49.81.171.68 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: ChinaNet Jiangsu Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Apr 11 14:19:38 mxgate1 postfix/postscreen[11835]: CONNECT from [49.81.171.68]:2997 to [176.31.12.44]:25 Apr 11 14:19:38 mxgate1 postfix/dnsblog[11839]: addr 49.81.171.68 listed by domain zen.spamhaus.org as 127.0.0.4 Apr 11 14:19:38 mxgate1 postfix/dnsblog[11839]: addr 49.81.171.68 listed by domain zen.spamhaus.org as 127.0.0.3 Apr 11 14:19:38 mxgate1 postfix/dnsblog[11839]: addr 49.81.171.68 listed by domain zen.spamhaus.org as 127.0.0.11 Apr 11 14:19:38 mxgate1 postfix/dnsblog[12056]: addr 49.81.171.68 listed by domain cbl.abuseat.org as 127.0.0.2 Apr 11 14:19:38 mxgate1 postfix/dnsblog[11837]: addr 49.81.171.68 listed by domain b.barracudacentral.org as 127.0.0.2 Apr 11 14:19:44 mxgate1 postfix/postscreen[11835]: DNSBL rank 4 for [49.81.171.68]:2997 Apr x@x Apr 11 14:19:45 mxgate1 postfix/postscreen[11835]: DISCONNECT [49.81.171.68]:2997 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=49.81.171.68	2020-04-11 21:13:47

Type

Details

Datetime

attackbots

Apr 11 14:19:38 mxgate1 postfix/postscreen[11835]: CONNECT from [49.81.171.68]:2997 to [176.31.12.44]:25
Apr 11 14:19:38 mxgate1 postfix/dnsblog[11839]: addr 49.81.171.68 listed by domain zen.spamhaus.org as 127.0.0.4
Apr 11 14:19:38 mxgate1 postfix/dnsblog[11839]: addr 49.81.171.68 listed by domain zen.spamhaus.org as 127.0.0.3
Apr 11 14:19:38 mxgate1 postfix/dnsblog[11839]: addr 49.81.171.68 listed by domain zen.spamhaus.org as 127.0.0.11
Apr 11 14:19:38 mxgate1 postfix/dnsblog[12056]: addr 49.81.171.68 listed by domain cbl.abuseat.org as 127.0.0.2
Apr 11 14:19:38 mxgate1 postfix/dnsblog[11837]: addr 49.81.171.68 listed by domain b.barracudacentral.org as 127.0.0.2
Apr 11 14:19:44 mxgate1 postfix/postscreen[11835]: DNSBL rank 4 for [49.81.171.68]:2997
Apr x@x
Apr 11 14:19:45 mxgate1 postfix/postscreen[11835]: DISCONNECT [49.81.171.68]:2997


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=49.81.171.68

2020-04-11 21:13:47

Comments on same subnet:

IP	Type	Details	Datetime
49.81.171.212	attackbots	Aug 9 05:49:19 icecube postfix/smtpd[63369]: NOQUEUE: reject: RCPT from unknown[49.81.171.212]: 554 5.7.1 Service unavailable; Client host [49.81.171.212] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/49.81.171.212 / https://www.spamhaus.org/sbl/query/SBLCSS; from= to= proto=ESMTP helo=	2020-08-09 17:37:52
49.81.171.161	attack	Email rejected due to spam filtering	2020-05-09 01:06:03

Type

Details

Datetime

49.81.171.212

attackbots

Aug  9 05:49:19 icecube postfix/smtpd[63369]: NOQUEUE: reject: RCPT from unknown[49.81.171.212]: 554 5.7.1 Service unavailable; Client host [49.81.171.212] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/49.81.171.212 / https://www.spamhaus.org/sbl/query/SBLCSS; from= to= proto=ESMTP helo=

2020-08-09 17:37:52

49.81.171.161

attack

Email rejected due to spam filtering

2020-05-09 01:06:03

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 49.81.171.68
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 48906
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;49.81.171.68.			IN	A

;; AUTHORITY SECTION:
.			404	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020041100 1800 900 604800 86400

;; Query time: 61 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Apr 11 21:13:40 CST 2020
;; MSG SIZE  rcvd: 116

Host info

Host 68.171.81.49.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 68.171.81.49.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
27.36.5.131	attack	" "	2019-07-18 09:26:03
112.85.42.72	attackspam	Jul 18 03:30:17 srv-4 sshd\[20483\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.72 user=root Jul 18 03:30:19 srv-4 sshd\[20483\]: Failed password for root from 112.85.42.72 port 14198 ssh2 Jul 18 03:31:08 srv-4 sshd\[20510\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.72 user=root ...	2019-07-18 08:56:56
27.255.0.97	attackspambots	Automatic report - Port Scan Attack	2019-07-18 08:56:13
5.135.32.24	attackbots	0,06-11/03 concatform PostRequest-Spammer scoring: Lusaka01	2019-07-18 09:00:56
5.135.32.50	attackbotsspam	0,09-11/03 concatform PostRequest-Spammer scoring: Lusaka01	2019-07-18 08:56:36
202.28.16.8	attackbots	Jul 17 19:59:42 aat-srv002 sshd[26966]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.28.16.8 Jul 17 19:59:44 aat-srv002 sshd[26966]: Failed password for invalid user dev from 202.28.16.8 port 50742 ssh2 Jul 17 20:02:38 aat-srv002 sshd[27068]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.28.16.8 Jul 17 20:02:40 aat-srv002 sshd[27068]: Failed password for invalid user jw from 202.28.16.8 port 50872 ssh2 ...	2019-07-18 09:07:47
37.10.112.93	attackbots	2019-07-17T22:47:39.980897abusebot.cloudsearch.cf sshd\[26767\]: Invalid user jsserver from 37.10.112.93 port 35088	2019-07-18 09:31:36
2.176.122.12	attackbots	Automatic report - Port Scan Attack	2019-07-18 08:58:05
115.94.231.12	attack	Jul 18 02:27:19 [host] sshd[25217]: Invalid user teste from 115.94.231.12 Jul 18 02:27:19 [host] sshd[25217]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.94.231.12 Jul 18 02:27:20 [host] sshd[25217]: Failed password for invalid user teste from 115.94.231.12 port 41530 ssh2	2019-07-18 08:59:00
51.75.247.13	attack	2019-07-17 UTC: 2x - info,root	2019-07-18 09:25:39
37.238.255.148	attackspam	2019-07-17T12:19:34.063701stt-1.[munged] kernel: [7411993.542835] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:97:36:58:84:78:ac:57:a8:41:08:00 SRC=37.238.255.148 DST=[mungedIP1] LEN=52 TOS=0x00 PREC=0x00 TTL=111 ID=12210 DF PROTO=TCP SPT=54730 DPT=445 WINDOW=8192 RES=0x00 SYN URGP=0 2019-07-17T12:19:37.074258stt-1.[munged] kernel: [7411996.553380] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:97:36:58:84:78:ac:57:a8:41:08:00 SRC=37.238.255.148 DST=[mungedIP1] LEN=52 TOS=0x00 PREC=0x00 TTL=111 ID=12387 DF PROTO=TCP SPT=54730 DPT=445 WINDOW=8192 RES=0x00 SYN URGP=0 2019-07-17T12:19:43.083171stt-1.[munged] kernel: [7412002.559501] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:97:36:58:84:78:ac:57:a8:41:08:00 SRC=37.238.255.148 DST=[mungedIP1] LEN=48 TOS=0x00 PREC=0x00 TTL=111 ID=12787 DF PROTO=TCP SPT=54730 DPT=445 WINDOW=8192 RES=0x00 SYN URGP=0	2019-07-18 09:17:40
213.58.202.82	attackspambots	proto=tcp . spt=39464 . dpt=25 . (listed on Blocklist de Jul 16) (583)	2019-07-18 08:45:32
129.204.147.102	attackspam	Jul 18 02:33:39 pornomens sshd\[16324\]: Invalid user student2 from 129.204.147.102 port 56428 Jul 18 02:33:39 pornomens sshd\[16324\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.147.102 Jul 18 02:33:42 pornomens sshd\[16324\]: Failed password for invalid user student2 from 129.204.147.102 port 56428 ssh2 ...	2019-07-18 09:08:44
202.129.29.135	attackbots	Jul 18 00:24:31 ip-172-31-1-72 sshd\[32551\]: Invalid user mis from 202.129.29.135 Jul 18 00:24:31 ip-172-31-1-72 sshd\[32551\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.129.29.135 Jul 18 00:24:33 ip-172-31-1-72 sshd\[32551\]: Failed password for invalid user mis from 202.129.29.135 port 60008 ssh2 Jul 18 00:30:13 ip-172-31-1-72 sshd\[32614\]: Invalid user julius from 202.129.29.135 Jul 18 00:30:13 ip-172-31-1-72 sshd\[32614\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.129.29.135	2019-07-18 09:16:34
178.128.25.43	attackspam	Invalid user admin from 178.128.25.43 port 38742	2019-07-18 09:11:05

Recently Reported IPs

219.233.49.251	59.120.147.94	36.72.217.12	118.173.233.195
113.167.88.196	112.133.236.60	129.204.42.59	36.82.101.180
185.86.6.245	212.32.245.156	128.199.182.31	183.81.178.181
181.30.28.148	219.233.49.234	2.63.121.194	172.69.33.229
139.155.21.186	164.86.211.123	122.20.177.124	73.98.35.9