49.70.20.13 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): ChinaNet Jiangsu Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Unauthorised access (Dec 4) SRC=49.70.20.13 LEN=52 TTL=116 ID=6490 DF TCP DPT=3389 WINDOW=8192 SYN Unauthorised access (Dec 4) SRC=49.70.20.13 LEN=52 TTL=113 ID=30962 DF TCP DPT=1433 WINDOW=8192 SYN	2019-12-04 13:40:28

相同子网IP讨论:

IP	类型	评论内容	时间
49.70.207.70	attackspam	Apr 26 22:47:14 mail sshd\[3199\]: Invalid user ubuntu from 49.70.207.70 Apr 26 22:47:14 mail sshd\[3199\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.70.207.70 Apr 26 22:47:15 mail sshd\[3199\]: Failed password for invalid user ubuntu from 49.70.207.70 port 43947 ssh2 ...	2020-04-27 05:25:18
49.70.209.23	attack	lfd: (smtpauth) Failed SMTP AUTH login from 49.70.209.23 (-): 5 in the last 3600 secs - Wed Jun 27 18:22:47 2018	2020-02-23 22:12:09
49.70.207.187	attack	Dec 9 10:24:27 sauna sshd[62134]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.70.207.187 Dec 9 10:24:29 sauna sshd[62134]: Failed password for invalid user test from 49.70.207.187 port 38676 ssh2 ...	2019-12-09 17:46:43
49.70.207.187	attackbotsspam	Lines containing failures of 49.70.207.187 Nov 25 23:06:46 * sshd[85687]: Invalid user tshostnamesior from 49.70.207.187 port 39902 Nov 25 23:06:46 * sshd[85687]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.70.207.187 Nov 25 23:06:49 * sshd[85687]: Failed password for invalid user tshostnamesior from 49.70.207.187 port 39902 ssh2 Nov 25 23:06:49 * sshd[85687]: Received disconnect from 49.70.207.187 port 39902:11: Bye Bye [preauth] Nov 25 23:06:49 * sshd[85687]: Disconnected from invalid user tshostnamesior 49.70.207.187 port 39902 [preauth] Nov 25 23:31:29 * sshd[87274]: Invalid user vara from 49.70.207.187 port 40227 Nov 25 23:31:29 * sshd[87274]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.70.207.187 Nov 25 23:31:31 * sshd[87274]: Failed password for invalid user vara from 49.70.207.187 port 40227 ssh2 Nov 25 23:31:31 *** sshd[87274]: Received disconnect from 4........ ------------------------------	2019-11-26 08:41:49
49.70.207.187	attackspam	Nov 24 01:49:24 vserver sshd\[31134\]: Failed password for root from 49.70.207.187 port 37332 ssh2Nov 24 01:53:18 vserver sshd\[31180\]: Invalid user cansanay from 49.70.207.187Nov 24 01:53:21 vserver sshd\[31180\]: Failed password for invalid user cansanay from 49.70.207.187 port 37336 ssh2Nov 24 01:56:54 vserver sshd\[31239\]: Invalid user esquer from 49.70.207.187 ...	2019-11-24 09:13:32
49.70.207.90	attack	Oct 31 00:28:47 vps647732 sshd[4465]: Failed password for root from 49.70.207.90 port 8942 ssh2 ...	2019-10-31 08:22:56
49.70.205.186	attackspambots	Sep 13 11:09:28 flomail dovecot: imap-login: Disconnected (auth failed, 1 attempts in 10 secs): user=, method=PLAIN, rip=49.70.205.186, lip=10.140.194.78, TLS, session= Sep 13 11:09:37 flomail dovecot: imap-login: Disconnected (auth failed, 1 attempts in 9 secs): user=, method=PLAIN, rip=49.70.205.186, lip=10.140.194.78, TLS: Disconnected, session= Sep 13 11:11:27 flomail dovecot: imap-login: Disconnected (auth failed, 1 attempts in 6 secs): user=, method=PLAIN, rip=49.70.205.186, lip=10.140.194.78, TLS, session=	2019-09-14 03:32:33

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 49.70.20.13
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 13573
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;49.70.20.13.			IN	A

;; AUTHORITY SECTION:
.			296	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019120401 1800 900 604800 86400

;; Query time: 123 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Dec 04 13:40:24 CST 2019
;; MSG SIZE  rcvd: 115

HOST信息:

Host 13.20.70.49.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 13.20.70.49.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
220.246.195.211	attackbots	Sep 10 18:58:42 * sshd[15285]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.246.195.211 Sep 10 18:58:44 * sshd[15285]: Failed password for invalid user support from 220.246.195.211 port 41648 ssh2	2020-09-11 12:45:15
91.228.8.168	attack	Automatic report - XMLRPC Attack	2020-09-11 13:11:47
218.92.0.223	attackbotsspam	Sep 11 06:04:25 ns308116 sshd[17065]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.223 user=root Sep 11 06:04:28 ns308116 sshd[17065]: Failed password for root from 218.92.0.223 port 14779 ssh2 Sep 11 06:04:31 ns308116 sshd[17065]: Failed password for root from 218.92.0.223 port 14779 ssh2 Sep 11 06:04:34 ns308116 sshd[17065]: Failed password for root from 218.92.0.223 port 14779 ssh2 Sep 11 06:04:38 ns308116 sshd[17065]: Failed password for root from 218.92.0.223 port 14779 ssh2 ...	2020-09-11 13:09:54
222.186.15.62	attackbots	Sep 11 06:59:26 MainVPS sshd[18607]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.15.62 user=root Sep 11 06:59:29 MainVPS sshd[18607]: Failed password for root from 222.186.15.62 port 53252 ssh2 Sep 11 06:59:38 MainVPS sshd[18850]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.15.62 user=root Sep 11 06:59:40 MainVPS sshd[18850]: Failed password for root from 222.186.15.62 port 35894 ssh2 Sep 11 06:59:46 MainVPS sshd[19159]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.15.62 user=root Sep 11 06:59:49 MainVPS sshd[19159]: Failed password for root from 222.186.15.62 port 18490 ssh2 ...	2020-09-11 13:02:42
223.17.12.61	attack	Sep 10 18:58:30 * sshd[15134]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.17.12.61 Sep 10 18:58:32 * sshd[15134]: Failed password for invalid user admin from 223.17.12.61 port 57118 ssh2	2020-09-11 12:57:26
85.173.248.51	attackbots	20/9/10@20:37:29: FAIL: Alarm-Network address from=85.173.248.51 20/9/10@20:37:30: FAIL: Alarm-Network address from=85.173.248.51 ...	2020-09-11 13:16:50
176.31.225.213	attack	Port Scan detected from 176.31.225.213 (FR/France/Hauts-de-France/Roubaix/ns3170223.ip-176-31-225.eu). 4 hits in the last 230 seconds	2020-09-11 12:41:20
120.92.10.24	attackspambots	(sshd) Failed SSH login from 120.92.10.24 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 10 15:17:40 server2 sshd[3800]: Invalid user nick from 120.92.10.24 Sep 10 15:17:40 server2 sshd[3800]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.10.24 Sep 10 15:17:43 server2 sshd[3800]: Failed password for invalid user nick from 120.92.10.24 port 40808 ssh2 Sep 10 15:22:30 server2 sshd[8208]: Invalid user bollman from 120.92.10.24 Sep 10 15:22:30 server2 sshd[8208]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.10.24	2020-09-11 13:17:56
185.220.101.203	attackspam	2020-09-11T03:49:53.216753abusebot-6.cloudsearch.cf sshd[10412]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.220.101.203 user=root 2020-09-11T03:49:54.726558abusebot-6.cloudsearch.cf sshd[10412]: Failed password for root from 185.220.101.203 port 19138 ssh2 2020-09-11T03:49:56.561020abusebot-6.cloudsearch.cf sshd[10412]: Failed password for root from 185.220.101.203 port 19138 ssh2 2020-09-11T03:49:53.216753abusebot-6.cloudsearch.cf sshd[10412]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.220.101.203 user=root 2020-09-11T03:49:54.726558abusebot-6.cloudsearch.cf sshd[10412]: Failed password for root from 185.220.101.203 port 19138 ssh2 2020-09-11T03:49:56.561020abusebot-6.cloudsearch.cf sshd[10412]: Failed password for root from 185.220.101.203 port 19138 ssh2 2020-09-11T03:49:53.216753abusebot-6.cloudsearch.cf sshd[10412]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 ...	2020-09-11 12:51:54
91.121.30.186	attackbots	Sep 10 19:59:06 vps647732 sshd[23899]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.121.30.186 Sep 10 19:59:08 vps647732 sshd[23899]: Failed password for invalid user persilos from 91.121.30.186 port 46440 ssh2 ...	2020-09-11 12:36:57
222.186.173.226	attack	Sep 10 22:13:17 dignus sshd[31592]: Failed password for root from 222.186.173.226 port 54701 ssh2 Sep 10 22:13:20 dignus sshd[31592]: Failed password for root from 222.186.173.226 port 54701 ssh2 Sep 10 22:13:20 dignus sshd[31592]: error: maximum authentication attempts exceeded for root from 222.186.173.226 port 54701 ssh2 [preauth] Sep 10 22:13:28 dignus sshd[31615]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.226 user=root Sep 10 22:13:29 dignus sshd[31615]: Failed password for root from 222.186.173.226 port 28439 ssh2 ...	2020-09-11 13:14:21
106.13.99.107	attackspam	Sep 11 05:24:29 ovpn sshd\[23699\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.99.107 user=root Sep 11 05:24:30 ovpn sshd\[23699\]: Failed password for root from 106.13.99.107 port 47644 ssh2 Sep 11 05:33:51 ovpn sshd\[26025\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.99.107 user=root Sep 11 05:33:54 ovpn sshd\[26025\]: Failed password for root from 106.13.99.107 port 33540 ssh2 Sep 11 05:38:40 ovpn sshd\[27190\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.99.107 user=root	2020-09-11 12:51:28
103.130.226.171	attackbotsspam	trying to access non-authorized port	2020-09-11 12:47:33
14.225.238.227	attackspambots	WordPress login Brute force / Web App Attack on client site.	2020-09-11 12:41:04
185.108.106.251	attack	[2020-09-11 01:00:41] NOTICE[1239] chan_sip.c: Registration from '' failed for '185.108.106.251:64229' - Wrong password [2020-09-11 01:00:41] SECURITY[1264] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-09-11T01:00:41.108-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="8094",SessionID="0x7f4d482e4338",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.108.106.251/64229",Challenge="7c2e421c",ReceivedChallenge="7c2e421c",ReceivedHash="6c3229f1863833892578a21e90dfdce7" [2020-09-11 01:01:12] NOTICE[1239] chan_sip.c: Registration from '' failed for '185.108.106.251:63423' - Wrong password [2020-09-11 01:01:12] SECURITY[1264] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-09-11T01:01:12.565-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="5850",SessionID="0x7f4d4827ad68",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.108 ...	2020-09-11 13:03:59

最近上报的IP列表

103.216.155.78	114.220.18.18	217.31.189.56	45.46.157.146
139.9.219.137	254.68.142.132	102.156.158.22	102.60.217.85
72.187.162.41	23.235.74.20	5.221.146.102	13.116.164.207
24.54.138.169	145.164.68.241	159.137.32.212	37.187.97.38
82.233.189.93	3.244.103.131	62.37.202.23	183.254.85.244

基本信息:

用户上报:

相同子网IP讨论:

WHOIS信息:

DIG信息:

HOST信息:

NSLOOKUP信息:

相关IP信息:

最新评论:

最近上报的IP列表