13.234.116.48 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): India

运营商(isp): Amazon Data Services India

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Nov3015:31:01server2kernel:Firewall:\TCP_INBlocked\IN=eth0OUT=MAC=00:16:3e:3f:7a:43:52:54:00:a2:7f:43:08:00SRC=13.234.116.48DST=136.243.224.58LEN=40TOS=0x00PREC=0x00TTL=45ID=26855PROTO=TCPSPT=41403DPT=23WINDOW=32090RES=0x00SYNURGP=0Nov3015:31:03server2kernel:Firewall:\TCP_INBlocked\IN=eth0OUT=MAC=00:16:3e:3f:7a:43:52:54:00:a2:7f:43:08:00SRC=13.234.116.48DST=136.243.224.58LEN=40TOS=0x00PREC=0x00TTL=45ID=26855PROTO=TCPSPT=41403DPT=23WINDOW=32090RES=0x00SYNURGP=0Nov3015:31:03server2kernel:Firewall:\TCP_INBlocked\IN=eth0OUT=MAC=00:16:3e:3f:7a:43:52:54:00:a2:7f:43:08:00SRC=13.234.116.48DST=136.243.224.58LEN=40TOS=0x00PREC=0x00TTL=45ID=26855PROTO=TCPSPT=41403DPT=23WINDOW=32090RES=0x00SYNURGP=0Nov3015:31:06server2kernel:Firewall:\TCP_INBlocked\IN=eth0OUT=MAC=00:16:3e:3f:7a:43:52:54:00:a2:7f:43:08:00SRC=13.234.116.48DST=136.243.224.58LEN=40TOS=0x00PREC=0x00TTL=45ID=26855PROTO=TCPSPT=41403DPT=23WINDOW=32090RES=0x00SYNURGP=0Nov3015:31:07server2kernel:Firewall:\TCP_INBlocked\IN=eth0OUT=MAC=00:16:3e:3f:7a:43:52	2019-12-01 02:32:33

类型

评论内容

时间

attackbots

Nov3015:31:01server2kernel:Firewall:\*TCP_INBlocked\*IN=eth0OUT=MAC=00:16:3e:3f:7a:43:52:54:00:a2:7f:43:08:00SRC=13.234.116.48DST=136.243.224.58LEN=40TOS=0x00PREC=0x00TTL=45ID=26855PROTO=TCPSPT=41403DPT=23WINDOW=32090RES=0x00SYNURGP=0Nov3015:31:03server2kernel:Firewall:\*TCP_INBlocked\*IN=eth0OUT=MAC=00:16:3e:3f:7a:43:52:54:00:a2:7f:43:08:00SRC=13.234.116.48DST=136.243.224.58LEN=40TOS=0x00PREC=0x00TTL=45ID=26855PROTO=TCPSPT=41403DPT=23WINDOW=32090RES=0x00SYNURGP=0Nov3015:31:03server2kernel:Firewall:\*TCP_INBlocked\*IN=eth0OUT=MAC=00:16:3e:3f:7a:43:52:54:00:a2:7f:43:08:00SRC=13.234.116.48DST=136.243.224.58LEN=40TOS=0x00PREC=0x00TTL=45ID=26855PROTO=TCPSPT=41403DPT=23WINDOW=32090RES=0x00SYNURGP=0Nov3015:31:06server2kernel:Firewall:\*TCP_INBlocked\*IN=eth0OUT=MAC=00:16:3e:3f:7a:43:52:54:00:a2:7f:43:08:00SRC=13.234.116.48DST=136.243.224.58LEN=40TOS=0x00PREC=0x00TTL=45ID=26855PROTO=TCPSPT=41403DPT=23WINDOW=32090RES=0x00SYNURGP=0Nov3015:31:07server2kernel:Firewall:\*TCP_INBlocked\*IN=eth0OUT=MAC=00:16:3e:3f:7a:43:52

2019-12-01 02:32:33

相同子网IP讨论:

IP	类型	评论内容	时间
13.234.116.94	attackspam	Automatic report - XMLRPC Attack	2020-01-08 04:21:50

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 13.234.116.48
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 46879
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;13.234.116.48.			IN	A

;; AUTHORITY SECTION:
.			477	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019113002 1800 900 604800 86400

;; Query time: 103 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Dec 01 02:32:29 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

48.116.234.13.in-addr.arpa domain name pointer ec2-13-234-116-48.ap-south-1.compute.amazonaws.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
48.116.234.13.in-addr.arpa	name = ec2-13-234-116-48.ap-south-1.compute.amazonaws.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
222.186.175.217	attack	Jan 3 00:36:22 amit sshd\[23642\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.217 user=root Jan 3 00:36:24 amit sshd\[23642\]: Failed password for root from 222.186.175.217 port 2758 ssh2 Jan 3 00:36:40 amit sshd\[23644\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.217 user=root ...	2020-01-03 07:45:53
125.213.150.7	attackspam	SSH-BruteForce	2020-01-03 07:36:12
222.186.190.2	attackbotsspam	Jan 3 00:50:46 legacy sshd[13413]: Failed password for root from 222.186.190.2 port 29802 ssh2 Jan 3 00:50:56 legacy sshd[13413]: Failed password for root from 222.186.190.2 port 29802 ssh2 Jan 3 00:50:59 legacy sshd[13413]: Failed password for root from 222.186.190.2 port 29802 ssh2 Jan 3 00:50:59 legacy sshd[13413]: error: maximum authentication attempts exceeded for root from 222.186.190.2 port 29802 ssh2 [preauth] ...	2020-01-03 07:52:26
45.143.223.15	attackbots	Brute force attempt	2020-01-03 07:44:32
222.186.30.218	attackspam	02.01.2020 23:45:13 SSH access blocked by firewall	2020-01-03 07:55:42
69.229.6.33	attackbotsspam	SSH Brute Force, server-1 sshd[3833]: Failed password for invalid user err from 69.229.6.33 port 50066 ssh2	2020-01-03 07:51:13
139.59.94.225	attackbots	Jan 2 18:24:34 plusreed sshd[20507]: Invalid user newpass from 139.59.94.225 ...	2020-01-03 07:41:21
222.186.175.23	attack	Jan 3 00:28:56 vmanager6029 sshd\[19136\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.23 user=root Jan 3 00:28:58 vmanager6029 sshd\[19136\]: Failed password for root from 222.186.175.23 port 42732 ssh2 Jan 3 00:29:00 vmanager6029 sshd\[19136\]: Failed password for root from 222.186.175.23 port 42732 ssh2	2020-01-03 07:46:50
222.186.180.130	attackspam	Jan 2 23:51:10 *** sshd[14585]: User root from 222.186.180.130 not allowed because not listed in AllowUsers	2020-01-03 07:53:55
222.186.169.192	attackbotsspam	Jan 2 18:46:57 onepro2 sshd[2348]: Failed none for root from 222.186.169.192 port 23834 ssh2 Jan 2 18:47:00 onepro2 sshd[2348]: Failed password for root from 222.186.169.192 port 23834 ssh2 Jan 2 18:47:03 onepro2 sshd[2348]: Failed password for root from 222.186.169.192 port 23834 ssh2	2020-01-03 07:54:28
106.245.255.19	attackbots	$f2bV_matches	2020-01-03 07:31:29
222.186.42.136	attackspambots	Unauthorized connection attempt detected from IP address 222.186.42.136 to port 22	2020-01-03 07:55:16
14.164.5.167	attackspambots	failed_logins	2020-01-03 07:24:07
91.106.182.122	attack	SSH Brute Force, server-1 sshd[3746]: Failed password for invalid user admin from 91.106.182.122 port 47012 ssh2	2020-01-03 07:50:55
159.89.131.172	attackbotsspam	WordPress XMLRPC scan :: 159.89.131.172 0.216 - [02/Jan/2020:23:06:39 0000] [censored_1] "POST /xmlrpc.php HTTP/1.1" 200 236 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "HTTP/1.1"	2020-01-03 07:40:56

最近上报的IP列表

187.84.176.19	61.214.140.145	124.66.255.226	115.96.131.222
218.21.18.216	233.175.241.50	179.173.219.99	39.184.214.69
97.211.14.208	116.236.21.227	75.227.89.72	79.65.33.6
73.80.6.121	84.202.83.143	122.193.181.199	114.228.201.57
91.150.127.127	67.58.119.253	52.152.149.236	110.189.81.168