116.196.81.132

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Jingdong 360 Degree E-Commerce Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	May 15 20:14:57 piServer sshd[16073]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.81.132 May 15 20:14:59 piServer sshd[16073]: Failed password for invalid user master from 116.196.81.132 port 47792 ssh2 May 15 20:16:59 piServer sshd[16288]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.81.132 ...	2020-05-16 02:41:16
attackbots	May 10 08:23:36 lock-38 sshd[2185014]: Disconnected from authenticating user root 116.196.81.132 port 40246 [preauth] May 10 08:28:32 lock-38 sshd[2185233]: Invalid user appuser from 116.196.81.132 port 59350 May 10 08:28:32 lock-38 sshd[2185233]: Invalid user appuser from 116.196.81.132 port 59350 May 10 08:28:32 lock-38 sshd[2185233]: Failed password for invalid user appuser from 116.196.81.132 port 59350 ssh2 May 10 08:28:32 lock-38 sshd[2185233]: Disconnected from invalid user appuser 116.196.81.132 port 59350 [preauth] ...	2020-05-10 19:03:31

类型

评论内容

时间

attackspambots

May 15 20:14:57 piServer sshd[16073]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.81.132 
May 15 20:14:59 piServer sshd[16073]: Failed password for invalid user master from 116.196.81.132 port 47792 ssh2
May 15 20:16:59 piServer sshd[16288]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.81.132 
...

2020-05-16 02:41:16

attackbots

May 10 08:23:36 lock-38 sshd[2185014]: Disconnected from authenticating user root 116.196.81.132 port 40246 [preauth]
May 10 08:28:32 lock-38 sshd[2185233]: Invalid user appuser from 116.196.81.132 port 59350
May 10 08:28:32 lock-38 sshd[2185233]: Invalid user appuser from 116.196.81.132 port 59350
May 10 08:28:32 lock-38 sshd[2185233]: Failed password for invalid user appuser from 116.196.81.132 port 59350 ssh2
May 10 08:28:32 lock-38 sshd[2185233]: Disconnected from invalid user appuser 116.196.81.132 port 59350 [preauth]
...

2020-05-10 19:03:31

相同子网IP讨论:

IP	类型	评论内容	时间
116.196.81.216	attackbots	Oct 3 12:27:55 abendstille sshd\[13881\]: Invalid user marcel from 116.196.81.216 Oct 3 12:27:55 abendstille sshd\[13881\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.81.216 Oct 3 12:27:58 abendstille sshd\[13881\]: Failed password for invalid user marcel from 116.196.81.216 port 58196 ssh2 Oct 3 12:30:13 abendstille sshd\[16434\]: Invalid user james from 116.196.81.216 Oct 3 12:30:13 abendstille sshd\[16434\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.81.216 ...	2020-10-04 02:56:35
116.196.81.216	attack	Oct 3 12:27:55 abendstille sshd\[13881\]: Invalid user marcel from 116.196.81.216 Oct 3 12:27:55 abendstille sshd\[13881\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.81.216 Oct 3 12:27:58 abendstille sshd\[13881\]: Failed password for invalid user marcel from 116.196.81.216 port 58196 ssh2 Oct 3 12:30:13 abendstille sshd\[16434\]: Invalid user james from 116.196.81.216 Oct 3 12:30:13 abendstille sshd\[16434\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.81.216 ...	2020-10-03 18:46:35
116.196.81.216	attackbotsspam	2020-09-20T16:32:58.666189randservbullet-proofcloud-66.localdomain sshd[31702]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.81.216 user=root 2020-09-20T16:33:00.260959randservbullet-proofcloud-66.localdomain sshd[31702]: Failed password for root from 116.196.81.216 port 44634 ssh2 2020-09-20T16:43:37.660801randservbullet-proofcloud-66.localdomain sshd[31750]: Invalid user admin from 116.196.81.216 port 34508 ...	2020-09-21 01:31:37
116.196.81.216	attackbots	Sep 20 06:21:24 firewall sshd[1224]: Failed password for invalid user gitlab-runner from 116.196.81.216 port 60870 ssh2 Sep 20 06:25:41 firewall sshd[1400]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.81.216 user=root Sep 20 06:25:43 firewall sshd[1400]: Failed password for root from 116.196.81.216 port 37548 ssh2 ...	2020-09-20 17:30:11
116.196.81.216	attackbotsspam	$f2bV_matches	2020-09-09 03:22:49
116.196.81.216	attack	$f2bV_matches	2020-09-08 18:59:05
116.196.81.216	attack	k+ssh-bruteforce	2020-08-25 14:31:28
116.196.81.216	attack	Aug 17 03:59:45 ip-172-31-16-56 sshd\[29182\]: Failed password for root from 116.196.81.216 port 46496 ssh2\ Aug 17 04:00:45 ip-172-31-16-56 sshd\[29206\]: Invalid user gabi from 116.196.81.216\ Aug 17 04:00:47 ip-172-31-16-56 sshd\[29206\]: Failed password for invalid user gabi from 116.196.81.216 port 58572 ssh2\ Aug 17 04:01:46 ip-172-31-16-56 sshd\[29231\]: Invalid user oracle from 116.196.81.216\ Aug 17 04:01:47 ip-172-31-16-56 sshd\[29231\]: Failed password for invalid user oracle from 116.196.81.216 port 42418 ssh2\	2020-08-17 14:14:01
116.196.81.216	attackbots	2020-07-29T14:08:36.369737v22018076590370373 sshd[22316]: Invalid user thunlp from 116.196.81.216 port 51462 2020-07-29T14:08:36.375729v22018076590370373 sshd[22316]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.81.216 2020-07-29T14:08:36.369737v22018076590370373 sshd[22316]: Invalid user thunlp from 116.196.81.216 port 51462 2020-07-29T14:08:38.322992v22018076590370373 sshd[22316]: Failed password for invalid user thunlp from 116.196.81.216 port 51462 ssh2 2020-07-29T14:11:55.797559v22018076590370373 sshd[12974]: Invalid user yonglibao from 116.196.81.216 port 34486 ...	2020-07-29 22:44:27
116.196.81.216	attackspam	2020-07-28T03:17:16.647768-07:00 suse-nuc sshd[14738]: Invalid user jomoto from 116.196.81.216 port 45640 ...	2020-07-28 19:47:59
116.196.81.216	attackbots	SSH Brute-Force reported by Fail2Ban	2020-07-17 00:43:10
116.196.81.216	attack	Jul 7 08:54:32 ajax sshd[21642]: Failed password for root from 116.196.81.216 port 44104 ssh2 Jul 7 08:56:12 ajax sshd[22274]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.81.216	2020-07-07 16:47:01
116.196.81.216	attack	Jul 5 17:54:24 hosting sshd[28575]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.81.216 user=root Jul 5 17:54:27 hosting sshd[28575]: Failed password for root from 116.196.81.216 port 59260 ssh2 ...	2020-07-06 01:15:44
116.196.81.216	attackspambots	Jun 26 15:49:47 onepixel sshd[3731234]: Failed password for invalid user yaoyuan from 116.196.81.216 port 60752 ssh2 Jun 26 15:54:03 onepixel sshd[3733357]: Invalid user alex from 116.196.81.216 port 50924 Jun 26 15:54:03 onepixel sshd[3733357]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.81.216 Jun 26 15:54:03 onepixel sshd[3733357]: Invalid user alex from 116.196.81.216 port 50924 Jun 26 15:54:06 onepixel sshd[3733357]: Failed password for invalid user alex from 116.196.81.216 port 50924 ssh2	2020-06-27 01:34:31
116.196.81.216	attackbotsspam	Failed password for invalid user ts3srv from 116.196.81.216 port 40254 ssh2	2020-06-16 19:40:41

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 116.196.81.132
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 48912
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;116.196.81.132.			IN	A

;; AUTHORITY SECTION:
.			453	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020051000 1800 900 604800 86400

;; Query time: 56 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun May 10 19:03:21 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 132.81.196.116.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 132.81.196.116.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
118.194.132.112	attackbots	Jun 24 14:38:31 mout sshd[29337]: Failed password for root from 118.194.132.112 port 59524 ssh2 Jun 24 14:38:35 mout sshd[29337]: Failed password for root from 118.194.132.112 port 59524 ssh2 Jun 24 14:38:37 mout sshd[29337]: Disconnected from authenticating user root 118.194.132.112 port 59524 [preauth]	2020-06-24 22:54:18
174.250.65.118	spambotsattackproxy	Why is this happen	2020-06-24 22:30:49
89.107.37.254	attack	1593000436 - 06/24/2020 14:07:16 Host: 89.107.37.254/89.107.37.254 Port: 445 TCP Blocked	2020-06-24 22:56:18
185.100.87.241	attackbotsspam	Automatic report - Banned IP Access	2020-06-24 22:23:05
5.135.185.27	attackbotsspam	$f2bV_matches	2020-06-24 22:33:47
95.111.74.98	attackbotsspam	$f2bV_matches	2020-06-24 22:28:57
190.3.179.66	attackbots	Jun 24 16:19:16 ourumov-web sshd\[18484\]: Invalid user demo from 190.3.179.66 port 52692 Jun 24 16:19:16 ourumov-web sshd\[18484\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.3.179.66 Jun 24 16:19:18 ourumov-web sshd\[18484\]: Failed password for invalid user demo from 190.3.179.66 port 52692 ssh2 ...	2020-06-24 22:59:10
187.95.246.31	attackbotsspam	Automatic report - Port Scan Attack	2020-06-24 22:47:46
45.95.168.92	attackbots	UDP 45.95.168.92:35104 -> port 53, len 58	2020-06-24 22:44:56
179.97.57.35	attackbotsspam	From send-contato-1618-alkosa.com.br-8@opered.com.br Wed Jun 24 09:07:33 2020 Received: from mm57-35.opered.com.br ([179.97.57.35]:56745)	2020-06-24 22:39:31
14.56.180.103	attackspam	2020-06-24T12:03:53.253358shield sshd\[28124\]: Invalid user kran from 14.56.180.103 port 51240 2020-06-24T12:03:53.257178shield sshd\[28124\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.56.180.103 2020-06-24T12:03:54.821868shield sshd\[28124\]: Failed password for invalid user kran from 14.56.180.103 port 51240 ssh2 2020-06-24T12:07:28.816622shield sshd\[28323\]: Invalid user vnc from 14.56.180.103 port 49244 2020-06-24T12:07:28.820274shield sshd\[28323\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.56.180.103	2020-06-24 22:48:43
113.56.21.192	attackbotsspam	IP 113.56.21.192 attacked honeypot on port: 23 at 6/24/2020 5:07:03 AM	2020-06-24 23:00:03
94.191.60.213	attackbots	Bruteforce detected by fail2ban	2020-06-24 22:55:53
112.85.42.181	attack	Jun 24 16:35:15 PorscheCustomer sshd[21356]: Failed password for root from 112.85.42.181 port 62629 ssh2 Jun 24 16:35:28 PorscheCustomer sshd[21356]: error: maximum authentication attempts exceeded for root from 112.85.42.181 port 62629 ssh2 [preauth] Jun 24 16:35:38 PorscheCustomer sshd[21360]: Failed password for root from 112.85.42.181 port 30231 ssh2 ...	2020-06-24 22:53:13
222.186.30.218	attack	(sshd) Failed SSH login from 222.186.30.218 (CN/China/-): 5 in the last 3600 secs	2020-06-24 22:38:37

最近上报的IP列表

220.133.172.148	61.134.62.226	189.33.1.188	36.75.141.216
114.35.154.210	151.247.19.160	114.33.172.122	36.79.254.114
220.133.59.48	173.78.109.236	37.59.112.180	5.187.0.216
103.79.72.154	202.188.20.123	158.133.208.209	95.43.76.239
156.140.130.105	245.40.183.209	130.76.89.32	23.22.197.196