49.235.199.42 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Found on CINS badguys / proto=6 . srcport=49960 . dstport=17572 . (3772)	2020-09-30 04:32:39
attack	17572/tcp 30386/tcp 19616/tcp... [2020-07-31/09-29]22pkt,22pt.(tcp)	2020-09-29 20:41:12
attackspam	Sep 29 04:15:55 ift sshd\[15775\]: Invalid user smece from 49.235.199.42Sep 29 04:15:57 ift sshd\[15775\]: Failed password for invalid user smece from 49.235.199.42 port 58594 ssh2Sep 29 04:19:18 ift sshd\[16076\]: Invalid user smece from 49.235.199.42Sep 29 04:19:20 ift sshd\[16076\]: Failed password for invalid user smece from 49.235.199.42 port 52888 ssh2Sep 29 04:22:22 ift sshd\[16632\]: Invalid user chad from 49.235.199.42 ...	2020-09-29 12:50:07
attack	2020-08-20T14:29:11.943460linuxbox-skyline sshd[21732]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.199.42 user=root 2020-08-20T14:29:14.241074linuxbox-skyline sshd[21732]: Failed password for root from 49.235.199.42 port 49690 ssh2 ...	2020-08-21 04:52:03
attackspam	Aug 10 09:18:05 pve1 sshd[23092]: Failed password for root from 49.235.199.42 port 51228 ssh2 ...	2020-08-10 16:17:45
attackbotsspam	Failed password for invalid user beauty from 49.235.199.42 port 36190 ssh2	2020-07-27 15:06:55
attackspam	Jun 16 10:31:33 ny01 sshd[27440]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.199.42 Jun 16 10:31:35 ny01 sshd[27440]: Failed password for invalid user roger from 49.235.199.42 port 37938 ssh2 Jun 16 10:35:04 ny01 sshd[27897]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.199.42	2020-06-17 01:51:15
attack	Jun 11 14:36:03 server sshd[21619]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.199.42 Jun 11 14:36:04 server sshd[21619]: Failed password for invalid user git from 49.235.199.42 port 48316 ssh2 Jun 11 14:38:29 server sshd[21740]: Failed password for root from 49.235.199.42 port 42258 ssh2 ...	2020-06-12 01:59:49

相同子网IP讨论:

IP	类型	评论内容	时间
49.235.199.253	attackbotsspam	Mar 17 14:15:10 ny01 sshd[3731]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.199.253 Mar 17 14:15:12 ny01 sshd[3731]: Failed password for invalid user nsroot from 49.235.199.253 port 35234 ssh2 Mar 17 14:20:46 ny01 sshd[6039]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.199.253	2020-03-18 04:04:00
49.235.199.253	attackbotsspam	Mar 12 22:10:28 vps647732 sshd[30991]: Failed password for root from 49.235.199.253 port 42074 ssh2 ...	2020-03-13 05:13:22
49.235.199.253	attack	Invalid user oracle from 49.235.199.253 port 52362	2020-02-15 05:12:05
49.235.199.253	attackbots	2020-02-06T14:42:00.1548651495-001 sshd[60737]: Invalid user nhc from 49.235.199.253 port 49910 2020-02-06T14:42:00.1584221495-001 sshd[60737]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.199.253 2020-02-06T14:42:00.1548651495-001 sshd[60737]: Invalid user nhc from 49.235.199.253 port 49910 2020-02-06T14:42:02.6298671495-001 sshd[60737]: Failed password for invalid user nhc from 49.235.199.253 port 49910 ssh2 2020-02-06T14:43:18.9907011495-001 sshd[60786]: Invalid user xpn from 49.235.199.253 port 60858 2020-02-06T14:43:19.0005691495-001 sshd[60786]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.199.253 2020-02-06T14:43:18.9907011495-001 sshd[60786]: Invalid user xpn from 49.235.199.253 port 60858 2020-02-06T14:43:20.8453871495-001 sshd[60786]: Failed password for invalid user xpn from 49.235.199.253 port 60858 ssh2 2020-02-06T14:44:37.2544021495-001 sshd[60855]: Invalid user prt from 49 ...	2020-02-07 04:02:06
49.235.199.253	attackbotsspam	Unauthorized connection attempt detected from IP address 49.235.199.253 to port 2220 [J]	2020-02-02 09:48:09
49.235.199.178	attack	Unauthorized connection attempt detected from IP address 49.235.199.178 to port 2220 [J]	2020-01-22 13:54:39

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 49.235.199.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 22763
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;49.235.199.42.			IN	A

;; AUTHORITY SECTION:
.			470	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020061100 1800 900 604800 86400

;; Query time: 116 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jun 12 01:59:41 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 42.199.235.49.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 100.100.2.138, trying next server
;; Got SERVFAIL reply from 100.100.2.138, trying next server
Server:		100.100.2.136
Address:	100.100.2.136#53

** server can't find 42.199.235.49.in-addr.arpa: SERVFAIL

IP	类型	评论内容	时间
162.243.94.34	attackspam	SSH-BRUTEFORCE	2019-06-24 06:49:34
77.243.23.32	attack	Hit on /wp-login.php	2019-06-24 06:51:55
177.154.234.48	attack	failed_logins	2019-06-24 06:29:18
120.29.156.251	attackspam	23.06.2019 20:05:54 SSH access blocked by firewall	2019-06-24 06:52:29
51.254.220.20	attackbotsspam	Invalid user test from 51.254.220.20 port 48971	2019-06-24 06:58:59
200.33.90.87	attack	SMTP-sasl brute force ...	2019-06-24 06:26:45
131.108.191.155	attackspam	Jun 23 16:06:18 web1 postfix/smtpd[18731]: warning: unknown[131.108.191.155]: SASL PLAIN authentication failed: authentication failure ...	2019-06-24 06:37:08
191.53.194.97	attack	SMTP-sasl brute force ...	2019-06-24 06:40:05
116.7.232.146	attackbots	Unauthorized connection attempt from IP address 116.7.232.146 on Port 445(SMB)	2019-06-24 06:46:33
27.78.158.126	attackbots	Unauthorized connection attempt from IP address 27.78.158.126 on Port 445(SMB)	2019-06-24 06:48:07
100.1.200.75	attackspambots	IMAP/SMTP Authentication Failure	2019-06-24 06:19:50
103.253.132.38	attackbotsspam	2019-06-23 21:43:00 H=(localhost) [103.253.132.38] F=: Unrouteable address ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=103.253.132.38	2019-06-24 06:22:19
178.159.7.11	attackbotsspam	Jun 24 00:10:28 mail postfix/smtpd\[31537\]: warning: unknown\[178.159.7.11\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 24 00:11:34 mail postfix/smtpd\[32499\]: warning: unknown\[178.159.7.11\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 24 00:12:40 mail postfix/smtpd\[32499\]: warning: unknown\[178.159.7.11\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2019-06-24 06:21:51
185.220.101.58	attackspam	Jun 23 21:39:09 cvbmail sshd\[18262\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.220.101.58 user=root Jun 23 21:39:11 cvbmail sshd\[18262\]: Failed password for root from 185.220.101.58 port 37911 ssh2 Jun 23 22:05:11 cvbmail sshd\[18771\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.220.101.58 user=root	2019-06-24 07:02:09
150.95.66.109	attackspam	Jun 23 22:06:44 www sshd\[26686\]: Invalid user ts from 150.95.66.109 port 55632 ...	2019-06-24 06:27:53

最近上报的IP列表

129.41.55.4	167.174.231.68	107.203.79.33	182.127.126.237
121.83.26.167	173.249.46.169	77.42.91.47	49.83.230.220
217.16.234.235	193.118.53.138	91.76.81.178	192.35.168.247
220.133.21.182	185.156.73.91	202.165.235.214	198.55.103.70
213.195.124.127	141.98.10.162	146.148.72.138	125.214.59.248