103.92.30.106 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Viet Nam

运营商(isp): Viet Solutions Servers Trading Company Limited - Hanoi Branch

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Commercial

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Dec 1 07:30:14 icecube postfix/smtpd[30679]: NOQUEUE: reject: RCPT from a.zjsoso.com[103.92.30.106]: 554 5.7.1 Service unavailable; Client host [103.92.30.106] blocked using all.spamrats.com; SPAMRATS IP Addresses See: http://www.spamrats.com/bl?103.92.30.106; from= to= proto=ESMTP helo=	2019-12-01 15:23:50

类型

评论内容

时间

attackspambots

Dec  1 07:30:14 icecube postfix/smtpd[30679]: NOQUEUE: reject: RCPT from a.zjsoso.com[103.92.30.106]: 554 5.7.1 Service unavailable; Client host [103.92.30.106] blocked using all.spamrats.com; SPAMRATS IP Addresses See: http://www.spamrats.com/bl?103.92.30.106; from= to= proto=ESMTP helo=

2019-12-01 15:23:50

相同子网IP讨论:

IP	类型	评论内容	时间
103.92.30.33	attack	103.92.30.33 - - [10/Sep/2019:06:00:54 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 103.92.30.33 - - [10/Sep/2019:06:00:56 +0200] "POST /wp-login.php HTTP/1.1" 200 1503 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 103.92.30.33 - - [10/Sep/2019:06:00:57 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 103.92.30.33 - - [10/Sep/2019:06:00:59 +0200] "POST /wp-login.php HTTP/1.1" 200 1489 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 103.92.30.33 - - [10/Sep/2019:06:01:00 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 103.92.30.33 - - [10/Sep/2019:06:01:02 +0200] "POST /wp-login.php HTTP/1.1" 200 1491 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-09-10 15:12:49
103.92.30.80	attackbotsspam	WordPress brute force	2019-09-09 08:57:59
103.92.30.33	attackbots	fail2ban honeypot	2019-09-08 23:36:39
103.92.30.80	attackbotsspam	www.goldgier.de 103.92.30.80 \[25/Aug/2019:20:51:19 +0200\] "POST /wp-login.php HTTP/1.1" 200 8725 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" www.goldgier.de 103.92.30.80 \[25/Aug/2019:20:51:23 +0200\] "POST /wp-login.php HTTP/1.1" 200 8726 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-08-26 04:24:36
103.92.30.80	attackspam	Wordpress Admin Login attack	2019-08-24 09:15:12
103.92.30.80	attack	WordPress login Brute force / Web App Attack on client site.	2019-08-09 02:53:31
103.92.30.80	attackspambots	fail2ban honeypot	2019-07-28 23:18:14
103.92.30.80	attack	fail2ban honeypot	2019-07-13 06:35:52

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.92.30.106
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 38550
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;103.92.30.106.			IN	A

;; AUTHORITY SECTION:
.			550	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019113002 1800 900 604800 86400

;; Query time: 113 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Dec 01 15:23:45 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

106.30.92.103.in-addr.arpa domain name pointer a.zjsoso.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
106.30.92.103.in-addr.arpa	name = a.zjsoso.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
187.84.160.57	attackbots	Distributed brute force attack	2019-07-30 08:12:00
42.231.162.191	attackspam	Brute force attempt	2019-07-30 08:52:07
58.249.123.38	attack	Jul 29 23:35:29 fr01 sshd[32557]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.249.123.38 user=root Jul 29 23:35:31 fr01 sshd[32557]: Failed password for root from 58.249.123.38 port 35238 ssh2 ...	2019-07-30 08:51:53
200.116.96.117	attack	ssh bruteforce or scan ...	2019-07-30 08:43:17
112.85.42.238	attack	Jul 30 01:09:58 localhost sshd\[47094\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.238 user=root Jul 30 01:10:00 localhost sshd\[47094\]: Failed password for root from 112.85.42.238 port 11356 ssh2 ...	2019-07-30 08:24:59
79.154.176.156	attackbots	SSH invalid-user multiple login attempts	2019-07-30 08:23:37
139.170.194.6	attackspambots	Unauthorised access (Jul 29) SRC=139.170.194.6 LEN=40 TTL=50 ID=48025 TCP DPT=23 WINDOW=9296 SYN	2019-07-30 08:28:45
54.39.196.199	attackbots	Jul 29 20:18:31 vps691689 sshd[22674]: Failed password for root from 54.39.196.199 port 32796 ssh2 Jul 29 20:22:43 vps691689 sshd[22692]: Failed password for root from 54.39.196.199 port 56522 ssh2 ...	2019-07-30 08:27:48
185.244.25.108	attackspambots	30.07.2019 00:03:40 Connection to port 8088 blocked by firewall	2019-07-30 08:17:23
106.51.50.2	attackbotsspam	Jul 30 02:21:54 legacy sshd[17924]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.51.50.2 Jul 30 02:21:56 legacy sshd[17924]: Failed password for invalid user scpuser from 106.51.50.2 port 28143 ssh2 Jul 30 02:27:19 legacy sshd[18030]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.51.50.2 ...	2019-07-30 08:41:21
149.202.65.224	attackbotsspam	Port scan: Attack repeated for 24 hours	2019-07-30 08:20:04
118.101.253.227	attackbotsspam	Jul 30 00:16:18 site3 sshd\[79075\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.101.253.227 user=root Jul 30 00:16:21 site3 sshd\[79075\]: Failed password for root from 118.101.253.227 port 4417 ssh2 Jul 30 00:20:45 site3 sshd\[79214\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.101.253.227 user=root Jul 30 00:20:47 site3 sshd\[79214\]: Failed password for root from 118.101.253.227 port 40385 ssh2 Jul 30 00:25:11 site3 sshd\[79309\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.101.253.227 user=root ...	2019-07-30 08:49:57
40.118.62.100	attackbotsspam	Jul 30 00:08:18 vps691689 sshd[25105]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.118.62.100 Jul 30 00:08:20 vps691689 sshd[25105]: Failed password for invalid user tengxunqq from 40.118.62.100 port 1664 ssh2 ...	2019-07-30 08:52:38
186.118.138.10	attackbots	Jul 29 20:04:47 TORMINT sshd\[29830\]: Invalid user balaji from 186.118.138.10 Jul 29 20:04:47 TORMINT sshd\[29830\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.118.138.10 Jul 29 20:04:49 TORMINT sshd\[29830\]: Failed password for invalid user balaji from 186.118.138.10 port 56823 ssh2 ...	2019-07-30 08:21:44
192.236.146.185	attackbotsspam	2019-07-29 UTC: 1x - root	2019-07-30 08:44:27

最近上报的IP列表

186.21.74.40	80.128.8.123	161.129.105.105	151.33.244.120
213.239.245.237	123.21.137.180	113.229.24.99	58.8.186.56
14.232.78.123	14.111.93.103	171.212.109.159	116.196.115.98
93.58.76.2	180.37.246.216	201.176.170.144	199.219.166.76
132.31.37.2	198.148.194.30	143.70.13.201	114.91.186.22