116.206.196.49

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Indonesia

运营商(isp): PT Biznet Data Center

主机名(hostname): unknown

机构(organization): PT Biznet Gio Nusantara

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	May 8 16:01:02 server sshd\[229048\]: Invalid user ee from 116.206.196.49 May 8 16:01:02 server sshd\[229048\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.206.196.49 May 8 16:01:04 server sshd\[229048\]: Failed password for invalid user ee from 116.206.196.49 port 52682 ssh2 ...	2019-07-17 12:41:41

类型

评论内容

时间

attackbotsspam

May  8 16:01:02 server sshd\[229048\]: Invalid user ee from 116.206.196.49
May  8 16:01:02 server sshd\[229048\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.206.196.49
May  8 16:01:04 server sshd\[229048\]: Failed password for invalid user ee from 116.206.196.49 port 52682 ssh2
...

2019-07-17 12:41:41

相同子网IP讨论:

IP	类型	评论内容	时间
116.206.196.125	attackspambots	Aug 30 14:33:02 haigwepa sshd[25112]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.206.196.125 Aug 30 14:33:04 haigwepa sshd[25112]: Failed password for invalid user greatwall from 116.206.196.125 port 52700 ssh2 ...	2020-08-30 21:51:28
116.206.196.125	attackspambots	2020-08-29T16:06:41.250466mail.standpoint.com.ua sshd[23297]: Invalid user pepper from 116.206.196.125 port 50536 2020-08-29T16:06:41.253124mail.standpoint.com.ua sshd[23297]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.206.196.125 2020-08-29T16:06:41.250466mail.standpoint.com.ua sshd[23297]: Invalid user pepper from 116.206.196.125 port 50536 2020-08-29T16:06:43.634398mail.standpoint.com.ua sshd[23297]: Failed password for invalid user pepper from 116.206.196.125 port 50536 ssh2 2020-08-29T16:11:07.009477mail.standpoint.com.ua sshd[23909]: Invalid user contabilidad from 116.206.196.125 port 59096 ...	2020-08-29 23:46:47
116.206.196.125	attackspam	Aug 23 22:31:43 MainVPS sshd[8106]: Invalid user nag from 116.206.196.125 port 43764 Aug 23 22:31:44 MainVPS sshd[8106]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.206.196.125 Aug 23 22:31:43 MainVPS sshd[8106]: Invalid user nag from 116.206.196.125 port 43764 Aug 23 22:31:45 MainVPS sshd[8106]: Failed password for invalid user nag from 116.206.196.125 port 43764 ssh2 Aug 23 22:35:34 MainVPS sshd[15265]: Invalid user oracle from 116.206.196.125 port 53466 ...	2020-08-24 04:43:46
116.206.196.125	attackbotsspam	Cowrie Honeypot: 10 unauthorised SSH/Telnet login attempts between 2020-08-18T12:04:57Z and 2020-08-18T12:24:35Z	2020-08-18 20:30:30
116.206.196.125	attackbots	Invalid user liyan from 116.206.196.125 port 53052	2020-07-31 06:02:16
116.206.196.125	attackspambots	Jul 30 10:17:29 srv-ubuntu-dev3 sshd[88872]: Invalid user yuki from 116.206.196.125 Jul 30 10:17:29 srv-ubuntu-dev3 sshd[88872]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.206.196.125 Jul 30 10:17:29 srv-ubuntu-dev3 sshd[88872]: Invalid user yuki from 116.206.196.125 Jul 30 10:17:31 srv-ubuntu-dev3 sshd[88872]: Failed password for invalid user yuki from 116.206.196.125 port 51456 ssh2 Jul 30 10:21:50 srv-ubuntu-dev3 sshd[89402]: Invalid user tangyong from 116.206.196.125 Jul 30 10:21:50 srv-ubuntu-dev3 sshd[89402]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.206.196.125 Jul 30 10:21:50 srv-ubuntu-dev3 sshd[89402]: Invalid user tangyong from 116.206.196.125 Jul 30 10:21:52 srv-ubuntu-dev3 sshd[89402]: Failed password for invalid user tangyong from 116.206.196.125 port 36366 ssh2 Jul 30 10:26:13 srv-ubuntu-dev3 sshd[89853]: Invalid user vps from 116.206.196.125 ...	2020-07-30 16:46:38
116.206.196.227	attackbots	xmlrpc attack	2020-07-29 02:54:54
116.206.196.125	attack	Jul 20 15:27:20 journals sshd\[1385\]: Invalid user userftp from 116.206.196.125 Jul 20 15:27:20 journals sshd\[1385\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.206.196.125 Jul 20 15:27:22 journals sshd\[1385\]: Failed password for invalid user userftp from 116.206.196.125 port 54730 ssh2 Jul 20 15:31:15 journals sshd\[1791\]: Invalid user webadm from 116.206.196.125 Jul 20 15:31:15 journals sshd\[1791\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.206.196.125 ...	2020-07-20 20:46:00
116.206.196.125	attackbotsspam	Jul 11 05:51:40 rancher-0 sshd[245467]: Invalid user theresa from 116.206.196.125 port 57728 Jul 11 05:51:42 rancher-0 sshd[245467]: Failed password for invalid user theresa from 116.206.196.125 port 57728 ssh2 ...	2020-07-11 17:17:55
116.206.196.125	attackspambots	Jul 10 11:21:35 buvik sshd[25680]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.206.196.125 Jul 10 11:21:37 buvik sshd[25680]: Failed password for invalid user sugimoto from 116.206.196.125 port 53170 ssh2 Jul 10 11:23:52 buvik sshd[25984]: Invalid user yuanmeng from 116.206.196.125 ...	2020-07-10 17:33:38

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 116.206.196.49
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 46216
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;116.206.196.49.			IN	A

;; AUTHORITY SECTION:
.			1140	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019032802 1800 900 604800 86400

;; Query time: 137 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Mar 29 04:48:43 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 49.196.206.116.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 49.196.206.116.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
138.68.75.113	attack	Aug 15 15:13:29 cosmoit sshd[28783]: Failed password for root from 138.68.75.113 port 55266 ssh2	2020-08-15 21:32:40
92.118.160.21	attackspambots	" "	2020-08-15 20:58:18
112.85.42.104	attackbotsspam	Aug 15 13:19:50 email sshd\[6567\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.104 user=root Aug 15 13:19:52 email sshd\[6567\]: Failed password for root from 112.85.42.104 port 16126 ssh2 Aug 15 13:19:59 email sshd\[6592\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.104 user=root Aug 15 13:20:00 email sshd\[6592\]: Failed password for root from 112.85.42.104 port 31465 ssh2 Aug 15 13:20:08 email sshd\[6614\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.104 user=root ...	2020-08-15 21:27:26
37.47.6.156	attackbotsspam	C1,WP GET /wp-login.php	2020-08-15 21:20:42
49.88.112.76	attack	Aug 15 09:25:03 firewall sshd[7211]: Failed password for root from 49.88.112.76 port 28636 ssh2 Aug 15 09:25:06 firewall sshd[7211]: Failed password for root from 49.88.112.76 port 28636 ssh2 Aug 15 09:25:09 firewall sshd[7211]: Failed password for root from 49.88.112.76 port 28636 ssh2 ...	2020-08-15 21:05:25
87.170.34.23	attack	"Unauthorized connection attempt on SSHD detected"	2020-08-15 21:22:05
67.205.135.127	attack	Aug 15 14:30:37 electroncash sshd[47632]: Failed password for root from 67.205.135.127 port 37418 ssh2 Aug 15 14:32:08 electroncash sshd[48047]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=67.205.135.127 user=root Aug 15 14:32:10 electroncash sshd[48047]: Failed password for root from 67.205.135.127 port 36042 ssh2 Aug 15 14:33:42 electroncash sshd[48450]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=67.205.135.127 user=root Aug 15 14:33:45 electroncash sshd[48450]: Failed password for root from 67.205.135.127 port 34668 ssh2 ...	2020-08-15 21:14:23
95.156.125.190	attack	Dovecot Invalid User Login Attempt.	2020-08-15 21:19:11
59.99.192.207	attackbotsspam	/wp-login.php	2020-08-15 21:27:04
36.67.163.146	attackspam	Aug 15 14:30:23 vps333114 sshd[29153]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.67.163.146 user=root Aug 15 14:30:25 vps333114 sshd[29153]: Failed password for root from 36.67.163.146 port 56600 ssh2 ...	2020-08-15 21:29:00
106.13.89.134	attackspam	ThinkPHP Remote Command Execution Vulnerability, PTR: PTR record not found	2020-08-15 21:14:09
36.85.135.113	attack	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2020-08-15 21:07:44
5.196.124.228	attack	Multiple failed cPanel logins	2020-08-15 21:31:05
139.59.76.217	attackspambots	Aug 15 15:10:47 karger wordpress(www.b)[29758]: Authentication attempt for unknown user domi from 139.59.76.217 Aug 15 15:10:48 karger wordpress(www.b)[29756]: XML-RPC authentication attempt for unknown user [login] from 139.59.76.217 ...	2020-08-15 21:28:39
102.184.73.231	attackspambots	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2020-08-15 21:02:29

最近上报的IP列表

178.62.224.96	115.42.121.221	202.141.243.235	181.188.180.195
23.250.107.117	181.62.248.12	159.89.205.213	159.65.111.89
90.179.167.133	115.254.63.51	216.144.250.146	192.42.116.19
111.56.44.252	106.12.222.70	104.248.235.0	219.93.106.33
123.136.161.147	93.157.63.6	79.7.143.125	146.185.148.67