103.1.12.55 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Hong Kong

运营商(isp): ReadySpace Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Sep 15 16:58:43 mail.srvfarm.net postfix/smtpd[2773188]: NOQUEUE: reject: RCPT from unknown[103.1.12.55]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=ESMTP helo= Sep 15 16:58:43 mail.srvfarm.net postfix/smtpd[2774637]: NOQUEUE: reject: RCPT from unknown[103.1.12.55]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=ESMTP helo= Sep 15 16:58:44 mail.srvfarm.net postfix/smtpd[2773189]: NOQUEUE: reject: RCPT from unknown[103.1.12.55]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=ESMTP helo= Sep 15 16:58:44 mail.srvfarm.net postfix/smtpd[2773179]: NOQUEUE: reject: RCPT from unknown[103.1.12.55]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=ESMTP h	2020-09-15 23:08:07
attackspambots	Sep 15 07:38:42 mail.srvfarm.net postfix/smtpd[2536028]: NOQUEUE: reject: RCPT from unknown[103.1.12.55]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=ESMTP helo= Sep 15 07:38:42 mail.srvfarm.net postfix/smtpd[2536034]: NOQUEUE: reject: RCPT from unknown[103.1.12.55]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=ESMTP helo= Sep 15 07:38:42 mail.srvfarm.net postfix/smtpd[2536039]: NOQUEUE: reject: RCPT from unknown[103.1.12.55]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=ESMTP helo= Sep 15 07:38:43 mail.srvfarm.net postfix/smtpd[2536050]: NOQUEUE: reject: RCPT from unknown[103.1.12.55]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=ESMTP	2020-09-15 15:01:08
attack	Sep 15 00:38:42 mail.srvfarm.net postfix/smtpd[2376116]: NOQUEUE: reject: RCPT from unknown[103.1.12.55]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=ESMTP helo= Sep 15 00:38:42 mail.srvfarm.net postfix/smtpd[2376113]: NOQUEUE: reject: RCPT from unknown[103.1.12.55]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=ESMTP helo= Sep 15 00:38:42 mail.srvfarm.net postfix/smtpd[2373865]: NOQUEUE: reject: RCPT from unknown[103.1.12.55]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=ESMTP helo= Sep 15 00:38:42 mail.srvfarm.net postfix/smtpd[2376119]: NOQUEUE: reject: RCPT from unknown[103.1.12.55]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=ESMTP h	2020-09-15 07:08:26
attackspam	Sep 9 07:53:45 mail.srvfarm.net postfix/smtpd[2257918]: NOQUEUE: reject: RCPT from unknown[103.1.12.55]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=ESMTP helo= Sep 9 07:58:43 mail.srvfarm.net postfix/smtpd[2257918]: NOQUEUE: reject: RCPT from unknown[103.1.12.55]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=ESMTP helo= Sep 9 07:58:43 mail.srvfarm.net postfix/smtpd[2257920]: NOQUEUE: reject: RCPT from unknown[103.1.12.55]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=ESMTP helo= Sep 9 07:58:50 mail.srvfarm.net postfix/smtpd[2257597]: NOQUEUE: reject: RCPT from unknown[103.1.12.55]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=ESMTP helo= Sep	2020-09-12 02:12:09
attack	Sep 9 07:53:45 mail.srvfarm.net postfix/smtpd[2257918]: NOQUEUE: reject: RCPT from unknown[103.1.12.55]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=ESMTP helo= Sep 9 07:58:43 mail.srvfarm.net postfix/smtpd[2257918]: NOQUEUE: reject: RCPT from unknown[103.1.12.55]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=ESMTP helo= Sep 9 07:58:43 mail.srvfarm.net postfix/smtpd[2257920]: NOQUEUE: reject: RCPT from unknown[103.1.12.55]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=ESMTP helo= Sep 9 07:58:50 mail.srvfarm.net postfix/smtpd[2257597]: NOQUEUE: reject: RCPT from unknown[103.1.12.55]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=ESMTP helo= Sep	2020-09-11 18:04:53

相同子网IP讨论:

IP	类型	评论内容	时间
103.1.12.68	attackbotsspam	Sep 13 18:46:42 mail.srvfarm.net postfix/smtpd[1233117]: NOQUEUE: reject: RCPT from unknown[103.1.12.68]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=ESMTP helo= Sep 13 18:51:09 mail.srvfarm.net postfix/smtpd[1233117]: NOQUEUE: reject: RCPT from unknown[103.1.12.68]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=ESMTP helo= Sep 13 18:51:09 mail.srvfarm.net postfix/smtpd[1234121]: NOQUEUE: reject: RCPT from unknown[103.1.12.68]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=ESMTP helo= Sep 13 18:51:16 mail.srvfarm.net postfix/smtpd[1232282]: NOQUEUE: reject: RCPT from unknown[103.1.12.68]: 450 4.7.1 : Helo command rejected: Host not found; from= to= p	2020-09-14 01:43:17
103.1.12.68	attack	Sep 13 10:36:42 mail.srvfarm.net postfix/smtpd[1046010]: NOQUEUE: reject: RCPT from unknown[103.1.12.68]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=ESMTP helo= Sep 13 10:41:16 mail.srvfarm.net postfix/smtpd[1045058]: NOQUEUE: reject: RCPT from unknown[103.1.12.68]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=ESMTP helo= Sep 13 10:41:16 mail.srvfarm.net postfix/smtpd[1048113]: NOQUEUE: reject: RCPT from unknown[103.1.12.68]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=ESMTP helo= Sep 13 10:41:30 mail.srvfarm.net postfix/smtpd[1048113]: NOQUEUE: reject: RCPT from unknown[103.1.12.68]: 450 4.7.1 : Helo command rejected: Host not found; from= to= p	2020-09-13 17:39:40

类型

评论内容

时间

103.1.12.68

attackbotsspam

Sep 13 18:46:42 mail.srvfarm.net postfix/smtpd[1233117]: NOQUEUE: reject: RCPT from unknown[103.1.12.68]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=ESMTP helo=
Sep 13 18:51:09 mail.srvfarm.net postfix/smtpd[1233117]: NOQUEUE: reject: RCPT from unknown[103.1.12.68]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=ESMTP helo=
Sep 13 18:51:09 mail.srvfarm.net postfix/smtpd[1234121]: NOQUEUE: reject: RCPT from unknown[103.1.12.68]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=ESMTP helo=
Sep 13 18:51:16 mail.srvfarm.net postfix/smtpd[1232282]: NOQUEUE: reject: RCPT from unknown[103.1.12.68]: 450 4.7.1 : Helo command rejected: Host not found; from= to= p

2020-09-14 01:43:17

103.1.12.68

attack

Sep 13 10:36:42 mail.srvfarm.net postfix/smtpd[1046010]: NOQUEUE: reject: RCPT from unknown[103.1.12.68]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=ESMTP helo=
Sep 13 10:41:16 mail.srvfarm.net postfix/smtpd[1045058]: NOQUEUE: reject: RCPT from unknown[103.1.12.68]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=ESMTP helo=
Sep 13 10:41:16 mail.srvfarm.net postfix/smtpd[1048113]: NOQUEUE: reject: RCPT from unknown[103.1.12.68]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=ESMTP helo=
Sep 13 10:41:30 mail.srvfarm.net postfix/smtpd[1048113]: NOQUEUE: reject: RCPT from unknown[103.1.12.68]: 450 4.7.1 : Helo command rejected: Host not found; from= to= p

2020-09-13 17:39:40

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.1.12.55
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57800
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;103.1.12.55.			IN	A

;; AUTHORITY SECTION:
.			513	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020091100 1800 900 604800 86400

;; Query time: 17 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Sep 11 18:04:48 CST 2020
;; MSG SIZE  rcvd: 115

HOST信息:

Host 55.12.1.103.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 55.12.1.103.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
159.203.12.171	attackspam	CloudCIX Reconnaissance Scan Detected, PTR: min-extra-pri-201-do-ca-prod.binaryedge.ninja.	2019-10-10 07:41:34
222.186.175.217	attack	SSH Bruteforce attempt	2019-10-10 12:02:30
51.77.109.98	attackspam	Oct 10 00:22:44 vpn01 sshd[28445]: Failed password for root from 51.77.109.98 port 38626 ssh2 ...	2019-10-10 07:20:30
66.249.69.81	attackspambots	Automatic report - Banned IP Access	2019-10-10 12:10:19
162.247.74.216	attackspam	Oct 10 01:24:08 rotator sshd\[22230\]: Failed password for root from 162.247.74.216 port 49454 ssh2Oct 10 01:24:10 rotator sshd\[22230\]: Failed password for root from 162.247.74.216 port 49454 ssh2Oct 10 01:24:12 rotator sshd\[22230\]: Failed password for root from 162.247.74.216 port 49454 ssh2Oct 10 01:24:16 rotator sshd\[22230\]: Failed password for root from 162.247.74.216 port 49454 ssh2Oct 10 01:24:18 rotator sshd\[22230\]: Failed password for root from 162.247.74.216 port 49454 ssh2Oct 10 01:24:21 rotator sshd\[22230\]: Failed password for root from 162.247.74.216 port 49454 ssh2 ...	2019-10-10 07:33:22
119.28.104.104	botsattack	119.28.104.104 - - [10/Oct/2019:09:42:18 +0800] "GET /%73%65%65%79%6F%6E/%68%74%6D%6C%6F%66%66%69%63%65%73%65%72%76%6C%65%74 HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.0) Gecko/20100101 Firefox/52.0" 119.28.104.104 - - [10/Oct/2019:09:42:19 +0800] "GET /secure/ContactAdministrators!default.jspa HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.0) Gecko/20100101 Firefox/52.0" 119.28.104.104 - - [10/Oct/2019:09:42:19 +0800] "POST /%75%73%65%72/%72%65%67%69%73%74%65%72?%65%6c%65%6d%65%6e%74%5f%70%61%72%65%6e%74%73=%74%69%6d%65%7a%6f%6e%65%2f%74%69%6d%65%7a%6f%6e%65%2f%23%76%61%6c%75%65&%61%6a%61%78%5f%66%6f%72%6d=1&%5f%77%72%61%70%70%65%72%5f%66%6f%72%6d%61%74=%64%72%75%70%61%6c%5f%61%6a%61%78 HTTP/1.1" 301 194 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)" 119.28.104.104 - - [10/Oct/2019:09:42:19 +0800] "POST /%75%73%65%72%2e%70%68%70 HTTP/1.1" 301 194 "554fcae493e564ee0dc75bdf2ebf94caads\|a:3:{s:2:\\x22id\\x22;s:3:\\x22'/\\x22;s:3:\\x22num\\x22;s:141:\\x22/ union select 1,0x272F2A,3,4,5,6,7,8,0x7b247b24524345275d3b6469652f2a2a2f286d6435284449524543544f52595f534550415241544f5229293b2f2f7d7d,0--\\x22;s:4:\\x22name\\x22;s:3:\\x22ads\\x22;}554fcae493e564ee0dc75bdf2ebf94ca" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36"	2019-10-10 09:47:57
51.77.210.216	attackspambots	2019-10-09T18:14:41.6243371495-001 sshd\[5358\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=216.ip-51-77-210.eu user=root 2019-10-09T18:14:43.6900591495-001 sshd\[5358\]: Failed password for root from 51.77.210.216 port 53050 ssh2 2019-10-09T18:22:43.3233681495-001 sshd\[5733\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=216.ip-51-77-210.eu user=root 2019-10-09T18:22:45.5584501495-001 sshd\[5733\]: Failed password for root from 51.77.210.216 port 55426 ssh2 2019-10-09T18:26:16.1709441495-001 sshd\[5970\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=216.ip-51-77-210.eu user=root 2019-10-09T18:26:17.8756111495-001 sshd\[5970\]: Failed password for root from 51.77.210.216 port 38422 ssh2 ...	2019-10-10 07:24:22
202.131.126.142	attackspambots	Oct 9 12:51:53 home sshd[24235]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.131.126.142 user=root Oct 9 12:51:55 home sshd[24235]: Failed password for root from 202.131.126.142 port 35630 ssh2 Oct 9 13:09:36 home sshd[24355]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.131.126.142 user=root Oct 9 13:09:38 home sshd[24355]: Failed password for root from 202.131.126.142 port 32832 ssh2 Oct 9 13:13:59 home sshd[24389]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.131.126.142 user=root Oct 9 13:14:01 home sshd[24389]: Failed password for root from 202.131.126.142 port 45348 ssh2 Oct 9 13:18:29 home sshd[24445]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.131.126.142 user=root Oct 9 13:18:32 home sshd[24445]: Failed password for root from 202.131.126.142 port 57896 ssh2 Oct 9 13:23:00 home sshd[24459]: pam_unix(s	2019-10-10 07:42:59
167.114.115.22	attackspambots	2019-10-09T23:34:59.014284homeassistant sshd[4490]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.114.115.22 user=root 2019-10-09T23:35:00.929400homeassistant sshd[4490]: Failed password for root from 167.114.115.22 port 46840 ssh2 ...	2019-10-10 07:45:14
51.75.23.62	attackbotsspam	2019-10-09T22:53:59.952793abusebot-7.cloudsearch.cf sshd\[27137\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.ip-51-75-23.eu user=root	2019-10-10 07:25:02
112.168.11.211	attackspam	Port 1433 Scan	2019-10-10 07:36:28
158.140.175.170	attack	B: Magento admin pass test (wrong country)	2019-10-10 12:05:33
47.92.141.187	bots	微软的爬虫 40.77.167.90 - - [10/Oct/2019:10:43:26 +0800] "GET /sitemap/sitemap_aaabd.txt HTTP/1.1" 200 2264549 "-" "msnbot/2.0b (+http://search.msn.com/msnbot.htm)" 47.92.141.187 - - [10/Oct/2019:10:44:37 +0800] "GET /check-ip/196.18.238.29 HTTP/1.1" 200 9310 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/17.17134" 40.77.167.90 - - [10/Oct/2019:10:46:06 +0800] "GET /sitemap/sitemap_aaabd.txt HTTP/1.1" 200 2264549 "-" "msnbot/2.0b (+http://search.msn.com/msnbot.htm)" 47.92.141.187 - - [10/Oct/2019:10:46:23 +0800] "GET /check-ip/61.7.241.34 HTTP/1.1" 200 9396 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/17.17134" 47.92.141.187 - - [10/Oct/2019:10:46:23 +0800] "GET /check-ip/61.7.241.87 HTTP/1.1" 200 9255 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/17.17134"	2019-10-10 10:47:18
198.143.133.154	attackspam	3389BruteforceFW21	2019-10-10 12:08:10
62.102.148.68	attackspam	2019-10-09T23:28:30.199652abusebot.cloudsearch.cf sshd\[340\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.102.148.68 user=root	2019-10-10 07:31:47

最近上报的IP列表

81.117.174.36	183.71.57.241	63.253.173.23	138.217.18.41
191.194.101.252	10.2.249.231	99.239.49.34	245.108.76.31
77.94.126.68	233.42.138.38	60.129.24.84	191.227.76.140
220.135.244.139	86.91.104.37	186.162.14.67	148.77.224.103
190.193.70.20	169.132.127.164	121.203.58.46	180.142.213.68