49.70.20.13 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): ChinaNet Jiangsu Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Unauthorised access (Dec 4) SRC=49.70.20.13 LEN=52 TTL=116 ID=6490 DF TCP DPT=3389 WINDOW=8192 SYN Unauthorised access (Dec 4) SRC=49.70.20.13 LEN=52 TTL=113 ID=30962 DF TCP DPT=1433 WINDOW=8192 SYN	2019-12-04 13:40:28

相同子网IP讨论:

IP	类型	评论内容	时间
49.70.207.70	attackspam	Apr 26 22:47:14 mail sshd\[3199\]: Invalid user ubuntu from 49.70.207.70 Apr 26 22:47:14 mail sshd\[3199\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.70.207.70 Apr 26 22:47:15 mail sshd\[3199\]: Failed password for invalid user ubuntu from 49.70.207.70 port 43947 ssh2 ...	2020-04-27 05:25:18
49.70.209.23	attack	lfd: (smtpauth) Failed SMTP AUTH login from 49.70.209.23 (-): 5 in the last 3600 secs - Wed Jun 27 18:22:47 2018	2020-02-23 22:12:09
49.70.207.187	attack	Dec 9 10:24:27 sauna sshd[62134]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.70.207.187 Dec 9 10:24:29 sauna sshd[62134]: Failed password for invalid user test from 49.70.207.187 port 38676 ssh2 ...	2019-12-09 17:46:43
49.70.207.187	attackbotsspam	Lines containing failures of 49.70.207.187 Nov 25 23:06:46 * sshd[85687]: Invalid user tshostnamesior from 49.70.207.187 port 39902 Nov 25 23:06:46 * sshd[85687]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.70.207.187 Nov 25 23:06:49 * sshd[85687]: Failed password for invalid user tshostnamesior from 49.70.207.187 port 39902 ssh2 Nov 25 23:06:49 * sshd[85687]: Received disconnect from 49.70.207.187 port 39902:11: Bye Bye [preauth] Nov 25 23:06:49 * sshd[85687]: Disconnected from invalid user tshostnamesior 49.70.207.187 port 39902 [preauth] Nov 25 23:31:29 * sshd[87274]: Invalid user vara from 49.70.207.187 port 40227 Nov 25 23:31:29 * sshd[87274]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.70.207.187 Nov 25 23:31:31 * sshd[87274]: Failed password for invalid user vara from 49.70.207.187 port 40227 ssh2 Nov 25 23:31:31 *** sshd[87274]: Received disconnect from 4........ ------------------------------	2019-11-26 08:41:49
49.70.207.187	attackspam	Nov 24 01:49:24 vserver sshd\[31134\]: Failed password for root from 49.70.207.187 port 37332 ssh2Nov 24 01:53:18 vserver sshd\[31180\]: Invalid user cansanay from 49.70.207.187Nov 24 01:53:21 vserver sshd\[31180\]: Failed password for invalid user cansanay from 49.70.207.187 port 37336 ssh2Nov 24 01:56:54 vserver sshd\[31239\]: Invalid user esquer from 49.70.207.187 ...	2019-11-24 09:13:32
49.70.207.90	attack	Oct 31 00:28:47 vps647732 sshd[4465]: Failed password for root from 49.70.207.90 port 8942 ssh2 ...	2019-10-31 08:22:56
49.70.205.186	attackspambots	Sep 13 11:09:28 flomail dovecot: imap-login: Disconnected (auth failed, 1 attempts in 10 secs): user=, method=PLAIN, rip=49.70.205.186, lip=10.140.194.78, TLS, session= Sep 13 11:09:37 flomail dovecot: imap-login: Disconnected (auth failed, 1 attempts in 9 secs): user=, method=PLAIN, rip=49.70.205.186, lip=10.140.194.78, TLS: Disconnected, session= Sep 13 11:11:27 flomail dovecot: imap-login: Disconnected (auth failed, 1 attempts in 6 secs): user=, method=PLAIN, rip=49.70.205.186, lip=10.140.194.78, TLS, session=	2019-09-14 03:32:33

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 49.70.20.13
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 13573
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;49.70.20.13.			IN	A

;; AUTHORITY SECTION:
.			296	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019120401 1800 900 604800 86400

;; Query time: 123 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Dec 04 13:40:24 CST 2019
;; MSG SIZE  rcvd: 115

HOST信息:

Host 13.20.70.49.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 13.20.70.49.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
125.25.254.138	attack	Unauthorised access (Aug 31) SRC=125.25.254.138 LEN=52 TTL=115 ID=3913 DF TCP DPT=445 WINDOW=8192 SYN	2020-08-31 12:04:46
97.74.24.212	attackbots	Trolling for resource vulnerabilities	2020-08-31 12:18:08
128.199.121.32	attackspam	$f2bV_matches	2020-08-31 12:03:01
191.235.73.68	attackspambots	Bruteforce detected by fail2ban	2020-08-31 12:12:03
35.228.243.135	attack	Port Scan ...	2020-08-31 12:20:57
218.92.0.224	attack	Aug 31 04:16:46 hcbbdb sshd\[7544\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.224 user=root Aug 31 04:16:49 hcbbdb sshd\[7544\]: Failed password for root from 218.92.0.224 port 45012 ssh2 Aug 31 04:16:52 hcbbdb sshd\[7544\]: Failed password for root from 218.92.0.224 port 45012 ssh2 Aug 31 04:16:55 hcbbdb sshd\[7544\]: Failed password for root from 218.92.0.224 port 45012 ssh2 Aug 31 04:16:58 hcbbdb sshd\[7544\]: Failed password for root from 218.92.0.224 port 45012 ssh2	2020-08-31 12:25:42
54.171.216.22	attackspambots	31.08.2020 06:00:00 - Wordpress fail Detected by ELinOX-ALM	2020-08-31 12:00:03
222.186.180.17	attack	Aug 31 06:20:35 marvibiene sshd[1443]: Failed password for root from 222.186.180.17 port 62166 ssh2 Aug 31 06:20:40 marvibiene sshd[1443]: Failed password for root from 222.186.180.17 port 62166 ssh2	2020-08-31 12:28:31
96.77.43.233	attackbots	spam	2020-08-31 12:01:32
78.134.90.115	attack	spam	2020-08-31 12:18:48
161.35.232.103	attackspam	161.35.232.103 - - [31/Aug/2020:04:59:16 +0100] "POST /wp/wp-login.php HTTP/1.1" 200 1865 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 161.35.232.103 - - [31/Aug/2020:04:59:17 +0100] "POST /wp/wp-login.php HTTP/1.1" 200 1846 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 161.35.232.103 - - [31/Aug/2020:04:59:18 +0100] "POST /wp/xmlrpc.php HTTP/1.1" 200 247 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-31 12:21:55
203.160.92.174	attackbotsspam	203.160.92.174 - - \[30/Aug/2020:22:31:21 +0200\] "POST /wp-login.php HTTP/1.0" 200 9033 "https://lellesch.com/wp-login.php" "Mozilla/5.0 $Windows\; U\; Windows NT 6.1\; en-US$ AppleWebKit/534.10 $KHTML, like Gecko$ Chrome/8.0.552.224 Safari/534.10" 203.160.92.174 - - \[30/Aug/2020:22:31:24 +0200\] "POST /wp-login.php HTTP/1.0" 200 9046 "https://lellesch.com/wp-login.php" "Mozilla/5.0 $Windows\; U\; Windows NT 6.1\; en-US$ AppleWebKit/534.10 $KHTML, like Gecko$ Chrome/8.0.552.224 Safari/534.10" 203.160.92.174 - - \[30/Aug/2020:22:31:27 +0200\] "POST /wp-login.php HTTP/1.0" 200 9046 "https://lellesch.com/wp-login.php" "Mozilla/5.0 $Windows\; U\; Windows NT 6.1\; en-US$ AppleWebKit/534.10 $KHTML, like Gecko$ Chrome/8.0.552.224 Safari/534.10"	2020-08-31 09:15:59
222.186.175.183	attackbotsspam	2020-08-31T06:25:59.016748centos sshd[31682]: Failed password for root from 222.186.175.183 port 25926 ssh2 2020-08-31T06:26:04.846653centos sshd[31682]: Failed password for root from 222.186.175.183 port 25926 ssh2 2020-08-31T06:26:09.539349centos sshd[31682]: Failed password for root from 222.186.175.183 port 25926 ssh2 ...	2020-08-31 12:34:48
171.225.242.67	attack	Aug 31 10:59:07 itv-usvr-01 sshd[20926]: Invalid user admin from 171.225.242.67 Aug 31 10:59:07 itv-usvr-01 sshd[20926]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.225.242.67 Aug 31 10:59:07 itv-usvr-01 sshd[20926]: Invalid user admin from 171.225.242.67 Aug 31 10:59:09 itv-usvr-01 sshd[20926]: Failed password for invalid user admin from 171.225.242.67 port 55203 ssh2 Aug 31 10:59:07 itv-usvr-01 sshd[20926]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.225.242.67 Aug 31 10:59:07 itv-usvr-01 sshd[20926]: Invalid user admin from 171.225.242.67 Aug 31 10:59:09 itv-usvr-01 sshd[20926]: Failed password for invalid user admin from 171.225.242.67 port 55203 ssh2	2020-08-31 12:27:56
61.1.132.57	attackspambots	1598846352 - 08/31/2020 05:59:12 Host: 61.1.132.57/61.1.132.57 Port: 445 TCP Blocked ...	2020-08-31 12:26:45

最近上报的IP列表

103.216.155.78	114.220.18.18	217.31.189.56	45.46.157.146
139.9.219.137	254.68.142.132	102.156.158.22	102.60.217.85
72.187.162.41	23.235.74.20	5.221.146.102	13.116.164.207
24.54.138.169	145.164.68.241	159.137.32.212	37.187.97.38
82.233.189.93	3.244.103.131	62.37.202.23	183.254.85.244

基本信息:

用户上报:

相同子网IP讨论:

WHOIS信息:

DIG信息:

HOST信息:

NSLOOKUP信息:

相关IP信息:

最新评论:

最近上报的IP列表