49.234.116.13 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Invalid user weblogic from 49.234.116.13 port 56444	2020-01-19 01:21:34
attackbotsspam	Unauthorized connection attempt detected from IP address 49.234.116.13 to port 2220 [J]	2020-01-18 03:51:31
attack	Unauthorized connection attempt detected from IP address 49.234.116.13 to port 2220 [J]	2020-01-17 03:02:38
attack	Dec 30 11:01:59 pi sshd\[30430\]: Invalid user igloocarzus from 49.234.116.13 port 58192 Dec 30 11:01:59 pi sshd\[30430\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.116.13 Dec 30 11:02:01 pi sshd\[30430\]: Failed password for invalid user igloocarzus from 49.234.116.13 port 58192 ssh2 Dec 30 11:10:43 pi sshd\[30651\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.116.13 user=root Dec 30 11:10:45 pi sshd\[30651\]: Failed password for root from 49.234.116.13 port 45534 ssh2 ...	2019-12-30 20:43:04
attackspambots	Dec 24 13:01:12 v22018076622670303 sshd\[17800\]: Invalid user webmaster from 49.234.116.13 port 54048 Dec 24 13:01:12 v22018076622670303 sshd\[17800\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.116.13 Dec 24 13:01:14 v22018076622670303 sshd\[17800\]: Failed password for invalid user webmaster from 49.234.116.13 port 54048 ssh2 ...	2019-12-24 21:17:06
attackbots	2019-12-07T05:24:33.993942abusebot-5.cloudsearch.cf sshd\[2378\]: Invalid user dovecot from 49.234.116.13 port 44040	2019-12-07 13:55:12
attack	Nov 28 18:32:34 vmanager6029 sshd\[24479\]: Invalid user ervisor from 49.234.116.13 port 59042 Nov 28 18:32:34 vmanager6029 sshd\[24479\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.116.13 Nov 28 18:32:36 vmanager6029 sshd\[24479\]: Failed password for invalid user ervisor from 49.234.116.13 port 59042 ssh2	2019-11-29 01:48:17
attackbotsspam	2019-11-23T06:27:08.638652abusebot-8.cloudsearch.cf sshd\[16598\]: Invalid user 123456 from 49.234.116.13 port 43630	2019-11-23 16:57:11
attackspambots	Nov 20 17:57:30 dedicated sshd[4023]: Invalid user stof from 49.234.116.13 port 41692	2019-11-21 03:46:20
attack	Nov 20 09:05:51 v22018076622670303 sshd\[5107\]: Invalid user support from 49.234.116.13 port 37626 Nov 20 09:05:51 v22018076622670303 sshd\[5107\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.116.13 Nov 20 09:05:53 v22018076622670303 sshd\[5107\]: Failed password for invalid user support from 49.234.116.13 port 37626 ssh2 ...	2019-11-20 20:18:07
attackspam	Nov 19 01:55:29 gw1 sshd[21725]: Failed password for root from 49.234.116.13 port 41460 ssh2 ...	2019-11-19 05:12:50
attack	Oct 16 09:18:13 sachi sshd\[29467\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.116.13 user=root Oct 16 09:18:14 sachi sshd\[29467\]: Failed password for root from 49.234.116.13 port 50628 ssh2 Oct 16 09:22:17 sachi sshd\[29784\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.116.13 user=root Oct 16 09:22:19 sachi sshd\[29784\]: Failed password for root from 49.234.116.13 port 59078 ssh2 Oct 16 09:26:23 sachi sshd\[30079\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.116.13 user=root	2019-10-17 05:45:02
attackbotsspam	ssh failed login	2019-10-15 16:35:42
attackbots	Lines containing failures of 49.234.116.13 Oct 14 01:39:17 nextcloud sshd[29939]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.116.13 user=r.r Oct 14 01:39:18 nextcloud sshd[29939]: Failed password for r.r from 49.234.116.13 port 51412 ssh2 Oct 14 01:39:19 nextcloud sshd[29939]: Received disconnect from 49.234.116.13 port 51412:11: Bye Bye [preauth] Oct 14 01:39:19 nextcloud sshd[29939]: Disconnected from authenticating user r.r 49.234.116.13 port 51412 [preauth] Oct 14 01:54:36 nextcloud sshd[31668]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.116.13 user=r.r Oct 14 01:54:38 nextcloud sshd[31668]: Failed password for r.r from 49.234.116.13 port 57852 ssh2 Oct 14 01:54:39 nextcloud sshd[31668]: Received disconnect from 49.234.116.13 port 57852:11: Bye Bye [preauth] Oct 14 01:54:39 nextcloud sshd[31668]: Disconnected from authenticating user r.r 49.234.116.13 port 57852 ........ ------------------------------	2019-10-14 19:54:07
attack	Oct 8 23:24:39 web9 sshd\[18493\]: Invalid user T3st@1234 from 49.234.116.13 Oct 8 23:24:39 web9 sshd\[18493\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.116.13 Oct 8 23:24:41 web9 sshd\[18493\]: Failed password for invalid user T3st@1234 from 49.234.116.13 port 48478 ssh2 Oct 8 23:28:15 web9 sshd\[19086\]: Invalid user Windows@100 from 49.234.116.13 Oct 8 23:28:15 web9 sshd\[19086\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.116.13	2019-10-09 19:09:28
attack	Oct 7 23:51:30 v22018076622670303 sshd\[7416\]: Invalid user P4sswort12\# from 49.234.116.13 port 44468 Oct 7 23:51:30 v22018076622670303 sshd\[7416\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.116.13 Oct 7 23:51:32 v22018076622670303 sshd\[7416\]: Failed password for invalid user P4sswort12\# from 49.234.116.13 port 44468 ssh2 ...	2019-10-08 07:50:53
attackbotsspam	Oct 4 02:19:54 hanapaa sshd\[14409\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.116.13 user=root Oct 4 02:19:56 hanapaa sshd\[14409\]: Failed password for root from 49.234.116.13 port 51178 ssh2 Oct 4 02:24:51 hanapaa sshd\[14800\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.116.13 user=root Oct 4 02:24:53 hanapaa sshd\[14800\]: Failed password for root from 49.234.116.13 port 58350 ssh2 Oct 4 02:29:35 hanapaa sshd\[15157\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.116.13 user=root	2019-10-04 20:40:53
attackspambots	Oct 1 21:34:04 hanapaa sshd\[15452\]: Invalid user db2iadm1 from 49.234.116.13 Oct 1 21:34:04 hanapaa sshd\[15452\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.116.13 Oct 1 21:34:06 hanapaa sshd\[15452\]: Failed password for invalid user db2iadm1 from 49.234.116.13 port 59616 ssh2 Oct 1 21:37:56 hanapaa sshd\[15768\]: Invalid user terminfo from 49.234.116.13 Oct 1 21:37:56 hanapaa sshd\[15768\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.116.13	2019-10-02 19:34:54
attackbots	Sep 22 10:21:36 ny01 sshd[29200]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.116.13 Sep 22 10:21:37 ny01 sshd[29200]: Failed password for invalid user wifin from 49.234.116.13 port 52394 ssh2 Sep 22 10:26:52 ny01 sshd[30450]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.116.13	2019-09-22 23:29:42
attack	Sep 7 09:29:19 nextcloud sshd\[19683\]: Invalid user ubuntu from 49.234.116.13 Sep 7 09:29:19 nextcloud sshd\[19683\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.116.13 Sep 7 09:29:21 nextcloud sshd\[19683\]: Failed password for invalid user ubuntu from 49.234.116.13 port 41910 ssh2 ...	2019-09-07 16:07:59
attackspam	Sep 5 01:03:27 kapalua sshd\[19794\]: Invalid user test1234 from 49.234.116.13 Sep 5 01:03:27 kapalua sshd\[19794\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.116.13 Sep 5 01:03:30 kapalua sshd\[19794\]: Failed password for invalid user test1234 from 49.234.116.13 port 42574 ssh2 Sep 5 01:06:53 kapalua sshd\[20110\]: Invalid user Passw0rd from 49.234.116.13 Sep 5 01:06:53 kapalua sshd\[20110\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.116.13	2019-09-06 02:12:37
attackbotsspam	Aug 24 21:57:18 hcbbdb sshd\[18823\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.116.13 user=root Aug 24 21:57:19 hcbbdb sshd\[18823\]: Failed password for root from 49.234.116.13 port 46532 ssh2 Aug 24 22:00:44 hcbbdb sshd\[19154\]: Invalid user dev from 49.234.116.13 Aug 24 22:00:44 hcbbdb sshd\[19154\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.116.13 Aug 24 22:00:46 hcbbdb sshd\[19154\]: Failed password for invalid user dev from 49.234.116.13 port 48334 ssh2	2019-08-25 09:12:53

相同子网IP讨论:

IP	类型	评论内容	时间
49.234.116.74	attackspam	k+ssh-bruteforce	2020-10-12 21:46:38
49.234.116.74	attackbotsspam	$f2bV_matches	2020-10-12 13:16:32
49.234.116.74	attack	$f2bV_matches	2020-09-18 22:35:43
49.234.116.74	attackbotsspam	Sep 17 19:00:25 mail sshd[747]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.116.74 Sep 17 19:00:27 mail sshd[747]: Failed password for invalid user samuri from 49.234.116.74 port 38928 ssh2 ...	2020-09-18 14:50:40
49.234.116.74	attackbots	Sep 17 19:00:25 mail sshd[747]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.116.74 Sep 17 19:00:27 mail sshd[747]: Failed password for invalid user samuri from 49.234.116.74 port 38928 ssh2 ...	2020-09-18 05:07:17
49.234.116.74	attack	Sep 8 19:46:08 host sshd[999]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.116.74 user=root Sep 8 19:46:11 host sshd[999]: Failed password for root from 49.234.116.74 port 46916 ssh2 ...	2020-09-09 03:17:34
49.234.116.74	attack	2020-09-08T09:59:01+0000 Failed SSH Authentication/Brute Force Attack. (Server 6)	2020-09-08 18:52:25
49.234.116.40	attackbotsspam	$f2bV_matches	2020-08-26 20:18:59
49.234.116.40	attackspambots	Aug 5 07:12:49 marvibiene sshd[23960]: Failed password for root from 49.234.116.40 port 54446 ssh2 Aug 5 07:16:02 marvibiene sshd[24106]: Failed password for root from 49.234.116.40 port 60982 ssh2	2020-08-05 14:19:10
49.234.116.1	attackbotsspam	SSH login attempts with user root.	2019-11-30 05:02:03

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 49.234.116.13
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 31895
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;49.234.116.13.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019082401 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Aug 25 09:12:47 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 13.116.234.49.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 13.116.234.49.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
124.158.164.146	attackbotsspam	Sep 23 08:27:23 vpn01 sshd[25080]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.158.164.146 Sep 23 08:27:25 vpn01 sshd[25080]: Failed password for invalid user postgres from 124.158.164.146 port 38334 ssh2 ...	2020-09-23 15:18:21
103.134.9.249	attackbots	Unauthorized connection attempt from IP address 103.134.9.249 on Port 445(SMB)	2020-09-23 15:42:40
167.99.183.237	attackbotsspam	2020-09-23T08:44:06.693156mail.standpoint.com.ua sshd[20800]: Failed password for root from 167.99.183.237 port 58508 ssh2 2020-09-23T08:47:30.481304mail.standpoint.com.ua sshd[21322]: Invalid user test from 167.99.183.237 port 33466 2020-09-23T08:47:30.484007mail.standpoint.com.ua sshd[21322]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.183.237 2020-09-23T08:47:30.481304mail.standpoint.com.ua sshd[21322]: Invalid user test from 167.99.183.237 port 33466 2020-09-23T08:47:32.376668mail.standpoint.com.ua sshd[21322]: Failed password for invalid user test from 167.99.183.237 port 33466 ssh2 ...	2020-09-23 15:39:11
178.57.84.202	attackspambots	Unauthorized connection attempt from IP address 178.57.84.202 on Port 445(SMB)	2020-09-23 15:43:08
3.91.28.244	attack	[portscan] Port scan	2020-09-23 15:37:56
178.151.65.138	attackbotsspam	Sep 22 17:01:56 ssh2 sshd[20608]: User root from 178.151.65.138 not allowed because not listed in AllowUsers Sep 22 17:01:56 ssh2 sshd[20608]: Failed password for invalid user root from 178.151.65.138 port 47668 ssh2 Sep 22 17:01:56 ssh2 sshd[20608]: Connection closed by invalid user root 178.151.65.138 port 47668 [preauth] ...	2020-09-23 15:07:30
120.131.13.186	attackspam	Jul 24 01:19:42 server sshd[7998]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.131.13.186 Jul 24 01:19:44 server sshd[7998]: Failed password for invalid user shannon from 120.131.13.186 port 13472 ssh2 Jul 24 01:30:18 server sshd[8467]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.131.13.186 Jul 24 01:30:20 server sshd[8467]: Failed password for invalid user gita from 120.131.13.186 port 9754 ssh2	2020-09-23 15:40:12
208.113.164.202	attack	Invalid user guest from 208.113.164.202 port 45854	2020-09-23 15:23:20
85.209.0.100	attackspambots	Sep 23 09:14:01 marvibiene sshd[20960]: Failed password for root from 85.209.0.100 port 28348 ssh2	2020-09-23 15:26:12
139.186.73.140	attack	Time: Wed Sep 23 06:43:44 2020 +0000 IP: 139.186.73.140 (CN/China/-) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Sep 23 06:36:42 3 sshd[1818]: Invalid user jim from 139.186.73.140 port 59012 Sep 23 06:36:44 3 sshd[1818]: Failed password for invalid user jim from 139.186.73.140 port 59012 ssh2 Sep 23 06:39:01 3 sshd[7424]: Invalid user dayz from 139.186.73.140 port 40230 Sep 23 06:39:03 3 sshd[7424]: Failed password for invalid user dayz from 139.186.73.140 port 40230 ssh2 Sep 23 06:43:39 3 sshd[18168]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.186.73.140 user=root	2020-09-23 15:34:56
36.80.137.114	attack	Listed on zen-spamhaus / proto=6 . srcport=60937 . dstport=445 . (3077)	2020-09-23 15:06:16
177.1.249.144	attack	Sep 22 08:10:22 sip sshd[14746]: Failed password for root from 177.1.249.144 port 45406 ssh2 Sep 22 19:00:50 sip sshd[26694]: Failed password for root from 177.1.249.144 port 56790 ssh2	2020-09-23 15:33:19
36.226.19.164	attackspambots	Sep 22 19:03:28 vps639187 sshd\[1125\]: Invalid user netman from 36.226.19.164 port 60137 Sep 22 19:03:29 vps639187 sshd\[1125\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.226.19.164 Sep 22 19:03:31 vps639187 sshd\[1125\]: Failed password for invalid user netman from 36.226.19.164 port 60137 ssh2 ...	2020-09-23 15:20:45
31.204.177.224	attack	Sep 22 17:01:54 ssh2 sshd[20590]: Invalid user pi from 31.204.177.224 port 48648 Sep 22 17:01:55 ssh2 sshd[20590]: Failed password for invalid user pi from 31.204.177.224 port 48648 ssh2 Sep 22 17:01:55 ssh2 sshd[20590]: Connection closed by invalid user pi 31.204.177.224 port 48648 [preauth] ...	2020-09-23 15:37:40
138.197.222.141	attackbotsspam	"fail2ban match"	2020-09-23 15:39:44

最近上报的IP列表

90.14.193.170	147.84.111.230	195.172.144.187	141.8.159.87
205.200.193.28	52.75.251.110	205.179.95.206	136.72.83.39
193.168.134.187	201.71.144.254	141.104.19.87	76.194.33.231
14.10.118.37	110.50.190.97	162.173.183.240	80.184.199.175
13.38.89.239	8.109.149.112	90.155.231.230	15.186.124.233