103.99.17.14 - IPInfo

基本信息:

城市(city): Bhubaneswar

省份(region): Odisha

国家(country): India

运营商(isp): Udayatel Communications Private Limited

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-05-05 22:52:05
attackbotsspam	Dec 12 15:38:03 debian-2gb-nbg1-2 kernel: \[24443021.754741\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=103.99.17.14 DST=195.201.40.59 LEN=48 TOS=0x00 PREC=0x00 TTL=50 ID=19611 DF PROTO=TCP SPT=56724 DPT=1433 WINDOW=8192 RES=0x00 SYN URGP=0	2019-12-13 03:39:35

类型

评论内容

时间

attack

Honeypot attack, port: 445, PTR: PTR record not found

2020-05-05 22:52:05

attackbotsspam

Dec 12 15:38:03 debian-2gb-nbg1-2 kernel: \[24443021.754741\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=103.99.17.14 DST=195.201.40.59 LEN=48 TOS=0x00 PREC=0x00 TTL=50 ID=19611 DF PROTO=TCP SPT=56724 DPT=1433 WINDOW=8192 RES=0x00 SYN URGP=0

2019-12-13 03:39:35

相同子网IP讨论:

IP	类型	评论内容	时间
103.99.179.48	attack	2020-06-29T05:54:14.758306+02:00 sshd[31816]: Failed password for invalid user lxh from 103.99.179.48 port 49448 ssh2	2020-06-29 15:15:01
103.99.17.106	attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-05-06 01:58:39
103.99.17.100	attackspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-05-06 01:24:28
103.99.17.104	attackspambots	Honeypot attack, port: 445, PTR: PTR record not found	2020-05-06 01:19:33
103.99.17.56	attackbots	Honeypot attack, port: 445, PTR: PTR record not found	2020-05-06 00:48:32
103.99.17.15	attackbots	Honeypot attack, port: 445, PTR: PTR record not found	2020-05-06 00:38:14
103.99.17.113	attackspambots	Honeypot attack, port: 445, PTR: PTR record not found	2020-05-05 23:47:06
103.99.17.77	attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-05-05 23:34:45
103.99.17.31	attackspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-05-05 23:25:06
103.99.17.117	attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-05-05 23:18:27
103.99.17.80	attackspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-05-05 22:57:15
103.99.17.8	attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-05-05 22:47:12
103.99.17.51	attackbots	Honeypot attack, port: 445, PTR: PTR record not found	2020-05-05 22:24:56
103.99.17.82	attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-05-05 21:26:52
103.99.17.115	attackbotsspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-05-05 20:08:45

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.99.17.14
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 51483
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;103.99.17.14.			IN	A

;; AUTHORITY SECTION:
.			547	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121201 1800 900 604800 86400

;; Query time: 91 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Dec 13 03:39:33 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 14.17.99.103.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 14.17.99.103.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
41.221.52.130	attackspam	firewall-block, port(s): 445/tcp	2020-02-23 06:36:17
37.187.195.209	attackspambots	Feb 22 22:43:04 tuxlinux sshd[26348]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.187.195.209 user=root Feb 22 22:43:06 tuxlinux sshd[26348]: Failed password for root from 37.187.195.209 port 59978 ssh2 Feb 22 22:43:04 tuxlinux sshd[26348]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.187.195.209 user=root Feb 22 22:43:06 tuxlinux sshd[26348]: Failed password for root from 37.187.195.209 port 59978 ssh2 Feb 22 22:46:27 tuxlinux sshd[26391]: Invalid user myftp from 37.187.195.209 port 42987 ...	2020-02-23 06:35:16
104.248.116.198	attack	Port scan: Attack repeated for 24 hours	2020-02-23 06:35:04
79.175.145.122	attack	Automatic report - XMLRPC Attack	2020-02-23 06:31:10
171.249.214.31	attack	Automatic report - Port Scan Attack	2020-02-23 06:23:09
206.189.229.112	attackbotsspam	Feb 22 19:33:58 silence02 sshd[8196]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.229.112 Feb 22 19:34:00 silence02 sshd[8196]: Failed password for invalid user magda from 206.189.229.112 port 47510 ssh2 Feb 22 19:36:45 silence02 sshd[8431]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.229.112	2020-02-23 06:20:15
222.186.173.215	attackbots	Feb 22 23:06:16 vps647732 sshd[2274]: Failed password for root from 222.186.173.215 port 16636 ssh2 Feb 22 23:06:28 vps647732 sshd[2274]: error: maximum authentication attempts exceeded for root from 222.186.173.215 port 16636 ssh2 [preauth] ...	2020-02-23 06:13:47
63.82.50.49	attackbotsspam	2020-02-22 10:44:34 H=(d4-data.agency) [63.82.50.49]:29176 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in sip-sip24.73t3wsbtnrhe.invaluement.com (127.0.0.2) (Blocked by ivmSIP and/or ivmSIP/24 - see https://www.invaluement.com/lookup/?item=63.82.50.49) 2020-02-22 10:44:35 H=(d4-data.agency) [63.82.50.49]:21872 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.3) (https://www.spamhaus.org/sbl/query/SBLCSS) 2020-02-22 10:44:36 H=(d4-data.agency) [63.82.50.49]:10994 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.3) (https://www.spamhaus.org/sbl/query/SBLCSS) ...	2020-02-23 06:24:41
35.199.38.243	attack	Invalid user apache from 35.199.38.243 port 56392	2020-02-23 06:09:58
116.98.62.156	spamattack	Same ip tried to hack into my yahoo mail also	2020-02-23 06:26:50
192.241.235.22	attack	suspicious action Sat, 22 Feb 2020 13:44:48 -0300	2020-02-23 06:15:22
121.178.212.67	attackbots	$f2bV_matches	2020-02-23 06:17:30
123.125.71.31	attackspam	Bad bot/spoofed identity	2020-02-23 06:24:56
176.84.161.228	attackspambots	Feb 22 22:11:05 nextcloud sshd\[14957\]: Invalid user tml from 176.84.161.228 Feb 22 22:11:05 nextcloud sshd\[14957\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=176.84.161.228 Feb 22 22:11:07 nextcloud sshd\[14957\]: Failed password for invalid user tml from 176.84.161.228 port 44436 ssh2	2020-02-23 06:12:29
109.99.228.142	attackbots	suspicious action Sat, 22 Feb 2020 13:44:05 -0300	2020-02-23 06:45:00

最近上报的IP列表

51.38.68.162	119.161.195.17	34.208.123.24	86.182.192.156
13.45.58.188	173.178.31.58	51.38.6.15	207.76.82.68
51.38.6.14	154.115.221.101	121.60.154.30	51.38.6.12
47.252.92.135	51.38.239.171	209.253.253.243	221.237.62.210
175.14.160.86	81.224.55.28	44.74.198.132	51.38.32.151