49.235.139.216

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Aug 21 03:35:27 mockhub sshd[650]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.139.216 Aug 21 03:35:29 mockhub sshd[650]: Failed password for invalid user jia from 49.235.139.216 port 51188 ssh2 ...	2020-08-21 18:38:24
attackbotsspam	Aug 16 17:26:33 sip sshd[4172]: Failed password for root from 49.235.139.216 port 58040 ssh2 Aug 16 17:36:35 sip sshd[6826]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.139.216 Aug 16 17:36:37 sip sshd[6826]: Failed password for invalid user test from 49.235.139.216 port 38910 ssh2	2020-08-17 01:23:46
attackbots	Aug 15 15:13:56 vps647732 sshd[22424]: Failed password for root from 49.235.139.216 port 36850 ssh2 ...	2020-08-15 21:50:17
attack	Aug 2 23:44:43 PorscheCustomer sshd[3474]: Failed password for root from 49.235.139.216 port 32942 ssh2 Aug 2 23:47:03 PorscheCustomer sshd[3583]: Failed password for root from 49.235.139.216 port 60008 ssh2 ...	2020-08-03 06:15:55
attackspambots	Jun 25 07:57:05 vpn01 sshd[11103]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.139.216 Jun 25 07:57:07 vpn01 sshd[11103]: Failed password for invalid user zookeeper from 49.235.139.216 port 51360 ssh2 ...	2020-06-25 14:13:15
attackbotsspam	fail2ban -- 49.235.139.216 ...	2020-06-16 08:25:29
attackspambots	Jun 15 08:39:00 h2646465 sshd[19030]: Invalid user isaque from 49.235.139.216 Jun 15 08:39:00 h2646465 sshd[19030]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.139.216 Jun 15 08:39:00 h2646465 sshd[19030]: Invalid user isaque from 49.235.139.216 Jun 15 08:39:02 h2646465 sshd[19030]: Failed password for invalid user isaque from 49.235.139.216 port 53310 ssh2 Jun 15 08:48:07 h2646465 sshd[19618]: Invalid user lynn from 49.235.139.216 Jun 15 08:48:07 h2646465 sshd[19618]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.139.216 Jun 15 08:48:07 h2646465 sshd[19618]: Invalid user lynn from 49.235.139.216 Jun 15 08:48:09 h2646465 sshd[19618]: Failed password for invalid user lynn from 49.235.139.216 port 46508 ssh2 Jun 15 08:50:16 h2646465 sshd[19789]: Invalid user admin from 49.235.139.216 ...	2020-06-15 17:23:28
attackbots	SSH Brute-Force Attack	2020-06-09 20:23:07
attack	May 31 20:33:03 hanapaa sshd\[14947\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.139.216 user=root May 31 20:33:06 hanapaa sshd\[14947\]: Failed password for root from 49.235.139.216 port 38818 ssh2 May 31 20:36:43 hanapaa sshd\[15260\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.139.216 user=root May 31 20:36:45 hanapaa sshd\[15260\]: Failed password for root from 49.235.139.216 port 49522 ssh2 May 31 20:40:27 hanapaa sshd\[15708\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.139.216 user=root	2020-06-01 17:34:21
attackbotsspam	May 31 08:20:22 vps333114 sshd[1320]: Failed password for root from 49.235.139.216 port 36406 ssh2 May 31 08:32:27 vps333114 sshd[1626]: Invalid user cl from 49.235.139.216 ...	2020-05-31 20:10:51
attackbots	2020-05-30T03:44:23.442220shield sshd\[6586\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.139.216 user=root 2020-05-30T03:44:25.932948shield sshd\[6586\]: Failed password for root from 49.235.139.216 port 36756 ssh2 2020-05-30T03:48:47.844350shield sshd\[7571\]: Invalid user minera from 49.235.139.216 port 58508 2020-05-30T03:48:47.848088shield sshd\[7571\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.139.216 2020-05-30T03:48:50.248384shield sshd\[7571\]: Failed password for invalid user minera from 49.235.139.216 port 58508 ssh2	2020-05-30 16:39:53
attackbots	Unauthorized access or intrusion attempt detected from Thor banned IP	2020-05-11 12:10:38
attack	2020-04-20T21:47:45.394500abusebot-3.cloudsearch.cf sshd[27183]: Invalid user ps from 49.235.139.216 port 56468 2020-04-20T21:47:45.406923abusebot-3.cloudsearch.cf sshd[27183]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.139.216 2020-04-20T21:47:45.394500abusebot-3.cloudsearch.cf sshd[27183]: Invalid user ps from 49.235.139.216 port 56468 2020-04-20T21:47:47.600531abusebot-3.cloudsearch.cf sshd[27183]: Failed password for invalid user ps from 49.235.139.216 port 56468 ssh2 2020-04-20T21:52:14.088880abusebot-3.cloudsearch.cf sshd[27456]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.139.216 user=root 2020-04-20T21:52:15.876281abusebot-3.cloudsearch.cf sshd[27456]: Failed password for root from 49.235.139.216 port 48508 ssh2 2020-04-20T21:55:31.695923abusebot-3.cloudsearch.cf sshd[27671]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.139.21 ...	2020-04-21 06:11:16
attack	Apr 9 12:27:31 gw1 sshd[8437]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.139.216 Apr 9 12:27:33 gw1 sshd[8437]: Failed password for invalid user postgres from 49.235.139.216 port 54050 ssh2 ...	2020-04-09 15:29:44
attackspambots	Mar 29 21:32:21 IngegnereFirenze sshd[9213]: Failed password for invalid user ljc from 49.235.139.216 port 40302 ssh2 ...	2020-03-30 07:12:53
attack	(sshd) Failed SSH login from 49.235.139.216 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Mar 18 05:19:31 srv sshd[22249]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.139.216 user=root Mar 18 05:19:33 srv sshd[22249]: Failed password for root from 49.235.139.216 port 35840 ssh2 Mar 18 05:45:07 srv sshd[22712]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.139.216 user=root Mar 18 05:45:09 srv sshd[22712]: Failed password for root from 49.235.139.216 port 37204 ssh2 Mar 18 05:49:48 srv sshd[22771]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.139.216 user=mysql	2020-03-18 17:10:36
attack	$f2bV_matches_ltvn	2020-03-14 04:34:24
attack	$f2bV_matches	2020-03-10 22:11:18
attack	Mar 9 06:19:49 server sshd\[15326\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.139.216 user=root Mar 9 06:19:52 server sshd\[15326\]: Failed password for root from 49.235.139.216 port 32770 ssh2 Mar 9 06:39:38 server sshd\[18972\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.139.216 user=nobody Mar 9 06:39:41 server sshd\[18972\]: Failed password for nobody from 49.235.139.216 port 39884 ssh2 Mar 9 06:47:37 server sshd\[20655\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.139.216 user=root ...	2020-03-09 16:56:40
attack	Mar 6 05:03:35 areeb-Workstation sshd[25999]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.139.216 Mar 6 05:03:37 areeb-Workstation sshd[25999]: Failed password for invalid user admin from 49.235.139.216 port 41794 ssh2 ...	2020-03-06 07:37:23
attack	Mar 2 05:58:24 serwer sshd\[15793\]: Invalid user qiuliuyang from 49.235.139.216 port 59806 Mar 2 05:58:24 serwer sshd\[15793\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.139.216 Mar 2 05:58:26 serwer sshd\[15793\]: Failed password for invalid user qiuliuyang from 49.235.139.216 port 59806 ssh2 ...	2020-03-02 13:31:05
attackspam	Automatic report - Banned IP Access	2020-02-15 10:49:15
attackbots	SSH Brute-Forcing (server2)	2020-01-26 22:44:54
attack	Too many connections or unauthorized access detected from Arctic banned ip	2020-01-23 18:13:34
attackbots	Invalid user tower from 49.235.139.216 port 45336	2020-01-19 07:04:37
attack	Unauthorized connection attempt detected from IP address 49.235.139.216 to port 2220 [J]	2020-01-06 08:42:53
attackspambots	no	2020-01-02 01:44:44
attack	Dec 28 08:38:47 sd-53420 sshd\[796\]: Invalid user natalie123456 from 49.235.139.216 Dec 28 08:38:47 sd-53420 sshd\[796\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.139.216 Dec 28 08:38:49 sd-53420 sshd\[796\]: Failed password for invalid user natalie123456 from 49.235.139.216 port 42936 ssh2 Dec 28 08:41:16 sd-53420 sshd\[1948\]: Invalid user jovany from 49.235.139.216 Dec 28 08:41:16 sd-53420 sshd\[1948\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.139.216 ...	2019-12-28 15:41:31
attackspambots	Automatic report - Banned IP Access	2019-12-27 16:02:36
attack	Dec 25 17:37:50 ns382633 sshd\[27655\]: Invalid user leinwetter from 49.235.139.216 port 37438 Dec 25 17:37:50 ns382633 sshd\[27655\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.139.216 Dec 25 17:37:51 ns382633 sshd\[27655\]: Failed password for invalid user leinwetter from 49.235.139.216 port 37438 ssh2 Dec 25 17:56:39 ns382633 sshd\[31015\]: Invalid user ve from 49.235.139.216 port 51124 Dec 25 17:56:39 ns382633 sshd\[31015\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.139.216	2019-12-26 01:30:20

相同子网IP讨论:

IP	类型	评论内容	时间
49.235.139.47	attackspam	Cowrie Honeypot: 10 unauthorised SSH/Telnet login attempts between 2020-07-30T18:40:45Z and 2020-07-30T19:30:10Z	2020-07-31 03:46:59
49.235.139.125	attackbots	Sep 28 18:14:03 srv00 sshd[3129]: fatal: Unable to negotiate whostnameh 49.235.139.125 port 60104: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth] Sep 28 18:15:41 srv00 sshd[3137]: fatal: Unable to negotiate whostnameh 49.235.139.125 port 45488: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth] Sep 28 18:16:38 srv00 sshd[3142]: fatal: Unable to negotiate whostnameh 49.235.139.125 port 59078: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth] Sep 28 18:17:45 srv00 sshd[3145]: fatal: Unable to negotiate whostnameh 49.235.139.125 port 44442: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-gro........ ------------------------------	2019-09-29 07:42:51

类型

评论内容

时间

49.235.139.47

attackspam

Cowrie Honeypot: 10 unauthorised SSH/Telnet login attempts between 2020-07-30T18:40:45Z and 2020-07-30T19:30:10Z

2020-07-31 03:46:59

49.235.139.125

attackbots

Sep 28 18:14:03 srv00 sshd[3129]: fatal: Unable to negotiate whostnameh 49.235.139.125 port 60104: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth]
Sep 28 18:15:41 srv00 sshd[3137]: fatal: Unable to negotiate whostnameh 49.235.139.125 port 45488: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth]
Sep 28 18:16:38 srv00 sshd[3142]: fatal: Unable to negotiate whostnameh 49.235.139.125 port 59078: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth]
Sep 28 18:17:45 srv00 sshd[3145]: fatal: Unable to negotiate whostnameh 49.235.139.125 port 44442: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-gro........
------------------------------

2019-09-29 07:42:51

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 49.235.139.216
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1934
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;49.235.139.216.			IN	A

;; AUTHORITY SECTION:
.			591	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019092301 1800 900 604800 86400

;; Query time: 255 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Sep 24 05:06:44 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 216.139.235.49.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 172.17.0.7, trying next server
Server:		172.17.0.8
Address:	172.17.0.8#53

** server can't find 216.139.235.49.in-addr.arpa: SERVFAIL

IP	类型	评论内容	时间
118.73.179.232	attackspambots	unauthorized connection attempt	2020-02-26 13:14:07
5.175.68.66	attack	unauthorized connection attempt	2020-02-26 13:53:27
114.32.87.89	attack	unauthorized connection attempt	2020-02-26 13:16:05
42.233.222.251	attackspambots	unauthorized connection attempt	2020-02-26 13:23:20
83.235.18.109	attack	unauthorized connection attempt	2020-02-26 13:49:33
77.45.122.162	attackspambots	unauthorized connection attempt	2020-02-26 13:21:07
114.33.87.229	attackspam	unauthorized connection attempt	2020-02-26 13:48:31
79.166.110.47	attackbots	unauthorized connection attempt	2020-02-26 13:19:47
110.92.215.50	attackbots	unauthorized connection attempt	2020-02-26 13:37:48
113.22.81.78	attack	unauthorized connection attempt	2020-02-26 13:29:46
58.186.182.106	attackspambots	unauthorized connection attempt	2020-02-26 13:32:12
187.226.247.34	attackspambots	unauthorized connection attempt	2020-02-26 13:44:45
118.70.184.47	attack	unauthorized connection attempt	2020-02-26 13:48:06
47.96.91.14	attack	unauthorized connection attempt	2020-02-26 13:22:59
37.146.69.218	attackspam	unauthorized connection attempt	2020-02-26 13:53:00

最近上报的IP列表

83.48.77.4	104.239.149.95	71.6.233.33	34.246.110.72
103.79.143.163	69.10.99.71	94.224.232.47	185.172.181.182
220.246.251.40	58.57.209.116	120.79.182.217	196.218.152.2
79.136.57.191	237.108.64.217	151.70.227.75	18.200.94.89
15.132.129.105	36.227.188.50	161.117.179.89	27.44.205.217