116.206.196.49

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Indonesia

运营商(isp): PT Biznet Data Center

主机名(hostname): unknown

机构(organization): PT Biznet Gio Nusantara

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	May 8 16:01:02 server sshd\[229048\]: Invalid user ee from 116.206.196.49 May 8 16:01:02 server sshd\[229048\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.206.196.49 May 8 16:01:04 server sshd\[229048\]: Failed password for invalid user ee from 116.206.196.49 port 52682 ssh2 ...	2019-07-17 12:41:41

类型

评论内容

时间

attackbotsspam

May  8 16:01:02 server sshd\[229048\]: Invalid user ee from 116.206.196.49
May  8 16:01:02 server sshd\[229048\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.206.196.49
May  8 16:01:04 server sshd\[229048\]: Failed password for invalid user ee from 116.206.196.49 port 52682 ssh2
...

2019-07-17 12:41:41

相同子网IP讨论:

IP	类型	评论内容	时间
116.206.196.125	attackspambots	Aug 30 14:33:02 haigwepa sshd[25112]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.206.196.125 Aug 30 14:33:04 haigwepa sshd[25112]: Failed password for invalid user greatwall from 116.206.196.125 port 52700 ssh2 ...	2020-08-30 21:51:28
116.206.196.125	attackspambots	2020-08-29T16:06:41.250466mail.standpoint.com.ua sshd[23297]: Invalid user pepper from 116.206.196.125 port 50536 2020-08-29T16:06:41.253124mail.standpoint.com.ua sshd[23297]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.206.196.125 2020-08-29T16:06:41.250466mail.standpoint.com.ua sshd[23297]: Invalid user pepper from 116.206.196.125 port 50536 2020-08-29T16:06:43.634398mail.standpoint.com.ua sshd[23297]: Failed password for invalid user pepper from 116.206.196.125 port 50536 ssh2 2020-08-29T16:11:07.009477mail.standpoint.com.ua sshd[23909]: Invalid user contabilidad from 116.206.196.125 port 59096 ...	2020-08-29 23:46:47
116.206.196.125	attackspam	Aug 23 22:31:43 MainVPS sshd[8106]: Invalid user nag from 116.206.196.125 port 43764 Aug 23 22:31:44 MainVPS sshd[8106]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.206.196.125 Aug 23 22:31:43 MainVPS sshd[8106]: Invalid user nag from 116.206.196.125 port 43764 Aug 23 22:31:45 MainVPS sshd[8106]: Failed password for invalid user nag from 116.206.196.125 port 43764 ssh2 Aug 23 22:35:34 MainVPS sshd[15265]: Invalid user oracle from 116.206.196.125 port 53466 ...	2020-08-24 04:43:46
116.206.196.125	attackbotsspam	Cowrie Honeypot: 10 unauthorised SSH/Telnet login attempts between 2020-08-18T12:04:57Z and 2020-08-18T12:24:35Z	2020-08-18 20:30:30
116.206.196.125	attackbots	Invalid user liyan from 116.206.196.125 port 53052	2020-07-31 06:02:16
116.206.196.125	attackspambots	Jul 30 10:17:29 srv-ubuntu-dev3 sshd[88872]: Invalid user yuki from 116.206.196.125 Jul 30 10:17:29 srv-ubuntu-dev3 sshd[88872]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.206.196.125 Jul 30 10:17:29 srv-ubuntu-dev3 sshd[88872]: Invalid user yuki from 116.206.196.125 Jul 30 10:17:31 srv-ubuntu-dev3 sshd[88872]: Failed password for invalid user yuki from 116.206.196.125 port 51456 ssh2 Jul 30 10:21:50 srv-ubuntu-dev3 sshd[89402]: Invalid user tangyong from 116.206.196.125 Jul 30 10:21:50 srv-ubuntu-dev3 sshd[89402]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.206.196.125 Jul 30 10:21:50 srv-ubuntu-dev3 sshd[89402]: Invalid user tangyong from 116.206.196.125 Jul 30 10:21:52 srv-ubuntu-dev3 sshd[89402]: Failed password for invalid user tangyong from 116.206.196.125 port 36366 ssh2 Jul 30 10:26:13 srv-ubuntu-dev3 sshd[89853]: Invalid user vps from 116.206.196.125 ...	2020-07-30 16:46:38
116.206.196.227	attackbots	xmlrpc attack	2020-07-29 02:54:54
116.206.196.125	attack	Jul 20 15:27:20 journals sshd\[1385\]: Invalid user userftp from 116.206.196.125 Jul 20 15:27:20 journals sshd\[1385\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.206.196.125 Jul 20 15:27:22 journals sshd\[1385\]: Failed password for invalid user userftp from 116.206.196.125 port 54730 ssh2 Jul 20 15:31:15 journals sshd\[1791\]: Invalid user webadm from 116.206.196.125 Jul 20 15:31:15 journals sshd\[1791\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.206.196.125 ...	2020-07-20 20:46:00
116.206.196.125	attackbotsspam	Jul 11 05:51:40 rancher-0 sshd[245467]: Invalid user theresa from 116.206.196.125 port 57728 Jul 11 05:51:42 rancher-0 sshd[245467]: Failed password for invalid user theresa from 116.206.196.125 port 57728 ssh2 ...	2020-07-11 17:17:55
116.206.196.125	attackspambots	Jul 10 11:21:35 buvik sshd[25680]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.206.196.125 Jul 10 11:21:37 buvik sshd[25680]: Failed password for invalid user sugimoto from 116.206.196.125 port 53170 ssh2 Jul 10 11:23:52 buvik sshd[25984]: Invalid user yuanmeng from 116.206.196.125 ...	2020-07-10 17:33:38

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 116.206.196.49
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 46216
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;116.206.196.49.			IN	A

;; AUTHORITY SECTION:
.			1140	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019032802 1800 900 604800 86400

;; Query time: 137 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Mar 29 04:48:43 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 49.196.206.116.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 49.196.206.116.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
85.105.44.231	attack	Automatic report - Port Scan Attack	2020-03-05 09:53:32
120.29.81.99	attack	Mar 5 04:54:17 system,error,critical: login failure for user admin from 120.29.81.99 via telnet Mar 5 04:54:19 system,error,critical: login failure for user administrator from 120.29.81.99 via telnet Mar 5 04:54:20 system,error,critical: login failure for user root from 120.29.81.99 via telnet Mar 5 04:54:26 system,error,critical: login failure for user admin from 120.29.81.99 via telnet Mar 5 04:54:27 system,error,critical: login failure for user Administrator from 120.29.81.99 via telnet Mar 5 04:54:29 system,error,critical: login failure for user root from 120.29.81.99 via telnet Mar 5 04:54:42 system,error,critical: login failure for user root from 120.29.81.99 via telnet Mar 5 04:54:43 system,error,critical: login failure for user root from 120.29.81.99 via telnet Mar 5 04:54:45 system,error,critical: login failure for user admin from 120.29.81.99 via telnet Mar 5 04:54:48 system,error,critical: login failure for user root from 120.29.81.99 via telnet	2020-03-05 13:29:11
112.215.172.212	attackbotsspam	1583384092 - 03/05/2020 05:54:52 Host: 112.215.172.212/112.215.172.212 Port: 445 TCP Blocked	2020-03-05 13:23:50
51.38.63.69	attackspam	[Thu Mar 05 07:54:56.434159 2020] [php7:error] [pid 17441] [client 51.38.63.69:47448] script '/var/www/html/wp-login.php' not found or unable to stat ...	2020-03-05 13:21:26
43.240.21.244	attack	20/3/4@23:55:00: FAIL: Alarm-Network address from=43.240.21.244 20/3/4@23:55:00: FAIL: Alarm-Network address from=43.240.21.244 ...	2020-03-05 13:20:04
222.186.173.180	attack	Mar 4 15:40:34 auw2 sshd\[13514\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.180 user=root Mar 4 15:40:36 auw2 sshd\[13514\]: Failed password for root from 222.186.173.180 port 17232 ssh2 Mar 4 15:40:47 auw2 sshd\[13514\]: Failed password for root from 222.186.173.180 port 17232 ssh2 Mar 4 15:40:51 auw2 sshd\[13514\]: Failed password for root from 222.186.173.180 port 17232 ssh2 Mar 4 15:40:55 auw2 sshd\[13550\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.180 user=root	2020-03-05 09:47:57
110.78.168.209	attackbots	1583384091 - 03/05/2020 05:54:51 Host: 110.78.168.209/110.78.168.209 Port: 445 TCP Blocked	2020-03-05 13:25:05
180.250.124.227	attackbots	Mar 5 00:08:43 plusreed sshd[21764]: Invalid user pietre from 180.250.124.227 ...	2020-03-05 13:09:34
159.65.154.48	attackbotsspam	Mar 5 09:55:04 gw1 sshd[16756]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.154.48 Mar 5 09:55:06 gw1 sshd[16756]: Failed password for invalid user gameserver from 159.65.154.48 port 56788 ssh2 ...	2020-03-05 13:13:30
45.143.220.4	attackbotsspam	[2020-03-04 17:01:31] NOTICE[1148][C-0000e02c] chan_sip.c: Call from '' (45.143.220.4:40561) to extension '01148323395006' rejected because extension not found in context 'public'. [2020-03-04 17:01:31] SECURITY[1163] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-03-04T17:01:31.430-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="01148323395006",SessionID="0x7fd82c538db8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/45.143.220.4/5060",ACLName="no_extension_match" [2020-03-04 17:07:44] NOTICE[1148][C-0000e02d] chan_sip.c: Call from '' (45.143.220.4:5219) to extension '90048323395006' rejected because extension not found in context 'public'. [2020-03-04 17:07:44] SECURITY[1163] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-03-04T17:07:44.561-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="90048323395006",SessionID="0x7fd82cb29a68",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/45.143.22 ...	2020-03-05 09:48:35
222.186.173.154	attackspam	Mar 5 06:23:01 vps691689 sshd[27326]: Failed password for root from 222.186.173.154 port 35086 ssh2 Mar 5 06:23:15 vps691689 sshd[27326]: Failed password for root from 222.186.173.154 port 35086 ssh2 Mar 5 06:23:15 vps691689 sshd[27326]: error: maximum authentication attempts exceeded for root from 222.186.173.154 port 35086 ssh2 [preauth] ...	2020-03-05 13:26:11
43.241.19.211	attackproxy	attack ldap	2020-03-05 11:33:48
122.144.134.27	attack	Mar 5 05:22:38 game-panel sshd[31845]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.144.134.27 Mar 5 05:22:40 game-panel sshd[31845]: Failed password for invalid user chef from 122.144.134.27 port 2575 ssh2 Mar 5 05:28:24 game-panel sshd[32047]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.144.134.27	2020-03-05 13:31:54
138.197.89.186	attackspambots	SSH bruteforce	2020-03-05 13:04:41
95.85.26.23	attackspambots	2020-03-05T05:12:22.673759shield sshd\[9978\]: Invalid user black from 95.85.26.23 port 45848 2020-03-05T05:12:22.685607shield sshd\[9978\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=otakoyi.com.ua 2020-03-05T05:12:24.722898shield sshd\[9978\]: Failed password for invalid user black from 95.85.26.23 port 45848 ssh2 2020-03-05T05:20:03.104297shield sshd\[10888\]: Invalid user teamcity from 95.85.26.23 port 52788 2020-03-05T05:20:03.109563shield sshd\[10888\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=otakoyi.com.ua	2020-03-05 13:22:25

最近上报的IP列表

178.62.224.96	115.42.121.221	202.141.243.235	181.188.180.195
23.250.107.117	181.62.248.12	159.89.205.213	159.65.111.89
90.179.167.133	115.254.63.51	216.144.250.146	192.42.116.19
111.56.44.252	106.12.222.70	104.248.235.0	219.93.106.33
123.136.161.147	93.157.63.6	79.7.143.125	146.185.148.67