139.199.1.166 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): V6Yun (Beijing) Network Co. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Aug 28 10:48:09 webhost01 sshd[26689]: Failed password for root from 139.199.1.166 port 56142 ssh2 Aug 28 10:49:50 webhost01 sshd[26731]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.1.166 ...	2020-08-28 17:27:56
attack	(sshd) Failed SSH login from 139.199.1.166 (CN/China/-): 5 in the last 3600 secs	2020-08-21 17:36:19
attackbotsspam	Jul 16 11:10:42 webhost01 sshd[29779]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.1.166 Jul 16 11:10:44 webhost01 sshd[29779]: Failed password for invalid user cx from 139.199.1.166 port 49104 ssh2 ...	2020-07-16 12:22:45
attackspambots	Unauthorized connection attempt detected from IP address 139.199.1.166 to port 5493	2020-07-05 18:37:34
attack	Jun 30 18:32:21 raspberrypi sshd[15512]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.1.166 user=root Jun 30 18:32:23 raspberrypi sshd[15512]: Failed password for invalid user root from 139.199.1.166 port 33276 ssh2 ...	2020-07-01 18:23:47
attackspambots	Invalid user ariel from 139.199.1.166 port 51608	2020-06-29 06:30:40
attackspam	unauthorized connection attempt	2020-06-28 17:29:49
attackspambots	Jun 16 05:48:40 vps687878 sshd\[13599\]: Failed password for invalid user vmc from 139.199.1.166 port 54752 ssh2 Jun 16 05:50:53 vps687878 sshd\[13702\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.1.166 user=root Jun 16 05:50:55 vps687878 sshd\[13702\]: Failed password for root from 139.199.1.166 port 60806 ssh2 Jun 16 05:53:07 vps687878 sshd\[14027\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.1.166 user=root Jun 16 05:53:08 vps687878 sshd\[14027\]: Failed password for root from 139.199.1.166 port 38418 ssh2 ...	2020-06-16 13:28:10
attackbots	2020-06-10T15:03:57.4711991495-001 sshd[5026]: Failed password for invalid user gpadmin from 139.199.1.166 port 52694 ssh2 2020-06-10T15:06:16.9920791495-001 sshd[5126]: Invalid user ve from 139.199.1.166 port 38002 2020-06-10T15:06:16.9972421495-001 sshd[5126]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.1.166 2020-06-10T15:06:16.9920791495-001 sshd[5126]: Invalid user ve from 139.199.1.166 port 38002 2020-06-10T15:06:19.0336361495-001 sshd[5126]: Failed password for invalid user ve from 139.199.1.166 port 38002 ssh2 2020-06-10T15:08:41.4899431495-001 sshd[5189]: Invalid user new from 139.199.1.166 port 50406 ...	2020-06-11 03:32:47
attackspam	Jun 2 07:49:48 lukav-desktop sshd\[21465\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.1.166 user=root Jun 2 07:49:50 lukav-desktop sshd\[21465\]: Failed password for root from 139.199.1.166 port 56926 ssh2 Jun 2 07:51:05 lukav-desktop sshd\[21490\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.1.166 user=root Jun 2 07:51:07 lukav-desktop sshd\[21490\]: Failed password for root from 139.199.1.166 port 44194 ssh2 Jun 2 07:52:20 lukav-desktop sshd\[21516\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.1.166 user=root	2020-06-02 17:02:18
attackbots	fail2ban/May 16 22:44:03 h1962932 sshd[20619]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.1.166 user=root May 16 22:44:05 h1962932 sshd[20619]: Failed password for root from 139.199.1.166 port 34336 ssh2 May 16 22:47:57 h1962932 sshd[20735]: Invalid user cody from 139.199.1.166 port 58560 May 16 22:47:57 h1962932 sshd[20735]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.1.166 May 16 22:47:57 h1962932 sshd[20735]: Invalid user cody from 139.199.1.166 port 58560 May 16 22:47:59 h1962932 sshd[20735]: Failed password for invalid user cody from 139.199.1.166 port 58560 ssh2	2020-05-17 05:19:16
attackspam	Invalid user backuppc from 139.199.1.166 port 39656	2020-05-02 00:06:46
attack	Apr 7 00:48:12 pi sshd[15767]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.1.166 Apr 7 00:48:13 pi sshd[15767]: Failed password for invalid user dods from 139.199.1.166 port 36390 ssh2	2020-04-07 08:16:59
attackspam	Apr 4 07:19:41 vps647732 sshd[12668]: Failed password for root from 139.199.1.166 port 47454 ssh2 ...	2020-04-04 17:12:56
attack	SSH Brute-Force Attack	2020-03-21 10:03:08
attackbots	Mar 19 19:08:43 xeon sshd[48007]: Failed password for root from 139.199.1.166 port 35182 ssh2	2020-03-20 03:53:45
attackbots	Mar 11 15:30:06 josie sshd[6178]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.1.166 user=r.r Mar 11 15:30:08 josie sshd[6178]: Failed password for r.r from 139.199.1.166 port 35736 ssh2 Mar 11 15:30:08 josie sshd[6194]: Received disconnect from 139.199.1.166: 11: Bye Bye Mar 11 15:33:42 josie sshd[6742]: Connection closed by 139.199.1.166 Mar 11 15:35:06 josie sshd[7020]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.1.166 user=r.r Mar 11 15:35:08 josie sshd[7020]: Failed password for r.r from 139.199.1.166 port 45324 ssh2 Mar 11 15:35:08 josie sshd[7023]: Received disconnect from 139.199.1.166: 11: Bye Bye Mar 11 15:37:00 josie sshd[7347]: Invalid user akazam from 139.199.1.166 Mar 11 15:37:00 josie sshd[7347]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.1.166 Mar 11 15:37:01 josie sshd[7347]: Failed password for i........ -------------------------------	2020-03-14 05:59:04
attack	Mar 11 15:30:06 josie sshd[6178]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.1.166 user=r.r Mar 11 15:30:08 josie sshd[6178]: Failed password for r.r from 139.199.1.166 port 35736 ssh2 Mar 11 15:30:08 josie sshd[6194]: Received disconnect from 139.199.1.166: 11: Bye Bye Mar 11 15:33:42 josie sshd[6742]: Connection closed by 139.199.1.166 Mar 11 15:35:06 josie sshd[7020]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.1.166 user=r.r Mar 11 15:35:08 josie sshd[7020]: Failed password for r.r from 139.199.1.166 port 45324 ssh2 Mar 11 15:35:08 josie sshd[7023]: Received disconnect from 139.199.1.166: 11: Bye Bye Mar 11 15:37:00 josie sshd[7347]: Invalid user akazam from 139.199.1.166 Mar 11 15:37:00 josie sshd[7347]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.1.166 Mar 11 15:37:01 josie sshd[7347]: Failed password for i........ -------------------------------	2020-03-13 19:42:48

相同子网IP讨论:

IP	类型	评论内容	时间
139.199.18.194	attackspam	Oct 12 10:00:06 ajax sshd[20406]: Failed password for root from 139.199.18.194 port 40928 ssh2	2020-10-12 21:33:16
139.199.170.101	attackspambots	SSH Brute-Force Attack	2020-10-12 20:57:40
139.199.18.194	attackspambots	$f2bV_matches	2020-10-12 13:04:40
139.199.170.101	attack	Oct 12 04:21:26 game-panel sshd[25338]: Failed password for root from 139.199.170.101 port 42150 ssh2 Oct 12 04:26:15 game-panel sshd[25555]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.170.101 Oct 12 04:26:17 game-panel sshd[25555]: Failed password for invalid user wo from 139.199.170.101 port 38612 ssh2	2020-10-12 12:26:40
139.199.14.128	attack	Oct 10 14:59:17 con01 sshd[2993577]: Failed password for invalid user frank from 139.199.14.128 port 40462 ssh2 Oct 10 15:03:19 con01 sshd[3000067]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.14.128 user=root Oct 10 15:03:21 con01 sshd[3000067]: Failed password for root from 139.199.14.128 port 58116 ssh2 Oct 10 15:07:29 con01 sshd[3005598]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.14.128 user=root Oct 10 15:07:32 con01 sshd[3005598]: Failed password for root from 139.199.14.128 port 47538 ssh2 ...	2020-10-11 03:39:28
139.199.14.128	attack	Oct 10 13:23:30 con01 sshd[2837241]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.14.128 user=root Oct 10 13:23:33 con01 sshd[2837241]: Failed password for root from 139.199.14.128 port 57812 ssh2 Oct 10 13:27:38 con01 sshd[2843894]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.14.128 user=root Oct 10 13:27:40 con01 sshd[2843894]: Failed password for root from 139.199.14.128 port 47240 ssh2 Oct 10 13:31:50 con01 sshd[2850480]: Invalid user louise from 139.199.14.128 port 36664 ...	2020-10-10 19:32:09
139.199.170.101	attack	SSH brutforce	2020-10-05 07:45:26
139.199.14.128	attackspambots	Oct 4 08:46:04 pixelmemory sshd[114755]: Failed password for root from 139.199.14.128 port 55956 ssh2 Oct 4 08:49:35 pixelmemory sshd[135052]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.14.128 user=root Oct 4 08:49:37 pixelmemory sshd[135052]: Failed password for root from 139.199.14.128 port 36716 ssh2 Oct 4 08:53:15 pixelmemory sshd[139265]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.14.128 user=root Oct 4 08:53:17 pixelmemory sshd[139265]: Failed password for root from 139.199.14.128 port 45722 ssh2 ...	2020-10-05 06:46:13
139.199.170.101	attack	Oct 4 13:56:05 abendstille sshd\[3409\]: Invalid user ps from 139.199.170.101 Oct 4 13:56:05 abendstille sshd\[3409\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.170.101 Oct 4 13:56:06 abendstille sshd\[3409\]: Failed password for invalid user ps from 139.199.170.101 port 57362 ssh2 Oct 4 14:01:07 abendstille sshd\[7928\]: Invalid user openhab from 139.199.170.101 Oct 4 14:01:07 abendstille sshd\[7928\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.170.101 ...	2020-10-05 00:04:09
139.199.14.128	attackspambots	2020-10-04T03:11:55.088931Z 7474e83e79ed New connection: 139.199.14.128:39700 (172.17.0.5:2222) [session: 7474e83e79ed] 2020-10-04T03:19:53.709557Z 630dc3796768 New connection: 139.199.14.128:56288 (172.17.0.5:2222) [session: 630dc3796768]	2020-10-04 22:48:44
139.199.14.128	attackbots	2020-10-04T03:11:55.088931Z 7474e83e79ed New connection: 139.199.14.128:39700 (172.17.0.5:2222) [session: 7474e83e79ed] 2020-10-04T03:19:53.709557Z 630dc3796768 New connection: 139.199.14.128:56288 (172.17.0.5:2222) [session: 630dc3796768]	2020-10-04 14:36:18
139.199.179.248	attack	Found on CINS badguys / proto=6 . srcport=51245 . dstport=23 Telnet . (1015)	2020-10-04 03:27:11
139.199.179.248	attack	Found on CINS badguys / proto=6 . srcport=51245 . dstport=23 Telnet . (1015)	2020-10-03 19:22:51
139.199.123.152	attackbotsspam	Invalid user system from 139.199.123.152 port 48914	2020-10-02 06:47:50
139.199.119.76	attackbotsspam	Oct 1 06:48:37 Tower sshd[30637]: Connection from 139.199.119.76 port 38238 on 192.168.10.220 port 22 rdomain "" Oct 1 06:48:38 Tower sshd[30637]: Failed password for root from 139.199.119.76 port 38238 ssh2 Oct 1 06:48:39 Tower sshd[30637]: Received disconnect from 139.199.119.76 port 38238:11: Bye Bye [preauth] Oct 1 06:48:39 Tower sshd[30637]: Disconnected from authenticating user root 139.199.119.76 port 38238 [preauth]	2020-10-02 01:17:25

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.199.1.166
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 29574
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.199.1.166.			IN	A

;; AUTHORITY SECTION:
.			188	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020031300 1800 900 604800 86400

;; Query time: 52 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Mar 13 19:42:43 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 166.1.199.139.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 166.1.199.139.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
167.71.216.37	attack	167.71.216.37 - - [23/Jul/2020:00:55:16 +0200] "GET /wp-login.php HTTP/1.1" 200 6060 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 167.71.216.37 - - [23/Jul/2020:00:55:17 +0200] "POST /wp-login.php HTTP/1.1" 200 6311 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 167.71.216.37 - - [23/Jul/2020:00:55:19 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-07-23 07:30:15
195.54.160.21	attackspambots	firewall-block, port(s): 2375/tcp, 4506/tcp	2020-07-23 07:33:10
193.124.58.83	attackspam	Failed RDP login	2020-07-23 07:17:21
152.136.189.81	attack	Jul 23 00:29:32 ns392434 sshd[19373]: Invalid user sinus from 152.136.189.81 port 50310 Jul 23 00:29:32 ns392434 sshd[19373]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.189.81 Jul 23 00:29:32 ns392434 sshd[19373]: Invalid user sinus from 152.136.189.81 port 50310 Jul 23 00:29:34 ns392434 sshd[19373]: Failed password for invalid user sinus from 152.136.189.81 port 50310 ssh2 Jul 23 00:44:04 ns392434 sshd[20200]: Invalid user admin from 152.136.189.81 port 60356 Jul 23 00:44:04 ns392434 sshd[20200]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.189.81 Jul 23 00:44:04 ns392434 sshd[20200]: Invalid user admin from 152.136.189.81 port 60356 Jul 23 00:44:06 ns392434 sshd[20200]: Failed password for invalid user admin from 152.136.189.81 port 60356 ssh2 Jul 23 00:55:34 ns392434 sshd[20858]: Invalid user shaun from 152.136.189.81 port 57844	2020-07-23 07:01:50
13.234.214.47	attackbotsspam	Jul 22 23:47:41 gospond sshd[11799]: Invalid user shen from 13.234.214.47 port 49076 Jul 22 23:47:44 gospond sshd[11799]: Failed password for invalid user shen from 13.234.214.47 port 49076 ssh2 Jul 22 23:55:34 gospond sshd[11934]: Invalid user mongodb from 13.234.214.47 port 54572 ...	2020-07-23 07:03:51
193.142.146.214	attack	Failed RDP login	2020-07-23 07:11:33
202.51.118.201	attackbots	Failed RDP login	2020-07-23 07:34:12
138.197.213.233	attack	Jul 23 00:51:34 minden010 sshd[14096]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.213.233 Jul 23 00:51:37 minden010 sshd[14096]: Failed password for invalid user crm from 138.197.213.233 port 57608 ssh2 Jul 23 00:55:15 minden010 sshd[15327]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.213.233 ...	2020-07-23 07:04:16
93.174.89.43	attackbotsspam	Port Scan detected from 93.174.89.43 (NL/Netherlands/North Holland/Amsterdam/srv68.hqserver.net). 4 hits in the last 130 seconds	2020-07-23 07:27:46
62.31.14.199	attackspambots	1595458525 - 07/23/2020 00:55:25 Host: 62.31.14.199/62.31.14.199 Port: 445 TCP Blocked	2020-07-23 07:15:18
54.71.115.235	attackbots	54.71.115.235 - - [23/Jul/2020:00:55:32 +0200] "GET /wp-login.php HTTP/1.1" 200 1901 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 54.71.115.235 - - [23/Jul/2020:00:55:33 +0200] "POST /wp-login.php HTTP/1.1" 200 2031 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 54.71.115.235 - - [23/Jul/2020:00:55:33 +0200] "GET /wp-login.php HTTP/1.1" 200 1901 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 54.71.115.235 - - [23/Jul/2020:00:55:34 +0200] "POST /wp-login.php HTTP/1.1" 200 2007 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 54.71.115.235 - - [23/Jul/2020:00:55:34 +0200] "GET /wp-login.php HTTP/1.1" 200 1901 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 54.71.115.235 - - [23/Jul/2020:00:55:34 +0200] "POST /wp-login.php HTTP/1.1" 200 2008 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Fir ...	2020-07-23 07:03:34
118.174.139.118	attackbots	Jul 22 22:55:25 scw-6657dc sshd[3628]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.174.139.118 Jul 22 22:55:25 scw-6657dc sshd[3628]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.174.139.118 Jul 22 22:55:28 scw-6657dc sshd[3628]: Failed password for invalid user loop from 118.174.139.118 port 52026 ssh2 ...	2020-07-23 07:09:33
119.156.88.50	attackbotsspam	Failed RDP login	2020-07-23 07:24:57
118.25.27.67	attackbotsspam	Jul 23 00:55:27 ns381471 sshd[20300]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.27.67 Jul 23 00:55:29 ns381471 sshd[20300]: Failed password for invalid user wkidup from 118.25.27.67 port 55242 ssh2	2020-07-23 07:08:03
72.255.61.76	attack	Failed RDP login	2020-07-23 07:25:35

最近上报的IP列表

123.24.205.125	19.93.68.79	14.169.140.253	213.6.67.54
201.140.232.255	127.30.112.88	158.46.175.83	85.192.179.70
38.78.210.125	117.63.132.148	36.79.151.4	103.45.102.212
14.241.119.29	196.203.203.173	89.242.131.178	180.251.247.250
103.124.90.202	45.161.136.47	142.93.216.235	116.109.192.200