3.1.20.213 - IPInfo

基本信息:

城市(city): Singapore

省份(region): unknown

国家(country): Singapore

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
3.1.201.108	attack	attempted connection to port 9200	2020-03-05 02:43:46
3.1.201.89	attack	2019-08-30T20:49:15.143112abusebot-6.cloudsearch.cf sshd\[17540\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ec2-3-1-201-89.ap-southeast-1.compute.amazonaws.com user=root	2019-08-31 04:59:09
3.1.20.64	attackbots	Lines containing failures of 3.1.20.64 Jul 11 05:31:36 shared12 postfix/smtpd[3713]: connect from em3-3-1-20-64.ap-southeast-1.compute.amazonaws.com[3.1.20.64] Jul x@x Jul x@x Jul 11 05:31:38 shared12 postfix/smtpd[3713]: disconnect from em3-3-1-20-64.ap-southeast-1.compute.amazonaws.com[3.1.20.64] ehlo=1 mail=2 rcpt=0/2 data=0/2 eclipset=1 quhostname=1 commands=5/9 Jul 11 05:31:42 shared12 postfix/smtpd[29762]: connect from em3-3-1-20-64.ap-southeast-1.compute.amazonaws.com[3.1.20.64] Jul x@x Jul x@x Jul 11 05:31:44 shared12 postfix/smtpd[29762]: disconnect from em3-3-1-20-64.ap-southeast-1.compute.amazonaws.com[3.1.20.64] ehlo=1 mail=2 rcpt=0/2 data=0/2 eclipset=1 quhostname=1 commands=5/9 Jul 11 05:31:49 shared12 postfix/smtpd[29762]: connect from em3-3-1-20-64.ap-southeast-1.compute.amazonaws.com[3.1.20.64] Jul x@x Jul x@x Jul 11 05:31:50 shared12 postfix/smtpd[29762]: disconnect from em3-3-1-20-64.ap-southeast-1.compute.amazonaws.com[3.1.20.64] ehlo=1 mail=2 rcpt=0/........ ------------------------------	2019-07-11 21:01:17

类型

评论内容

时间

3.1.201.108

attack

attempted connection to port 9200

2020-03-05 02:43:46

3.1.201.89

attack

2019-08-30T20:49:15.143112abusebot-6.cloudsearch.cf sshd\[17540\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ec2-3-1-201-89.ap-southeast-1.compute.amazonaws.com  user=root

2019-08-31 04:59:09

3.1.20.64

attackbots

Lines containing failures of 3.1.20.64
Jul 11 05:31:36 shared12 postfix/smtpd[3713]: connect from em3-3-1-20-64.ap-southeast-1.compute.amazonaws.com[3.1.20.64]
Jul x@x
Jul x@x
Jul 11 05:31:38 shared12 postfix/smtpd[3713]: disconnect from em3-3-1-20-64.ap-southeast-1.compute.amazonaws.com[3.1.20.64] ehlo=1 mail=2 rcpt=0/2 data=0/2 eclipset=1 quhostname=1 commands=5/9
Jul 11 05:31:42 shared12 postfix/smtpd[29762]: connect from em3-3-1-20-64.ap-southeast-1.compute.amazonaws.com[3.1.20.64]
Jul x@x
Jul x@x
Jul 11 05:31:44 shared12 postfix/smtpd[29762]: disconnect from em3-3-1-20-64.ap-southeast-1.compute.amazonaws.com[3.1.20.64] ehlo=1 mail=2 rcpt=0/2 data=0/2 eclipset=1 quhostname=1 commands=5/9
Jul 11 05:31:49 shared12 postfix/smtpd[29762]: connect from em3-3-1-20-64.ap-southeast-1.compute.amazonaws.com[3.1.20.64]
Jul x@x
Jul x@x
Jul 11 05:31:50 shared12 postfix/smtpd[29762]: disconnect from em3-3-1-20-64.ap-southeast-1.compute.amazonaws.com[3.1.20.64] ehlo=1 mail=2 rcpt=0/........
------------------------------

2019-07-11 21:01:17

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 3.1.20.213
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 35600
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;3.1.20.213.			IN	A

;; AUTHORITY SECTION:
.			402	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2024040402 1800 900 604800 86400

;; Query time: 29 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Apr 05 08:08:45 CST 2024
;; MSG SIZE  rcvd: 103

HOST信息:

213.20.1.3.in-addr.arpa domain name pointer ec2-3-1-20-213.ap-southeast-1.compute.amazonaws.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
213.20.1.3.in-addr.arpa	name = ec2-3-1-20-213.ap-southeast-1.compute.amazonaws.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
59.91.127.29	attackspam	Automatic report - Banned IP Access	2019-10-18 07:15:52
94.191.109.38	attack	Oct 17 19:02:20 ntop sshd[12989]: Invalid user sylvia from 94.191.109.38 port 55780 Oct 17 19:02:22 ntop sshd[12989]: Failed password for invalid user sylvia from 94.191.109.38 port 55780 ssh2 Oct 17 19:02:23 ntop sshd[12989]: Received disconnect from 94.191.109.38 port 55780:11: Bye Bye [preauth] Oct 17 19:02:23 ntop sshd[12989]: Disconnected from 94.191.109.38 port 55780 [preauth] Oct 17 19:11:29 ntop sshd[13223]: Invalid user ts3sleep from 94.191.109.38 port 53938 Oct 17 19:11:31 ntop sshd[13223]: Failed password for invalid user ts3sleep from 94.191.109.38 port 53938 ssh2 Oct 17 19:11:31 ntop sshd[13223]: Received disconnect from 94.191.109.38 port 53938:11: Bye Bye [preauth] Oct 17 19:11:31 ntop sshd[13223]: Disconnected from 94.191.109.38 port 53938 [preauth] Oct 17 19:17:26 ntop sshd[13384]: User r.r from 94.191.109.38 not allowed because not listed in AllowUsers Oct 17 19:17:26 ntop sshd[13384]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 ........ -------------------------------	2019-10-18 06:59:05
201.16.247.135	attackspambots	Mar 8 18:20:05 odroid64 sshd\[7282\]: User root from 201.16.247.135 not allowed because not listed in AllowUsers Mar 8 18:20:05 odroid64 sshd\[7282\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.16.247.135 user=root Mar 8 18:20:07 odroid64 sshd\[7282\]: Failed password for invalid user root from 201.16.247.135 port 39582 ssh2 Mar 17 06:17:14 odroid64 sshd\[6490\]: Invalid user ben from 201.16.247.135 Mar 17 06:17:14 odroid64 sshd\[6490\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.16.247.135 Mar 17 06:17:16 odroid64 sshd\[6490\]: Failed password for invalid user ben from 201.16.247.135 port 48280 ssh2 Mar 20 02:00:36 odroid64 sshd\[2626\]: Invalid user tir from 201.16.247.135 Mar 20 02:00:36 odroid64 sshd\[2626\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.16.247.135 Mar 20 02:00:38 odroid64 sshd\[2626\]: Failed password for inva ...	2019-10-18 07:11:55
121.173.65.189	attackbots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/121.173.65.189/ KR - 1H : (66) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : KR NAME ASN : ASN4766 IP : 121.173.65.189 CIDR : 121.173.0.0/16 PREFIX COUNT : 8136 UNIQUE IP COUNT : 44725248 WYKRYTE ATAKI Z ASN4766 : 1H - 3 3H - 6 6H - 10 12H - 22 24H - 45 DateTime : 2019-10-17 21:49:48 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-10-18 07:16:51
175.138.108.78	attackspam	Oct 18 06:04:34 webhost01 sshd[12565]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.138.108.78 Oct 18 06:04:36 webhost01 sshd[12565]: Failed password for invalid user Juhani from 175.138.108.78 port 42664 ssh2 ...	2019-10-18 07:11:08
201.163.180.183	attackspambots	Invalid user squid from 201.163.180.183 port 53290	2019-10-18 06:56:55
145.239.10.217	attackspam	$f2bV_matches	2019-10-18 06:53:29
121.204.150.59	attack	Oct 18 00:56:48 sticky sshd\[28387\]: Invalid user webroot1 from 121.204.150.59 port 55580 Oct 18 00:56:48 sticky sshd\[28387\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.204.150.59 Oct 18 00:56:50 sticky sshd\[28387\]: Failed password for invalid user webroot1 from 121.204.150.59 port 55580 ssh2 Oct 18 01:01:26 sticky sshd\[28496\]: Invalid user killemall from 121.204.150.59 port 46678 Oct 18 01:01:26 sticky sshd\[28496\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.204.150.59 ...	2019-10-18 07:13:37
81.22.45.146	attackbots	SNORT TCP Port: 3389 Classtype misc-attack - ET CINS Active Threat Intelligence Poor Reputation IP group 78 - - Destination xx.xx.4.1 Port: 3389 - - Source 81.22.45.146 Port: 53831 _ (Listed on zen-spamhaus) _ _ (775)	2019-10-18 07:06:35
82.79.208.5	attackbotsspam	Oct 17 21:37:14 econome sshd[21246]: Failed password for invalid user 666666 from 82.79.208.5 port 60527 ssh2 Oct 17 21:37:18 econome sshd[21247]: Failed password for invalid user 666666 from 82.79.208.5 port 53518 ssh2 Oct 17 21:37:22 econome sshd[21251]: Failed password for invalid user 666666 from 82.79.208.5 port 51315 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=82.79.208.5	2019-10-18 07:05:19
222.186.175.154	attackbotsspam	Oct 18 00:51:02 rotator sshd\[8756\]: Failed password for root from 222.186.175.154 port 22202 ssh2Oct 18 00:51:07 rotator sshd\[8756\]: Failed password for root from 222.186.175.154 port 22202 ssh2Oct 18 00:51:12 rotator sshd\[8756\]: Failed password for root from 222.186.175.154 port 22202 ssh2Oct 18 00:51:15 rotator sshd\[8756\]: Failed password for root from 222.186.175.154 port 22202 ssh2Oct 18 00:51:20 rotator sshd\[8756\]: Failed password for root from 222.186.175.154 port 22202 ssh2Oct 18 00:51:31 rotator sshd\[8765\]: Failed password for root from 222.186.175.154 port 34942 ssh2 ...	2019-10-18 06:52:44
71.58.196.193	attackbotsspam	Oct 18 01:06:41 jane sshd[1044]: Failed password for root from 71.58.196.193 port 18167 ssh2 ...	2019-10-18 07:24:54
201.159.153.103	attackbots	Feb 27 10:48:11 odroid64 sshd\[32039\]: Invalid user manage from 201.159.153.103 Feb 27 10:48:11 odroid64 sshd\[32039\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.159.153.103 Feb 27 10:48:14 odroid64 sshd\[32039\]: Failed password for invalid user manage from 201.159.153.103 port 46214 ssh2 ...	2019-10-18 07:22:49
179.106.107.173	attackbotsspam	firewall-block, port(s): 8080/tcp	2019-10-18 07:00:14
222.186.175.220	attackbotsspam	$f2bV_matches	2019-10-18 06:59:31

最近上报的IP列表

3.1.37.17	3.1.83.34	3.1.84.164	3.1.164.81
3.1.83.211	3.1.80.128	3.1.101.133	2.57.79.83
2.230.19.211	3.0.0.78	3.0.86.253	3.1.5.114
1.15.80.23	2.56.72.84	2.56.72.64	2.56.72.27
2.56.72.17	2.56.72.187	3.0.17.156	3.1.120.135