49.234.116.1 - IPInfo

基本信息:

城市(city): Beijing

省份(region): Beijing

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	SSH login attempts with user root.	2019-11-30 05:02:03

相同子网IP讨论:

IP	类型	评论内容	时间
49.234.116.74	attackspam	k+ssh-bruteforce	2020-10-12 21:46:38
49.234.116.74	attackbotsspam	$f2bV_matches	2020-10-12 13:16:32
49.234.116.74	attack	$f2bV_matches	2020-09-18 22:35:43
49.234.116.74	attackbotsspam	Sep 17 19:00:25 mail sshd[747]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.116.74 Sep 17 19:00:27 mail sshd[747]: Failed password for invalid user samuri from 49.234.116.74 port 38928 ssh2 ...	2020-09-18 14:50:40
49.234.116.74	attackbots	Sep 17 19:00:25 mail sshd[747]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.116.74 Sep 17 19:00:27 mail sshd[747]: Failed password for invalid user samuri from 49.234.116.74 port 38928 ssh2 ...	2020-09-18 05:07:17
49.234.116.74	attack	Sep 8 19:46:08 host sshd[999]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.116.74 user=root Sep 8 19:46:11 host sshd[999]: Failed password for root from 49.234.116.74 port 46916 ssh2 ...	2020-09-09 03:17:34
49.234.116.74	attack	2020-09-08T09:59:01+0000 Failed SSH Authentication/Brute Force Attack. (Server 6)	2020-09-08 18:52:25
49.234.116.40	attackbotsspam	$f2bV_matches	2020-08-26 20:18:59
49.234.116.40	attackspambots	Aug 5 07:12:49 marvibiene sshd[23960]: Failed password for root from 49.234.116.40 port 54446 ssh2 Aug 5 07:16:02 marvibiene sshd[24106]: Failed password for root from 49.234.116.40 port 60982 ssh2	2020-08-05 14:19:10
49.234.116.13	attack	Invalid user weblogic from 49.234.116.13 port 56444	2020-01-19 01:21:34
49.234.116.13	attackbotsspam	Unauthorized connection attempt detected from IP address 49.234.116.13 to port 2220 [J]	2020-01-18 03:51:31
49.234.116.13	attack	Unauthorized connection attempt detected from IP address 49.234.116.13 to port 2220 [J]	2020-01-17 03:02:38
49.234.116.13	attack	Dec 30 11:01:59 pi sshd\[30430\]: Invalid user igloocarzus from 49.234.116.13 port 58192 Dec 30 11:01:59 pi sshd\[30430\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.116.13 Dec 30 11:02:01 pi sshd\[30430\]: Failed password for invalid user igloocarzus from 49.234.116.13 port 58192 ssh2 Dec 30 11:10:43 pi sshd\[30651\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.116.13 user=root Dec 30 11:10:45 pi sshd\[30651\]: Failed password for root from 49.234.116.13 port 45534 ssh2 ...	2019-12-30 20:43:04
49.234.116.13	attackspambots	Dec 24 13:01:12 v22018076622670303 sshd\[17800\]: Invalid user webmaster from 49.234.116.13 port 54048 Dec 24 13:01:12 v22018076622670303 sshd\[17800\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.116.13 Dec 24 13:01:14 v22018076622670303 sshd\[17800\]: Failed password for invalid user webmaster from 49.234.116.13 port 54048 ssh2 ...	2019-12-24 21:17:06
49.234.116.13	attackbots	2019-12-07T05:24:33.993942abusebot-5.cloudsearch.cf sshd\[2378\]: Invalid user dovecot from 49.234.116.13 port 44040	2019-12-07 13:55:12

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 49.234.116.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 17162
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;49.234.116.1.			IN	A

;; AUTHORITY SECTION:
.			505	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019112901 1800 900 604800 86400

;; Query time: 100 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Nov 30 05:02:00 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 1.116.234.49.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 1.116.234.49.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
140.143.56.61	attackbots	2020-04-06T19:15:01.122506-07:00 suse-nuc sshd[30064]: Invalid user vyatta from 140.143.56.61 port 45182 ...	2020-04-28 13:34:46
189.216.17.209	attack	failed_logins	2020-04-28 12:59:51
128.199.185.112	attackbotsspam	Apr 28 06:56:55 OPSO sshd\[3648\]: Invalid user teamspeak from 128.199.185.112 port 62013 Apr 28 06:56:55 OPSO sshd\[3648\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.185.112 Apr 28 06:56:57 OPSO sshd\[3648\]: Failed password for invalid user teamspeak from 128.199.185.112 port 62013 ssh2 Apr 28 07:05:10 OPSO sshd\[6681\]: Invalid user jboss from 128.199.185.112 port 45935 Apr 28 07:05:10 OPSO sshd\[6681\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.185.112	2020-04-28 13:25:41
190.130.4.212	attackspambots	1588046032 - 04/28/2020 10:53:52 Host: 190.130.4.212/190.130.4.212 Port: 8080 TCP Blocked ...	2020-04-28 13:07:48
178.151.245.174	attack	Automatic report - Banned IP Access	2020-04-28 12:58:21
124.235.118.14	attackbots	Apr 28 07:07:32 debian-2gb-nbg1-2 kernel: \[10309380.591539\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=124.235.118.14 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=237 ID=9200 PROTO=TCP SPT=57745 DPT=6380 WINDOW=1024 RES=0x00 SYN URGP=0	2020-04-28 13:12:26
132.148.28.20	attackbotsspam	Automatic report - Banned IP Access	2020-04-28 13:18:47
122.168.125.226	attackspam	"Unauthorized connection attempt on SSHD detected"	2020-04-28 13:25:01
49.234.10.48	attackbotsspam	Invalid user proftpd from 49.234.10.48 port 39968	2020-04-28 13:11:25
106.13.191.211	attack	Apr 28 05:31:42 ns382633 sshd\[1823\]: Invalid user nxf from 106.13.191.211 port 53942 Apr 28 05:31:42 ns382633 sshd\[1823\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.191.211 Apr 28 05:31:44 ns382633 sshd\[1823\]: Failed password for invalid user nxf from 106.13.191.211 port 53942 ssh2 Apr 28 05:53:59 ns382633 sshd\[5749\]: Invalid user kpm from 106.13.191.211 port 56406 Apr 28 05:53:59 ns382633 sshd\[5749\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.191.211	2020-04-28 13:03:12
200.201.11.254	attackbots	Apr 28 06:47:50 server sshd[15214]: Failed password for root from 200.201.11.254 port 47968 ssh2 Apr 28 06:53:03 server sshd[16951]: Failed password for invalid user law from 200.201.11.254 port 33262 ssh2 Apr 28 06:58:18 server sshd[18586]: Failed password for invalid user nagios from 200.201.11.254 port 46782 ssh2	2020-04-28 13:24:14
189.202.204.237	attack	2020-04-28T04:52:15.957024shield sshd\[8928\]: Invalid user Claudia from 189.202.204.237 port 36576 2020-04-28T04:52:15.960712shield sshd\[8928\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=237.189-202-204.bestelclientes.com.mx 2020-04-28T04:52:17.587900shield sshd\[8928\]: Failed password for invalid user Claudia from 189.202.204.237 port 36576 ssh2 2020-04-28T04:56:16.569696shield sshd\[9818\]: Invalid user pedro from 189.202.204.237 port 55195 2020-04-28T04:56:16.572824shield sshd\[9818\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=237.189-202-204.bestelclientes.com.mx	2020-04-28 13:06:44
218.92.0.191	attackbots	04/28/2020-01:01:26.745997 218.92.0.191 Protocol: 6 ET SCAN Potential SSH Scan	2020-04-28 13:02:35
218.92.0.212	attackbotsspam	Apr 28 04:46:49 sshgateway sshd\[4119\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.212 user=root Apr 28 04:46:51 sshgateway sshd\[4119\]: Failed password for root from 218.92.0.212 port 40547 ssh2 Apr 28 04:47:03 sshgateway sshd\[4119\]: Failed password for root from 218.92.0.212 port 40547 ssh2	2020-04-28 12:57:42
91.83.93.220	attackspam	SpamScore above: 10.0	2020-04-28 13:20:54

最近上报的IP列表

115.51.94.242	45.83.67.2	87.244.68.169	116.208.94.111
45.77.121.1	41.115.133.13	220.12.153.217	78.162.199.232
162.243.205.148	81.254.107.88	106.80.118.45	45.163.134.2
110.81.83.58	45.55.38.3	45.112.230.55	56.44.215.149
139.67.228.147	41.215.244.6	120.26.40.61	150.208.91.66