139.199.108.70

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): V6Yun (Beijing) Network Co. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Oct 12 12:11:52 vps691689 sshd[8879]: Failed password for root from 139.199.108.70 port 47544 ssh2 Oct 12 12:16:42 vps691689 sshd[8955]: Failed password for root from 139.199.108.70 port 56652 ssh2 ...	2019-10-12 18:21:24
attackbots	Sep 26 23:51:29 friendsofhawaii sshd\[11063\]: Invalid user wv from 139.199.108.70 Sep 26 23:51:30 friendsofhawaii sshd\[11063\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.108.70 Sep 26 23:51:32 friendsofhawaii sshd\[11063\]: Failed password for invalid user wv from 139.199.108.70 port 36502 ssh2 Sep 26 23:55:40 friendsofhawaii sshd\[11392\]: Invalid user tpuser from 139.199.108.70 Sep 26 23:55:40 friendsofhawaii sshd\[11392\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.108.70	2019-09-27 20:06:01
attackspambots	Sep 9 01:59:09 php1 sshd\[3901\]: Invalid user ubuntu from 139.199.108.70 Sep 9 01:59:09 php1 sshd\[3901\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.108.70 Sep 9 01:59:11 php1 sshd\[3901\]: Failed password for invalid user ubuntu from 139.199.108.70 port 56700 ssh2 Sep 9 02:04:49 php1 sshd\[4630\]: Invalid user demo from 139.199.108.70 Sep 9 02:04:49 php1 sshd\[4630\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.108.70	2019-09-09 21:52:22
attackspambots	Aug 22 02:39:49 lcdev sshd\[13633\]: Invalid user mathilde from 139.199.108.70 Aug 22 02:39:49 lcdev sshd\[13633\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.108.70 Aug 22 02:39:51 lcdev sshd\[13633\]: Failed password for invalid user mathilde from 139.199.108.70 port 43114 ssh2 Aug 22 02:44:44 lcdev sshd\[14084\]: Invalid user kumari from 139.199.108.70 Aug 22 02:44:44 lcdev sshd\[14084\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.108.70	2019-08-22 23:23:30
attackspam	Aug 12 22:44:51 localhost sshd\[6039\]: Invalid user alessandra from 139.199.108.70 port 49844 Aug 12 22:44:51 localhost sshd\[6039\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.108.70 Aug 12 22:44:53 localhost sshd\[6039\]: Failed password for invalid user alessandra from 139.199.108.70 port 49844 ssh2 Aug 12 22:47:15 localhost sshd\[6172\]: Invalid user noel from 139.199.108.70 port 41296 Aug 12 22:47:15 localhost sshd\[6172\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.108.70 ...	2019-08-13 09:20:13
attack	Jul 21 05:05:25 TORMINT sshd\[10542\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.108.70 user=root Jul 21 05:05:27 TORMINT sshd\[10542\]: Failed password for root from 139.199.108.70 port 58394 ssh2 Jul 21 05:11:18 TORMINT sshd\[10886\]: Invalid user mb from 139.199.108.70 Jul 21 05:11:18 TORMINT sshd\[10886\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.108.70 ...	2019-07-21 17:15:30
attackbots	Jul 17 17:40:17 MK-Soft-VM3 sshd\[19624\]: Invalid user t from 139.199.108.70 port 36898 Jul 17 17:40:17 MK-Soft-VM3 sshd\[19624\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.108.70 Jul 17 17:40:19 MK-Soft-VM3 sshd\[19624\]: Failed password for invalid user t from 139.199.108.70 port 36898 ssh2 ...	2019-07-18 01:50:09
attack	Jul 15 13:16:51 v22018076622670303 sshd\[29558\]: Invalid user friends from 139.199.108.70 port 51014 Jul 15 13:16:51 v22018076622670303 sshd\[29558\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.108.70 Jul 15 13:16:53 v22018076622670303 sshd\[29558\]: Failed password for invalid user friends from 139.199.108.70 port 51014 ssh2 ...	2019-07-15 20:04:29
attackspam	Jul 15 06:15:34 mail sshd\[31837\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.108.70 user=root Jul 15 06:15:36 mail sshd\[31837\]: Failed password for root from 139.199.108.70 port 36874 ssh2 Jul 15 06:19:31 mail sshd\[32461\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.108.70 user=root Jul 15 06:19:33 mail sshd\[32461\]: Failed password for root from 139.199.108.70 port 45432 ssh2 Jul 15 06:23:23 mail sshd\[591\]: Invalid user ts from 139.199.108.70 port 53982	2019-07-15 12:36:56

相同子网IP讨论:

IP	类型	评论内容	时间
139.199.108.83	attackspam	Aug 29 22:09:42 ns382633 sshd\[8755\]: Invalid user hadoop from 139.199.108.83 port 36236 Aug 29 22:09:42 ns382633 sshd\[8755\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.108.83 Aug 29 22:09:44 ns382633 sshd\[8755\]: Failed password for invalid user hadoop from 139.199.108.83 port 36236 ssh2 Aug 29 22:21:27 ns382633 sshd\[10909\]: Invalid user eddie from 139.199.108.83 port 33008 Aug 29 22:21:27 ns382633 sshd\[10909\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.108.83	2020-08-30 08:07:22
139.199.108.83	attackbots	Jul 14 03:53:33 ip-172-31-61-156 sshd[18256]: Failed password for invalid user timo from 139.199.108.83 port 44162 ssh2 Jul 14 03:53:30 ip-172-31-61-156 sshd[18256]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.108.83 Jul 14 03:53:30 ip-172-31-61-156 sshd[18256]: Invalid user timo from 139.199.108.83 Jul 14 03:53:33 ip-172-31-61-156 sshd[18256]: Failed password for invalid user timo from 139.199.108.83 port 44162 ssh2 Jul 14 03:56:09 ip-172-31-61-156 sshd[18444]: Invalid user yg from 139.199.108.83 ...	2020-07-14 12:22:34
139.199.108.83	attackbotsspam	Jun 24 08:50:47 vps sshd[3851]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.108.83 Jun 24 08:50:49 vps sshd[3851]: Failed password for invalid user yar from 139.199.108.83 port 37722 ssh2 Jun 24 08:56:16 vps sshd[4118]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.108.83 ...	2020-06-24 16:25:03
139.199.108.83	attack	Invalid user mariadb from 139.199.108.83 port 34400	2020-06-18 01:58:04
139.199.108.83	attack	Jun 14 22:01:04 ns382633 sshd\[8007\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.108.83 user=root Jun 14 22:01:07 ns382633 sshd\[8007\]: Failed password for root from 139.199.108.83 port 37604 ssh2 Jun 14 22:07:53 ns382633 sshd\[9029\]: Invalid user nodeproxy from 139.199.108.83 port 49828 Jun 14 22:07:53 ns382633 sshd\[9029\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.108.83 Jun 14 22:07:55 ns382633 sshd\[9029\]: Failed password for invalid user nodeproxy from 139.199.108.83 port 49828 ssh2	2020-06-15 05:25:13
139.199.108.83	attackspambots	Jun 10 06:34:39 vps687878 sshd\[31312\]: Failed password for invalid user danar from 139.199.108.83 port 42298 ssh2 Jun 10 06:39:06 vps687878 sshd\[31761\]: Invalid user xjd from 139.199.108.83 port 36970 Jun 10 06:39:06 vps687878 sshd\[31761\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.108.83 Jun 10 06:39:08 vps687878 sshd\[31761\]: Failed password for invalid user xjd from 139.199.108.83 port 36970 ssh2 Jun 10 06:43:43 vps687878 sshd\[32304\]: Invalid user ftpuser from 139.199.108.83 port 59876 Jun 10 06:43:43 vps687878 sshd\[32304\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.108.83 ...	2020-06-10 16:46:32
139.199.108.83	attack	" "	2020-06-04 22:19:48
139.199.108.83	attackspam	May 26 01:23:29 nas sshd[24155]: Failed password for root from 139.199.108.83 port 46390 ssh2 May 26 01:33:13 nas sshd[24485]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.108.83 May 26 01:33:15 nas sshd[24485]: Failed password for invalid user hargreaves from 139.199.108.83 port 59174 ssh2 ...	2020-05-26 09:48:13
139.199.108.83	attackspambots	May 24 15:15:24 inter-technics sshd[16003]: Invalid user jtrejo from 139.199.108.83 port 36546 May 24 15:15:24 inter-technics sshd[16003]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.108.83 May 24 15:15:24 inter-technics sshd[16003]: Invalid user jtrejo from 139.199.108.83 port 36546 May 24 15:15:25 inter-technics sshd[16003]: Failed password for invalid user jtrejo from 139.199.108.83 port 36546 ssh2 May 24 15:20:23 inter-technics sshd[16257]: Invalid user admin from 139.199.108.83 port 59552 ...	2020-05-24 22:16:06
139.199.108.83	attack	W 5701,/var/log/auth.log,-,-	2020-05-23 07:26:36
139.199.108.83	attack	21 attempts against mh-ssh on cloud	2020-05-03 14:50:05
139.199.108.74	attack	Sep 5 06:02:53 markkoudstaal sshd[12209]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.108.74 Sep 5 06:02:55 markkoudstaal sshd[12209]: Failed password for invalid user deploy from 139.199.108.74 port 56202 ssh2 Sep 5 06:07:17 markkoudstaal sshd[12570]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.108.74	2019-09-05 12:14:09

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.199.108.70
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 46461
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.199.108.70.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019042502 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Fri Apr 26 09:19:10 +08 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 70.108.199.139.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 70.108.199.139.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
151.236.193.195	attack	2019-09-11T03:53:47.493693abusebot.cloudsearch.cf sshd\[30903\]: Invalid user znc-admin from 151.236.193.195 port 7991	2019-09-11 12:04:33
118.168.109.79	attackspam	port 23 attempt blocked	2019-09-11 12:02:57
218.98.26.180	attack	Sep 11 02:49:26 *** sshd[17610]: User root from 218.98.26.180 not allowed because not listed in AllowUsers	2019-09-11 11:16:01
196.245.255.105	attackspam	Looking for resource vulnerabilities	2019-09-11 11:53:29
106.51.140.210	attackbotsspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-09-10 12:11:27,390 INFO [shellcode_manager] (106.51.140.210) no match, writing hexdump (2460caad7eedcf968af1e23862afa189 :2214262) - MS17010 (EternalBlue)	2019-09-11 11:55:04
185.176.27.186	attack	09/10/2019-20:58:43.911023 185.176.27.186 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-09-11 11:24:39
209.97.153.35	attackspam	Automated report - ssh fail2ban: Sep 11 04:32:55 authentication failure Sep 11 04:32:56 wrong password, user=ftpuser, port=55978, ssh2 Sep 11 04:38:13 authentication failure	2019-09-11 11:27:57
120.205.45.252	attackbots	Sep 11 02:42:29 MK-Soft-VM3 sshd\[20882\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.205.45.252 user=root Sep 11 02:42:30 MK-Soft-VM3 sshd\[20882\]: Failed password for root from 120.205.45.252 port 53320 ssh2 Sep 11 02:42:33 MK-Soft-VM3 sshd\[20884\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.205.45.252 user=root ...	2019-09-11 11:49:51
81.143.228.95	attackbots	Unauthorized connection attempt from IP address 81.143.228.95 on Port 445(SMB)	2019-09-11 11:50:50
159.65.157.165	attack	Sep 11 06:38:06 www5 sshd\[32975\]: Invalid user 123456 from 159.65.157.165 Sep 11 06:38:06 www5 sshd\[32975\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.157.165 Sep 11 06:38:08 www5 sshd\[32975\]: Failed password for invalid user 123456 from 159.65.157.165 port 35372 ssh2 ...	2019-09-11 11:56:07
118.163.181.157	attackbotsspam	Sep 11 04:40:31 SilenceServices sshd[23541]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.163.181.157 Sep 11 04:40:33 SilenceServices sshd[23541]: Failed password for invalid user postgres from 118.163.181.157 port 53538 ssh2 Sep 11 04:46:59 SilenceServices sshd[25980]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.163.181.157	2019-09-11 11:43:21
89.248.162.168	attackbots	Port scan on 7 port(s): 1344 1351 1353 1356 1360 1361 1363	2019-09-11 11:47:47
187.28.50.230	attack	Sep 11 05:10:32 localhost sshd\[9039\]: Invalid user test from 187.28.50.230 port 42312 Sep 11 05:10:32 localhost sshd\[9039\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.28.50.230 Sep 11 05:10:33 localhost sshd\[9039\]: Failed password for invalid user test from 187.28.50.230 port 42312 ssh2	2019-09-11 11:15:17
111.68.102.66	attackbotsspam	firewall-block, port(s): 445/tcp	2019-09-11 11:32:12
58.254.132.239	attackbotsspam	Sep 10 23:27:16 ny01 sshd[4410]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.254.132.239 Sep 10 23:27:18 ny01 sshd[4410]: Failed password for invalid user 1234567 from 58.254.132.239 port 21486 ssh2 Sep 10 23:30:09 ny01 sshd[5195]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.254.132.239	2019-09-11 11:37:46

最近上报的IP列表

140.143.223.242	159.192.140.147	192.144.132.172	40.129.225.176
191.243.72.34	31.220.0.225	181.48.55.42	212.45.0.218
185.220.101.29	96.64.194.75	199.249.230.119	167.250.30.198
187.152.127.244	193.169.255.102	137.253.95.98	192.241.247.201
77.247.109.59	108.224.199.29	45.119.81.170	163.134.135.203