139.186.68.226

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Oct 5 21:58:06 con01 sshd[2488138]: Failed password for root from 139.186.68.226 port 35044 ssh2 Oct 5 22:00:21 con01 sshd[2492605]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.186.68.226 user=root Oct 5 22:00:23 con01 sshd[2492605]: Failed password for root from 139.186.68.226 port 32788 ssh2 Oct 5 22:02:40 con01 sshd[2496876]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.186.68.226 user=root Oct 5 22:02:43 con01 sshd[2496876]: Failed password for root from 139.186.68.226 port 58760 ssh2 ...	2020-10-06 08:11:30
attackbots	5x Failed Password	2020-10-06 00:35:27
attackspambots	Oct 5 02:47:13 ny01 sshd[18234]: Failed password for root from 139.186.68.226 port 34408 ssh2 Oct 5 02:50:24 ny01 sshd[18591]: Failed password for root from 139.186.68.226 port 39140 ssh2	2020-10-05 16:35:44
attack	Sep 4 12:16:13 hidden sshd[42377]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.186.68.226 Sep 4 12:16:15 hidden sshd[42377]: Failed password for invalid user greg from 139.186.68.226 port 44324 ssh2 Sep 4 12:25:02 hidden sshd[42534]: Invalid user user01 from 139.186.68.226 port 42122	2020-09-05 02:17:42
attack	2020-07-25 19:08:41,917 fail2ban.actions [18606]: NOTICE [sshd] Ban 139.186.68.226 2020-07-25 19:26:30,897 fail2ban.actions [18606]: NOTICE [sshd] Ban 139.186.68.226 2020-07-25 19:43:55,714 fail2ban.actions [18606]: NOTICE [sshd] Ban 139.186.68.226 2020-07-25 20:01:25,873 fail2ban.actions [18606]: NOTICE [sshd] Ban 139.186.68.226 2020-07-25 20:18:56,585 fail2ban.actions [18606]: NOTICE [sshd] Ban 139.186.68.226 ...	2020-09-04 17:42:18
attackspambots	Aug 30 14:52:29 cho sshd[1928521]: Invalid user admin from 139.186.68.226 port 43292 Aug 30 14:52:29 cho sshd[1928521]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.186.68.226 Aug 30 14:52:29 cho sshd[1928521]: Invalid user admin from 139.186.68.226 port 43292 Aug 30 14:52:31 cho sshd[1928521]: Failed password for invalid user admin from 139.186.68.226 port 43292 ssh2 Aug 30 14:56:00 cho sshd[1928696]: Invalid user jonny from 139.186.68.226 port 52506 ...	2020-08-30 21:03:38
attack	frenzy	2020-08-15 14:16:27
attackspam	Aug 14 23:48:47 hidden sshd[57787]: Failed password for hidden from 139.186.68.226 port 57734 ssh2 Aug 14 23:55:00 hidden sshd[58579]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.186.68.226 user=root Aug 14 23:55:02 hidden sshd[58579]: Failed password for hidden from 139.186.68.226 port 40274 ssh2	2020-08-15 08:26:55
attackspam	2020-08-02T05:48:39.600317v22018076590370373 sshd[20251]: Failed password for root from 139.186.68.226 port 50684 ssh2 2020-08-02T05:50:31.429272v22018076590370373 sshd[27747]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.186.68.226 user=root 2020-08-02T05:50:33.213536v22018076590370373 sshd[27747]: Failed password for root from 139.186.68.226 port 40802 ssh2 2020-08-02T05:52:24.931676v22018076590370373 sshd[1821]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.186.68.226 user=root 2020-08-02T05:52:27.227872v22018076590370373 sshd[1821]: Failed password for root from 139.186.68.226 port 59152 ssh2 ...	2020-08-02 14:58:21
attack	Invalid user omura from 139.186.68.226 port 49902	2020-07-30 00:56:32
attackspambots	Jul 28 15:51:18 piServer sshd[16723]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.186.68.226 Jul 28 15:51:20 piServer sshd[16723]: Failed password for invalid user zhangjh from 139.186.68.226 port 33940 ssh2 Jul 28 15:54:06 piServer sshd[16935]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.186.68.226 ...	2020-07-28 23:42:24
attack	Jul 22 03:03:23 root sshd[13873]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.186.68.226 Jul 22 03:03:25 root sshd[13873]: Failed password for invalid user GED from 139.186.68.226 port 60402 ssh2 Jul 22 03:20:07 root sshd[16205]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.186.68.226 ...	2020-07-22 09:34:04
attackspam	Jul 20 14:18:47 Ubuntu-1404-trusty-64-minimal sshd\[10559\]: Invalid user sara from 139.186.68.226 Jul 20 14:18:47 Ubuntu-1404-trusty-64-minimal sshd\[10559\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.186.68.226 Jul 20 14:18:49 Ubuntu-1404-trusty-64-minimal sshd\[10559\]: Failed password for invalid user sara from 139.186.68.226 port 59038 ssh2 Jul 20 14:42:54 Ubuntu-1404-trusty-64-minimal sshd\[2900\]: Invalid user n from 139.186.68.226 Jul 20 14:42:54 Ubuntu-1404-trusty-64-minimal sshd\[2900\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.186.68.226	2020-07-21 00:08:56

相同子网IP讨论:

IP	类型	评论内容	时间
139.186.68.53	attack	2020-08-23T23:45:18.4523311495-001 sshd[32148]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.186.68.53 2020-08-23T23:45:18.4479771495-001 sshd[32148]: Invalid user tomcat9 from 139.186.68.53 port 56744 2020-08-23T23:45:20.0022031495-001 sshd[32148]: Failed password for invalid user tomcat9 from 139.186.68.53 port 56744 ssh2 2020-08-23T23:49:46.9571881495-001 sshd[32345]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.186.68.53 user=root 2020-08-23T23:49:49.2997511495-001 sshd[32345]: Failed password for root from 139.186.68.53 port 49028 ssh2 2020-08-23T23:54:06.7508041495-001 sshd[32610]: Invalid user gh from 139.186.68.53 port 41300 ...	2020-08-24 12:22:18
139.186.68.53	attackspambots	2020-08-19T13:01:48.426303mail.standpoint.com.ua sshd[18467]: Failed password for root from 139.186.68.53 port 56768 ssh2 2020-08-19T13:05:38.023613mail.standpoint.com.ua sshd[19050]: Invalid user peihongtao from 139.186.68.53 port 44940 2020-08-19T13:05:38.027914mail.standpoint.com.ua sshd[19050]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.186.68.53 2020-08-19T13:05:38.023613mail.standpoint.com.ua sshd[19050]: Invalid user peihongtao from 139.186.68.53 port 44940 2020-08-19T13:05:39.952811mail.standpoint.com.ua sshd[19050]: Failed password for invalid user peihongtao from 139.186.68.53 port 44940 ssh2 ...	2020-08-19 18:25:18
139.186.68.53	attackspambots	2020-07-27 10:57:38,201 fail2ban.actions [18606]: NOTICE [sshd] Ban 139.186.68.53 2020-07-27 11:10:27,915 fail2ban.actions [18606]: NOTICE [sshd] Ban 139.186.68.53 2020-07-27 11:25:09,521 fail2ban.actions [18606]: NOTICE [sshd] Ban 139.186.68.53 2020-07-27 11:39:47,166 fail2ban.actions [18606]: NOTICE [sshd] Ban 139.186.68.53 2020-07-27 11:54:27,671 fail2ban.actions [18606]: NOTICE [sshd] Ban 139.186.68.53 ...	2020-08-01 17:55:18
139.186.68.53	attackbots	SSH brute-force attempt	2020-07-29 01:44:16
139.186.68.53	attack	Jul 7 20:01:42 abendstille sshd\[12722\]: Invalid user perry from 139.186.68.53 Jul 7 20:01:42 abendstille sshd\[12722\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.186.68.53 Jul 7 20:01:44 abendstille sshd\[12722\]: Failed password for invalid user perry from 139.186.68.53 port 32938 ssh2 Jul 7 20:05:16 abendstille sshd\[16358\]: Invalid user hrm from 139.186.68.53 Jul 7 20:05:16 abendstille sshd\[16358\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.186.68.53 ...	2020-07-08 02:35:10
139.186.68.53	attack	sshd jail - ssh hack attempt	2020-07-05 15:15:23
139.186.68.53	attackspam	Unauthorized access or intrusion attempt detected from Thor banned IP	2020-06-10 06:44:38
139.186.68.53	attackspam	"Unauthorized connection attempt on SSHD detected"	2020-06-07 17:48:46
139.186.68.53	attackspambots	May 26 03:28:57 ny01 sshd[21237]: Failed password for root from 139.186.68.53 port 33480 ssh2 May 26 03:31:13 ny01 sshd[21521]: Failed password for root from 139.186.68.53 port 59174 ssh2	2020-05-26 15:46:39
139.186.68.53	attackbotsspam	W 5701,/var/log/auth.log,-,-	2020-05-25 18:59:45
139.186.68.53	attackspambots	Invalid user yrw from 139.186.68.53 port 33156	2020-05-23 13:00:39
139.186.68.165	attackspambots	Invalid user deploy from 139.186.68.165 port 15929	2020-05-02 06:18:20

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.186.68.226
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 22682
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.186.68.226.			IN	A

;; AUTHORITY SECTION:
.			460	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020062800 1800 900 604800 86400

;; Query time: 54 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jun 28 20:14:02 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 226.68.186.139.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 226.68.186.139.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
88.214.26.8	attack	Automatic report - Banned IP Access	2020-01-24 00:33:33
212.64.57.24	attackbots	Unauthorized connection attempt detected from IP address 212.64.57.24 to port 2220 [J]	2020-01-24 01:16:42
222.186.15.10	attack	Unauthorized connection attempt detected from IP address 222.186.15.10 to port 22 [T]	2020-01-24 00:48:43
159.203.201.209	attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-01-24 00:39:04
80.252.137.54	attack	SSH bruteforce (Triggered fail2ban)	2020-01-24 00:31:41
217.112.128.216	attack	Jan 23 17:09:41 server postfix/smtpd[18704]: NOQUEUE: reject: RCPT from wave.zilanco.com[217.112.128.216]: 554 5.7.1 Service unavailable; Client host [217.112.128.216] blocked using zen.spamhaus.org; https://www.spamhaus.org/sbl/query/SBL461503 / https://www.spamhaus.org/sbl/query/SBLCSS; from= to= proto=ESMTP helo=	2020-01-24 01:14:01
122.51.48.52	attack	Unauthorized connection attempt detected from IP address 122.51.48.52 to port 2220 [J]	2020-01-24 00:47:07
186.250.48.15	attack	20/1/23@11:10:10: FAIL: Alarm-Network address from=186.250.48.15 20/1/23@11:10:10: FAIL: Alarm-Network address from=186.250.48.15 ...	2020-01-24 00:49:44
59.160.116.206	attackbotsspam	Very low quality (reply to GMail) 419/phishing.	2020-01-24 01:21:33
179.185.104.250	attack	Jan 23 17:06:49 hcbbdb sshd\[7215\]: Invalid user emmanuel from 179.185.104.250 Jan 23 17:06:49 hcbbdb sshd\[7215\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.185.104.250 Jan 23 17:06:51 hcbbdb sshd\[7215\]: Failed password for invalid user emmanuel from 179.185.104.250 port 54577 ssh2 Jan 23 17:10:34 hcbbdb sshd\[7679\]: Invalid user rpc from 179.185.104.250 Jan 23 17:10:34 hcbbdb sshd\[7679\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.185.104.250	2020-01-24 01:22:24
190.47.157.205	attack	Jan 23 17:10:12 nextcloud sshd\[11706\]: Invalid user test from 190.47.157.205 Jan 23 17:10:12 nextcloud sshd\[11706\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.47.157.205 Jan 23 17:10:14 nextcloud sshd\[11706\]: Failed password for invalid user test from 190.47.157.205 port 61076 ssh2 ...	2020-01-24 00:46:12
85.105.225.84	attack	1579795773 - 01/23/2020 17:09:33 Host: 85.105.225.84/85.105.225.84 Port: 445 TCP Blocked	2020-01-24 01:17:29
46.187.50.57	attackbotsspam	1579795823 - 01/23/2020 17:10:23 Host: 46.187.50.57/46.187.50.57 Port: 445 TCP Blocked	2020-01-24 00:42:01
207.46.13.121	attackbotsspam	Automatic report - Banned IP Access	2020-01-24 00:36:20
5.11.179.161	attackbots	Automatic report - Port Scan Attack	2020-01-24 00:53:36

最近上报的IP列表

36.65.9.23	1.55.255.62	112.72.96.180	89.187.171.138
221.53.49.255	85.113.25.29	1.53.197.137	41.100.224.249
1.161.206.100	223.207.246.194	92.255.199.73	89.163.150.21
49.234.140.192	22.254.12.166	212.237.46.9	123.189.86.196
202.181.207.68	78.62.153.117	14.231.68.225	112.135.202.115