49.81.93.107 - IPInfo

基本信息:

城市(city): Xuzhou

省份(region): Jiangsu

国家(country): China

运营商(isp): ChinaNet Jiangsu Province Network

主机名(hostname): unknown

机构(organization): No.31,Jin-rong Street

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	[Aegis] @ 2019-08-10 03:35:32 0100 -> Sendmail rejected message.	2019-08-10 15:31:28

相同子网IP讨论:

IP	类型	评论内容	时间
49.81.93.1	attack	unauthorized connection attempt	2020-02-26 15:30:25
49.81.93.89	attackspambots	Dec 31 15:48:11 grey postfix/smtpd\[29490\]: NOQUEUE: reject: RCPT from unknown\[49.81.93.89\]: 554 5.7.1 Service unavailable\; Client host \[49.81.93.89\] blocked using cbl.abuseat.org\; Blocked - see http://www.abuseat.org/lookup.cgi\?ip=49.81.93.89\; from=\ to=\ proto=ESMTP helo=\ ...	2020-01-01 05:48:10
49.81.93.51	attack	" "	2019-12-27 01:15:57
49.81.93.177	attackbots	Dec 15 06:53:46 elektron postfix/smtpd\[21048\]: NOQUEUE: reject: RCPT from unknown\[49.81.93.177\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[49.81.93.177\]\; from=\ to=\ proto=ESMTP helo=\ Dec 15 06:54:20 elektron postfix/smtpd\[21048\]: NOQUEUE: reject: RCPT from unknown\[49.81.93.177\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[49.81.93.177\]\; from=\ to=\ proto=ESMTP helo=\ Dec 15 06:56:30 elektron postfix/smtpd\[21048\]: NOQUEUE: reject: RCPT from unknown\[49.81.93.177\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[49.81.93.177\]\; from=\ to=\ proto=ESMTP helo=\ Dec 15 06:57:27 elektron postfix/smtpd\[24171\]: NOQUEUE: reject: RCPT from unknown\[49.81.93.177\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[49.81.93.177\]\; from=\ to=\ proto=ESMTP helo=\ Dec 15 0	2019-12-15 13:40:23
49.81.93.227	attackspambots	Brute force SMTP login attempts.	2019-12-02 05:33:15
49.81.93.84	attack	SpamReport	2019-11-21 15:05:35
49.81.93.242	attackbots	SpamReport	2019-11-15 15:24:53
49.81.93.137	attackbotsspam	NOQUEUE: reject: RCPT from unknown\[49.81.93.137\]: 554 5.7.1 Service unavailable\; host \[49.81.93.137\] blocked using sbl-xbl.spamhaus.org\; https://www.spamhaus.org/sbl/query/SBLCSS	2019-09-24 19:57:13
49.81.93.74	attackspam	Brute force SMTP login attempts.	2019-08-29 13:40:02
49.81.93.142	attackbotsspam	[Aegis] @ 2019-08-02 09:51:24 0100 -> Sendmail rejected message.	2019-08-02 17:50:51
49.81.93.12	spambotsattack	Bloquei imediatamente de seus servidores. Range : 49.64.0.0/16 - China Domínio : qq.com Adicionais : (mxbiz2.qq.com)[49.81.93.12] mgkzbine@morna.sk Outros : 113.121.0.0/16 114.104.239.0/24 117.84.0.0/16 113.121.0.0/16 114.229.21.0/24 117.84.0.0/16 115.217.0.0/16 122.244.0.0/16 106.56.0.0/16 Spam, Brute-force e outros attackes.	2019-07-31 04:16:19

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 49.81.93.107
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 21331
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;49.81.93.107.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019042000 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Sat Apr 20 14:39:52 +08 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 107.93.81.49.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 107.93.81.49.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
182.56.51.3	attack	Jun 24 14:52:47 ns381471 sshd[27030]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.56.51.3 Jun 24 14:52:49 ns381471 sshd[27030]: Failed password for invalid user wsq from 182.56.51.3 port 35444 ssh2	2020-06-24 23:22:30
89.107.37.254	attack	1593000436 - 06/24/2020 14:07:16 Host: 89.107.37.254/89.107.37.254 Port: 445 TCP Blocked	2020-06-24 22:56:18
192.144.129.196	attack	Jun 24 14:41:00 vps639187 sshd\[20666\]: Invalid user shree from 192.144.129.196 port 44390 Jun 24 14:41:00 vps639187 sshd\[20666\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.144.129.196 Jun 24 14:41:02 vps639187 sshd\[20666\]: Failed password for invalid user shree from 192.144.129.196 port 44390 ssh2 ...	2020-06-24 22:57:07
109.227.63.3	attack	Jun 24 14:05:01 minden010 sshd[1766]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.227.63.3 Jun 24 14:05:03 minden010 sshd[1766]: Failed password for invalid user satu from 109.227.63.3 port 60569 ssh2 Jun 24 14:07:09 minden010 sshd[2545]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.227.63.3 ...	2020-06-24 22:58:28
185.140.12.220	attackbotsspam	Jun 24 15:36:41 sso sshd[20575]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.140.12.220 Jun 24 15:36:43 sso sshd[20575]: Failed password for invalid user ty from 185.140.12.220 port 33742 ssh2 ...	2020-06-24 22:49:40
183.6.159.141	attackspambots	Jun 24 15:09:13 server sshd[2223]: Failed password for invalid user vmc from 183.6.159.141 port 42557 ssh2 Jun 24 15:12:02 server sshd[6329]: Failed password for root from 183.6.159.141 port 36891 ssh2 Jun 24 15:14:48 server sshd[9711]: Failed password for invalid user js from 183.6.159.141 port 4130 ssh2	2020-06-24 23:16:20
209.17.96.162	attack	W 31101,/var/log/nginx/access.log,-,-	2020-06-24 22:46:01
155.94.143.151	attack	Jun 24 19:15:07 our-server-hostname sshd[4577]: Address 155.94.143.151 maps to 155.94.143.151.static.quadranet.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Jun 24 19:15:07 our-server-hostname sshd[4577]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=155.94.143.151 user=r.r Jun 24 19:15:10 our-server-hostname sshd[4577]: Failed password for r.r from 155.94.143.151 port 59286 ssh2 Jun 24 19:32:02 our-server-hostname sshd[7422]: Address 155.94.143.151 maps to 155.94.143.151.static.quadranet.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Jun 24 19:32:02 our-server-hostname sshd[7422]: Invalid user olimex from 155.94.143.151 Jun 24 19:32:02 our-server-hostname sshd[7422]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=155.94.143.151 Jun 24 19:32:05 our-server-hostname sshd[7422]: Failed password for invalid user olimex from 155.94.1........ -------------------------------	2020-06-24 23:14:56
218.85.119.92	attack	Jun 24 17:13:15 nextcloud sshd\[3658\]: Invalid user bot from 218.85.119.92 Jun 24 17:13:15 nextcloud sshd\[3658\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.85.119.92 Jun 24 17:13:18 nextcloud sshd\[3658\]: Failed password for invalid user bot from 218.85.119.92 port 48219 ssh2	2020-06-24 23:22:07
173.236.193.73	attackspambots	173.236.193.73 - - [24/Jun/2020:16:27:42 +0200] "POST /xmlrpc.php HTTP/1.1" 403 15193 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 173.236.193.73 - - [24/Jun/2020:16:27:49 +0200] "POST /xmlrpc.php HTTP/1.1" 403 15195 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-06-24 23:14:13
122.190.236.84	attackbotsspam	Jun 24 14:30:36 serwer sshd\[20086\]: Invalid user www from 122.190.236.84 port 60234 Jun 24 14:30:36 serwer sshd\[20086\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.190.236.84 Jun 24 14:30:38 serwer sshd\[20086\]: Failed password for invalid user www from 122.190.236.84 port 60234 ssh2 ...	2020-06-24 23:12:17
212.102.33.49	attackspambots	Malicious Traffic/Form Submission	2020-06-24 23:19:44
187.95.246.31	attackbotsspam	Automatic report - Port Scan Attack	2020-06-24 22:47:46
205.185.115.40	attackbots	Jun 24 15:49:12 l03 sshd[29954]: Invalid user postgres from 205.185.115.40 port 40868 Jun 24 15:49:12 l03 sshd[29955]: Invalid user www from 205.185.115.40 port 40852 Jun 24 15:49:12 l03 sshd[29956]: Invalid user hadoop from 205.185.115.40 port 40870 Jun 24 15:49:12 l03 sshd[29957]: Invalid user test from 205.185.115.40 port 40862 ...	2020-06-24 22:54:34
36.94.76.249	attackspam	1593000453 - 06/24/2020 14:07:33 Host: 36.94.76.249/36.94.76.249 Port: 445 TCP Blocked	2020-06-24 22:41:04

最近上报的IP列表

51.79.130.148	223.131.192.219	212.86.115.124	181.48.116.50
171.240.24.73	51.79.130.149	185.65.203.194	51.79.130.190
95.216.140.176	125.143.82.91	51.79.130.130	138.219.50.13
81.1.235.234	51.79.130.182	123.8.234.201	202.22.142.111
51.79.130.221	192.167.9.40	115.186.4.185	38.109.112.22