139.199.100.51

基本信息:

城市(city): Beijing

省份(region): Beijing

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): Shenzhen Tencent Computer Systems Company Limited

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	2019-10-28T20:44:17.140500abusebot.cloudsearch.cf sshd\[24939\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.100.51 user=root	2019-10-29 04:51:00
attackbots	Oct 25 00:21:53 MK-Soft-VM6 sshd[8241]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.100.51 Oct 25 00:21:55 MK-Soft-VM6 sshd[8241]: Failed password for invalid user net from 139.199.100.51 port 29245 ssh2 ...	2019-10-25 07:28:42
attackspambots	5x Failed Password	2019-10-24 23:05:46
attackspam	Oct 24 03:55:43 www_kotimaassa_fi sshd[27198]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.100.51 Oct 24 03:55:45 www_kotimaassa_fi sshd[27198]: Failed password for invalid user training from 139.199.100.51 port 55248 ssh2 ...	2019-10-24 12:17:05
attackspambots	2019-10-22T03:58:34.330626abusebot.cloudsearch.cf sshd\[21751\]: Invalid user 12345 from 139.199.100.51 port 19703	2019-10-22 12:00:21
attack	Oct 21 12:21:35 dev0-dcde-rnet sshd[18430]: Failed password for root from 139.199.100.51 port 25386 ssh2 Oct 21 12:26:08 dev0-dcde-rnet sshd[18448]: Failed password for root from 139.199.100.51 port 64086 ssh2	2019-10-21 18:43:15
attackbotsspam	Oct 4 23:46:38 Tower sshd[30856]: Connection from 139.199.100.51 port 3074 on 192.168.10.220 port 22 Oct 4 23:46:41 Tower sshd[30856]: Failed password for root from 139.199.100.51 port 3074 ssh2 Oct 4 23:46:41 Tower sshd[30856]: Received disconnect from 139.199.100.51 port 3074:11: Bye Bye [preauth] Oct 4 23:46:41 Tower sshd[30856]: Disconnected from authenticating user root 139.199.100.51 port 3074 [preauth]	2019-10-05 17:46:05
attack	Sep 29 07:06:27 site3 sshd\[137108\]: Invalid user map from 139.199.100.51 Sep 29 07:06:27 site3 sshd\[137108\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.100.51 Sep 29 07:06:29 site3 sshd\[137108\]: Failed password for invalid user map from 139.199.100.51 port 61497 ssh2 Sep 29 07:11:08 site3 sshd\[137264\]: Invalid user 12345 from 139.199.100.51 Sep 29 07:11:08 site3 sshd\[137264\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.100.51 ...	2019-09-29 15:16:30
attackbotsspam	Sep 28 06:15:00 tdfoods sshd\[20152\]: Invalid user karen from 139.199.100.51 Sep 28 06:15:00 tdfoods sshd\[20152\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.100.51 Sep 28 06:15:02 tdfoods sshd\[20152\]: Failed password for invalid user karen from 139.199.100.51 port 1607 ssh2 Sep 28 06:21:10 tdfoods sshd\[20670\]: Invalid user vinoth from 139.199.100.51 Sep 28 06:21:10 tdfoods sshd\[20670\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.100.51	2019-09-29 00:21:29
attackbotsspam	Apr 14 19:00:01 vtv3 sshd\[8159\]: Invalid user vrouwerff from 139.199.100.51 port 53063 Apr 14 19:00:01 vtv3 sshd\[8159\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.100.51 Apr 14 19:00:03 vtv3 sshd\[8159\]: Failed password for invalid user vrouwerff from 139.199.100.51 port 53063 ssh2 Apr 14 19:07:21 vtv3 sshd\[12162\]: Invalid user csserver from 139.199.100.51 port 39798 Apr 14 19:07:21 vtv3 sshd\[12162\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.100.51 Apr 16 06:40:21 vtv3 sshd\[10489\]: Invalid user Access from 139.199.100.51 port 18148 Apr 16 06:40:21 vtv3 sshd\[10489\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.100.51 Apr 16 06:40:24 vtv3 sshd\[10489\]: Failed password for invalid user Access from 139.199.100.51 port 18148 ssh2 Apr 16 06:49:45 vtv3 sshd\[14565\]: Invalid user tac1 from 139.199.100.51 port 4829 Apr 16 06:49:45 vtv3 ssh	2019-09-08 05:21:41
attackspam	Aug 20 00:25:26 ny01 sshd[14087]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.100.51 Aug 20 00:25:28 ny01 sshd[14087]: Failed password for invalid user artifactory from 139.199.100.51 port 60784 ssh2 Aug 20 00:30:25 ny01 sshd[14614]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.100.51	2019-08-20 12:38:04
attackspambots	Aug 19 14:59:04 plusreed sshd[12342]: Invalid user kong from 139.199.100.51 ...	2019-08-20 03:16:48
attack	2019-08-17T08:27:34.931419abusebot-7.cloudsearch.cf sshd\[32267\]: Invalid user cu from 139.199.100.51 port 17980	2019-08-17 22:13:57
attackbotsspam	Aug 15 00:36:59 mail sshd\[13008\]: Failed password for invalid user manager1 from 139.199.100.51 port 45348 ssh2 Aug 15 00:56:29 mail sshd\[13486\]: Invalid user nscd from 139.199.100.51 port 45663 Aug 15 00:56:29 mail sshd\[13486\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.100.51 ...	2019-08-15 08:08:24
attackbotsspam	Aug 13 14:54:38 xeon sshd[19950]: Failed password for invalid user devteam from 139.199.100.51 port 52296 ssh2	2019-08-14 01:12:16
attackspam	2019-07-14T06:58:54.772901 sshd[28353]: Invalid user apptest from 139.199.100.51 port 54029 2019-07-14T06:58:54.787997 sshd[28353]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.100.51 2019-07-14T06:58:54.772901 sshd[28353]: Invalid user apptest from 139.199.100.51 port 54029 2019-07-14T06:58:56.321967 sshd[28353]: Failed password for invalid user apptest from 139.199.100.51 port 54029 ssh2 2019-07-14T07:04:38.782383 sshd[28442]: Invalid user test from 139.199.100.51 port 40600 ...	2019-07-14 13:17:31

相同子网IP讨论:

IP	类型	评论内容	时间
139.199.100.228	attackspam	DATE:2020-06-19 20:58:59, IP:139.199.100.228, PORT:ssh SSH brute force auth (docker-dc)	2020-06-20 03:26:20
139.199.100.81	attack	$f2bV_matches	2020-02-27 15:31:49
139.199.100.81	attackspambots	Unauthorized connection attempt detected from IP address 139.199.100.81 to port 2220 [J]	2020-02-23 15:15:56
139.199.100.81	attackspam	2020-02-18T13:51:11.109174vps773228.ovh.net sshd[31252]: Invalid user prueba from 139.199.100.81 port 57170 2020-02-18T13:51:11.124041vps773228.ovh.net sshd[31252]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.100.81 2020-02-18T13:51:11.109174vps773228.ovh.net sshd[31252]: Invalid user prueba from 139.199.100.81 port 57170 2020-02-18T13:51:13.632059vps773228.ovh.net sshd[31252]: Failed password for invalid user prueba from 139.199.100.81 port 57170 ssh2 2020-02-18T14:12:17.984207vps773228.ovh.net sshd[31292]: Invalid user o2 from 139.199.100.81 port 39072 2020-02-18T14:12:18.005311vps773228.ovh.net sshd[31292]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.100.81 2020-02-18T14:12:17.984207vps773228.ovh.net sshd[31292]: Invalid user o2 from 139.199.100.81 port 39072 2020-02-18T14:12:19.449502vps773228.ovh.net sshd[31292]: Failed password for invalid user o2 from 139.199.100.81 port 39072 ...	2020-02-19 05:58:46
139.199.100.81	attackbotsspam	Unauthorized connection attempt detected from IP address 139.199.100.81 to port 2220 [J]	2020-01-15 02:50:32
139.199.100.81	attackbots	Unauthorized connection attempt detected from IP address 139.199.100.81 to port 2220 [J]	2020-01-13 00:54:38
139.199.100.81	attack	$f2bV_matches	2020-01-01 22:45:40
139.199.100.81	attackspam	Repeated failed SSH attempt	2019-12-27 22:34:09
139.199.100.81	attackspam	Jan 24 06:10:49 vtv3 sshd\[6773\]: Invalid user xa from 139.199.100.81 port 50864 Jan 24 06:10:49 vtv3 sshd\[6773\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.100.81 Jan 24 06:10:51 vtv3 sshd\[6773\]: Failed password for invalid user xa from 139.199.100.81 port 50864 ssh2 Jan 24 06:17:52 vtv3 sshd\[8419\]: Invalid user eva from 139.199.100.81 port 50452 Jan 24 06:17:52 vtv3 sshd\[8419\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.100.81 Feb 4 20:59:00 vtv3 sshd\[3567\]: Invalid user gmodserver from 139.199.100.81 port 54896 Feb 4 20:59:00 vtv3 sshd\[3567\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.100.81 Feb 4 20:59:03 vtv3 sshd\[3567\]: Failed password for invalid user gmodserver from 139.199.100.81 port 54896 ssh2 Feb 4 21:06:56 vtv3 sshd\[6146\]: Invalid user jason from 139.199.100.81 port 57530 Feb 4 21:06:56 vtv3 sshd\[6146\]: pam_	2019-11-17 15:21:56
139.199.100.81	attack	Nov 7 09:55:31 game-panel sshd[9400]: Failed password for root from 139.199.100.81 port 53144 ssh2 Nov 7 10:04:49 game-panel sshd[9694]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.100.81 Nov 7 10:04:51 game-panel sshd[9694]: Failed password for invalid user benutzer from 139.199.100.81 port 33774 ssh2	2019-11-07 18:08:16
139.199.100.81	attackbots	Nov 4 18:44:44 php1 sshd\[4686\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.100.81 user=root Nov 4 18:44:45 php1 sshd\[4686\]: Failed password for root from 139.199.100.81 port 34814 ssh2 Nov 4 18:53:45 php1 sshd\[6064\]: Invalid user stas from 139.199.100.81 Nov 4 18:53:45 php1 sshd\[6064\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.100.81 Nov 4 18:53:47 php1 sshd\[6064\]: Failed password for invalid user stas from 139.199.100.81 port 46118 ssh2	2019-11-05 13:48:48
139.199.100.81	attack	2019-09-28 00:32:03,561 fail2ban.actions [818]: NOTICE [sshd] Ban 139.199.100.81 2019-09-28 04:10:09,324 fail2ban.actions [818]: NOTICE [sshd] Ban 139.199.100.81 2019-09-28 07:25:08,268 fail2ban.actions [818]: NOTICE [sshd] Ban 139.199.100.81 ...	2019-10-03 16:34:41
139.199.100.81	attack	fail2ban	2019-09-22 03:24:55
139.199.100.81	attack	Brute force SMTP login attempted. ...	2019-08-10 01:57:17
139.199.100.81	attackbots	Jul 31 13:16:04 debian sshd\[17535\]: Invalid user cms from 139.199.100.81 port 34032 Jul 31 13:16:04 debian sshd\[17535\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.100.81 ...	2019-07-31 20:28:15

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.199.100.51
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 40926
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.199.100.51.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019040701 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Mon Apr 08 10:44:55 +08 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 51.100.199.139.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 51.100.199.139.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
195.62.46.218	spamattack	PHISHING AND SPAM ATTACK FROM "Accelerates Alzheimers - TriggersAlzheimers@promindes.cyou -" : SUBJECT "Brain Scan Uncovers Real Cause Of Alzheimer's... " : RECEIVED "from [195.62.46.218] (port=36047 helo=mars.promindes.cyou) " : DATE/TIMESENT "Sun, 28 Feb 2021 03:50:48 " IP ADDRESS "inetnum: 195.62.46.0 - 195.62.47.255 org-name: XSServer GmbH	2021-02-28 05:38:57
77.119.246.60	normal	smigis private ip	2021-03-08 05:15:25
69.65.62.59	spamattack	PHISHING AND SPAM ATTACK FROM "123Greetings - specials@123g.biz -" : SUBJECT "Diabetics - No More Finger Pricks " : RECEIVED "from mail.silver59.123g.biz ([69.65.62.59]:56935) " : DATE/TIMESENT "Fri, 12 Mar 2021 09:30:27 " NOTE Take care with cards from 123Greetings.com, it uses 69.65.62.0/25 as above"	2021-03-12 07:44:18
35.243.23.172	spambotsattackproxynormal	He hack my account on PlayStation	2021-03-01 11:01:15
195.62.46.38	spamattack	PHISHING AND SPAM ATTACK FROM "Exposed - Exposed@leakygut.buzz -" : SUBJECT "Kamala's backdoor " : RECEIVED "from [195.62.46.38] (port=34127 helo=negat.leakygut.buzz) " : DATE/TIMESENT "Fri, 26 Feb 2021 22:53:43 " IP ADDRESS "inetnum: 195.62.46.0 - 195.62.47.255 org-name: XSServer GmbH	2021-02-27 06:25:11
23.247.94.234	spamattack	PHISHING AND SPAM ATTACK FROM "TV Caster - WirelesslyStreams@casterzilla.us -" : SUBJECT "Is it Really as Good as a Smart TV? " : RECEIVED "from [23.247.94.234] (port=37453 helo=narvi.casterzilla.us) " : DATE/TIMESENT "Fri, 12 Mar 2021 00:56:42 " IP ADDRESS "NetRange: 23.247.0.0 - 23.247.127.255 OrgName: LayerHost "	2021-03-12 07:41:13
69.65.62.106	spamattack	PHISHING AND SPAM ATTACK FROM "123Greetings - specials@123g.biz -" : SUBJECT "Miracle Ingredients Reverse Type II Diabetes" : RECEIVED "from mail.silver106.123g.biz ([69.65.62.106]:38914) " : DATE/TIMESENT "Sat, 20 Mar 2021 08:30:21" NOTE Take care with cards from 123Greetings.com, it uses 69.65.62.0/25 as above"	2021-03-20 06:28:48
213.5.195.97	spamattack	Tried to access Google Account and has compromised other accounts.	2021-03-17 02:43:48
203.162.79.194	attack	tried to login in to my WP admin panel 12 times	2021-03-22 04:37:26
185.63.253.223	spambotsattackproxynormal	153.63.253.200	2021-03-02 00:00:33
35.243.23.172	spambotsattackproxynormal	He hack my account on PlayStation	2021-03-01 11:01:33
23.247.75.102	spamattack	PHISHING AND SPAM ATTACK FROM "Wireless Earbuds - WirelessEarbuds@hellfire.cyou -" : SUBJECT "New Apple H1 headphone chip delivers faster wireless connection to your devices " : RECEIVED "from kvotes.rotonat.com ([23.247.75.102]:60098 helo=gull.hellfire.cyou) " : DATE/TIMESENT "Sat, 27 Feb 2021 23:52:46 " IP ADDRESS "NetRange: 23.247.75.0 - 23.247.75.255 Customer: Andrew Horton (C04842071)"	2021-02-28 05:48:44
23.247.27.26	spamattack	PHISHING AND SPAM ATTACK FROM "Better Vision Today - BetterVisionToday@nerveshield.buzz -" : SUBJECT "Brain Scan Uncovers Root Cause For Vision Loss " : RECEIVED "from [23.247.27.26] (port=52023 helo=carme.nerveshield.buzz) " : DATE/TIMESENT "Sun, 07 Mar 2021 05:16:38 " IP ADDRESS "NetRange: 23.247.0.0 - 23.247.127.255 OrgName: LayerHost "	2021-03-07 08:03:56
77.119.246.149	normal	smigis private ip	2021-03-08 05:14:07
52.149.147.97	spam	they end spam mail	2021-03-04 12:51:01

最近上报的IP列表

14.187.23.62	194.183.5.226	46.229.168.150	125.117.215.14
68.183.236.5	162.157.185.72	113.183.215.220	61.183.144.188
36.66.203.23	185.244.25.205	114.4.193.227	36.152.17.34
179.99.117.245	123.207.121.2	37.148.211.192	5.226.138.4
87.214.66.137	94.233.6.166	83.48.29.116	94.91.110.106