116.196.94.211

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Jingdong 360 Degree E-Commerce Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	2020-07-26T14:06:23+0200 Failed SSH Authentication/Brute Force Attack. (Server 10)	2020-07-26 21:51:03
attackspam	Jul 5 23:01:39 abendstille sshd\[17917\]: Invalid user libuuid from 116.196.94.211 Jul 5 23:01:39 abendstille sshd\[17917\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.94.211 Jul 5 23:01:41 abendstille sshd\[17917\]: Failed password for invalid user libuuid from 116.196.94.211 port 49280 ssh2 Jul 5 23:05:04 abendstille sshd\[21502\]: Invalid user admin from 116.196.94.211 Jul 5 23:05:04 abendstille sshd\[21502\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.94.211 ...	2020-07-06 05:48:35
attackbots	k+ssh-bruteforce	2020-06-11 14:29:40
attackbots	$f2bV_matches	2020-05-26 03:18:04
attack	"Unauthorized connection attempt on SSHD detected"	2020-05-22 18:22:06
attackspam	May 13 14:50:49 localhost sshd\[28473\]: Invalid user niu from 116.196.94.211 port 32946 May 13 14:50:49 localhost sshd\[28473\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.94.211 May 13 14:50:51 localhost sshd\[28473\]: Failed password for invalid user niu from 116.196.94.211 port 32946 ssh2 ...	2020-05-14 01:03:35
attack	May 13 08:20:51 pkdns2 sshd\[59989\]: Invalid user user2 from 116.196.94.211May 13 08:20:53 pkdns2 sshd\[59989\]: Failed password for invalid user user2 from 116.196.94.211 port 59554 ssh2May 13 08:24:29 pkdns2 sshd\[60216\]: Invalid user cent from 116.196.94.211May 13 08:24:31 pkdns2 sshd\[60216\]: Failed password for invalid user cent from 116.196.94.211 port 42596 ssh2May 13 08:28:10 pkdns2 sshd\[60465\]: Invalid user desliga from 116.196.94.211May 13 08:28:12 pkdns2 sshd\[60465\]: Failed password for invalid user desliga from 116.196.94.211 port 53870 ssh2 ...	2020-05-13 15:26:45
attack	Bruteforce detected by fail2ban	2020-05-12 02:24:15
attackspambots	2020-05-09 23:25:56.544427-0500 localhost sshd[11898]: Failed password for invalid user apache from 116.196.94.211 port 58654 ssh2	2020-05-10 12:56:18
attackbotsspam	SSH brute-force attempt	2020-05-09 22:37:55
attackbotsspam	May 4 11:11:19 vserver sshd\[16925\]: Invalid user frontend from 116.196.94.211May 4 11:11:22 vserver sshd\[16925\]: Failed password for invalid user frontend from 116.196.94.211 port 59568 ssh2May 4 11:16:13 vserver sshd\[16990\]: Invalid user rstudio from 116.196.94.211May 4 11:16:15 vserver sshd\[16990\]: Failed password for invalid user rstudio from 116.196.94.211 port 58408 ssh2 ...	2020-05-04 18:51:29
attack	Invalid user admin from 116.196.94.211 port 54472	2020-04-20 12:03:36
attackbotsspam	SSH Brute-Force Attack	2020-04-20 07:49:52

相同子网IP讨论:

IP	类型	评论内容	时间
116.196.94.108	attack	$f2bV_matches	2020-09-29 05:33:12
116.196.94.108	attackbotsspam	Sep 28 12:45:28 meumeu sshd[858847]: Invalid user origin from 116.196.94.108 port 48400 Sep 28 12:45:28 meumeu sshd[858847]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.94.108 Sep 28 12:45:28 meumeu sshd[858847]: Invalid user origin from 116.196.94.108 port 48400 Sep 28 12:45:31 meumeu sshd[858847]: Failed password for invalid user origin from 116.196.94.108 port 48400 ssh2 Sep 28 12:47:36 meumeu sshd[858946]: Invalid user paco from 116.196.94.108 port 45248 Sep 28 12:47:36 meumeu sshd[858946]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.94.108 Sep 28 12:47:36 meumeu sshd[858946]: Invalid user paco from 116.196.94.108 port 45248 Sep 28 12:47:38 meumeu sshd[858946]: Failed password for invalid user paco from 116.196.94.108 port 45248 ssh2 Sep 28 12:49:21 meumeu sshd[859022]: Invalid user core from 116.196.94.108 port 39036 ...	2020-09-28 21:54:53
116.196.94.108	attack	Coordinated SSH brute-force attack from different IPs. pam_unix(sshd:auth):	2020-09-25 06:38:22
116.196.94.108	attackspam	Aug 13 22:24:32 ns382633 sshd\[10227\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.94.108 user=root Aug 13 22:24:34 ns382633 sshd\[10227\]: Failed password for root from 116.196.94.108 port 49494 ssh2 Aug 13 22:39:49 ns382633 sshd\[13034\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.94.108 user=root Aug 13 22:39:51 ns382633 sshd\[13034\]: Failed password for root from 116.196.94.108 port 47060 ssh2 Aug 13 22:43:49 ns382633 sshd\[13833\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.94.108 user=root	2020-08-14 07:34:03
116.196.94.108	attackbotsspam	Repeated brute force against a port	2020-07-08 16:10:54
116.196.94.108	attack	Jul 4 04:19:50 web-main sshd[198954]: Invalid user jenkins from 116.196.94.108 port 45566 Jul 4 04:19:52 web-main sshd[198954]: Failed password for invalid user jenkins from 116.196.94.108 port 45566 ssh2 Jul 4 04:34:57 web-main sshd[199028]: Invalid user growth from 116.196.94.108 port 42906	2020-07-04 11:11:48
116.196.94.108	attack	Invalid user neel from 116.196.94.108 port 40140	2020-06-27 15:47:21
116.196.94.108	attackspambots	2020-06-15T02:47:55.850628mail.standpoint.com.ua sshd[3651]: Invalid user roozbeh from 116.196.94.108 port 34144 2020-06-15T02:47:55.853515mail.standpoint.com.ua sshd[3651]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.94.108 2020-06-15T02:47:55.850628mail.standpoint.com.ua sshd[3651]: Invalid user roozbeh from 116.196.94.108 port 34144 2020-06-15T02:47:58.019511mail.standpoint.com.ua sshd[3651]: Failed password for invalid user roozbeh from 116.196.94.108 port 34144 ssh2 2020-06-15T02:50:50.621470mail.standpoint.com.ua sshd[4122]: Invalid user icecast from 116.196.94.108 port 54320 ...	2020-06-15 08:01:13
116.196.94.108	attack	2020-06-06T08:32:26.427500sd-86998 sshd[11289]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.94.108 user=root 2020-06-06T08:32:28.978510sd-86998 sshd[11289]: Failed password for root from 116.196.94.108 port 55916 ssh2 2020-06-06T08:35:47.881700sd-86998 sshd[11769]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.94.108 user=root 2020-06-06T08:35:50.026093sd-86998 sshd[11769]: Failed password for root from 116.196.94.108 port 41362 ssh2 2020-06-06T08:39:15.246406sd-86998 sshd[12337]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.94.108 user=root 2020-06-06T08:39:16.948841sd-86998 sshd[12337]: Failed password for root from 116.196.94.108 port 55042 ssh2 ...	2020-06-06 16:06:08
116.196.94.108	attackbots	May 28 08:08:54 124388 sshd[26172]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.94.108 user=root May 28 08:08:56 124388 sshd[26172]: Failed password for root from 116.196.94.108 port 60950 ssh2 May 28 08:10:38 124388 sshd[26246]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.94.108 user=root May 28 08:10:40 124388 sshd[26246]: Failed password for root from 116.196.94.108 port 55940 ssh2 May 28 08:12:16 124388 sshd[26249]: Invalid user dbus from 116.196.94.108 port 50930	2020-05-28 16:54:26
116.196.94.108	attack	SSH Brute-Forcing (server2)	2020-05-06 17:50:36
116.196.94.108	attackbots	2020-04-29T05:48:34.390724struts4.enskede.local sshd\[27329\]: Invalid user roundcube from 116.196.94.108 port 53202 2020-04-29T05:48:34.399708struts4.enskede.local sshd\[27329\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.94.108 2020-04-29T05:48:37.815243struts4.enskede.local sshd\[27329\]: Failed password for invalid user roundcube from 116.196.94.108 port 53202 ssh2 2020-04-29T05:58:26.891276struts4.enskede.local sshd\[27394\]: Invalid user javascript from 116.196.94.108 port 52548 2020-04-29T05:58:26.898959struts4.enskede.local sshd\[27394\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.94.108 ...	2020-04-29 14:29:02
116.196.94.108	attack	Apr 27 06:21:51 plex sshd[18457]: Invalid user avorion from 116.196.94.108 port 57204	2020-04-27 14:56:14
116.196.94.108	attackbots	Apr 11 14:08:25 srv01 sshd[6665]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.94.108 user=root Apr 11 14:08:26 srv01 sshd[6665]: Failed password for root from 116.196.94.108 port 47192 ssh2 Apr 11 14:13:08 srv01 sshd[7061]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.94.108 user=root Apr 11 14:13:10 srv01 sshd[7061]: Failed password for root from 116.196.94.108 port 44404 ssh2 Apr 11 14:17:44 srv01 sshd[7329]: Invalid user jasonl from 116.196.94.108 port 41618 ...	2020-04-11 23:38:59
116.196.94.108	attackspambots	(sshd) Failed SSH login from 116.196.94.108 (CN/China/-): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Mar 24 06:50:53 ubnt-55d23 sshd[32124]: Invalid user office from 116.196.94.108 port 45432 Mar 24 06:50:55 ubnt-55d23 sshd[32124]: Failed password for invalid user office from 116.196.94.108 port 45432 ssh2	2020-03-24 13:55:12

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 116.196.94.211
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 43675
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;116.196.94.211.			IN	A

;; AUTHORITY SECTION:
.			412	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020041901 1800 900 604800 86400

;; Query time: 96 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Apr 20 07:49:49 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 211.94.196.116.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 211.94.196.116.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
5.188.159.48	attackspam	ET CINS Active Threat Intelligence Poor Reputation IP group 5 - port: 8443 proto: tcp cat: Misc Attackbytes: 60	2020-10-13 12:17:31
89.248.167.141	attackspambots	[MK-VM4] Blocked by UFW	2020-10-13 12:09:13
49.234.192.145	attack	Unauthorized connection attempt detected from IP address 49.234.192.145 to port 23 [T]	2020-10-13 12:14:14
92.63.196.47	attack	ET CINS Active Threat Intelligence Poor Reputation IP group 82 - port: 8334 proto: tcp cat: Misc Attackbytes: 60	2020-10-13 12:07:55
195.114.8.202	attackbots	Oct 13 06:19:34 master sshd[26329]: Failed password for invalid user support from 195.114.8.202 port 42100 ssh2	2020-10-13 12:18:45
71.6.199.23	attack	Unauthorized connection attempt detected from IP address 71.6.199.23 to port 110 [T]	2020-10-13 12:13:26
193.27.228.154	attackspambots	Port-scan: detected 117 distinct ports within a 24-hour window.	2020-10-13 12:19:07
146.88.240.4	attackbots	146.88.240.4 was recorded 27 times by 4 hosts attempting to connect to the following ports: 123,1194,111,27970,47808,1604,5683,623,1701,5353,19,1434. Incident counter (4h, 24h, all-time): 27, 71, 88797	2020-10-13 12:21:20
61.219.11.153	attack	TCP (SYN) 61.219.11.153:63949 -> port 4782, len 44	2020-10-13 12:43:05
220.130.10.13	attackspambots	2020-10-13T06:25:11.316425n23.at sshd[1556927]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.130.10.13 2020-10-13T06:25:11.308324n23.at sshd[1556927]: Invalid user arts from 220.130.10.13 port 45992 2020-10-13T06:25:13.477045n23.at sshd[1556927]: Failed password for invalid user arts from 220.130.10.13 port 45992 ssh2 ...	2020-10-13 12:31:26
23.97.67.16	attack	2020-10-13T04:05:11.327694randservbullet-proofcloud-66.localdomain sshd[10706]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=23.97.67.16 user=root 2020-10-13T04:05:13.081341randservbullet-proofcloud-66.localdomain sshd[10706]: Failed password for root from 23.97.67.16 port 49168 ssh2 2020-10-13T04:30:03.131445randservbullet-proofcloud-66.localdomain sshd[10749]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=23.97.67.16 user=root 2020-10-13T04:30:05.376242randservbullet-proofcloud-66.localdomain sshd[10749]: Failed password for root from 23.97.67.16 port 25338 ssh2 ...	2020-10-13 12:30:21
80.82.70.178	attackbots	SmallBizIT.US 1 packets to tcp(22)	2020-10-13 12:11:53
89.144.47.251	attackspam	[N1.H1.VM1] Port Scanner Detected Blocked by UFW	2020-10-13 12:10:15
195.144.205.25	attackspambots	$f2bV_matches	2020-10-13 12:32:25
97.127.248.42	attackbots	SSH Brute Force	2020-10-13 12:38:53

最近上报的IP列表

128.199.199.234	91.98.125.2	217.182.186.224	155.94.129.8
136.232.80.30	113.34.245.71	45.77.254.120	81.16.174.236
250.149.15.112	230.203.219.136	84.194.76.165	61.56.60.243
114.78.92.69	141.248.95.130	172.175.8.11	8.171.136.103
37.204.215.46	105.82.81.206	2.195.141.67	70.250.117.11