49.69.194.139 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): ChinaNet Jiangsu Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Jul 14 20:52:42 wildwolf ssh-honeypotd[26164]: Failed password for r.r from 49.69.194.139 port 34299 ssh2 (target: 158.69.100.152:22, password: raspberrypi) Jul 14 20:52:42 wildwolf ssh-honeypotd[26164]: Failed password for r.r from 49.69.194.139 port 34299 ssh2 (target: 158.69.100.152:22, password: 12345) Jul 14 20:52:43 wildwolf ssh-honeypotd[26164]: Failed password for r.r from 49.69.194.139 port 34299 ssh2 (target: 158.69.100.152:22, password: 0000) Jul 14 20:52:43 wildwolf ssh-honeypotd[26164]: Failed password for r.r from 49.69.194.139 port 34299 ssh2 (target: 158.69.100.152:22, password: uClinux) Jul 14 20:52:43 wildwolf ssh-honeypotd[26164]: Failed password for r.r from 49.69.194.139 port 34299 ssh2 (target: 158.69.100.152:22, password: r.r) Jul 14 20:52:44 wildwolf ssh-honeypotd[26164]: Failed password for r.r from 49.69.194.139 port 34299 ssh2 (target: 158.69.100.152:22, password: 12345) Jul 14 20:52:44 wildwolf ssh-honeypotd[26164]: Failed password for r.r fro........ ------------------------------	2019-07-15 13:13:18

类型

评论内容

时间

attack

Jul 14 20:52:42 wildwolf ssh-honeypotd[26164]: Failed password for r.r from 49.69.194.139 port 34299 ssh2 (target: 158.69.100.152:22, password: raspberrypi)
Jul 14 20:52:42 wildwolf ssh-honeypotd[26164]: Failed password for r.r from 49.69.194.139 port 34299 ssh2 (target: 158.69.100.152:22, password: 12345)
Jul 14 20:52:43 wildwolf ssh-honeypotd[26164]: Failed password for r.r from 49.69.194.139 port 34299 ssh2 (target: 158.69.100.152:22, password: 0000)
Jul 14 20:52:43 wildwolf ssh-honeypotd[26164]: Failed password for r.r from 49.69.194.139 port 34299 ssh2 (target: 158.69.100.152:22, password: uClinux)
Jul 14 20:52:43 wildwolf ssh-honeypotd[26164]: Failed password for r.r from 49.69.194.139 port 34299 ssh2 (target: 158.69.100.152:22, password: r.r)
Jul 14 20:52:44 wildwolf ssh-honeypotd[26164]: Failed password for r.r from 49.69.194.139 port 34299 ssh2 (target: 158.69.100.152:22, password: 12345)
Jul 14 20:52:44 wildwolf ssh-honeypotd[26164]: Failed password for r.r fro........
------------------------------

2019-07-15 13:13:18

相同子网IP讨论:

IP	类型	评论内容	时间
49.69.194.69	attackbotsspam	Unauthorized connection attempt detected from IP address 49.69.194.69 to port 22	2020-07-22 16:03:33
49.69.194.20	attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-18 14:28:46

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 49.69.194.139
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 28516
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;49.69.194.139.			IN	A

;; AUTHORITY SECTION:
.			2051	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019071401 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Jul 15 13:13:10 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 139.194.69.49.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 139.194.69.49.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
189.8.15.82	attack	Sep 23 12:44:55 venus sshd\[8112\]: Invalid user system from 189.8.15.82 port 48137 Sep 23 12:44:55 venus sshd\[8112\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.8.15.82 Sep 23 12:44:57 venus sshd\[8112\]: Failed password for invalid user system from 189.8.15.82 port 48137 ssh2 ...	2019-09-23 20:56:57
194.15.36.19	attackspam	Sep 23 14:40:12 mail sshd\[20720\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.15.36.19 Sep 23 14:40:13 mail sshd\[20720\]: Failed password for invalid user yutso from 194.15.36.19 port 36906 ssh2 Sep 23 14:44:35 mail sshd\[21250\]: Invalid user bruno from 194.15.36.19 port 50744 Sep 23 14:44:35 mail sshd\[21250\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.15.36.19 Sep 23 14:44:38 mail sshd\[21250\]: Failed password for invalid user bruno from 194.15.36.19 port 50744 ssh2	2019-09-23 20:49:15
37.228.139.235	attackbotsspam	Automatic report - SSH Brute-Force Attack	2019-09-23 20:33:55
106.13.48.184	attackbots	2019-09-23T15:28:12.791870tmaserv sshd\[8087\]: Failed password for invalid user tester from 106.13.48.184 port 53148 ssh2 2019-09-23T15:38:58.375287tmaserv sshd\[8727\]: Invalid user master from 106.13.48.184 port 39630 2019-09-23T15:38:58.383814tmaserv sshd\[8727\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.184 2019-09-23T15:39:00.411885tmaserv sshd\[8727\]: Failed password for invalid user master from 106.13.48.184 port 39630 ssh2 2019-09-23T15:41:35.560065tmaserv sshd\[8998\]: Invalid user svsg from 106.13.48.184 port 57436 2019-09-23T15:41:35.567447tmaserv sshd\[8998\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.184 ...	2019-09-23 21:00:47
3.16.78.108	attack	Sep 23 07:48:24 dev0-dcde-rnet sshd[29490]: Failed password for root from 3.16.78.108 port 44012 ssh2 Sep 23 07:52:58 dev0-dcde-rnet sshd[29530]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=3.16.78.108 Sep 23 07:53:00 dev0-dcde-rnet sshd[29530]: Failed password for invalid user wsupgrade from 3.16.78.108 port 57498 ssh2	2019-09-23 20:19:41
150.95.212.72	attackbotsspam	F2B jail: sshd. Time: 2019-09-23 14:59:41, Reported by: VKReport	2019-09-23 21:01:44
183.232.210.133	attack	Sep 23 19:10:57 webhost01 sshd[18707]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.232.210.133 Sep 23 19:10:59 webhost01 sshd[18707]: Failed password for invalid user johan from 183.232.210.133 port 45128 ssh2 ...	2019-09-23 20:22:42
70.54.203.67	attackspam	2019-09-23T08:07:35.996444abusebot-3.cloudsearch.cf sshd\[11234\]: Invalid user jt from 70.54.203.67 port 57308	2019-09-23 20:24:40
106.52.34.27	attackspam	Sep 23 02:39:18 hiderm sshd\[3573\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.34.27 user=daemon Sep 23 02:39:20 hiderm sshd\[3573\]: Failed password for daemon from 106.52.34.27 port 52322 ssh2 Sep 23 02:41:55 hiderm sshd\[3784\]: Invalid user sofia from 106.52.34.27 Sep 23 02:41:55 hiderm sshd\[3784\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.34.27 Sep 23 02:41:57 hiderm sshd\[3784\]: Failed password for invalid user sofia from 106.52.34.27 port 43282 ssh2	2019-09-23 20:47:28
92.222.92.114	attackbotsspam	Sep 23 14:28:07 SilenceServices sshd[23211]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.222.92.114 Sep 23 14:28:09 SilenceServices sshd[23211]: Failed password for invalid user 1234 from 92.222.92.114 port 44306 ssh2 Sep 23 14:32:11 SilenceServices sshd[24307]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.222.92.114	2019-09-23 20:33:11
165.255.77.16	attackspam	Sep 23 14:35:04 lnxded63 sshd[16214]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.255.77.16 Sep 23 14:35:05 lnxded63 sshd[16214]: Failed password for invalid user student from 165.255.77.16 port 59248 ssh2 Sep 23 14:41:52 lnxded63 sshd[16854]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.255.77.16	2019-09-23 20:55:48
111.231.204.127	attack	Sep 23 14:35:35 mail sshd\[20012\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.204.127 user=games Sep 23 14:35:37 mail sshd\[20012\]: Failed password for games from 111.231.204.127 port 47776 ssh2 Sep 23 14:41:36 mail sshd\[20894\]: Invalid user user from 111.231.204.127 port 42960 Sep 23 14:41:36 mail sshd\[20894\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.204.127 Sep 23 14:41:38 mail sshd\[20894\]: Failed password for invalid user user from 111.231.204.127 port 42960 ssh2	2019-09-23 20:47:04
128.199.103.239	attack	Sep 23 14:12:57 mail sshd\[17425\]: Failed password for invalid user support from 128.199.103.239 port 58307 ssh2 Sep 23 14:17:42 mail sshd\[17995\]: Invalid user susanna from 128.199.103.239 port 50640 Sep 23 14:17:42 mail sshd\[17995\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.103.239 Sep 23 14:17:44 mail sshd\[17995\]: Failed password for invalid user susanna from 128.199.103.239 port 50640 ssh2 Sep 23 14:22:35 mail sshd\[18525\]: Invalid user matson from 128.199.103.239 port 42976 Sep 23 14:22:35 mail sshd\[18525\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.103.239	2019-09-23 20:51:23
129.146.201.116	attackbots	$f2bV_matches	2019-09-23 20:28:18
182.176.93.182	attackspambots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/182.176.93.182/ PK - 1H : (44) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : PK NAME ASN : ASN45595 IP : 182.176.93.182 CIDR : 182.176.93.0/24 PREFIX COUNT : 719 UNIQUE IP COUNT : 3781376 WYKRYTE ATAKI Z ASN45595 : 1H - 7 3H - 10 6H - 14 12H - 22 24H - 24 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-09-23 20:58:18

最近上报的IP列表

60.46.148.221	195.195.234.238	160.11.222.169	183.250.89.173
213.192.94.102	183.238.86.145	71.163.249.92	194.12.103.185
52.18.253.165	52.77.111.8	94.41.79.95	172.69.62.140
106.205.147.254	155.67.77.233	221.254.244.175	186.194.219.68
176.205.202.163	37.239.28.134	79.78.168.88	106.123.18.33