160.20.253.49 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): South Africa

运营商(isp): Aeonova360 Management Services (Pty) Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Brute forcing RDP port 3389	2020-07-09 14:47:21

相同子网IP讨论:

IP	类型	评论内容	时间
160.20.253.18	attackspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-07-06 01:33:06
160.20.253.64	attackbots	firewall-block, port(s): 1433/tcp	2020-05-07 17:52:34
160.20.253.6	attackspambots	Honeypot attack, port: 445, PTR: PTR record not found	2020-02-28 15:13:33
160.20.253.19	attackbots	Unauthorized connection attempt detected from IP address 160.20.253.19 to port 1433 [J]	2020-01-25 17:42:45
160.20.253.41	attack	1433/tcp [2019-12-13]1pkt	2019-12-14 00:27:13
160.20.253.23	attackspam	Honeypot attack, port: 445, PTR: PTR record not found	2019-12-10 13:40:19
160.20.253.6	attackbotsspam	SMB Server BruteForce Attack	2019-08-26 14:18:06

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 160.20.253.49
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 36403
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;160.20.253.49.			IN	A

;; AUTHORITY SECTION:
.			210	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020070900 1800 900 604800 86400

;; Query time: 91 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jul 09 14:47:13 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 49.253.20.160.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 49.253.20.160.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
63.81.87.141	attack	Jan 26 06:35:28 grey postfix/smtpd\[16314\]: NOQUEUE: reject: RCPT from fondle.jcnovel.com\[63.81.87.141\]: 554 5.7.1 Service unavailable\; Client host \[63.81.87.141\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[63.81.87.141\]\; from=\ to=\ proto=ESMTP helo=\Jan 26 06:35:28 grey postfix/smtpd\[27130\]: NOQUEUE: reject: RCPT from fondle.jcnovel.com\[63.81.87.141\]: 554 5.7.1 Service unavailable\; Client host \[63.81.87.141\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[63.81.87.141\]\; from=\ to=\ proto=ESMTP helo=\Jan 26 06:35:28 grey postfix/smtpd\[26707\]: NOQUEUE: reject: RCPT from fondle.jcnovel.com\[63.81.87.141\]: 554 5.7.1 Service unavailable\; Client host \[63.81.87.141\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[63.81.87.141\]\; from=\	2020-01-26 19:39:33
103.129.223.90	attackspam	Jan 26 06:03:04 ns392434 sshd[6354]: Invalid user webtest from 103.129.223.90 port 40878 Jan 26 06:03:04 ns392434 sshd[6354]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.129.223.90 Jan 26 06:03:04 ns392434 sshd[6354]: Invalid user webtest from 103.129.223.90 port 40878 Jan 26 06:03:05 ns392434 sshd[6354]: Failed password for invalid user webtest from 103.129.223.90 port 40878 ssh2 Jan 26 06:08:07 ns392434 sshd[6457]: Invalid user amanda from 103.129.223.90 port 44440 Jan 26 06:08:07 ns392434 sshd[6457]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.129.223.90 Jan 26 06:08:07 ns392434 sshd[6457]: Invalid user amanda from 103.129.223.90 port 44440 Jan 26 06:08:09 ns392434 sshd[6457]: Failed password for invalid user amanda from 103.129.223.90 port 44440 ssh2 Jan 26 06:10:03 ns392434 sshd[6524]: Invalid user jenkins from 103.129.223.90 port 33148	2020-01-26 19:39:15
84.17.36.35	attack	Probing for vulnerable jquery-file-upload. 84.17.36.35 - - [26/Jan/2020:09:08:24 +0000] "GET /assets/global/plugins/jquery-file-upload/server/php/index.php?secure=1 HTTP/1.1" 403 153 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:54.0) Gecko/20100101 Firefox/54.0"	2020-01-26 19:28:53
219.239.27.158	attackbots	Unauthorized connection attempt detected from IP address 219.239.27.158 to port 22 [T]	2020-01-26 19:07:38
92.81.157.131	attack	Unauthorized connection attempt detected from IP address 92.81.157.131 to port 23 [J]	2020-01-26 19:34:24
63.81.87.245	attackspambots	RBL listed IP. Trying to send Spam. IP autobanned	2020-01-26 19:27:22
83.240.245.242	attackspambots	Unauthorized connection attempt detected from IP address 83.240.245.242 to port 2220 [J]	2020-01-26 19:16:51
49.234.203.241	attack	Jan 26 09:47:33 pl1server sshd[2081]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.203.241 user=r.r Jan 26 09:47:35 pl1server sshd[2081]: Failed password for r.r from 49.234.203.241 port 58400 ssh2 Jan 26 09:47:35 pl1server sshd[2081]: Received disconnect from 49.234.203.241: 11: Bye Bye [preauth] Jan 26 10:10:17 pl1server sshd[5346]: Invalid user bob from 49.234.203.241 Jan 26 10:10:17 pl1server sshd[5346]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.203.241 Jan 26 10:10:18 pl1server sshd[5346]: Failed password for invalid user bob from 49.234.203.241 port 51446 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=49.234.203.241	2020-01-26 19:47:00
45.138.69.185	attackspam	Lines containing failures of 45.138.69.185 Jan 25 22:11:12 zabbix sshd[79200]: Invalid user yuri from 45.138.69.185 port 49480 Jan 25 22:11:12 zabbix sshd[79200]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.138.69.185 Jan 25 22:11:14 zabbix sshd[79200]: Failed password for invalid user yuri from 45.138.69.185 port 49480 ssh2 Jan 25 22:11:14 zabbix sshd[79200]: Received disconnect from 45.138.69.185 port 49480:11: Bye Bye [preauth] Jan 25 22:11:14 zabbix sshd[79200]: Disconnected from invalid user yuri 45.138.69.185 port 49480 [preauth] Jan 25 22:25:36 zabbix sshd[81026]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.138.69.185 user=news Jan 25 22:25:38 zabbix sshd[81026]: Failed password for news from 45.138.69.185 port 52386 ssh2 Jan 25 22:25:39 zabbix sshd[81026]: Received disconnect from 45.138.69.185 port 52386:11: Bye Bye [preauth] Jan 25 22:25:39 zabbix sshd[81026]: Disconn........ ------------------------------	2020-01-26 19:46:42
132.232.132.103	attackbots	Unauthorized connection attempt detected from IP address 132.232.132.103 to port 2220 [J]	2020-01-26 19:44:42
182.75.216.190	attackbots	Unauthorized connection attempt detected from IP address 182.75.216.190 to port 2220 [J]	2020-01-26 19:38:04
81.177.98.52	attack	Unauthorized connection attempt detected from IP address 81.177.98.52 to port 2220 [J]	2020-01-26 19:31:09
178.62.36.116	attackbots	Unauthorized connection attempt detected from IP address 178.62.36.116 to port 2220 [J]	2020-01-26 19:42:20
128.199.232.47	attackbotsspam	Jan 26 11:33:12 www_kotimaassa_fi sshd[7322]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.232.47 Jan 26 11:33:15 www_kotimaassa_fi sshd[7322]: Failed password for invalid user zn from 128.199.232.47 port 49618 ssh2 ...	2020-01-26 19:38:40
60.28.204.205	attack	Unauthorized connection attempt detected from IP address 60.28.204.205 to port 80 [J]	2020-01-26 19:41:17

最近上报的IP列表

113.175.99.174	186.116.85.125	221.124.47.108	14.161.34.126
203.91.115.49	14.177.234.86	187.109.46.70	201.251.147.121
186.232.14.27	179.206.30.70	114.29.236.176	178.124.177.67
200.125.244.75	138.204.27.214	37.105.14.163	123.194.153.87
106.52.12.21	27.110.129.12	91.223.112.229	110.77.228.18