103.92.30.106 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Viet Nam

运营商(isp): Viet Solutions Servers Trading Company Limited - Hanoi Branch

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Commercial

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Dec 1 07:30:14 icecube postfix/smtpd[30679]: NOQUEUE: reject: RCPT from a.zjsoso.com[103.92.30.106]: 554 5.7.1 Service unavailable; Client host [103.92.30.106] blocked using all.spamrats.com; SPAMRATS IP Addresses See: http://www.spamrats.com/bl?103.92.30.106; from= to= proto=ESMTP helo=	2019-12-01 15:23:50

类型

评论内容

时间

attackspambots

Dec  1 07:30:14 icecube postfix/smtpd[30679]: NOQUEUE: reject: RCPT from a.zjsoso.com[103.92.30.106]: 554 5.7.1 Service unavailable; Client host [103.92.30.106] blocked using all.spamrats.com; SPAMRATS IP Addresses See: http://www.spamrats.com/bl?103.92.30.106; from= to= proto=ESMTP helo=

2019-12-01 15:23:50

相同子网IP讨论:

IP	类型	评论内容	时间
103.92.30.33	attack	103.92.30.33 - - [10/Sep/2019:06:00:54 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 103.92.30.33 - - [10/Sep/2019:06:00:56 +0200] "POST /wp-login.php HTTP/1.1" 200 1503 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 103.92.30.33 - - [10/Sep/2019:06:00:57 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 103.92.30.33 - - [10/Sep/2019:06:00:59 +0200] "POST /wp-login.php HTTP/1.1" 200 1489 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 103.92.30.33 - - [10/Sep/2019:06:01:00 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 103.92.30.33 - - [10/Sep/2019:06:01:02 +0200] "POST /wp-login.php HTTP/1.1" 200 1491 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-09-10 15:12:49
103.92.30.80	attackbotsspam	WordPress brute force	2019-09-09 08:57:59
103.92.30.33	attackbots	fail2ban honeypot	2019-09-08 23:36:39
103.92.30.80	attackbotsspam	www.goldgier.de 103.92.30.80 \[25/Aug/2019:20:51:19 +0200\] "POST /wp-login.php HTTP/1.1" 200 8725 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" www.goldgier.de 103.92.30.80 \[25/Aug/2019:20:51:23 +0200\] "POST /wp-login.php HTTP/1.1" 200 8726 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-08-26 04:24:36
103.92.30.80	attackspam	Wordpress Admin Login attack	2019-08-24 09:15:12
103.92.30.80	attack	WordPress login Brute force / Web App Attack on client site.	2019-08-09 02:53:31
103.92.30.80	attackspambots	fail2ban honeypot	2019-07-28 23:18:14
103.92.30.80	attack	fail2ban honeypot	2019-07-13 06:35:52

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.92.30.106
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 38550
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;103.92.30.106.			IN	A

;; AUTHORITY SECTION:
.			550	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019113002 1800 900 604800 86400

;; Query time: 113 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Dec 01 15:23:45 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

106.30.92.103.in-addr.arpa domain name pointer a.zjsoso.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
106.30.92.103.in-addr.arpa	name = a.zjsoso.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
67.207.89.207	attackspambots	Mar 14 05:23:59 vps647732 sshd[18189]: Failed password for root from 67.207.89.207 port 58582 ssh2 ...	2020-03-14 12:34:53
46.101.19.133	attack	Mar 14 05:40:02 vps647732 sshd[18900]: Failed password for root from 46.101.19.133 port 51451 ssh2 ...	2020-03-14 12:53:49
149.154.71.44	attackspam	Mar 14 05:56:39 debian-2gb-nbg1-2 kernel: \[6420930.258450\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=149.154.71.44 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=51 ID=46340 DF PROTO=TCP SPT=33626 DPT=80 WINDOW=0 RES=0x00 RST URGP=0	2020-03-14 13:07:01
49.234.196.215	attackbots	(sshd) Failed SSH login from 49.234.196.215 (CN/China/-): 5 in the last 3600 secs	2020-03-14 12:43:39
221.226.251.58	attack	Mar 14 04:50:31 meumeu sshd[11160]: Failed password for minecraft from 221.226.251.58 port 49368 ssh2 Mar 14 04:55:30 meumeu sshd[11705]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.226.251.58 Mar 14 04:55:32 meumeu sshd[11705]: Failed password for invalid user office2 from 221.226.251.58 port 33260 ssh2 ...	2020-03-14 12:24:04
78.131.11.10	attackspambots	SSH brutforce	2020-03-14 13:08:42
106.12.220.84	attackspam	Mar 13 21:12:51 mockhub sshd[15132]: Failed password for root from 106.12.220.84 port 40708 ssh2 ...	2020-03-14 12:38:39
80.82.65.74	attackspam	Mar 14 04:56:00 debian-2gb-nbg1-2 kernel: \[6417291.598170\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=80.82.65.74 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=34406 PROTO=TCP SPT=40250 DPT=24119 WINDOW=1024 RES=0x00 SYN URGP=0	2020-03-14 12:52:13
49.233.87.107	attack	(sshd) Failed SSH login from 49.233.87.107 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Mar 14 05:58:28 s1 sshd[13611]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.87.107 user=root Mar 14 05:58:30 s1 sshd[13611]: Failed password for root from 49.233.87.107 port 43172 ssh2 Mar 14 06:02:35 s1 sshd[13699]: Invalid user ken from 49.233.87.107 port 58168 Mar 14 06:02:36 s1 sshd[13699]: Failed password for invalid user ken from 49.233.87.107 port 58168 ssh2 Mar 14 06:06:12 s1 sshd[13808]: Invalid user Julio from 49.233.87.107 port 39478	2020-03-14 12:46:35
222.186.180.17	attackspam	Mar 14 05:22:42 santamaria sshd\[16780\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.17 user=root Mar 14 05:22:44 santamaria sshd\[16780\]: Failed password for root from 222.186.180.17 port 57150 ssh2 Mar 14 05:22:57 santamaria sshd\[16780\]: Failed password for root from 222.186.180.17 port 57150 ssh2 ...	2020-03-14 12:28:38
222.186.15.18	attack	Mar 14 05:35:19 v22018053744266470 sshd[30385]: Failed password for root from 222.186.15.18 port 17100 ssh2 Mar 14 05:41:14 v22018053744266470 sshd[30823]: Failed password for root from 222.186.15.18 port 28294 ssh2 ...	2020-03-14 12:49:46
212.64.19.123	attackbots	Mar 14 05:27:12 lnxded63 sshd[6699]: Failed password for root from 212.64.19.123 port 58638 ssh2 Mar 14 05:27:12 lnxded63 sshd[6699]: Failed password for root from 212.64.19.123 port 58638 ssh2	2020-03-14 12:42:49
185.234.219.82	attackbotsspam	Mar 14 04:08:19 mail postfix/smtpd\[14406\]: warning: unknown\[185.234.219.82\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Mar 14 04:16:17 mail postfix/smtpd\[14044\]: warning: unknown\[185.234.219.82\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Mar 14 04:48:15 mail postfix/smtpd\[15313\]: warning: unknown\[185.234.219.82\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Mar 14 04:56:16 mail postfix/smtpd\[15313\]: warning: unknown\[185.234.219.82\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\	2020-03-14 12:47:46
178.254.55.25	attackbotsspam	detected by Fail2Ban	2020-03-14 13:05:53
118.200.41.3	attackspambots	k+ssh-bruteforce	2020-03-14 13:03:50

最近上报的IP列表

186.21.74.40	80.128.8.123	161.129.105.105	151.33.244.120
213.239.245.237	123.21.137.180	113.229.24.99	58.8.186.56
14.232.78.123	14.111.93.103	171.212.109.159	116.196.115.98
93.58.76.2	180.37.246.216	201.176.170.144	199.219.166.76
132.31.37.2	198.148.194.30	143.70.13.201	114.91.186.22