtps/smtpd[3882226]: warning: unknown[103.99.189.17]: SASL PLAIN authentication failed: Oct 1 13:12:44 mail.srvfarm.net postfix/smtps/smtpd[3882226]: lost connection after AUTH from unknown[103.99.189.17] Oct 1 13:18:19 mail.srvfarm.net postfix/smtps/smtpd[3882224]: warning: unknown[103.99.189.17]: SASL PLAIN authentication failed: Oct 1 13:18:19 mail.srvfarm.net postfix/smtps/smtpd[3882224]: lost connection after AUTH from unknown[103.99.189.17] Oct 1 13:21:41 mail.srvfarm.net postfix/smtps/smtpd[3882225]: warning: unknown[103.99.189.17]: SASL PLAIN authentication failed:	2020-10-01 23:16:17
103.99.1.140	attack	lfd: (smtpauth) Failed SMTP AUTH login from 103.99.1.140 (-): 5 in the last 3600 secs - Fri Aug 24 00:04:07 2018	2020-09-26 03:11:47
103.99.1.140	attack	lfd: (smtpauth) Failed SMTP AUTH login from 103.99.1.140 (-): 5 in the last 3600 secs - Fri Aug 24 00:04:07 2018	2020-09-25 19:00:20
103.99.189.27	attackspam	Sep 13 18:12:47 mail.srvfarm.net postfix/smtps/smtpd[1216382]: warning: unknown[103.99.189.27]: SASL PLAIN authentication failed: Sep 13 18:12:48 mail.srvfarm.net postfix/smtps/smtpd[1216382]: lost connection after AUTH from unknown[103.99.189.27] Sep 13 18:15:35 mail.srvfarm.net postfix/smtps/smtpd[1214572]: warning: unknown[103.99.189.27]: SASL PLAIN authentication failed: Sep 13 18:15:36 mail.srvfarm.net postfix/smtps/smtpd[1214572]: lost connection after AUTH from unknown[103.99.189.27] Sep 13 18:16:34 mail.srvfarm.net postfix/smtpd[1215613]: warning: unknown[103.99.189.27]: SASL PLAIN authentication failed:	2020-09-15 03:50:59
103.99.189.27	attackbotsspam	Sep 13 18:12:47 mail.srvfarm.net postfix/smtps/smtpd[1216382]: warning: unknown[103.99.189.27]: SASL PLAIN authentication failed: Sep 13 18:12:48 mail.srvfarm.net postfix/smtps/smtpd[1216382]: lost connection after AUTH from unknown[103.99.189.27] Sep 13 18:15:35 mail.srvfarm.net postfix/smtps/smtpd[1214572]: warning: unknown[103.99.189.27]: SASL PLAIN authentication failed: Sep 13 18:15:36 mail.srvfarm.net postfix/smtps/smtpd[1214572]: lost connection after AUTH from unknown[103.99.189.27] Sep 13 18:16:34 mail.srvfarm.net postfix/smtpd[1215613]: warning: unknown[103.99.189.27]: SASL PLAIN authentication failed:	2020-09-14 19:48:49
103.99.15.185	attackbots	Unauthorized connection attempt from IP address 103.99.15.185 on Port 445(SMB)	2020-09-02 01:48:04
103.99.1.31	attack	TCP (SYN) 103.99.1.31:49518 -> port 22, len 52	2020-08-30 15:56:03
103.99.148.183	attackbots	Port Scan ...	2020-08-30 03:01:26

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.99.1.249
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 53104
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;103.99.1.249.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019061200 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Jun 12 21:16:59 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 249.1.99.103.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 249.1.99.103.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
129.204.147.84	attackspambots	Invalid user akg from 129.204.147.84 port 42198	2020-05-24 13:34:38
114.67.169.68	attackbots	May 24 01:13:32 NPSTNNYC01T sshd[2624]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.67.169.68 May 24 01:13:34 NPSTNNYC01T sshd[2624]: Failed password for invalid user vri from 114.67.169.68 port 55178 ssh2 May 24 01:16:09 NPSTNNYC01T sshd[2825]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.67.169.68 ...	2020-05-24 13:41:00
187.17.106.62	attack	CMS (WordPress or Joomla) login attempt.	2020-05-24 13:37:04
106.12.33.174	attackbots	May 23 19:15:25 eddieflores sshd\[10690\]: Invalid user dao from 106.12.33.174 May 23 19:15:25 eddieflores sshd\[10690\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.33.174 May 23 19:15:26 eddieflores sshd\[10690\]: Failed password for invalid user dao from 106.12.33.174 port 55274 ssh2 May 23 19:19:35 eddieflores sshd\[11003\]: Invalid user gtu from 106.12.33.174 May 23 19:19:35 eddieflores sshd\[11003\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.33.174	2020-05-24 13:28:03
45.124.86.65	attack	May 24 04:25:08 game-panel sshd[25179]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.124.86.65 May 24 04:25:09 game-panel sshd[25179]: Failed password for invalid user vdt from 45.124.86.65 port 47884 ssh2 May 24 04:29:48 game-panel sshd[25312]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.124.86.65	2020-05-24 13:33:40
222.186.42.7	attackbotsspam	24.05.2020 05:18:51 SSH access blocked by firewall	2020-05-24 13:23:54
106.12.211.254	attackbotsspam	Invalid user sal from 106.12.211.254 port 60490	2020-05-24 13:50:31
192.64.86.34	attackspam	Attacks websites by trying to access known vulnerables of plugins, brute-force of backends or probing of administrative tools	2020-05-24 13:17:42
167.114.3.158	attack	$f2bV_matches	2020-05-24 13:41:25
167.71.210.171	attackbots	Invalid user awq from 167.71.210.171 port 48472	2020-05-24 13:15:02
78.199.19.89	attack	SSH invalid-user multiple login attempts	2020-05-24 13:36:09
222.186.180.223	attack	May 24 05:22:39 ip-172-31-61-156 sshd[12961]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.223 user=root May 24 05:22:40 ip-172-31-61-156 sshd[12961]: Failed password for root from 222.186.180.223 port 18846 ssh2 ...	2020-05-24 13:50:10
165.227.211.13	attackspam	May 24 07:37:31 tuxlinux sshd[26784]: Invalid user bou from 165.227.211.13 port 50022 May 24 07:37:31 tuxlinux sshd[26784]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.211.13 May 24 07:37:31 tuxlinux sshd[26784]: Invalid user bou from 165.227.211.13 port 50022 May 24 07:37:31 tuxlinux sshd[26784]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.211.13 May 24 07:37:31 tuxlinux sshd[26784]: Invalid user bou from 165.227.211.13 port 50022 May 24 07:37:31 tuxlinux sshd[26784]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.211.13 May 24 07:37:33 tuxlinux sshd[26784]: Failed password for invalid user bou from 165.227.211.13 port 50022 ssh2 ...	2020-05-24 13:47:43
191.96.20.85	attackspambots	2020-05-24T05:14:02.139416server.espacesoutien.com sshd[9992]: Invalid user con from 191.96.20.85 port 32828 2020-05-24T05:14:02.152805server.espacesoutien.com sshd[9992]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.96.20.85 2020-05-24T05:14:02.139416server.espacesoutien.com sshd[9992]: Invalid user con from 191.96.20.85 port 32828 2020-05-24T05:14:04.460928server.espacesoutien.com sshd[9992]: Failed password for invalid user con from 191.96.20.85 port 32828 ssh2 ...	2020-05-24 13:14:19
222.186.173.154	attackbotsspam	May 24 07:23:25 ns381471 sshd[15808]: Failed password for root from 222.186.173.154 port 54772 ssh2 May 24 07:23:40 ns381471 sshd[15808]: error: maximum authentication attempts exceeded for root from 222.186.173.154 port 54772 ssh2 [preauth]	2020-05-24 13:29:59

最近上报的IP列表

218.60.67.26	141.98.80.52	188.4.155.41	24.2.75.166
104.206.128.66	23.94.184.100	206.188.196.132	209.236.123.239
132.195.69.236	207.249.153.102	67.86.212.211	106.247.83.209
149.2.71.81	188.80.27.42	134.84.169.55	102.106.179.226
15.250.120.236	182.100.110.45	198.117.24.254	82.122.102.17