49.235.49.150 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	$f2bV_matches	2020-07-26 12:59:04
attack	Jun 22 21:49:56 server1 sshd\[14056\]: Invalid user youtrack from 49.235.49.150 Jun 22 21:49:56 server1 sshd\[14056\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.49.150 Jun 22 21:49:58 server1 sshd\[14056\]: Failed password for invalid user youtrack from 49.235.49.150 port 55130 ssh2 Jun 22 21:58:06 server1 sshd\[19980\]: Invalid user hec from 49.235.49.150 Jun 22 21:58:06 server1 sshd\[19980\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.49.150 ...	2020-06-23 12:13:56
attackspam	SSH authentication failure x 6 reported by Fail2Ban ...	2020-06-17 16:18:47
attackbots	$f2bV_matches	2020-05-27 19:18:02
attackbotsspam	May 24 23:47:35 ny01 sshd[10182]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.49.150 May 24 23:47:37 ny01 sshd[10182]: Failed password for invalid user web from 49.235.49.150 port 41300 ssh2 May 24 23:52:11 ny01 sshd[10752]: Failed password for root from 49.235.49.150 port 37736 ssh2	2020-05-25 15:13:43
attack	2020-05-16T12:04:42.809814shield sshd\[32398\]: Invalid user cod from 49.235.49.150 port 35634 2020-05-16T12:04:42.818703shield sshd\[32398\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.49.150 2020-05-16T12:04:44.723579shield sshd\[32398\]: Failed password for invalid user cod from 49.235.49.150 port 35634 ssh2 2020-05-16T12:10:18.615867shield sshd\[1181\]: Invalid user sftp from 49.235.49.150 port 40782 2020-05-16T12:10:18.624923shield sshd\[1181\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.49.150	2020-05-17 02:22:14
attackbots	May 12 16:22:09 localhost sshd[760099]: Invalid user fluentd from 49.235.49.150 port 39388 ...	2020-05-12 14:31:43
attack	2020-05-08T04:08:51.997011shield sshd\[10893\]: Invalid user adp from 49.235.49.150 port 45668 2020-05-08T04:08:52.000479shield sshd\[10893\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.49.150 2020-05-08T04:08:54.623321shield sshd\[10893\]: Failed password for invalid user adp from 49.235.49.150 port 45668 ssh2 2020-05-08T04:14:12.022521shield sshd\[12663\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.49.150 user=root 2020-05-08T04:14:13.712050shield sshd\[12663\]: Failed password for root from 49.235.49.150 port 46734 ssh2	2020-05-08 12:43:00
attack	May 6 06:54:58 meumeu sshd[26794]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.49.150 May 6 06:55:00 meumeu sshd[26794]: Failed password for invalid user liumin from 49.235.49.150 port 58194 ssh2 May 6 06:59:49 meumeu sshd[27512]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.49.150 ...	2020-05-06 13:08:59
attackspambots	Mar 29 15:21:18 markkoudstaal sshd[10900]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.49.150 Mar 29 15:21:20 markkoudstaal sshd[10900]: Failed password for invalid user vde from 49.235.49.150 port 39458 ssh2 Mar 29 15:26:31 markkoudstaal sshd[11563]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.49.150	2020-03-29 21:33:00
attackspam	IP blocked	2020-03-26 23:50:51
attackbotsspam	Mar 21 23:51:26 ns382633 sshd\[3941\]: Invalid user tv from 49.235.49.150 port 46992 Mar 21 23:51:26 ns382633 sshd\[3941\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.49.150 Mar 21 23:51:28 ns382633 sshd\[3941\]: Failed password for invalid user tv from 49.235.49.150 port 46992 ssh2 Mar 22 00:01:29 ns382633 sshd\[5960\]: Invalid user portal from 49.235.49.150 port 59230 Mar 22 00:01:29 ns382633 sshd\[5960\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.49.150	2020-03-22 08:51:54
attackspambots	Mar 19 14:51:15 server1 sshd\[1985\]: Invalid user freeswitch from 49.235.49.150 Mar 19 14:51:15 server1 sshd\[1985\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.49.150 Mar 19 14:51:17 server1 sshd\[1985\]: Failed password for invalid user freeswitch from 49.235.49.150 port 54814 ssh2 Mar 19 14:55:50 server1 sshd\[3286\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.49.150 user=root Mar 19 14:55:51 server1 sshd\[3286\]: Failed password for root from 49.235.49.150 port 44234 ssh2 ...	2020-03-20 05:39:19
attackspambots	Mar 10 20:16:57 vpn01 sshd[30786]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.49.150 Mar 10 20:16:59 vpn01 sshd[30786]: Failed password for invalid user david from 49.235.49.150 port 42078 ssh2 ...	2020-03-11 03:21:15
attackspam	Feb 19 05:32:03 kapalua sshd\[17386\]: Invalid user test_dw from 49.235.49.150 Feb 19 05:32:03 kapalua sshd\[17386\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.49.150 Feb 19 05:32:06 kapalua sshd\[17386\]: Failed password for invalid user test_dw from 49.235.49.150 port 41346 ssh2 Feb 19 05:35:02 kapalua sshd\[17589\]: Invalid user minecraft from 49.235.49.150 Feb 19 05:35:02 kapalua sshd\[17589\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.49.150	2020-02-20 00:31:38
attackspam	SSH Brute-Force reported by Fail2Ban	2020-02-09 22:55:58
attack	Jan 14 01:17:00 ny01 sshd[4591]: Failed password for root from 49.235.49.150 port 51162 ssh2 Jan 14 01:23:12 ny01 sshd[5215]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.49.150 Jan 14 01:23:14 ny01 sshd[5215]: Failed password for invalid user santhosh from 49.235.49.150 port 35516 ssh2	2020-01-14 18:11:11
attackbotsspam	Unauthorized connection attempt detected from IP address 49.235.49.150 to port 2220 [J]	2020-01-14 01:09:57
attackbots	Invalid user love4u from 49.235.49.150 port 44296	2019-12-27 07:25:18
attackbotsspam	Dec 19 15:57:28 legacy sshd[15429]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.49.150 Dec 19 15:57:30 legacy sshd[15429]: Failed password for invalid user Play@123 from 49.235.49.150 port 37496 ssh2 Dec 19 16:05:57 legacy sshd[15761]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.49.150 ...	2019-12-19 23:06:03
attackbots	Dec 7 08:48:21 ns382633 sshd\[21312\]: Invalid user rpm from 49.235.49.150 port 43116 Dec 7 08:48:21 ns382633 sshd\[21312\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.49.150 Dec 7 08:48:23 ns382633 sshd\[21312\]: Failed password for invalid user rpm from 49.235.49.150 port 43116 ssh2 Dec 7 09:09:54 ns382633 sshd\[24662\]: Invalid user resto from 49.235.49.150 port 53952 Dec 7 09:09:54 ns382633 sshd\[24662\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.49.150	2019-12-07 19:40:16
attackbots	2019-12-05T08:03:27.310245abusebot.cloudsearch.cf sshd\[15166\]: Invalid user sanmiguel from 49.235.49.150 port 59990	2019-12-05 20:53:01
attackspam	Dec 3 15:10:54 master sshd[9410]: Failed password for invalid user minnette from 49.235.49.150 port 48858 ssh2 Dec 3 15:24:54 master sshd[9432]: Failed password for root from 49.235.49.150 port 35022 ssh2 Dec 3 15:34:31 master sshd[9764]: Failed password for invalid user hanapino from 49.235.49.150 port 36082 ssh2 Dec 3 15:44:38 master sshd[9771]: Failed password for invalid user kazuhide from 49.235.49.150 port 37062 ssh2 Dec 3 15:53:53 master sshd[9788]: Failed password for www-data from 49.235.49.150 port 38072 ssh2 Dec 3 16:03:23 master sshd[10125]: Failed password for invalid user vangestad from 49.235.49.150 port 39160 ssh2 Dec 3 16:13:12 master sshd[10137]: Failed password for invalid user host from 49.235.49.150 port 40026 ssh2 Dec 3 16:22:35 master sshd[10163]: Failed password for invalid user kristel from 49.235.49.150 port 40854 ssh2	2019-12-04 05:06:02
attackbotsspam	Dec 3 11:27:32 hosting sshd[5948]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.49.150 user=root Dec 3 11:27:33 hosting sshd[5948]: Failed password for root from 49.235.49.150 port 43950 ssh2 ...	2019-12-03 19:00:50
attackbots	Repeated brute force against a port	2019-11-21 05:54:53
attackbots	Nov 12 06:49:39 dedicated sshd[17643]: Invalid user franki from 49.235.49.150 port 39422	2019-11-12 14:07:49
attackbotsspam	Oct 27 06:45:49 plusreed sshd[3768]: Invalid user teamspeak from 49.235.49.150 ...	2019-10-27 19:37:16

相同子网IP讨论:

IP	类型	评论内容	时间
49.235.49.236	attack	2020-06-07T08:13:56.743235mail.standpoint.com.ua sshd[22119]: Failed password for root from 49.235.49.236 port 60790 ssh2 2020-06-07T08:15:19.636837mail.standpoint.com.ua sshd[22296]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.49.236 user=root 2020-06-07T08:15:22.197633mail.standpoint.com.ua sshd[22296]: Failed password for root from 49.235.49.236 port 46420 ssh2 2020-06-07T08:16:35.067666mail.standpoint.com.ua sshd[22442]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.49.236 user=root 2020-06-07T08:16:37.061637mail.standpoint.com.ua sshd[22442]: Failed password for root from 49.235.49.236 port 60280 ssh2 ...	2020-06-07 13:53:30
49.235.49.39	attackspambots	May 26 19:22:54 plex sshd[23929]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.49.39 user=root May 26 19:22:56 plex sshd[23929]: Failed password for root from 49.235.49.39 port 46142 ssh2	2020-05-27 03:10:54
49.235.49.39	attackspam	(sshd) Failed SSH login from 49.235.49.39 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: May 25 17:13:46 amsweb01 sshd[11889]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.49.39 user=root May 25 17:13:48 amsweb01 sshd[11889]: Failed password for root from 49.235.49.39 port 52404 ssh2 May 25 17:18:44 amsweb01 sshd[12593]: Invalid user hargreaves from 49.235.49.39 port 40010 May 25 17:18:45 amsweb01 sshd[12593]: Failed password for invalid user hargreaves from 49.235.49.39 port 40010 ssh2 May 25 17:22:33 amsweb01 sshd[12986]: Invalid user sick from 49.235.49.39 port 48434	2020-05-25 23:32:11
49.235.49.39	attackspam	May 21 22:50:44 legacy sshd[22869]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.49.39 May 21 22:50:46 legacy sshd[22869]: Failed password for invalid user byc from 49.235.49.39 port 44294 ssh2 May 21 22:52:48 legacy sshd[22963]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.49.39 ...	2020-05-22 05:01:25
49.235.49.39	attackspam	2020-05-02 20:42:01 server sshd[72867]: Failed password for invalid user sergio from 49.235.49.39 port 51658 ssh2	2020-05-04 02:34:01
49.235.49.39	attackbots	2020-04-29T20:10:06.237644shield sshd\[29514\]: Invalid user meet from 49.235.49.39 port 57010 2020-04-29T20:10:06.241551shield sshd\[29514\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.49.39 2020-04-29T20:10:08.365669shield sshd\[29514\]: Failed password for invalid user meet from 49.235.49.39 port 57010 ssh2 2020-04-29T20:15:44.156074shield sshd\[30544\]: Invalid user fork from 49.235.49.39 port 33736 2020-04-29T20:15:44.159653shield sshd\[30544\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.49.39	2020-04-30 04:35:51
49.235.49.39	attackbotsspam	Mar 11 09:08:20 ns sshd[10748]: Connection from 49.235.49.39 port 54876 on 134.119.36.27 port 22 Mar 11 09:08:23 ns sshd[10748]: Invalid user rstudio-server from 49.235.49.39 port 54876 Mar 11 09:08:23 ns sshd[10748]: Failed password for invalid user rstudio-server from 49.235.49.39 port 54876 ssh2 Mar 11 09:08:24 ns sshd[10748]: Received disconnect from 49.235.49.39 port 54876:11: Bye Bye [preauth] Mar 11 09:08:24 ns sshd[10748]: Disconnected from 49.235.49.39 port 54876 [preauth] Mar 11 09:12:11 ns sshd[12058]: Connection from 49.235.49.39 port 35058 on 134.119.36.27 port 22 Mar 11 09:12:13 ns sshd[12058]: User r.r from 49.235.49.39 not allowed because not listed in AllowUsers Mar 11 09:12:13 ns sshd[12058]: Failed password for invalid user r.r from 49.235.49.39 port 35058 ssh2 Mar 11 09:12:13 ns sshd[12058]: Received disconnect from 49.235.49.39 port 35058:11: Bye Bye [preauth] Mar 11 09:12:13 ns sshd[12058]: Disconnected from 49.235.49.39 port 35058 [preauth] Mar 11........ -------------------------------	2020-03-13 08:50:11

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 49.235.49.150
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 39296
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;49.235.49.150.			IN	A

;; AUTHORITY SECTION:
.			349	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019102700 1800 900 604800 86400

;; Query time: 91 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Oct 27 19:37:12 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

150.49.235.49.in-addr.arpa has no PTR record

NSLOOKUP信息:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 150.49.235.49.in-addr.arpa: SERVFAIL

IP	类型	评论内容	时间
84.91.128.47	attackbots	Invalid user speitel from 84.91.128.47 port 42512	2019-12-01 08:05:22
200.98.128.186	attackspambots	firewall-block, port(s): 445/tcp	2019-12-01 07:53:10
77.247.108.119	attackspambots	firewall-block, port(s): 1388/tcp	2019-12-01 08:14:02
61.177.172.128	attackspambots	SSH Brute Force, server-1 sshd[6083]: Failed password for root from 61.177.172.128 port 16700 ssh2	2019-12-01 08:28:47
49.50.87.77	attack	Aug 23 09:55:50 meumeu sshd[10011]: Failed password for invalid user dwsadm from 49.50.87.77 port 39031 ssh2 Aug 23 10:00:41 meumeu sshd[10888]: Failed password for invalid user sshdu from 49.50.87.77 port 47484 ssh2 ...	2019-12-01 07:57:03
61.133.133.207	attackbotsspam	Nov 16 18:03:35 meumeu sshd[14633]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.133.133.207 Nov 16 18:03:37 meumeu sshd[14633]: Failed password for invalid user dbus from 61.133.133.207 port 34905 ssh2 Nov 16 18:08:57 meumeu sshd[15333]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.133.133.207 ...	2019-12-01 08:29:03
62.234.91.204	attack	Nov 28 19:14:56 sip sshd[10930]: Failed password for root from 62.234.91.204 port 51096 ssh2 Nov 28 19:34:20 sip sshd[14496]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.91.204 Nov 28 19:34:22 sip sshd[14496]: Failed password for invalid user stong from 62.234.91.204 port 53174 ssh2	2019-12-01 08:25:49
213.182.101.187	attackspam	Nov 30 23:40:00 host sshd[39874]: Invalid user mosetta from 213.182.101.187 port 41948 ...	2019-12-01 08:01:31
190.175.39.99	attackspambots	firewall-block, port(s): 23/tcp	2019-12-01 07:53:29
198.108.67.102	attack	Port scan: Attack repeated for 24 hours	2019-12-01 08:17:11
188.166.119.234	attackspam	2019-11-30T23:28:59.718794hz01.yumiweb.com sshd\[26028\]: Invalid user teamspeak from 188.166.119.234 port 47255 2019-11-30T23:34:27.075656hz01.yumiweb.com sshd\[26044\]: Invalid user teamspeak from 188.166.119.234 port 34579 2019-11-30T23:40:28.661414hz01.yumiweb.com sshd\[26068\]: Invalid user teamspeak from 188.166.119.234 port 50136 ...	2019-12-01 07:54:32
95.179.239.18	attackbots	firewall-block, port(s): 3389/tcp	2019-12-01 08:03:11
123.138.18.11	attackbotsspam	Dec 1 02:03:18 hosting sshd[23171]: Invalid user test from 123.138.18.11 port 55422 Dec 1 02:03:18 hosting sshd[23171]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.138.18.11 Dec 1 02:03:18 hosting sshd[23171]: Invalid user test from 123.138.18.11 port 55422 Dec 1 02:03:20 hosting sshd[23171]: Failed password for invalid user test from 123.138.18.11 port 55422 ssh2 Dec 1 02:22:44 hosting sshd[26436]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.138.18.11 user=adm Dec 1 02:22:46 hosting sshd[26436]: Failed password for adm from 123.138.18.11 port 40598 ssh2 ...	2019-12-01 08:04:14
164.132.102.168	attackbotsspam	fail2ban	2019-12-01 08:23:14
58.65.196.90	attackspam	firewall-block, port(s): 1433/tcp	2019-12-01 08:21:29

最近上报的IP列表

61.180.165.176	15.111.214.67	48.159.138.245	94.237.73.157
183.81.85.30	167.71.115.39	77.124.96.59	195.123.237.194
176.110.8.68	178.170.189.37	119.42.75.240	167.71.204.64
5.53.4.180	113.123.116.174	51.68.213.97	210.245.35.39
14.230.4.73	111.172.165.143	49.116.163.34	162.96.0.102