116.49.132.113

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Hong Kong

运营商(isp): Hong Kong Telecommunications (HKT) Limited

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Port probing on unauthorized port 5555	2020-03-04 02:12:34

相同子网IP讨论:

IP	类型	评论内容	时间
116.49.132.142	attackspambots	Sep 19 00:06:56 ssh2 sshd[7728]: User root from n11649132142.netvigator.com not allowed because not listed in AllowUsers Sep 19 00:06:56 ssh2 sshd[7728]: Failed password for invalid user root from 116.49.132.142 port 38680 ssh2 Sep 19 00:06:57 ssh2 sshd[7728]: Connection closed by invalid user root 116.49.132.142 port 38680 [preauth] ...	2020-09-19 21:31:46
116.49.132.142	attack	Sep 19 00:06:56 ssh2 sshd[7728]: User root from n11649132142.netvigator.com not allowed because not listed in AllowUsers Sep 19 00:06:56 ssh2 sshd[7728]: Failed password for invalid user root from 116.49.132.142 port 38680 ssh2 Sep 19 00:06:57 ssh2 sshd[7728]: Connection closed by invalid user root 116.49.132.142 port 38680 [preauth] ...	2020-09-19 13:25:08
116.49.132.142	attackspambots	Connection to SSH Honeypot - Detected by HoneypotDB	2020-09-19 05:03:45
116.49.132.142	attackbotsspam	Sep 2 22:43:34 sip sshd[18517]: Failed password for root from 116.49.132.142 port 37391 ssh2 Sep 3 10:02:43 sip sshd[3832]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.49.132.142 Sep 3 10:02:45 sip sshd[3832]: Failed password for invalid user admin from 116.49.132.142 port 34174 ssh2	2020-09-03 22:16:36
116.49.132.142	attack	SSH_attack	2020-09-03 06:10:37

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 116.49.132.113
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 23847
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;116.49.132.113.			IN	A

;; AUTHORITY SECTION:
.			361	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020030300 1800 900 604800 86400

;; Query time: 97 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Mar 04 02:12:31 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

113.132.49.116.in-addr.arpa domain name pointer n11649132113.netvigator.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
113.132.49.116.in-addr.arpa	name = n11649132113.netvigator.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
5.36.47.97	attackbotsspam	Automatic report - Port Scan Attack	2019-08-04 07:06:36
49.88.112.64	attackbotsspam	(sshd) Failed SSH login from 49.88.112.64 (-): 5 in the last 3600 secs	2019-08-04 06:58:31
114.24.119.92	attack	Aug 2 21:01:00 localhost kernel: [16038253.301834] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=114.24.119.92 DST=[mungedIP2] LEN=40 TOS=0x00 PREC=0x00 TTL=53 ID=15938 PROTO=TCP SPT=37863 DPT=37215 WINDOW=35836 RES=0x00 SYN URGP=0 Aug 2 21:01:00 localhost kernel: [16038253.301843] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=114.24.119.92 DST=[mungedIP2] LEN=40 TOS=0x00 PREC=0x00 TTL=53 ID=15938 PROTO=TCP SPT=37863 DPT=37215 SEQ=758669438 ACK=0 WINDOW=35836 RES=0x00 SYN URGP=0 Aug 3 11:03:14 localhost kernel: [16088787.305037] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=114.24.119.92 DST=[mungedIP2] LEN=40 TOS=0x00 PREC=0x00 TTL=53 ID=19504 PROTO=TCP SPT=37863 DPT=37215 WINDOW=35836 RES=0x00 SYN URGP=0 Aug 3 11:03:14 localhost kernel: [16088787.305045] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=114.24.119.92 DST=[mungedIP2] LEN=40 TOS=0x0	2019-08-04 07:08:15
168.232.130.26	attackbotsspam	Aug 3 15:04:11 heicom sshd\[13344\]: Invalid user admin from 168.232.130.26 Aug 3 15:04:19 heicom sshd\[13351\]: Invalid user admin from 168.232.130.26 Aug 3 15:04:27 heicom sshd\[13353\]: Invalid user admin from 168.232.130.26 Aug 3 15:04:34 heicom sshd\[13355\]: Invalid user oracle from 168.232.130.26 Aug 3 15:04:42 heicom sshd\[13357\]: Invalid user oracle from 168.232.130.26 ...	2019-08-04 06:34:38
5.39.88.4	attackspam	Aug 4 00:15:36 * sshd[10386]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.39.88.4 Aug 4 00:15:37 * sshd[10386]: Failed password for invalid user dyndns from 5.39.88.4 port 40914 ssh2	2019-08-04 06:54:11
88.235.76.191	attackspambots	Automatic report - Port Scan Attack	2019-08-04 06:52:15
200.150.87.131	attackspam	Aug 3 21:21:16 XXX sshd[29510]: Invalid user amy from 200.150.87.131 port 40462	2019-08-04 06:45:38
157.230.186.166	attackbots	Aug 3 20:57:03 OPSO sshd\[8639\]: Invalid user from 157.230.186.166 port 59482 Aug 3 20:57:03 OPSO sshd\[8639\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.186.166 Aug 3 20:57:06 OPSO sshd\[8639\]: Failed password for invalid user from 157.230.186.166 port 59482 ssh2 Aug 3 21:01:05 OPSO sshd\[9266\]: Invalid user rodre from 157.230.186.166 port 54520 Aug 3 21:01:05 OPSO sshd\[9266\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.186.166	2019-08-04 07:02:50
77.247.108.160	attackspambots	Automatic report - Port Scan Attack	2019-08-04 06:35:33
87.118.86.95	attackspambots	loopsrockreggae.com 87.118.86.95 \[03/Aug/2019:22:35:12 +0200\] "POST /wp-login.php HTTP/1.1" 200 5615 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" loopsrockreggae.com 87.118.86.95 \[03/Aug/2019:22:35:12 +0200\] "POST /wp-login.php HTTP/1.1" 200 5624 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-08-04 07:12:00
138.75.103.53	attack	Aug 3 19:26:30 roadrisk sshd[32564]: Failed password for invalid user admin from 138.75.103.53 port 38317 ssh2 Aug 3 19:26:32 roadrisk sshd[32564]: Failed password for invalid user admin from 138.75.103.53 port 38317 ssh2 Aug 3 19:26:34 roadrisk sshd[32564]: Failed password for invalid user admin from 138.75.103.53 port 38317 ssh2 Aug 3 19:26:36 roadrisk sshd[32564]: Failed password for invalid user admin from 138.75.103.53 port 38317 ssh2 Aug 3 19:26:39 roadrisk sshd[32564]: Failed password for invalid user admin from 138.75.103.53 port 38317 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=138.75.103.53	2019-08-04 06:49:37
78.188.47.47	attack	19/8/3@11:03:30: FAIL: IoT-SSH address from=78.188.47.47 ...	2019-08-04 06:58:56
142.93.108.200	attackspam	Aug 3 23:32:45 vmd17057 sshd\[1305\]: Invalid user ftpusr from 142.93.108.200 port 57430 Aug 3 23:32:45 vmd17057 sshd\[1305\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.108.200 Aug 3 23:32:47 vmd17057 sshd\[1305\]: Failed password for invalid user ftpusr from 142.93.108.200 port 57430 ssh2 ...	2019-08-04 06:55:28
104.210.59.145	attackspambots	Aug 3 23:35:28 icinga sshd[859]: Failed password for root from 104.210.59.145 port 16256 ssh2 ...	2019-08-04 06:27:46
77.42.121.17	attack	Honeypot attack, port: 23, PTR: PTR record not found	2019-08-04 07:12:22

最近上报的IP列表

78.140.215.0	49.145.235.128	108.161.143.225	104.156.254.137
102.114.10.224	162.241.181.90	103.197.48.178	45.129.3.91
112.16.118.75	103.1.92.108	121.43.144.196	52.151.6.244
209.201.36.227	153.149.12.73	139.196.236.152	123.148.145.17
49.232.16.13	104.215.192.70	101.51.97.163	104.200.144.21