139.198.122.76

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): V6Yun (Beijing) Network Co. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	SSH Brute-Forcing (server2)	2020-09-12 03:06:21
attackbots	Sep 11 12:01:27 root sshd[22323]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.122.76 ...	2020-09-11 19:05:53
attack	Invalid user uftp from 139.198.122.76 port 60136	2020-08-17 18:47:18
attackbotsspam	Aug 10 08:05:09 vm0 sshd[18596]: Failed password for root from 139.198.122.76 port 45824 ssh2 ...	2020-08-10 23:02:17
attackbotsspam	Jul 29 03:59:55 lanister sshd[30986]: Invalid user bran from 139.198.122.76 Jul 29 03:59:55 lanister sshd[30986]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.122.76 Jul 29 03:59:55 lanister sshd[30986]: Invalid user bran from 139.198.122.76 Jul 29 03:59:57 lanister sshd[30986]: Failed password for invalid user bran from 139.198.122.76 port 35076 ssh2	2020-07-29 17:21:08
attack	Jul 18 17:49:54 pkdns2 sshd\[46456\]: Invalid user ustin from 139.198.122.76Jul 18 17:49:56 pkdns2 sshd\[46456\]: Failed password for invalid user ustin from 139.198.122.76 port 55464 ssh2Jul 18 17:52:58 pkdns2 sshd\[46619\]: Invalid user testtest from 139.198.122.76Jul 18 17:53:01 pkdns2 sshd\[46619\]: Failed password for invalid user testtest from 139.198.122.76 port 57180 ssh2Jul 18 17:55:56 pkdns2 sshd\[46770\]: Invalid user git from 139.198.122.76Jul 18 17:55:58 pkdns2 sshd\[46770\]: Failed password for invalid user git from 139.198.122.76 port 58892 ssh2 ...	2020-07-18 23:12:25
attackbots	Jul 14 04:58:29 l03 sshd[7045]: Invalid user balu from 139.198.122.76 port 41538 ...	2020-07-14 12:01:49
attack	invalid login attempt (stacy)	2020-07-05 06:45:52
attack	Jun 27 21:18:28 h2646465 sshd[25815]: Invalid user anonymous from 139.198.122.76 Jun 27 21:18:28 h2646465 sshd[25815]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.122.76 Jun 27 21:18:28 h2646465 sshd[25815]: Invalid user anonymous from 139.198.122.76 Jun 27 21:18:30 h2646465 sshd[25815]: Failed password for invalid user anonymous from 139.198.122.76 port 45440 ssh2 Jun 27 21:22:29 h2646465 sshd[26046]: Invalid user tomcat from 139.198.122.76 Jun 27 21:22:29 h2646465 sshd[26046]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.122.76 Jun 27 21:22:29 h2646465 sshd[26046]: Invalid user tomcat from 139.198.122.76 Jun 27 21:22:31 h2646465 sshd[26046]: Failed password for invalid user tomcat from 139.198.122.76 port 34888 ssh2 Jun 27 21:23:53 h2646465 sshd[26123]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.122.76 user=root Jun 27 21:23:56 h2646465 sshd[26123]: Fai	2020-06-28 04:21:37
attack	$f2bV_matches	2020-06-26 12:06:23
attackspam	2020-06-14T13:30:25.570104shield sshd\[12592\]: Invalid user ao from 139.198.122.76 port 49032 2020-06-14T13:30:25.573025shield sshd\[12592\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.122.76 2020-06-14T13:30:27.423582shield sshd\[12592\]: Failed password for invalid user ao from 139.198.122.76 port 49032 ssh2 2020-06-14T13:33:02.357302shield sshd\[13239\]: Invalid user rajesh from 139.198.122.76 port 49128 2020-06-14T13:33:02.361431shield sshd\[13239\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.122.76	2020-06-14 22:44:33
attack	2020-05-31T12:37:12.816819shield sshd\[14446\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.122.76 user=root 2020-05-31T12:37:15.646905shield sshd\[14446\]: Failed password for root from 139.198.122.76 port 46394 ssh2 2020-05-31T12:41:03.099583shield sshd\[14679\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.122.76 user=root 2020-05-31T12:41:04.973277shield sshd\[14679\]: Failed password for root from 139.198.122.76 port 36288 ssh2 2020-05-31T12:45:00.195127shield sshd\[14929\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.122.76 user=root	2020-06-01 02:39:21
attack	May 30 14:51:28 abendstille sshd\[19569\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.122.76 user=root May 30 14:51:30 abendstille sshd\[19569\]: Failed password for root from 139.198.122.76 port 45200 ssh2 May 30 14:54:16 abendstille sshd\[22376\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.122.76 user=root May 30 14:54:17 abendstille sshd\[22376\]: Failed password for root from 139.198.122.76 port 48548 ssh2 May 30 14:56:58 abendstille sshd\[25222\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.122.76 user=sshd ...	2020-05-30 23:30:58
attackbotsspam	Invalid user ms from 139.198.122.76 port 55906	2020-05-16 14:18:43
attackspambots	May 16 01:01:57 eventyay sshd[12380]: Failed password for root from 139.198.122.76 port 60530 ssh2 May 16 01:10:19 eventyay sshd[12670]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.122.76 May 16 01:10:21 eventyay sshd[12670]: Failed password for invalid user admin from 139.198.122.76 port 36578 ssh2 ...	2020-05-16 07:25:27
attackspambots	2020-05-04T07:45:59.7608861495-001 sshd[15758]: Invalid user publish from 139.198.122.76 port 52926 2020-05-04T07:45:59.7713271495-001 sshd[15758]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.122.76 2020-05-04T07:45:59.7608861495-001 sshd[15758]: Invalid user publish from 139.198.122.76 port 52926 2020-05-04T07:46:02.2530181495-001 sshd[15758]: Failed password for invalid user publish from 139.198.122.76 port 52926 ssh2 2020-05-04T07:50:16.5771501495-001 sshd[15935]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.122.76 user=root 2020-05-04T07:50:19.0083941495-001 sshd[15935]: Failed password for root from 139.198.122.76 port 47976 ssh2 ...	2020-05-05 03:37:16
attackspam	May 1 13:43:31 melroy-server sshd[29406]: Failed password for git from 139.198.122.76 port 44876 ssh2 ...	2020-05-01 21:13:42
attack	Total attacks: 6	2020-04-17 22:29:24
attackbots	Brute-force attempt banned	2020-03-30 13:22:18
attackbots	SSH Brute Force	2020-03-20 21:38:24
attackbots	Mar 19 17:03:12 vps46666688 sshd[18827]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.122.76 Mar 19 17:03:14 vps46666688 sshd[18827]: Failed password for invalid user f4 from 139.198.122.76 port 36646 ssh2 ...	2020-03-20 04:27:19
attackbots	Unauthorized connection attempt detected from IP address 139.198.122.76 to port 2220 [J]	2020-01-31 01:25:44
attackbotsspam	$f2bV_matches	2020-01-12 00:27:03
attackspam	Automatic report - Banned IP Access	2020-01-01 07:33:14
attackspambots	Dec 31 16:01:28 legacy sshd[15060]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.122.76 Dec 31 16:01:30 legacy sshd[15060]: Failed password for invalid user yishun from 139.198.122.76 port 53180 ssh2 Dec 31 16:05:02 legacy sshd[15149]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.122.76 ...	2020-01-01 05:16:15
attackspam	Dec 24 06:55:18 MK-Soft-Root1 sshd[24870]: Failed password for root from 139.198.122.76 port 41048 ssh2 Dec 24 06:58:44 MK-Soft-Root1 sshd[25602]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.122.76 ...	2019-12-24 14:13:53
attack	detected by Fail2Ban	2019-12-16 21:31:45
attack	Dec 15 19:16:53 kapalua sshd\[4163\]: Invalid user a_kirchner from 139.198.122.76 Dec 15 19:16:53 kapalua sshd\[4163\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.122.76 Dec 15 19:16:54 kapalua sshd\[4163\]: Failed password for invalid user a_kirchner from 139.198.122.76 port 34128 ssh2 Dec 15 19:24:56 kapalua sshd\[5009\]: Invalid user schellmann from 139.198.122.76 Dec 15 19:24:56 kapalua sshd\[5009\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.122.76	2019-12-16 13:34:50
attackspam	2019-12-10T13:43:32.363245abusebot-2.cloudsearch.cf sshd\[4179\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.122.76 user=dbus	2019-12-10 21:44:49
attackbots	Dec 10 00:18:01 meumeu sshd[3405]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.122.76 Dec 10 00:18:03 meumeu sshd[3405]: Failed password for invalid user admin from 139.198.122.76 port 49838 ssh2 Dec 10 00:26:52 meumeu sshd[5283]: Failed password for root from 139.198.122.76 port 53068 ssh2 ...	2019-12-10 07:35:42

相同子网IP讨论:

IP	类型	评论内容	时间
139.198.122.19	attackspam	Oct 9 13:23:11 scw-6657dc sshd[582]: Failed password for root from 139.198.122.19 port 52638 ssh2 Oct 9 13:23:11 scw-6657dc sshd[582]: Failed password for root from 139.198.122.19 port 52638 ssh2 Oct 9 13:26:04 scw-6657dc sshd[678]: Invalid user student from 139.198.122.19 port 56592 ...	2020-10-10 02:46:48
139.198.122.19	attackbotsspam	(sshd) Failed SSH login from 139.198.122.19 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 9 03:23:05 optimus sshd[9790]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.122.19 user=daemon Oct 9 03:23:08 optimus sshd[9790]: Failed password for daemon from 139.198.122.19 port 54786 ssh2 Oct 9 03:25:06 optimus sshd[10569]: Invalid user knoppix from 139.198.122.19 Oct 9 03:25:06 optimus sshd[10569]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.122.19 Oct 9 03:25:08 optimus sshd[10569]: Failed password for invalid user knoppix from 139.198.122.19 port 52194 ssh2	2020-10-09 18:32:09
139.198.122.19	attackbotsspam	2020-10-06T01:47:37.738892mail.standpoint.com.ua sshd[5918]: Failed password for root from 139.198.122.19 port 48554 ssh2 2020-10-06T01:49:56.963074mail.standpoint.com.ua sshd[6235]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.122.19 user=root 2020-10-06T01:49:59.178603mail.standpoint.com.ua sshd[6235]: Failed password for root from 139.198.122.19 port 59090 ssh2 2020-10-06T01:52:19.209054mail.standpoint.com.ua sshd[6583]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.122.19 user=root 2020-10-06T01:52:21.388833mail.standpoint.com.ua sshd[6583]: Failed password for root from 139.198.122.19 port 41398 ssh2 ...	2020-10-06 07:20:07
139.198.122.19	attackspam	$f2bV_matches	2020-10-05 23:35:24
139.198.122.19	attackspambots	Oct 5 07:13:35 vlre-nyc-1 sshd\[23482\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.122.19 user=root Oct 5 07:13:38 vlre-nyc-1 sshd\[23482\]: Failed password for root from 139.198.122.19 port 36178 ssh2 Oct 5 07:18:20 vlre-nyc-1 sshd\[23667\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.122.19 user=root Oct 5 07:18:23 vlre-nyc-1 sshd\[23667\]: Failed password for root from 139.198.122.19 port 46408 ssh2 Oct 5 07:19:45 vlre-nyc-1 sshd\[23704\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.122.19 user=root ...	2020-10-05 15:34:30
139.198.122.19	attack	Invalid user javi from 139.198.122.19 port 40020	2020-10-02 05:43:59
139.198.122.19	attackspam	Oct 1 15:50:21 Server sshd[1143795]: Invalid user hdfs from 139.198.122.19 port 49496 Oct 1 15:50:21 Server sshd[1143795]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.122.19 Oct 1 15:50:21 Server sshd[1143795]: Invalid user hdfs from 139.198.122.19 port 49496 Oct 1 15:50:23 Server sshd[1143795]: Failed password for invalid user hdfs from 139.198.122.19 port 49496 ssh2 Oct 1 15:52:36 Server sshd[1144752]: Invalid user gera from 139.198.122.19 port 48538 ...	2020-10-01 22:04:57
139.198.122.19	attack	$f2bV_matches	2020-10-01 14:22:59
139.198.122.116	attackspam	3x Failed Password	2020-09-18 23:09:42
139.198.122.116	attack	Sep 18 06:16:15 ovpn sshd\[6718\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.122.116 user=root Sep 18 06:16:17 ovpn sshd\[6718\]: Failed password for root from 139.198.122.116 port 38346 ssh2 Sep 18 06:23:13 ovpn sshd\[8393\]: Invalid user matthias from 139.198.122.116 Sep 18 06:23:13 ovpn sshd\[8393\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.122.116 Sep 18 06:23:14 ovpn sshd\[8393\]: Failed password for invalid user matthias from 139.198.122.116 port 47180 ssh2	2020-09-18 15:21:08
139.198.122.116	attackspambots	Sep 17 21:34:58 ns381471 sshd[28429]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.122.116 Sep 17 21:35:00 ns381471 sshd[28429]: Failed password for invalid user teamspeak from 139.198.122.116 port 48836 ssh2	2020-09-18 05:36:27
139.198.122.19	attackspam	2020-09-12T15:19:07.913420vps773228.ovh.net sshd[1476]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.122.19 2020-09-12T15:19:07.899231vps773228.ovh.net sshd[1476]: Invalid user mysql from 139.198.122.19 port 59136 2020-09-12T15:19:09.719911vps773228.ovh.net sshd[1476]: Failed password for invalid user mysql from 139.198.122.19 port 59136 ssh2 2020-09-12T15:23:29.064948vps773228.ovh.net sshd[1527]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.122.19 user=root 2020-09-12T15:23:30.836617vps773228.ovh.net sshd[1527]: Failed password for root from 139.198.122.19 port 43880 ssh2 ...	2020-09-12 21:54:07
139.198.122.19	attackspam	Sep 12 03:57:06 localhost sshd\[21748\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.122.19 user=root Sep 12 03:57:08 localhost sshd\[21748\]: Failed password for root from 139.198.122.19 port 45966 ssh2 Sep 12 04:08:26 localhost sshd\[21910\]: Invalid user admin from 139.198.122.19 port 43592 ...	2020-09-12 13:56:51
139.198.122.19	attack	SSH Brute-Force reported by Fail2Ban	2020-09-12 05:44:36
139.198.122.19	attack	2020-09-08T21:20:01.783083billing sshd[5625]: Failed password for invalid user admin from 139.198.122.19 port 40650 ssh2 2020-09-08T21:29:49.519007billing sshd[27781]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.122.19 user=root 2020-09-08T21:29:51.483626billing sshd[27781]: Failed password for root from 139.198.122.19 port 59336 ssh2 ...	2020-09-08 23:16:39

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.198.122.76
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24329
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.198.122.76.			IN	A

;; AUTHORITY SECTION:
.			2507	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019070401 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Jul 05 05:14:07 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 76.122.198.139.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 76.122.198.139.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
142.162.50.22	attackbots	Repeated RDP login failures. Last user: administrator	2020-06-11 23:35:35
85.55.162.74	attackbotsspam	Repeated RDP login failures. Last user: administrator	2020-06-11 23:42:51
78.186.67.17	attackspam	Repeated RDP login failures. Last user: administrator	2020-06-11 23:48:53
72.18.200.94	attack	Repeated RDP login failures. Last user: administrator	2020-06-11 23:25:10
115.42.45.42	attack	Unauthorized connection attempt detected from IP address 115.42.45.42 to port 8000	2020-06-11 23:09:49
79.62.33.187	attack	Repeated RDP login failures. Last user: administrator	2020-06-11 23:47:16
92.63.44.55	attack	Repeated RDP login failures. Last user: administrator	2020-06-11 23:15:33
89.96.89.234	attackspam	Repeated RDP login failures. Last user: administrator	2020-06-11 23:17:51
212.237.3.179	attack	Repeated RDP login failures. Last user: administrator	2020-06-11 23:29:07
123.108.46.90	attackbotsspam	Repeated RDP login failures. Last user: administrator	2020-06-11 23:09:09
103.219.207.121	attackspam	Repeated RDP login failures. Last user: administrator	2020-06-11 23:11:29
49.235.240.141	attack	Tried sshing with brute force.	2020-06-11 23:51:06
85.209.0.82	attack	June 11 2020, 08:16:48 [sshd] - Banned from the Mad Pony WordPress hosting platform by Fail2ban.	2020-06-11 23:20:57
2.228.152.53	attackspam	Repeated RDP login failures. Last user: administrator	2020-06-11 23:55:31
94.101.55.221	attack	Repeated RDP login failures. Last user: administrator	2020-06-11 23:14:23

最近上报的IP列表

170.200.97.63	60.63.30.68	31.40.208.239	47.89.200.126
91.0.27.92	135.132.248.110	186.91.80.183	180.190.243.141
201.55.236.109	190.203.252.112	169.3.166.156	145.19.128.15
68.241.15.237	110.94.164.73	130.244.68.183	45.14.213.183
35.232.125.212	73.122.194.145	91.229.204.2	229.88.200.236