116.49.250.20 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Hong Kong

运营商(isp): Hong Kong Telecommunications (HKT) Limited

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	"Unauthorized connection attempt on SSHD detected"	2020-05-24 15:42:41

相同子网IP讨论:

IP	类型	评论内容	时间
116.49.250.167	attackbots	Unauthorized connection attempt detected from IP address 116.49.250.167 to port 5555 [J]	2020-01-19 15:36:04

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 116.49.250.20
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 8800
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;116.49.250.20.			IN	A

;; AUTHORITY SECTION:
.			544	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020052400 1800 900 604800 86400

;; Query time: 109 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun May 24 15:42:31 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

20.250.49.116.in-addr.arpa domain name pointer n11649250020.netvigator.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
20.250.49.116.in-addr.arpa	name = n11649250020.netvigator.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
182.61.105.89	attackspambots	Jan 1 15:45:22 MK-Soft-VM7 sshd[17619]: Failed password for root from 182.61.105.89 port 52480 ssh2 Jan 1 15:47:11 MK-Soft-VM7 sshd[17637]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.105.89 ...	2020-01-02 03:07:16
96.64.7.59	attack	Invalid user vyatta from 96.64.7.59 port 55406	2020-01-02 02:49:15
206.189.239.103	attackbots	Jan 1 18:24:22 cavern sshd[10794]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.239.103	2020-01-02 02:47:35
218.92.0.158	attack	$f2bV_matches	2020-01-02 02:50:58
79.59.247.163	attack	Dec 31 08:45:21 cumulus sshd[24721]: Invalid user rpc from 79.59.247.163 port 61817 Dec 31 08:45:21 cumulus sshd[24721]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=79.59.247.163 Dec 31 08:45:23 cumulus sshd[24721]: Failed password for invalid user rpc from 79.59.247.163 port 61817 ssh2 Dec 31 08:45:23 cumulus sshd[24721]: Received disconnect from 79.59.247.163 port 61817:11: Bye Bye [preauth] Dec 31 08:45:23 cumulus sshd[24721]: Disconnected from 79.59.247.163 port 61817 [preauth] Dec 31 09:08:27 cumulus sshd[25442]: Invalid user comforts from 79.59.247.163 port 52434 Dec 31 09:08:27 cumulus sshd[25442]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=79.59.247.163 Dec 31 09:08:30 cumulus sshd[25442]: Failed password for invalid user comforts from 79.59.247.163 port 52434 ssh2 Dec 31 09:08:30 cumulus sshd[25442]: Received disconnect from 79.59.247.163 port 52434:11: Bye Bye [preauth] De........ -------------------------------	2020-01-02 02:53:41
106.51.137.113	attackbotsspam	Jan 1 17:37:27 server sshd\[23984\]: Invalid user nfs from 106.51.137.113 Jan 1 17:37:27 server sshd\[23984\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.51.137.113 Jan 1 17:37:29 server sshd\[23984\]: Failed password for invalid user nfs from 106.51.137.113 port 34554 ssh2 Jan 1 17:47:37 server sshd\[26053\]: Invalid user nfs from 106.51.137.113 Jan 1 17:47:37 server sshd\[26053\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.51.137.113 ...	2020-01-02 02:52:28
195.231.0.89	attackbots	B: f2b ssh aggressive 3x	2020-01-02 02:46:22
106.13.131.4	attackbotsspam	Jan 1 18:51:37 lnxweb61 sshd[24235]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.131.4	2020-01-02 03:14:05
178.128.168.87	attackspam	Jan 1 16:49:21 [host] sshd[3609]: Invalid user oracle from 178.128.168.87 Jan 1 16:49:21 [host] sshd[3609]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.168.87 Jan 1 16:49:23 [host] sshd[3609]: Failed password for invalid user oracle from 178.128.168.87 port 45678 ssh2	2020-01-02 02:42:50
222.186.180.41	attackspambots	01/01/2020-13:55:18.007219 222.186.180.41 Protocol: 6 ET SCAN Potential SSH Scan	2020-01-02 03:03:40
120.209.164.118	attackbotsspam	Automatic report - Banned IP Access	2020-01-02 03:20:59
104.236.28.167	attackbots	Jan 1 15:47:28 vps647732 sshd[16812]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.236.28.167 Jan 1 15:47:30 vps647732 sshd[16812]: Failed password for invalid user dardanne from 104.236.28.167 port 40082 ssh2 ...	2020-01-02 02:57:03
5.133.66.10	attack	Lines containing failures of 5.133.66.10 Jan 1 14:20:49 shared04 postfix/smtpd[20916]: connect from tank.tamnhapho.com[5.133.66.10] Jan 1 14:20:49 shared04 policyd-spf[21178]: prepend Received-SPF: Pass (mailfrom) identhostnamey=mailfrom; client-ip=5.133.66.10; helo=tank.herahostnameech.com; envelope-from=x@x Jan x@x Jan 1 14:20:49 shared04 postfix/smtpd[20916]: disconnect from tank.tamnhapho.com[5.133.66.10] ehlo=1 mail=1 rcpt=0/1 data=0/1 quhostname=1 commands=3/5 Jan 1 14:21:18 shared04 postfix/smtpd[21527]: connect from tank.tamnhapho.com[5.133.66.10] Jan 1 14:21:19 shared04 policyd-spf[21640]: prepend Received-SPF: Pass (mailfrom) identhostnamey=mailfrom; client-ip=5.133.66.10; helo=tank.herahostnameech.com; envelope-from=x@x Jan x@x Jan 1 14:21:19 shared04 postfix/smtpd[21527]: disconnect from tank.tamnhapho.com[5.133.66.10] ehlo=1 mail=1 rcpt=0/1 data=0/1 quhostname=1 commands=3/5 Jan 1 14:21:47 shared04 postfix/smtpd[20916]: connect from tank.tamnhapho.com........ ------------------------------	2020-01-02 03:17:18
109.15.50.94	attack	Jan 1 16:14:52 icinga sshd[13453]: Failed password for root from 109.15.50.94 port 44608 ssh2 Jan 1 16:51:00 icinga sshd[16922]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.15.50.94 ...	2020-01-02 02:52:04
158.69.220.70	attack	2020-01-01T16:56:07.241171vps751288.ovh.net sshd\[15016\]: Invalid user ingvaldsen from 158.69.220.70 port 35146 2020-01-01T16:56:07.247979vps751288.ovh.net sshd\[15016\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=70.ip-158-69-220.net 2020-01-01T16:56:08.717489vps751288.ovh.net sshd\[15016\]: Failed password for invalid user ingvaldsen from 158.69.220.70 port 35146 ssh2 2020-01-01T16:57:45.716455vps751288.ovh.net sshd\[15018\]: Invalid user majordomo from 158.69.220.70 port 51006 2020-01-01T16:57:45.725334vps751288.ovh.net sshd\[15018\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=70.ip-158-69-220.net	2020-01-02 02:43:02

最近上报的IP列表

36.69.149.252	106.54.119.121	66.176.203.94	24.6.209.62
125.225.173.88	175.164.146.125	139.186.73.248	173.238.142.2
66.55.144.249	165.227.103.246	114.26.193.161	5.196.94.193
148.211.184.248	196.213.98.40	188.222.248.92	193.112.160.203
177.44.17.48	139.219.5.244	35.171.84.247	89.187.176.43