49.231.66.20 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Thailand

运营商(isp): Advanced Info Service Public Company Limited

主机名(hostname): unknown

机构(organization): SBN-ISP/AWN-ISP and SBN-NIX/AWN-NIX

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Port Scan ...	2020-08-30 19:13:10
attackspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-02-25 15:26:16

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 49.231.66.20
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 21319
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;49.231.66.20.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019041101 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Thu Apr 11 16:40:51 +08 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 20.66.231.49.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 20.66.231.49.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
208.73.203.84	attackbotsspam	208.73.203.84 - - \[23/Nov/2019:16:13:06 +0100\] "POST /wp-login.php HTTP/1.0" 200 7538 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 208.73.203.84 - - \[23/Nov/2019:16:13:08 +0100\] "POST /wp-login.php HTTP/1.0" 200 7363 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 208.73.203.84 - - \[23/Nov/2019:16:13:10 +0100\] "POST /wp-login.php HTTP/1.0" 200 7358 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2019-11-24 06:30:37
117.3.58.15	attackspam	Nov 23 23:25:29 mxgate1 postfix/postscreen[26248]: CONNECT from [117.3.58.15]:30161 to [176.31.12.44]:25 Nov 23 23:25:29 mxgate1 postfix/dnsblog[26273]: addr 117.3.58.15 listed by domain zen.spamhaus.org as 127.0.0.4 Nov 23 23:25:29 mxgate1 postfix/dnsblog[26273]: addr 117.3.58.15 listed by domain zen.spamhaus.org as 127.0.0.3 Nov 23 23:25:29 mxgate1 postfix/dnsblog[26273]: addr 117.3.58.15 listed by domain zen.spamhaus.org as 127.0.0.11 Nov 23 23:25:29 mxgate1 postfix/dnsblog[26934]: addr 117.3.58.15 listed by domain cbl.abuseat.org as 127.0.0.2 Nov 23 23:25:29 mxgate1 postfix/dnsblog[26270]: addr 117.3.58.15 listed by domain ix.dnsbl.xxxxxx.net as 127.0.0.2 Nov 23 23:25:29 mxgate1 postfix/dnsblog[26271]: addr 117.3.58.15 listed by domain bl.spamcop.net as 127.0.0.2 Nov 23 23:25:29 mxgate1 postfix/dnsblog[26285]: addr 117.3.58.15 listed by domain b.barracudacentral.org as 127.0.0.2 Nov 23 23:25:35 mxgate1 postfix/postscreen[26248]: DNSBL rank 6 for [117.3.58.15]:30161 ........ -------------------------------	2019-11-24 06:58:37
202.136.213.82	attackspam	Unauthorized connection attempt from IP address 202.136.213.82 on Port 445(SMB)	2019-11-24 06:55:47
66.212.31.243	attack	Unauthorized connection attempt from IP address 66.212.31.243 on Port 445(SMB)	2019-11-24 06:59:48
45.55.80.186	attack	Nov 23 17:45:59 plusreed sshd[7379]: Invalid user server from 45.55.80.186 ...	2019-11-24 06:50:44
181.49.24.89	attackbots	Unauthorized connection attempt from IP address 181.49.24.89 on Port 445(SMB)	2019-11-24 06:50:12
31.154.0.169	attackspam	port scan/probe/communication attempt; port 23	2019-11-24 06:53:53
61.218.2.78	attack	Automatic report - Port Scan Attack	2019-11-24 06:23:47
203.151.81.77	attackbots	sshd jail - ssh hack attempt	2019-11-24 06:35:12
185.243.113.242	attackbots	Unauthorized connection attempt from IP address 185.243.113.242 on Port 3389(RDP)	2019-11-24 07:00:52
180.166.114.14	attackbotsspam	Nov 23 17:33:12 sd-53420 sshd\[10774\]: User root from 180.166.114.14 not allowed because none of user's groups are listed in AllowGroups Nov 23 17:33:12 sd-53420 sshd\[10774\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.166.114.14 user=root Nov 23 17:33:14 sd-53420 sshd\[10774\]: Failed password for invalid user root from 180.166.114.14 port 42162 ssh2 Nov 23 17:37:34 sd-53420 sshd\[11863\]: Invalid user default from 180.166.114.14 Nov 23 17:37:34 sd-53420 sshd\[11863\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.166.114.14 ...	2019-11-24 06:40:55
201.73.1.54	attack	$f2bV_matches	2019-11-24 06:35:53
118.25.27.67	attackbots	2019-11-23T22:38:48.410305shield sshd\[10599\]: Invalid user jboss from 118.25.27.67 port 54972 2019-11-23T22:38:48.413420shield sshd\[10599\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.27.67 2019-11-23T22:38:50.372652shield sshd\[10599\]: Failed password for invalid user jboss from 118.25.27.67 port 54972 ssh2 2019-11-23T22:45:58.162303shield sshd\[12359\]: Invalid user white from 118.25.27.67 port 35014 2019-11-23T22:45:58.166634shield sshd\[12359\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.27.67	2019-11-24 06:51:33
46.245.3.164	attackbots	Unauthorized connection attempt from IP address 46.245.3.164 on Port 445(SMB)	2019-11-24 06:51:54
81.28.100.121	attack	Nov 23 15:16:43 exim[1637]: [1\49] 1iYWDJ-0000QP-8a H=awake.shrewdmhealth.com (awake.exfundex.co) [81.28.100.121] F= rejected after DATA: This message scored 99.8 spam points.	2019-11-24 06:21:48

最近上报的IP列表

193.32.163.85	105.233.34.9	36.82.96.78	137.74.100.94
50.224.238.78	103.249.76.231	23.253.111.34	45.236.74.167
14.240.16.14	180.113.62.80	46.224.1.114	113.189.131.236
185.254.52.149	171.238.69.31	39.37.150.67	189.87.142.182
138.185.119.9	197.60.244.237	36.84.226.68	187.110.238.155