20.49.194.214 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United Kingdom of Great Britain and Northern Ireland

运营商(isp): Microsoft Corporation

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Sep 25 01:16:43 ssh2 sshd[42941]: User root from 20.49.194.214 not allowed because not listed in AllowUsers Sep 25 01:16:43 ssh2 sshd[42941]: Failed password for invalid user root from 20.49.194.214 port 51919 ssh2 Sep 25 01:16:43 ssh2 sshd[42941]: Disconnected from invalid user root 20.49.194.214 port 51919 [preauth] ...	2020-09-25 09:24:14
attackbotsspam	Sep 24 19:24:38 melroy-server sshd[2039]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=20.49.194.214 Sep 24 19:24:39 melroy-server sshd[2039]: Failed password for invalid user efinding from 20.49.194.214 port 11343 ssh2 ...	2020-09-25 01:25:09
attackspambots	sshd: Failed password for .... from 20.49.194.214 port 62491 ssh2	2020-09-24 17:03:30

类型

评论内容

时间

attack

Sep 25 01:16:43 ssh2 sshd[42941]: User root from 20.49.194.214 not allowed because not listed in AllowUsers
Sep 25 01:16:43 ssh2 sshd[42941]: Failed password for invalid user root from 20.49.194.214 port 51919 ssh2
Sep 25 01:16:43 ssh2 sshd[42941]: Disconnected from invalid user root 20.49.194.214 port 51919 [preauth]
...

2020-09-25 09:24:14

attackbotsspam

Sep 24 19:24:38 melroy-server sshd[2039]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=20.49.194.214 
Sep 24 19:24:39 melroy-server sshd[2039]: Failed password for invalid user efinding from 20.49.194.214 port 11343 ssh2
...

2020-09-25 01:25:09

attackspambots

sshd: Failed password for .... from 20.49.194.214 port 62491 ssh2

2020-09-24 17:03:30

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 20.49.194.214
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 38991
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;20.49.194.214.			IN	A

;; AUTHORITY SECTION:
.			285	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020092400 1800 900 604800 86400

;; Query time: 71 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Sep 24 17:03:26 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 214.194.49.20.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 214.194.49.20.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
170.244.44.51	attackspambots	Jul 12 15:56:36 sso sshd[31692]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=170.244.44.51 Jul 12 15:56:38 sso sshd[31692]: Failed password for invalid user ximeng from 170.244.44.51 port 49090 ssh2 ...	2020-07-13 03:47:39
222.186.175.212	attackbotsspam	Jul 12 15:12:57 ny01 sshd[723]: Failed password for root from 222.186.175.212 port 18950 ssh2 Jul 12 15:13:11 ny01 sshd[723]: error: maximum authentication attempts exceeded for root from 222.186.175.212 port 18950 ssh2 [preauth] Jul 12 15:13:17 ny01 sshd[759]: Failed password for root from 222.186.175.212 port 64294 ssh2	2020-07-13 03:21:18
162.243.139.98	attackspam	[Fri Jun 12 03:31:41 2020] - DDoS Attack From IP: 162.243.139.98 Port: 51724	2020-07-13 03:31:45
112.85.42.176	attackbots	Jul 12 20:20:46 ajax sshd[21621]: Failed password for root from 112.85.42.176 port 31501 ssh2 Jul 12 20:20:48 ajax sshd[21621]: Failed password for root from 112.85.42.176 port 31501 ssh2	2020-07-13 03:26:49
188.165.162.97	attackbots	$f2bV_matches	2020-07-13 03:21:36
185.97.119.150	attack	Jul 12 15:24:30 firewall sshd[18001]: Invalid user national from 185.97.119.150 Jul 12 15:24:32 firewall sshd[18001]: Failed password for invalid user national from 185.97.119.150 port 34622 ssh2 Jul 12 15:28:00 firewall sshd[18209]: Invalid user todus from 185.97.119.150 ...	2020-07-13 03:16:56
222.186.173.201	attack	[MK-VM1] SSH login failed	2020-07-13 03:26:11
156.96.154.8	attackbots	[2020-07-12 15:17:03] NOTICE[1150][C-00002a3a] chan_sip.c: Call from '' (156.96.154.8:60491) to extension '011441904911004' rejected because extension not found in context 'public'. [2020-07-12 15:17:03] SECURITY[1167] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-07-12T15:17:03.313-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="011441904911004",SessionID="0x7fcb4c13aa08",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/156.96.154.8/60491",ACLName="no_extension_match" [2020-07-12 15:17:58] NOTICE[1150][C-00002a3c] chan_sip.c: Call from '' (156.96.154.8:53362) to extension '011441904911004' rejected because extension not found in context 'public'. [2020-07-12 15:17:58] SECURITY[1167] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-07-12T15:17:58.618-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="011441904911004",SessionID="0x7fcb4c0dfe08",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/156 ...	2020-07-13 03:37:52
92.222.72.234	attack	Jul 12 21:08:23 mail sshd[29959]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.222.72.234 Jul 12 21:08:25 mail sshd[29959]: Failed password for invalid user prometheus from 92.222.72.234 port 35389 ssh2 ...	2020-07-13 03:12:11
107.6.171.130	attackspam	Unauthorized connection attempt detected from IP address 107.6.171.130 to port 3388	2020-07-13 03:11:52
223.27.39.160	attackbots	Jul 12 11:50:58 ip-172-31-61-156 sshd[23681]: Invalid user bomb from 223.27.39.160 Jul 12 11:50:58 ip-172-31-61-156 sshd[23681]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.27.39.160 Jul 12 11:50:58 ip-172-31-61-156 sshd[23681]: Invalid user bomb from 223.27.39.160 Jul 12 11:50:59 ip-172-31-61-156 sshd[23681]: Failed password for invalid user bomb from 223.27.39.160 port 54186 ssh2 Jul 12 11:53:08 ip-172-31-61-156 sshd[23769]: Invalid user jared from 223.27.39.160 ...	2020-07-13 03:20:03
106.75.152.124	attack	[Wed Jun 24 10:54:10 2020] - DDoS Attack From IP: 106.75.152.124 Port: 58914	2020-07-13 03:45:16
91.121.173.98	attack	Jul 11 07:15:53 mail sshd[59153]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.121.173.98 Jul 11 07:15:56 mail sshd[59153]: Failed password for invalid user ziyi from 91.121.173.98 port 55780 ssh2 ...	2020-07-13 03:32:12
141.98.80.52	attack	Jul 12 20:45:18 mail postfix/smtpd\[24176\]: warning: unknown\[141.98.80.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Jul 12 20:45:37 mail postfix/smtpd\[24176\]: warning: unknown\[141.98.80.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Jul 12 21:16:07 mail postfix/smtpd\[24737\]: warning: unknown\[141.98.80.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Jul 12 21:16:25 mail postfix/smtpd\[24737\]: warning: unknown\[141.98.80.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\	2020-07-13 03:30:21
124.156.63.192	attackbots	[Sat Jun 13 03:06:27 2020] - DDoS Attack From IP: 124.156.63.192 Port: 49745	2020-07-13 03:22:20

最近上报的IP列表

176.226.195.196	119.45.236.83	104.211.72.132	216.146.48.16
178.62.6.114	123.203.161.134	115.23.88.113	91.193.222.45
78.94.180.85	52.148.95.225	35.11.228.50	52.187.68.164
52.150.8.43	223.16.0.100	200.111.102.59	222.87.117.140
91.46.5.89	80.43.185.235	114.255.40.181	120.71.243.70