103.60.108.134

Basic Info

City: unknown

Region: unknown

Country: Hong Kong

Internet Service Provider: No. 04 18th Floor

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	[SMB remote code execution attempt: port tcp/445] *(RWIN=1024)(08050931)	2019-08-05 16:51:56

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.60.108.134
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 8705
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;103.60.108.134.			IN	A

;; AUTHORITY SECTION:
.			1885	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019080501 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Aug 05 16:51:48 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 134.108.60.103.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 67.207.67.2, trying next server
Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 134.108.60.103.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
185.220.101.32	attackspambots	02/13/2020-14:47:52.899564 185.220.101.32 Protocol: 6 ET TOR Known Tor Exit Node Traffic group 31	2020-02-14 01:15:54
5.188.168.41	attackspam	ICMP MH Probe, Scan /Distributed -	2020-02-14 01:37:51
123.122.38.126	attackbotsspam	Lines containing failures of 123.122.38.126 Feb 13 08:20:35 siirappi sshd[5943]: Invalid user beheerder from 123.122.38.126 port 30131 Feb 13 08:20:35 siirappi sshd[5943]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.122.38.126 Feb 13 08:20:37 siirappi sshd[5943]: Failed password for invalid user beheerder from 123.122.38.126 port 30131 ssh2 Feb 13 08:20:37 siirappi sshd[5943]: Received disconnect from 123.122.38.126 port 30131:11: Bye Bye [preauth] Feb 13 08:20:37 siirappi sshd[5943]: Disconnected from 123.122.38.126 port 30131 [preauth] Feb 13 09:24:21 siirappi sshd[6991]: Connection closed by 123.122.38.126 port 43892 [preauth] Feb 13 10:31:23 siirappi sshd[8435]: Invalid user mcserv from 123.122.38.126 port 63807 Feb 13 10:31:23 siirappi sshd[8435]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.122.38.126 Feb 13 10:31:25 siirappi sshd[8435]: Failed password for invalid user m........ ------------------------------	2020-02-14 01:18:32
44.225.84.206	attackspambots	Fail2Ban Ban Triggered	2020-02-14 01:46:34
202.28.250.114	attackspam	Lines containing failures of 202.28.250.114 Feb 13 10:43:03 shared04 sshd[3400]: Did not receive identification string from 202.28.250.114 port 60128 Feb 13 10:43:09 shared04 sshd[3431]: Did not receive identification string from 202.28.250.114 port 56046 Feb 13 10:43:53 shared04 sshd[3462]: Invalid user 666666 from 202.28.250.114 port 51157 Feb 13 10:43:54 shared04 sshd[3462]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.28.250.114 Feb 13 10:43:55 shared04 sshd[3462]: Failed password for invalid user 666666 from 202.28.250.114 port 51157 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=202.28.250.114	2020-02-14 01:41:39
103.126.6.174	attackspam	Feb 13 10:39:29 mxgate1 postfix/postscreen[1864]: CONNECT from [103.126.6.174]:44458 to [176.31.12.44]:25 Feb 13 10:39:29 mxgate1 postfix/dnsblog[1866]: addr 103.126.6.174 listed by domain ix.dnsbl.xxxxxx.net as 127.0.0.2 Feb 13 10:39:29 mxgate1 postfix/dnsblog[1892]: addr 103.126.6.174 listed by domain b.barracudacentral.org as 127.0.0.2 Feb 13 10:39:35 mxgate1 postfix/postscreen[1864]: DNSBL rank 2 for [103.126.6.174]:44458 Feb 13 10:39:35 mxgate1 postfix/tlsproxy[1967]: CONNECT from [103.126.6.174]:44458 Feb x@x Feb 13 10:39:36 mxgate1 postfix/postscreen[1864]: DISCONNECT [103.126.6.174]:44458 Feb 13 10:39:36 mxgate1 postfix/tlsproxy[1967]: DISCONNECT [103.126.6.174]:44458 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=103.126.6.174	2020-02-14 01:21:43
129.211.86.141	attackbotsspam	Feb 13 07:03:46 hpm sshd\[15231\]: Invalid user detroit from 129.211.86.141 Feb 13 07:03:46 hpm sshd\[15231\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.86.141 Feb 13 07:03:47 hpm sshd\[15231\]: Failed password for invalid user detroit from 129.211.86.141 port 37972 ssh2 Feb 13 07:08:16 hpm sshd\[15733\]: Invalid user uploader from 129.211.86.141 Feb 13 07:08:16 hpm sshd\[15733\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.86.141	2020-02-14 01:18:03
191.5.119.91	attackbotsspam	Automatic report - Port Scan Attack	2020-02-14 01:09:31
106.54.220.178	attackbotsspam	Feb 13 20:47:40 webhost01 sshd[5156]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.220.178 Feb 13 20:47:42 webhost01 sshd[5156]: Failed password for invalid user bwadmin from 106.54.220.178 port 57696 ssh2 ...	2020-02-14 01:25:25
115.236.71.43	attackspambots	Feb 13 05:02:52 web1 sshd\[16464\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.236.71.43 user=root Feb 13 05:02:54 web1 sshd\[16464\]: Failed password for root from 115.236.71.43 port 37510 ssh2 Feb 13 05:04:05 web1 sshd\[16649\]: Invalid user du from 115.236.71.43 Feb 13 05:04:05 web1 sshd\[16649\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.236.71.43 Feb 13 05:04:07 web1 sshd\[16649\]: Failed password for invalid user du from 115.236.71.43 port 44152 ssh2	2020-02-14 01:46:01
177.220.194.66	attackspam	Feb 13 12:56:00 firewall sshd[26708]: Invalid user mysql1 from 177.220.194.66 Feb 13 12:56:02 firewall sshd[26708]: Failed password for invalid user mysql1 from 177.220.194.66 port 57895 ssh2 Feb 13 12:59:20 firewall sshd[26851]: Invalid user carter from 177.220.194.66 ...	2020-02-14 01:35:06
200.57.248.245	attackbots	Automatic report - Port Scan Attack	2020-02-14 01:34:43
193.188.22.217	attackspambots	RDP (aggressivity: low)	2020-02-14 01:04:35
183.131.110.99	attackspam	The IP has triggered Cloudflare WAF. CF-Ray: 564491af4f9ee4c4 \| WAF_Rule_ID: 1aff1cdfeb5c4074965d7cd85bfc1d4e \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/2 \| Method: GET \| Host: img.skk.moe \| User-Agent: Mozilla/5.0 (Windows NT 6.2; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.100 Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2020-02-14 01:10:16
5.188.168.26	attackspambots	ICMP MH Probe, Scan /Distributed -	2020-02-14 01:41:16

Recently Reported IPs

171.122.207.161	125.112.212.12	124.128.102.67	124.95.66.3
119.142.216.87	119.240.140.227	116.111.208.112	113.232.134.126
103.55.214.12	185.240.246.24	89.178.111.172	77.70.100.12
61.220.65.99	61.177.183.142	39.61.57.96	37.232.98.169
36.233.41.149	36.89.57.122	220.71.131.2	200.70.37.80