103.92.30.106 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Viet Nam

运营商(isp): Viet Solutions Servers Trading Company Limited - Hanoi Branch

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Commercial

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Dec 1 07:30:14 icecube postfix/smtpd[30679]: NOQUEUE: reject: RCPT from a.zjsoso.com[103.92.30.106]: 554 5.7.1 Service unavailable; Client host [103.92.30.106] blocked using all.spamrats.com; SPAMRATS IP Addresses See: http://www.spamrats.com/bl?103.92.30.106; from= to= proto=ESMTP helo=	2019-12-01 15:23:50

类型

评论内容

时间

attackspambots

Dec  1 07:30:14 icecube postfix/smtpd[30679]: NOQUEUE: reject: RCPT from a.zjsoso.com[103.92.30.106]: 554 5.7.1 Service unavailable; Client host [103.92.30.106] blocked using all.spamrats.com; SPAMRATS IP Addresses See: http://www.spamrats.com/bl?103.92.30.106; from= to= proto=ESMTP helo=

2019-12-01 15:23:50

相同子网IP讨论:

IP	类型	评论内容	时间
103.92.30.33	attack	103.92.30.33 - - [10/Sep/2019:06:00:54 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 103.92.30.33 - - [10/Sep/2019:06:00:56 +0200] "POST /wp-login.php HTTP/1.1" 200 1503 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 103.92.30.33 - - [10/Sep/2019:06:00:57 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 103.92.30.33 - - [10/Sep/2019:06:00:59 +0200] "POST /wp-login.php HTTP/1.1" 200 1489 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 103.92.30.33 - - [10/Sep/2019:06:01:00 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 103.92.30.33 - - [10/Sep/2019:06:01:02 +0200] "POST /wp-login.php HTTP/1.1" 200 1491 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-09-10 15:12:49
103.92.30.80	attackbotsspam	WordPress brute force	2019-09-09 08:57:59
103.92.30.33	attackbots	fail2ban honeypot	2019-09-08 23:36:39
103.92.30.80	attackbotsspam	www.goldgier.de 103.92.30.80 \[25/Aug/2019:20:51:19 +0200\] "POST /wp-login.php HTTP/1.1" 200 8725 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" www.goldgier.de 103.92.30.80 \[25/Aug/2019:20:51:23 +0200\] "POST /wp-login.php HTTP/1.1" 200 8726 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-08-26 04:24:36
103.92.30.80	attackspam	Wordpress Admin Login attack	2019-08-24 09:15:12
103.92.30.80	attack	WordPress login Brute force / Web App Attack on client site.	2019-08-09 02:53:31
103.92.30.80	attackspambots	fail2ban honeypot	2019-07-28 23:18:14
103.92.30.80	attack	fail2ban honeypot	2019-07-13 06:35:52

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.92.30.106
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 38550
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;103.92.30.106.			IN	A

;; AUTHORITY SECTION:
.			550	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019113002 1800 900 604800 86400

;; Query time: 113 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Dec 01 15:23:45 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

106.30.92.103.in-addr.arpa domain name pointer a.zjsoso.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
106.30.92.103.in-addr.arpa	name = a.zjsoso.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
62.231.7.221	attack	2019-07-25T08:19:30.977925centos sshd\[23220\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.231.7.221 user=root 2019-07-25T08:19:32.780018centos sshd\[23220\]: Failed password for root from 62.231.7.221 port 59429 ssh2 2019-07-25T08:19:33.447461centos sshd\[23223\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.231.7.221 user=root	2019-07-25 14:23:07
96.246.214.20	attackbotsspam	2019-07-25T06:39:58.993042abusebot-8.cloudsearch.cf sshd\[8587\]: Invalid user dp from 96.246.214.20 port 43124	2019-07-25 15:00:09
220.191.160.42	attackbots	Jul 25 08:45:04 mail sshd\[29661\]: Failed password for invalid user ass from 220.191.160.42 port 60738 ssh2 Jul 25 08:47:22 mail sshd\[30148\]: Invalid user ftp1 from 220.191.160.42 port 57464 Jul 25 08:47:22 mail sshd\[30148\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.191.160.42 Jul 25 08:47:24 mail sshd\[30148\]: Failed password for invalid user ftp1 from 220.191.160.42 port 57464 ssh2 Jul 25 08:49:45 mail sshd\[30498\]: Invalid user tim from 220.191.160.42 port 54224 Jul 25 08:49:45 mail sshd\[30498\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.191.160.42	2019-07-25 14:51:36
185.211.129.196	attack	Unauthorized connection attempt from IP address 185.211.129.196 on Port 445(SMB)	2019-07-25 14:18:41
113.161.162.20	attackspam	Unauthorized connection attempt from IP address 113.161.162.20 on Port 445(SMB)	2019-07-25 14:57:56
149.56.132.202	attack	Jul 25 08:40:19 SilenceServices sshd[3387]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.56.132.202 Jul 25 08:40:21 SilenceServices sshd[3387]: Failed password for invalid user liao from 149.56.132.202 port 33878 ssh2 Jul 25 08:44:51 SilenceServices sshd[6782]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.56.132.202	2019-07-25 14:57:32
188.165.250.228	attackspambots	Jul 25 07:25:53 debian sshd\[4458\]: Invalid user mm from 188.165.250.228 port 36064 Jul 25 07:25:53 debian sshd\[4458\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.165.250.228 ...	2019-07-25 14:27:54
117.85.154.157	attackspam	smtp port probing	2019-07-25 14:29:07
145.239.73.103	attackbotsspam	Jul 25 06:38:07 ip-172-31-62-245 sshd\[23981\]: Invalid user enlace from 145.239.73.103\ Jul 25 06:38:09 ip-172-31-62-245 sshd\[23981\]: Failed password for invalid user enlace from 145.239.73.103 port 41352 ssh2\ Jul 25 06:42:36 ip-172-31-62-245 sshd\[24111\]: Invalid user 123 from 145.239.73.103\ Jul 25 06:42:38 ip-172-31-62-245 sshd\[24111\]: Failed password for invalid user 123 from 145.239.73.103 port 36910 ssh2\ Jul 25 06:47:00 ip-172-31-62-245 sshd\[24154\]: Invalid user 123456 from 145.239.73.103\	2019-07-25 14:48:14
94.232.225.5	attackspam	Jul 25 08:01:29 OPSO sshd\[10508\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.232.225.5 user=root Jul 25 08:01:31 OPSO sshd\[10508\]: Failed password for root from 94.232.225.5 port 45188 ssh2 Jul 25 08:06:08 OPSO sshd\[11483\]: Invalid user karol from 94.232.225.5 port 41556 Jul 25 08:06:08 OPSO sshd\[11483\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.232.225.5 Jul 25 08:06:11 OPSO sshd\[11483\]: Failed password for invalid user karol from 94.232.225.5 port 41556 ssh2	2019-07-25 14:18:17
78.94.250.168	attackbotsspam	Jul 25 05:47:39 rpi sshd[2217]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=78.94.250.168 Jul 25 05:47:41 rpi sshd[2217]: Failed password for invalid user helpdesk from 78.94.250.168 port 54922 ssh2	2019-07-25 15:01:18
196.43.112.58	attackbotsspam	DATE:2019-07-25 06:07:24, IP:196.43.112.58, PORT:ssh brute force auth on SSH service (patata)	2019-07-25 14:13:49
54.39.104.30	attackbotsspam	Jul 25 08:37:15 mail sshd\[28524\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.104.30 user=root Jul 25 08:37:18 mail sshd\[28524\]: Failed password for root from 54.39.104.30 port 43074 ssh2 Jul 25 08:42:47 mail sshd\[29372\]: Invalid user cluster from 54.39.104.30 port 39740 Jul 25 08:42:47 mail sshd\[29372\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.104.30 Jul 25 08:42:49 mail sshd\[29372\]: Failed password for invalid user cluster from 54.39.104.30 port 39740 ssh2	2019-07-25 14:54:54
78.156.226.162	attackbots	Unauthorized connection attempt from IP address 78.156.226.162 on Port 445(SMB)	2019-07-25 14:59:33
54.38.78.122	attack	Jul 25 01:11:36 aat-srv002 sshd[1986]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.78.122 Jul 25 01:11:37 aat-srv002 sshd[1986]: Failed password for invalid user guo from 54.38.78.122 port 43276 ssh2 Jul 25 01:16:13 aat-srv002 sshd[2192]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.78.122 Jul 25 01:16:15 aat-srv002 sshd[2192]: Failed password for invalid user hector from 54.38.78.122 port 39424 ssh2 ...	2019-07-25 14:39:53

最近上报的IP列表

186.21.74.40	80.128.8.123	161.129.105.105	151.33.244.120
213.239.245.237	123.21.137.180	113.229.24.99	58.8.186.56
14.232.78.123	14.111.93.103	171.212.109.159	116.196.115.98
93.58.76.2	180.37.246.216	201.176.170.144	199.219.166.76
132.31.37.2	198.148.194.30	143.70.13.201	114.91.186.22