49.81.93.12 - IPInfo

Basic Info

City: Xuzhou

Region: Jiangsu

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: No.31,Jin-rong Street

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
spambotsattack	Bloquei imediatamente de seus servidores. Range : 49.64.0.0/16 - China Domínio : qq.com Adicionais : (mxbiz2.qq.com)[49.81.93.12] mgkzbine@morna.sk Outros : 113.121.0.0/16 114.104.239.0/24 117.84.0.0/16 113.121.0.0/16 114.229.21.0/24 117.84.0.0/16 115.217.0.0/16 122.244.0.0/16 106.56.0.0/16 Spam, Brute-force e outros attackes.	2019-07-31 04:16:19

Type

Details

Datetime

spambotsattack

Bloquei imediatamente de seus servidores. 
Range : 49.64.0.0/16 - China
Domínio : qq.com

Adicionais : (mxbiz2.qq.com)[49.81.93.12] mgkzbine@morna.sk

Outros :

113.121.0.0/16
114.104.239.0/24
117.84.0.0/16
113.121.0.0/16
114.229.21.0/24
117.84.0.0/16
115.217.0.0/16
122.244.0.0/16
106.56.0.0/16


Spam, Brute-force e outros attackes.

2019-07-31 04:16:19

Comments on same subnet:

IP	Type	Details	Datetime
49.81.93.1	attack	unauthorized connection attempt	2020-02-26 15:30:25
49.81.93.89	attackspambots	Dec 31 15:48:11 grey postfix/smtpd\[29490\]: NOQUEUE: reject: RCPT from unknown\[49.81.93.89\]: 554 5.7.1 Service unavailable\; Client host \[49.81.93.89\] blocked using cbl.abuseat.org\; Blocked - see http://www.abuseat.org/lookup.cgi\?ip=49.81.93.89\; from=\ to=\ proto=ESMTP helo=\ ...	2020-01-01 05:48:10
49.81.93.51	attack	" "	2019-12-27 01:15:57
49.81.93.177	attackbots	Dec 15 06:53:46 elektron postfix/smtpd\[21048\]: NOQUEUE: reject: RCPT from unknown\[49.81.93.177\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[49.81.93.177\]\; from=\ to=\ proto=ESMTP helo=\ Dec 15 06:54:20 elektron postfix/smtpd\[21048\]: NOQUEUE: reject: RCPT from unknown\[49.81.93.177\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[49.81.93.177\]\; from=\ to=\ proto=ESMTP helo=\ Dec 15 06:56:30 elektron postfix/smtpd\[21048\]: NOQUEUE: reject: RCPT from unknown\[49.81.93.177\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[49.81.93.177\]\; from=\ to=\ proto=ESMTP helo=\ Dec 15 06:57:27 elektron postfix/smtpd\[24171\]: NOQUEUE: reject: RCPT from unknown\[49.81.93.177\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[49.81.93.177\]\; from=\ to=\ proto=ESMTP helo=\ Dec 15 0	2019-12-15 13:40:23
49.81.93.227	attackspambots	Brute force SMTP login attempts.	2019-12-02 05:33:15
49.81.93.84	attack	SpamReport	2019-11-21 15:05:35
49.81.93.242	attackbots	SpamReport	2019-11-15 15:24:53
49.81.93.137	attackbotsspam	NOQUEUE: reject: RCPT from unknown\[49.81.93.137\]: 554 5.7.1 Service unavailable\; host \[49.81.93.137\] blocked using sbl-xbl.spamhaus.org\; https://www.spamhaus.org/sbl/query/SBLCSS	2019-09-24 19:57:13
49.81.93.74	attackspam	Brute force SMTP login attempts.	2019-08-29 13:40:02
49.81.93.107	attack	[Aegis] @ 2019-08-10 03:35:32 0100 -> Sendmail rejected message.	2019-08-10 15:31:28
49.81.93.142	attackbotsspam	[Aegis] @ 2019-08-02 09:51:24 0100 -> Sendmail rejected message.	2019-08-02 17:50:51

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 49.81.93.12
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 22051
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;49.81.93.12.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019073002 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Jul 31 04:11:36 CST 2019
;; MSG SIZE  rcvd: 115

Host info

Host 12.93.81.49.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 12.93.81.49.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
177.107.134.82	attack	2019-12-13 09:55:41 H=(86-134-107-177.telbrax.net.br) [177.107.134.82]:37104 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.3, 127.0.0.4) (https://www.spamhaus.org/query/ip/177.107.134.82) 2019-12-13 09:55:41 H=(86-134-107-177.telbrax.net.br) [177.107.134.82]:37104 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.3, 127.0.0.4) (https://www.spamhaus.org/query/ip/177.107.134.82) 2019-12-13 09:55:42 H=(86-134-107-177.telbrax.net.br) [177.107.134.82]:37104 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.4, 127.0.0.3) (https://www.spamhaus.org/query/ip/177.107.134.82) ...	2019-12-14 04:35:37
212.92.250.91	attack	Dec 13 18:48:35 MainVPS sshd[25695]: Invalid user freudenhammer from 212.92.250.91 port 44950 Dec 13 18:48:35 MainVPS sshd[25695]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.92.250.91 Dec 13 18:48:35 MainVPS sshd[25695]: Invalid user freudenhammer from 212.92.250.91 port 44950 Dec 13 18:48:37 MainVPS sshd[25695]: Failed password for invalid user freudenhammer from 212.92.250.91 port 44950 ssh2 Dec 13 18:58:29 MainVPS sshd[12939]: Invalid user robyna from 212.92.250.91 port 48322 ...	2019-12-14 04:04:46
212.62.61.13	attackspam	TCP Port Scanning	2019-12-14 04:23:48
45.134.179.240	attack	Dec 13 22:41:50 debian-2gb-vpn-nbg1-1 kernel: [644486.674897] [UFW BLOCK] IN=eth0 OUT= MAC=96:00:00:38:96:44:d2:74:7f:6e:37:e3:08:00 SRC=45.134.179.240 DST=78.46.192.101 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=15580 PROTO=TCP SPT=54720 DPT=3389 WINDOW=1024 RES=0x00 SYN URGP=0	2019-12-14 04:15:27
159.138.119.7	attackbotsspam	fraudulent SSH attempt	2019-12-14 04:28:28
122.121.99.20	attackspambots	Telnet Server BruteForce Attack	2019-12-14 04:24:20
111.231.75.83	attackspam	$f2bV_matches	2019-12-14 04:00:12
199.116.78.179	attackbotsspam	Probing for vulnerable PHP code /r222hiqv.php	2019-12-14 04:12:39
159.203.82.104	attackspambots	leo_www	2019-12-14 04:08:34
121.67.246.132	attackspam	Apr 20 19:45:50 vtv3 sshd[16437]: Invalid user postgres2 from 121.67.246.132 port 51076 Apr 20 19:45:50 vtv3 sshd[16437]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.67.246.132 Apr 20 19:45:52 vtv3 sshd[16437]: Failed password for invalid user postgres2 from 121.67.246.132 port 51076 ssh2 Apr 20 19:51:46 vtv3 sshd[19362]: Invalid user ts3server from 121.67.246.132 port 45010 Apr 20 19:51:46 vtv3 sshd[19362]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.67.246.132 Dec 13 16:56:13 vtv3 sshd[11761]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.67.246.132 Dec 13 16:56:15 vtv3 sshd[11761]: Failed password for invalid user yamura from 121.67.246.132 port 41438 ssh2 Dec 13 17:02:42 vtv3 sshd[14581]: Failed password for root from 121.67.246.132 port 49534 ssh2 Dec 13 17:15:12 vtv3 sshd[20663]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rh	2019-12-14 04:09:53
158.69.220.70	attack	Dec 13 21:08:59 meumeu sshd[15312]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=158.69.220.70 Dec 13 21:09:01 meumeu sshd[15312]: Failed password for invalid user host from 158.69.220.70 port 60212 ssh2 Dec 13 21:14:02 meumeu sshd[16084]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=158.69.220.70 ...	2019-12-14 04:30:29
190.6.93.174	attack	12/13/2019-16:55:37.813829 190.6.93.174 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2019-12-14 04:37:41
183.82.121.34	attackspambots	Dec 13 19:08:36 icinga sshd[13711]: Failed password for root from 183.82.121.34 port 57555 ssh2 ...	2019-12-14 04:10:21
188.128.43.28	attack	$f2bV_matches	2019-12-14 04:27:01
185.143.223.132	attackbots	Dec 13 23:01:32 debian-2gb-vpn-nbg1-1 kernel: [645668.540776] [UFW BLOCK] IN=eth0 OUT= MAC=96:00:00:38:96:44:d2:74:7f:6e:37:e3:08:00 SRC=185.143.223.132 DST=78.46.192.101 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=36536 PROTO=TCP SPT=51282 DPT=13331 WINDOW=1024 RES=0x00 SYN URGP=0	2019-12-14 04:08:03

Recently Reported IPs

95.233.193.63	121.21.24.13	89.97.93.8	40.74.2.111
184.82.79.136	152.177.238.220	136.245.203.236	129.176.200.245
61.225.198.21	121.255.142.141	200.9.123.226	185.11.69.101
197.132.83.253	60.84.141.229	180.104.7.63	174.145.175.53
32.137.96.78	46.161.198.37	214.126.91.174	143.88.68.253