49.235.139.216

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Aug 21 03:35:27 mockhub sshd[650]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.139.216 Aug 21 03:35:29 mockhub sshd[650]: Failed password for invalid user jia from 49.235.139.216 port 51188 ssh2 ...	2020-08-21 18:38:24
attackbotsspam	Aug 16 17:26:33 sip sshd[4172]: Failed password for root from 49.235.139.216 port 58040 ssh2 Aug 16 17:36:35 sip sshd[6826]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.139.216 Aug 16 17:36:37 sip sshd[6826]: Failed password for invalid user test from 49.235.139.216 port 38910 ssh2	2020-08-17 01:23:46
attackbots	Aug 15 15:13:56 vps647732 sshd[22424]: Failed password for root from 49.235.139.216 port 36850 ssh2 ...	2020-08-15 21:50:17
attack	Aug 2 23:44:43 PorscheCustomer sshd[3474]: Failed password for root from 49.235.139.216 port 32942 ssh2 Aug 2 23:47:03 PorscheCustomer sshd[3583]: Failed password for root from 49.235.139.216 port 60008 ssh2 ...	2020-08-03 06:15:55
attackspambots	Jun 25 07:57:05 vpn01 sshd[11103]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.139.216 Jun 25 07:57:07 vpn01 sshd[11103]: Failed password for invalid user zookeeper from 49.235.139.216 port 51360 ssh2 ...	2020-06-25 14:13:15
attackbotsspam	fail2ban -- 49.235.139.216 ...	2020-06-16 08:25:29
attackspambots	Jun 15 08:39:00 h2646465 sshd[19030]: Invalid user isaque from 49.235.139.216 Jun 15 08:39:00 h2646465 sshd[19030]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.139.216 Jun 15 08:39:00 h2646465 sshd[19030]: Invalid user isaque from 49.235.139.216 Jun 15 08:39:02 h2646465 sshd[19030]: Failed password for invalid user isaque from 49.235.139.216 port 53310 ssh2 Jun 15 08:48:07 h2646465 sshd[19618]: Invalid user lynn from 49.235.139.216 Jun 15 08:48:07 h2646465 sshd[19618]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.139.216 Jun 15 08:48:07 h2646465 sshd[19618]: Invalid user lynn from 49.235.139.216 Jun 15 08:48:09 h2646465 sshd[19618]: Failed password for invalid user lynn from 49.235.139.216 port 46508 ssh2 Jun 15 08:50:16 h2646465 sshd[19789]: Invalid user admin from 49.235.139.216 ...	2020-06-15 17:23:28
attackbots	SSH Brute-Force Attack	2020-06-09 20:23:07
attack	May 31 20:33:03 hanapaa sshd\[14947\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.139.216 user=root May 31 20:33:06 hanapaa sshd\[14947\]: Failed password for root from 49.235.139.216 port 38818 ssh2 May 31 20:36:43 hanapaa sshd\[15260\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.139.216 user=root May 31 20:36:45 hanapaa sshd\[15260\]: Failed password for root from 49.235.139.216 port 49522 ssh2 May 31 20:40:27 hanapaa sshd\[15708\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.139.216 user=root	2020-06-01 17:34:21
attackbotsspam	May 31 08:20:22 vps333114 sshd[1320]: Failed password for root from 49.235.139.216 port 36406 ssh2 May 31 08:32:27 vps333114 sshd[1626]: Invalid user cl from 49.235.139.216 ...	2020-05-31 20:10:51
attackbots	2020-05-30T03:44:23.442220shield sshd\[6586\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.139.216 user=root 2020-05-30T03:44:25.932948shield sshd\[6586\]: Failed password for root from 49.235.139.216 port 36756 ssh2 2020-05-30T03:48:47.844350shield sshd\[7571\]: Invalid user minera from 49.235.139.216 port 58508 2020-05-30T03:48:47.848088shield sshd\[7571\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.139.216 2020-05-30T03:48:50.248384shield sshd\[7571\]: Failed password for invalid user minera from 49.235.139.216 port 58508 ssh2	2020-05-30 16:39:53
attackbots	Unauthorized access or intrusion attempt detected from Thor banned IP	2020-05-11 12:10:38
attack	2020-04-20T21:47:45.394500abusebot-3.cloudsearch.cf sshd[27183]: Invalid user ps from 49.235.139.216 port 56468 2020-04-20T21:47:45.406923abusebot-3.cloudsearch.cf sshd[27183]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.139.216 2020-04-20T21:47:45.394500abusebot-3.cloudsearch.cf sshd[27183]: Invalid user ps from 49.235.139.216 port 56468 2020-04-20T21:47:47.600531abusebot-3.cloudsearch.cf sshd[27183]: Failed password for invalid user ps from 49.235.139.216 port 56468 ssh2 2020-04-20T21:52:14.088880abusebot-3.cloudsearch.cf sshd[27456]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.139.216 user=root 2020-04-20T21:52:15.876281abusebot-3.cloudsearch.cf sshd[27456]: Failed password for root from 49.235.139.216 port 48508 ssh2 2020-04-20T21:55:31.695923abusebot-3.cloudsearch.cf sshd[27671]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.139.21 ...	2020-04-21 06:11:16
attack	Apr 9 12:27:31 gw1 sshd[8437]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.139.216 Apr 9 12:27:33 gw1 sshd[8437]: Failed password for invalid user postgres from 49.235.139.216 port 54050 ssh2 ...	2020-04-09 15:29:44
attackspambots	Mar 29 21:32:21 IngegnereFirenze sshd[9213]: Failed password for invalid user ljc from 49.235.139.216 port 40302 ssh2 ...	2020-03-30 07:12:53
attack	(sshd) Failed SSH login from 49.235.139.216 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Mar 18 05:19:31 srv sshd[22249]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.139.216 user=root Mar 18 05:19:33 srv sshd[22249]: Failed password for root from 49.235.139.216 port 35840 ssh2 Mar 18 05:45:07 srv sshd[22712]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.139.216 user=root Mar 18 05:45:09 srv sshd[22712]: Failed password for root from 49.235.139.216 port 37204 ssh2 Mar 18 05:49:48 srv sshd[22771]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.139.216 user=mysql	2020-03-18 17:10:36
attack	$f2bV_matches_ltvn	2020-03-14 04:34:24
attack	$f2bV_matches	2020-03-10 22:11:18
attack	Mar 9 06:19:49 server sshd\[15326\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.139.216 user=root Mar 9 06:19:52 server sshd\[15326\]: Failed password for root from 49.235.139.216 port 32770 ssh2 Mar 9 06:39:38 server sshd\[18972\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.139.216 user=nobody Mar 9 06:39:41 server sshd\[18972\]: Failed password for nobody from 49.235.139.216 port 39884 ssh2 Mar 9 06:47:37 server sshd\[20655\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.139.216 user=root ...	2020-03-09 16:56:40
attack	Mar 6 05:03:35 areeb-Workstation sshd[25999]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.139.216 Mar 6 05:03:37 areeb-Workstation sshd[25999]: Failed password for invalid user admin from 49.235.139.216 port 41794 ssh2 ...	2020-03-06 07:37:23
attack	Mar 2 05:58:24 serwer sshd\[15793\]: Invalid user qiuliuyang from 49.235.139.216 port 59806 Mar 2 05:58:24 serwer sshd\[15793\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.139.216 Mar 2 05:58:26 serwer sshd\[15793\]: Failed password for invalid user qiuliuyang from 49.235.139.216 port 59806 ssh2 ...	2020-03-02 13:31:05
attackspam	Automatic report - Banned IP Access	2020-02-15 10:49:15
attackbots	SSH Brute-Forcing (server2)	2020-01-26 22:44:54
attack	Too many connections or unauthorized access detected from Arctic banned ip	2020-01-23 18:13:34
attackbots	Invalid user tower from 49.235.139.216 port 45336	2020-01-19 07:04:37
attack	Unauthorized connection attempt detected from IP address 49.235.139.216 to port 2220 [J]	2020-01-06 08:42:53
attackspambots	no	2020-01-02 01:44:44
attack	Dec 28 08:38:47 sd-53420 sshd\[796\]: Invalid user natalie123456 from 49.235.139.216 Dec 28 08:38:47 sd-53420 sshd\[796\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.139.216 Dec 28 08:38:49 sd-53420 sshd\[796\]: Failed password for invalid user natalie123456 from 49.235.139.216 port 42936 ssh2 Dec 28 08:41:16 sd-53420 sshd\[1948\]: Invalid user jovany from 49.235.139.216 Dec 28 08:41:16 sd-53420 sshd\[1948\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.139.216 ...	2019-12-28 15:41:31
attackspambots	Automatic report - Banned IP Access	2019-12-27 16:02:36
attack	Dec 25 17:37:50 ns382633 sshd\[27655\]: Invalid user leinwetter from 49.235.139.216 port 37438 Dec 25 17:37:50 ns382633 sshd\[27655\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.139.216 Dec 25 17:37:51 ns382633 sshd\[27655\]: Failed password for invalid user leinwetter from 49.235.139.216 port 37438 ssh2 Dec 25 17:56:39 ns382633 sshd\[31015\]: Invalid user ve from 49.235.139.216 port 51124 Dec 25 17:56:39 ns382633 sshd\[31015\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.139.216	2019-12-26 01:30:20

相同子网IP讨论:

IP	类型	评论内容	时间
49.235.139.47	attackspam	Cowrie Honeypot: 10 unauthorised SSH/Telnet login attempts between 2020-07-30T18:40:45Z and 2020-07-30T19:30:10Z	2020-07-31 03:46:59
49.235.139.125	attackbots	Sep 28 18:14:03 srv00 sshd[3129]: fatal: Unable to negotiate whostnameh 49.235.139.125 port 60104: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth] Sep 28 18:15:41 srv00 sshd[3137]: fatal: Unable to negotiate whostnameh 49.235.139.125 port 45488: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth] Sep 28 18:16:38 srv00 sshd[3142]: fatal: Unable to negotiate whostnameh 49.235.139.125 port 59078: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth] Sep 28 18:17:45 srv00 sshd[3145]: fatal: Unable to negotiate whostnameh 49.235.139.125 port 44442: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-gro........ ------------------------------	2019-09-29 07:42:51

类型

评论内容

时间

49.235.139.47

attackspam

Cowrie Honeypot: 10 unauthorised SSH/Telnet login attempts between 2020-07-30T18:40:45Z and 2020-07-30T19:30:10Z

2020-07-31 03:46:59

49.235.139.125

attackbots

Sep 28 18:14:03 srv00 sshd[3129]: fatal: Unable to negotiate whostnameh 49.235.139.125 port 60104: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth]
Sep 28 18:15:41 srv00 sshd[3137]: fatal: Unable to negotiate whostnameh 49.235.139.125 port 45488: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth]
Sep 28 18:16:38 srv00 sshd[3142]: fatal: Unable to negotiate whostnameh 49.235.139.125 port 59078: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth]
Sep 28 18:17:45 srv00 sshd[3145]: fatal: Unable to negotiate whostnameh 49.235.139.125 port 44442: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-gro........
------------------------------

2019-09-29 07:42:51

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 49.235.139.216
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1934
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;49.235.139.216.			IN	A

;; AUTHORITY SECTION:
.			591	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019092301 1800 900 604800 86400

;; Query time: 255 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Sep 24 05:06:44 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 216.139.235.49.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 172.17.0.7, trying next server
Server:		172.17.0.8
Address:	172.17.0.8#53

** server can't find 216.139.235.49.in-addr.arpa: SERVFAIL

IP	类型	评论内容	时间
185.180.143.97	botsattackproxy	Botnet DB Scanner	2024-06-12 12:46:16
71.6.232.22	botsattack	Bot attacker IP	2024-05-28 13:05:11
172.20.20.20	attack	Bitches	2024-05-27 11:18:56
24.144.120.55	attack	Malicious IP	2024-06-07 22:39:02
165.227.62.204	botsattackproxy	Bot attacker IP	2024-05-30 13:01:13
46.166.63.121	attack	Bad IP: PHP Forum Spammer	2024-06-06 17:10:00
109.234.28.16	attackproxy	Fraud connect/scan	2024-06-16 20:24:52
106.75.31.125	botsattackproxy	SSH bot	2024-06-18 21:44:49
91.109.206.20	attack	Fraud connect	2024-06-06 17:16:38
86.106.74.121	spamattack	Brute-force attacker IP	2024-06-05 12:48:30
217.138.192.219	spamattack	Bad IP: Forum Spammer	2024-06-05 12:45:36
193.233.15.99	attack	Vulnerability Scanner/ NTP DDoS Inbound	2024-06-04 12:45:22
46.101.92.185	attack	Fraud connect	2024-06-17 12:46:45
217.138.192.218	attackproxy	Brute-force attacker IP	2024-06-05 12:51:26
43.153.21.216	attack	Bad IP	2024-06-07 22:43:36

最近上报的IP列表

83.48.77.4	104.239.149.95	71.6.233.33	34.246.110.72
103.79.143.163	69.10.99.71	94.224.232.47	185.172.181.182
220.246.251.40	58.57.209.116	120.79.182.217	196.218.152.2
79.136.57.191	237.108.64.217	151.70.227.75	18.200.94.89
15.132.129.105	36.227.188.50	161.117.179.89	27.44.205.217