198.20.103.245

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): SingleHop LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	07/17/2020-23:56:41.502972 198.20.103.245 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-07-18 12:02:14
attackspam	Honeypot attack, port: 445, PTR: sh-ams-nl-gp1-wk101.internet-census.org.	2020-03-05 01:01:40
attack	firewall-block, port(s): 53/tcp	2020-01-08 22:37:38
attackbotsspam	" "	2019-12-20 03:01:23
attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2019-10-24 00:37:13
attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-07-12 18:53:53
attackbotsspam	23/tcp 3389/tcp 5001/tcp... [2019-05-09/07-03]12pkt,10pt.(tcp)	2019-07-03 15:43:55

相同子网IP讨论:

IP	类型	评论内容	时间
198.20.103.242	attackspam	Found on Binary Defense / proto=6 . srcport=10578 . dstport=3000 . (1576)	2020-10-04 05:36:19
198.20.103.242	attackspambots	554/tcp 8098/tcp 44818/tcp... [2020-08-03/10-02]45pkt,31pt.(tcp),1pt.(udp)	2020-10-03 13:16:06
198.20.103.243	attackspambots	UDP 198.20.103.243:41306 -> port 161, len 71	2020-08-29 18:05:51
198.20.103.244	attackbotsspam	firewall-block, port(s): 53/tcp	2020-08-15 18:35:41
198.20.103.243	attackspambots	[Tue Jul 21 00:37:38 2020] - DDoS Attack From IP: 198.20.103.243 Port: 32488	2020-08-07 00:11:56
198.20.103.246	attackbotsspam	[Wed Jul 22 18:45:02 2020] - DDoS Attack From IP: 198.20.103.246 Port: 25863	2020-08-06 23:53:22
198.20.103.243	attackbots	firewall-block, port(s): 104/tcp	2020-08-03 07:57:17
198.20.103.242	attackspambots	" "	2020-08-03 06:58:11
198.20.103.246	attackspam	Aug 2 22:23:08 debian-2gb-nbg1-2 kernel: \[18658262.989409\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=198.20.103.246 DST=195.201.40.59 LEN=68 TOS=0x00 PREC=0x00 TTL=242 ID=54321 PROTO=UDP SPT=47475 DPT=161 LEN=48	2020-08-03 06:55:59
198.20.103.243	attackbots	Port scan: Attack repeated for 24 hours	2020-07-30 17:18:54
198.20.103.242	attack	Unauthorized connection attempt detected from IP address 198.20.103.242 to port 8099	2020-07-27 17:45:33
198.20.103.244	attackspambots	[Wed Jul 15 02:02:17 2020] - DDoS Attack From IP: 198.20.103.244 Port: 17370	2020-07-15 03:57:12
198.20.103.246	attackbots	trying to access non-authorized port	2020-07-09 22:32:06
198.20.103.243	attack	2000/tcp 515/tcp 9001/tcp... [2020-04-21/06-19]17pkt,17pt.(tcp)	2020-06-20 06:10:46
198.20.103.182	attack	Attempted connection to port 80.	2020-06-19 05:52:05

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 198.20.103.245
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 33581
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;198.20.103.245.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019051800 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun May 19 01:26:04 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

245.103.20.198.in-addr.arpa domain name pointer sh-ams-nl-gp1-wk101.internet-census.org.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
245.103.20.198.in-addr.arpa	name = sh-ams-nl-gp1-wk101.internet-census.org.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
190.54.108.1	attack	Attempt to attack host OS, exploiting network vulnerabilities, on 11-11-2019 06:20:40.	2019-11-11 21:04:46
202.43.168.94	attackspam	Attempt To login To email server On SMTP service On 11-11-2019 06:20:41.	2019-11-11 21:04:18
36.68.5.215	attack	Attempt to attack host OS, exploiting network vulnerabilities, on 11-11-2019 06:20:43.	2019-11-11 21:01:18
125.25.82.213	attack	Attempt to attack host OS, exploiting network vulnerabilities, on 11-11-2019 06:20:32.	2019-11-11 21:18:20
117.156.119.39	attack	Nov 11 12:44:12 [snip] sshd[29384]: Invalid user ftpuser from 117.156.119.39 port 42096 Nov 11 12:44:12 [snip] sshd[29384]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.156.119.39 Nov 11 12:44:14 [snip] sshd[29384]: Failed password for invalid user ftpuser from 117.156.119.39 port 42096 ssh2[...]	2019-11-11 20:44:16
113.187.35.157	attack	Attempt to attack host OS, exploiting network vulnerabilities, on 11-11-2019 06:20:29.	2019-11-11 21:24:23
180.183.231.85	attackbots	Chat Spam	2019-11-11 21:19:13
180.252.213.217	attackspam	Attempt to attack host OS, exploiting network vulnerabilities, on 11-11-2019 06:20:36.	2019-11-11 21:09:51
185.53.88.33	attack	\[2019-11-11 07:33:36\] NOTICE\[2601\] chan_sip.c: Registration from '"301" \' failed for '185.53.88.33:5555' - Wrong password \[2019-11-11 07:33:36\] SECURITY\[2634\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-11-11T07:33:36.047-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="301",SessionID="0x7fdf2cd1cd48",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.53.88.33/5555",Challenge="252dd832",ReceivedChallenge="252dd832",ReceivedHash="5c05f295ff87283d7723ca45ab771680" \[2019-11-11 07:33:36\] NOTICE\[2601\] chan_sip.c: Registration from '"301" \' failed for '185.53.88.33:5555' - Wrong password \[2019-11-11 07:33:36\] SECURITY\[2634\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-11-11T07:33:36.168-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="301",SessionID="0x7fdf2c665838",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.53.	2019-11-11 20:54:51
117.50.2.47	attack	Unauthorized SSH login attempts	2019-11-11 20:44:46
60.184.3.24	attackbotsspam	Nov 11 07:15:07 vps666546 sshd\[2229\]: Invalid user guest from 60.184.3.24 port 43710 Nov 11 07:15:07 vps666546 sshd\[2229\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.184.3.24 Nov 11 07:15:09 vps666546 sshd\[2229\]: Failed password for invalid user guest from 60.184.3.24 port 43710 ssh2 Nov 11 07:20:27 vps666546 sshd\[2381\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.184.3.24 user=uucp Nov 11 07:20:29 vps666546 sshd\[2381\]: Failed password for uucp from 60.184.3.24 port 55150 ssh2 ...	2019-11-11 21:22:51
125.214.52.191	attackbotsspam	Attempt to attack host OS, exploiting network vulnerabilities, on 11-11-2019 06:20:31.	2019-11-11 21:19:30
81.22.45.116	attack	Nov 11 13:27:25 mc1 kernel: \[4761527.243729\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.116 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=45518 PROTO=TCP SPT=45400 DPT=60379 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 11 13:29:03 mc1 kernel: \[4761626.007720\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.116 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=14337 PROTO=TCP SPT=45400 DPT=59714 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 11 13:35:47 mc1 kernel: \[4762029.739687\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.116 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=17657 PROTO=TCP SPT=45400 DPT=59651 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-11-11 20:49:10
183.83.134.90	attack	Attempt to attack host OS, exploiting network vulnerabilities, on 11-11-2019 06:20:39.	2019-11-11 21:06:43
130.61.122.5	attackbotsspam	Nov 11 12:45:05 XXX sshd[62085]: Invalid user dev from 130.61.122.5 port 42634	2019-11-11 21:26:31

最近上报的IP列表

190.153.241.116	124.160.215.144	171.75.54.44	36.182.68.150
157.195.240.219	79.229.56.133	18.64.80.158	65.125.104.193
188.165.210.23	249.60.219.175	185.244.214.197	234.242.249.133
13.119.114.112	244.199.72.68	192.220.87.229	80.67.172.162
212.197.14.135	190.7.231.210	132.148.106.7	80.89.153.82