116.255.193.49

Basic Info

City: unknown

Region: Beijing

Country: China

Internet Service Provider: Zhengzhou Gainet Computer Network Technology Co. Ltd.

Hostname: unknown

Organization: CHINA UNICOM China169 Backbone

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Automatic report generated by Wazuh	2019-06-30 01:50:57

Comments on same subnet:

IP	Type	Details	Datetime
116.255.193.51	attack	unauthorized connection attempt	2020-01-09 20:12:11
116.255.193.51	attack	Unauthorized connection attempt detected from IP address 116.255.193.51 to port 1433	2019-12-31 09:20:03
116.255.193.132	attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-09-10 08:08:39
116.255.193.83	attack	Brute-force attack to non-existent web resources	2019-07-08 03:43:49
116.255.193.132	attack	[portscan] tcp/22 [SSH] *(RWIN=65535)(06271037)	2019-06-27 16:15:20

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 116.255.193.49
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 49349
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;116.255.193.49.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019062901 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Jun 30 01:50:44 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 49.193.255.116.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
*** Can't find 49.193.255.116.in-addr.arpa.: No answer

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
124.156.245.249	attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2019-11-21 23:54:26
89.248.174.215	attackspambots	89.248.174.215 was recorded 27 times by 13 hosts attempting to connect to the following ports: 8089. Incident counter (4h, 24h, all-time): 27, 107, 4607	2019-11-21 23:38:04
157.230.242.122	attackbots	/wp-login.php /wp-admin.php As always with digital ocean	2019-11-22 00:11:31
122.5.46.22	attack	Nov 21 15:12:57 localhost sshd\[34350\]: Invalid user tender from 122.5.46.22 port 42022 Nov 21 15:12:57 localhost sshd\[34350\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.5.46.22 Nov 21 15:12:59 localhost sshd\[34350\]: Failed password for invalid user tender from 122.5.46.22 port 42022 ssh2 Nov 21 15:16:21 localhost sshd\[34422\]: Invalid user pierotti from 122.5.46.22 port 60730 Nov 21 15:16:21 localhost sshd\[34422\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.5.46.22 ...	2019-11-21 23:40:12
51.144.160.217	attack	Port Scan detected from 51.144.160.217 (NL/Netherlands/-). 4 hits in the last 60 seconds	2019-11-22 00:09:32
182.254.135.14	attackspam	Nov 21 16:30:27 ns41 sshd[28003]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.254.135.14 Nov 21 16:30:27 ns41 sshd[28003]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.254.135.14	2019-11-21 23:34:59
104.248.126.170	attack	Nov 21 16:30:04 lnxded63 sshd[1448]: Failed password for root from 104.248.126.170 port 33298 ssh2 Nov 21 16:30:04 lnxded63 sshd[1448]: Failed password for root from 104.248.126.170 port 33298 ssh2	2019-11-21 23:31:27
222.186.180.41	attackbotsspam	Nov 21 17:04:31 dev0-dcde-rnet sshd[17387]: Failed password for root from 222.186.180.41 port 34934 ssh2 Nov 21 17:04:44 dev0-dcde-rnet sshd[17387]: error: maximum authentication attempts exceeded for root from 222.186.180.41 port 34934 ssh2 [preauth] Nov 21 17:04:51 dev0-dcde-rnet sshd[17389]: Failed password for root from 222.186.180.41 port 22020 ssh2	2019-11-22 00:08:19
201.205.137.173	attackbots	Nov 20 20:26:41 server2 sshd[5624]: Address 201.205.137.173 maps to mail.gruposervica.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Nov 20 20:26:41 server2 sshd[5624]: Invalid user watcher from 201.205.137.173 Nov 20 20:26:41 server2 sshd[5624]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.205.137.173 Nov 20 20:26:43 server2 sshd[5624]: Failed password for invalid user watcher from 201.205.137.173 port 53552 ssh2 Nov 20 20:26:43 server2 sshd[5624]: Received disconnect from 201.205.137.173: 11: Bye Bye [preauth] Nov 20 20:39:03 server2 sshd[6628]: Address 201.205.137.173 maps to mail.gruposervica.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Nov 20 20:39:03 server2 sshd[6628]: Invalid user test from 201.205.137.173 Nov 20 20:39:03 server2 sshd[6628]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.205.137.173 ........ ----------------------------------------	2019-11-22 00:12:03
185.209.0.31	attackbotsspam	185.209.0.31 was recorded 5 times by 2 hosts attempting to connect to the following ports: 5306,5305,5303,5308. Incident counter (4h, 24h, all-time): 5, 25, 260	2019-11-21 23:34:30
124.156.63.192	attackbots	MultiHost/MultiPort Probe, Scan, Hack -	2019-11-21 23:36:29
206.189.123.144	attackbots	Nov 21 16:36:45 sd-53420 sshd\[5977\]: Invalid user ts3bot from 206.189.123.144 Nov 21 16:36:45 sd-53420 sshd\[5977\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.123.144 Nov 21 16:36:47 sd-53420 sshd\[5977\]: Failed password for invalid user ts3bot from 206.189.123.144 port 44512 ssh2 Nov 21 16:37:01 sd-53420 sshd\[6053\]: Invalid user ts3bot from 206.189.123.144 Nov 21 16:37:01 sd-53420 sshd\[6053\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.123.144 ...	2019-11-21 23:58:58
124.156.50.118	attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-11-21 23:51:17
49.88.112.73	attackbots	Nov 21 15:43:48 pi sshd\[21927\]: Failed password for root from 49.88.112.73 port 62363 ssh2 Nov 21 15:45:11 pi sshd\[21949\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.73 user=root Nov 21 15:45:13 pi sshd\[21949\]: Failed password for root from 49.88.112.73 port 46306 ssh2 Nov 21 15:45:15 pi sshd\[21949\]: Failed password for root from 49.88.112.73 port 46306 ssh2 Nov 21 15:45:18 pi sshd\[21949\]: Failed password for root from 49.88.112.73 port 46306 ssh2 ...	2019-11-22 00:17:54
128.14.209.250	attackbotsspam	8081/tcp 8443/tcp 8080/tcp... [2019-10-09/11-21]5pkt,4pt.(tcp)	2019-11-21 23:43:56

Recently Reported IPs

98.196.53.164	45.21.236.230	41.63.85.202	115.72.172.146
118.61.9.160	134.73.161.3	51.140.235.116	132.145.213.87
199.27.180.200	221.81.139.53	110.130.72.220	54.39.173.190
151.166.148.182	202.162.204.90	184.145.168.25	183.236.34.133
183.236.34.130	139.93.32.166	104.140.188.6	183.236.34.140