必须是合法有效的IP地址, 可以是IPv4或者是IPv6, 例如127.0.0.1或者2001:DB8:0:0:8:800:200C:417A
基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:
类型 评论内容 时间
attack
Sep  5 06:02:53 markkoudstaal sshd[12209]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.108.74
Sep  5 06:02:55 markkoudstaal sshd[12209]: Failed password for invalid user deploy from 139.199.108.74 port 56202 ssh2
Sep  5 06:07:17 markkoudstaal sshd[12570]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.108.74
2019-09-05 12:14:09
相同子网IP讨论:
IP 类型 评论内容 时间
139.199.108.83 attackspam
Aug 29 22:09:42 ns382633 sshd\[8755\]: Invalid user hadoop from 139.199.108.83 port 36236
Aug 29 22:09:42 ns382633 sshd\[8755\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.108.83
Aug 29 22:09:44 ns382633 sshd\[8755\]: Failed password for invalid user hadoop from 139.199.108.83 port 36236 ssh2
Aug 29 22:21:27 ns382633 sshd\[10909\]: Invalid user eddie from 139.199.108.83 port 33008
Aug 29 22:21:27 ns382633 sshd\[10909\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.108.83
2020-08-30 08:07:22
139.199.108.83 attackbots
Jul 14 03:53:33 ip-172-31-61-156 sshd[18256]: Failed password for invalid user timo from 139.199.108.83 port 44162 ssh2
Jul 14 03:53:30 ip-172-31-61-156 sshd[18256]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.108.83
Jul 14 03:53:30 ip-172-31-61-156 sshd[18256]: Invalid user timo from 139.199.108.83
Jul 14 03:53:33 ip-172-31-61-156 sshd[18256]: Failed password for invalid user timo from 139.199.108.83 port 44162 ssh2
Jul 14 03:56:09 ip-172-31-61-156 sshd[18444]: Invalid user yg from 139.199.108.83
...
2020-07-14 12:22:34
139.199.108.83 attackbotsspam
Jun 24 08:50:47 vps sshd[3851]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.108.83 
Jun 24 08:50:49 vps sshd[3851]: Failed password for invalid user yar from 139.199.108.83 port 37722 ssh2
Jun 24 08:56:16 vps sshd[4118]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.108.83 
...
2020-06-24 16:25:03
139.199.108.83 attack
Invalid user mariadb from 139.199.108.83 port 34400
2020-06-18 01:58:04
139.199.108.83 attack
Jun 14 22:01:04 ns382633 sshd\[8007\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.108.83  user=root
Jun 14 22:01:07 ns382633 sshd\[8007\]: Failed password for root from 139.199.108.83 port 37604 ssh2
Jun 14 22:07:53 ns382633 sshd\[9029\]: Invalid user nodeproxy from 139.199.108.83 port 49828
Jun 14 22:07:53 ns382633 sshd\[9029\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.108.83
Jun 14 22:07:55 ns382633 sshd\[9029\]: Failed password for invalid user nodeproxy from 139.199.108.83 port 49828 ssh2
2020-06-15 05:25:13
139.199.108.83 attackspambots
Jun 10 06:34:39 vps687878 sshd\[31312\]: Failed password for invalid user danar from 139.199.108.83 port 42298 ssh2
Jun 10 06:39:06 vps687878 sshd\[31761\]: Invalid user xjd from 139.199.108.83 port 36970
Jun 10 06:39:06 vps687878 sshd\[31761\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.108.83
Jun 10 06:39:08 vps687878 sshd\[31761\]: Failed password for invalid user xjd from 139.199.108.83 port 36970 ssh2
Jun 10 06:43:43 vps687878 sshd\[32304\]: Invalid user ftpuser from 139.199.108.83 port 59876
Jun 10 06:43:43 vps687878 sshd\[32304\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.108.83
...
2020-06-10 16:46:32
139.199.108.83 attack
" "
2020-06-04 22:19:48
139.199.108.83 attackspam
May 26 01:23:29 nas sshd[24155]: Failed password for root from 139.199.108.83 port 46390 ssh2
May 26 01:33:13 nas sshd[24485]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.108.83 
May 26 01:33:15 nas sshd[24485]: Failed password for invalid user hargreaves from 139.199.108.83 port 59174 ssh2
...
2020-05-26 09:48:13
139.199.108.83 attackspambots
May 24 15:15:24 inter-technics sshd[16003]: Invalid user jtrejo from 139.199.108.83 port 36546
May 24 15:15:24 inter-technics sshd[16003]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.108.83
May 24 15:15:24 inter-technics sshd[16003]: Invalid user jtrejo from 139.199.108.83 port 36546
May 24 15:15:25 inter-technics sshd[16003]: Failed password for invalid user jtrejo from 139.199.108.83 port 36546 ssh2
May 24 15:20:23 inter-technics sshd[16257]: Invalid user admin from 139.199.108.83 port 59552
...
2020-05-24 22:16:06
139.199.108.83 attack
W 5701,/var/log/auth.log,-,-
2020-05-23 07:26:36
139.199.108.83 attack
21 attempts against mh-ssh on cloud
2020-05-03 14:50:05
139.199.108.70 attack
Oct 12 12:11:52 vps691689 sshd[8879]: Failed password for root from 139.199.108.70 port 47544 ssh2
Oct 12 12:16:42 vps691689 sshd[8955]: Failed password for root from 139.199.108.70 port 56652 ssh2
...
2019-10-12 18:21:24
139.199.108.70 attackbots
Sep 26 23:51:29 friendsofhawaii sshd\[11063\]: Invalid user wv from 139.199.108.70
Sep 26 23:51:30 friendsofhawaii sshd\[11063\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.108.70
Sep 26 23:51:32 friendsofhawaii sshd\[11063\]: Failed password for invalid user wv from 139.199.108.70 port 36502 ssh2
Sep 26 23:55:40 friendsofhawaii sshd\[11392\]: Invalid user tpuser from 139.199.108.70
Sep 26 23:55:40 friendsofhawaii sshd\[11392\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.108.70
2019-09-27 20:06:01
139.199.108.70 attackspambots
Sep  9 01:59:09 php1 sshd\[3901\]: Invalid user ubuntu from 139.199.108.70
Sep  9 01:59:09 php1 sshd\[3901\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.108.70
Sep  9 01:59:11 php1 sshd\[3901\]: Failed password for invalid user ubuntu from 139.199.108.70 port 56700 ssh2
Sep  9 02:04:49 php1 sshd\[4630\]: Invalid user demo from 139.199.108.70
Sep  9 02:04:49 php1 sshd\[4630\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.108.70
2019-09-09 21:52:22
139.199.108.70 attackspambots
Aug 22 02:39:49 lcdev sshd\[13633\]: Invalid user mathilde from 139.199.108.70
Aug 22 02:39:49 lcdev sshd\[13633\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.108.70
Aug 22 02:39:51 lcdev sshd\[13633\]: Failed password for invalid user mathilde from 139.199.108.70 port 43114 ssh2
Aug 22 02:44:44 lcdev sshd\[14084\]: Invalid user kumari from 139.199.108.70
Aug 22 02:44:44 lcdev sshd\[14084\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.108.70
2019-08-22 23:23:30
WHOIS信息:
b
DIG信息:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.199.108.74
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 25500
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.199.108.74.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019090402 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Sep 05 12:14:01 CST 2019
;; MSG SIZE  rcvd: 118
HOST信息:
Host 74.108.199.139.in-addr.arpa. not found: 3(NXDOMAIN)
NSLOOKUP信息:
Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 74.108.199.139.in-addr.arpa: NXDOMAIN
相关IP信息:
最新评论:
IP 类型 评论内容 时间
78.149.212.35 attack
Automatic report - Port Scan Attack
2020-01-20 22:41:17
222.186.42.4 attack
Jan 20 15:14:47 herz-der-gamer sshd[23216]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.4  user=root
Jan 20 15:14:50 herz-der-gamer sshd[23216]: Failed password for root from 222.186.42.4 port 49292 ssh2
...
2020-01-20 22:20:55
218.92.0.171 attack
Jan 20 15:43:32 dedicated sshd[5762]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.171  user=root
Jan 20 15:43:34 dedicated sshd[5762]: Failed password for root from 218.92.0.171 port 43669 ssh2
2020-01-20 22:46:21
106.52.19.218 attackspambots
Failed password for invalid user jean from 106.52.19.218 port 41716 ssh2
Invalid user air from 106.52.19.218 port 60072
pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.19.218
Failed password for invalid user air from 106.52.19.218 port 60072 ssh2
pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.19.218  user=root
2020-01-20 22:21:24
174.255.132.202 attack
I suspect this IP address is being used by my ex and associates.,aka fellow convicts, it is with Verizon which seems to be the carrier always used.
it was inconclusive on location, is that something you can assist with? 
Sincerely
Jeanie Smith 
8175834552
2020-01-20 22:47:51
123.160.246.55 attackbots
pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.160.246.55
Failed password for invalid user testuser from 123.160.246.55 port 37316 ssh2
pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.160.246.55  user=root
Failed password for root from 123.160.246.55 port 36010 ssh2
pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.160.246.55  user=root
2020-01-20 22:33:19
2.228.253.188 attackspambots
Unauthorised access (Jan 20) SRC=2.228.253.188 LEN=52 TTL=115 ID=20031 DF TCP DPT=445 WINDOW=8192 SYN
2020-01-20 22:39:01
179.93.149.17 attack
Jan 20 14:06:51  sshd\[27480\]: User root from 179.93.149.17 not allowed because not listed in AllowUsersJan 20 14:06:53  sshd\[27480\]: Failed password for invalid user root from 179.93.149.17 port 46324 ssh2
...
2020-01-20 22:24:17
223.15.206.166 attackspam
Unauthorized connection attempt detected from IP address 223.15.206.166 to port 23 [J]
2020-01-20 22:48:58
174.255.132.202 attack
I suspect this IP address is being used by my ex and associates.,aka fellow convicts, it is with Verizon which seems to be the carrier always used.
it was inconclusive on location, is that something you can assist with? 
Sincerely
Jeanie Smith 
8175834552
2020-01-20 22:49:13
5.132.115.161 attackspam
Jan 20 15:03:13 vps691689 sshd[9319]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.132.115.161
Jan 20 15:03:14 vps691689 sshd[9319]: Failed password for invalid user server from 5.132.115.161 port 60036 ssh2
Jan 20 15:06:03 vps691689 sshd[9430]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.132.115.161
...
2020-01-20 22:20:26
51.255.109.175 attack
01/20/2020-08:06:07.778082 51.255.109.175 Protocol: 17 GPL RPC xdmcp info query
2020-01-20 22:47:57
107.173.255.202 attack
Jan 18 17:17:53 vtv3 sshd[12956]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.173.255.202 
Jan 18 17:17:55 vtv3 sshd[12956]: Failed password for invalid user sysadmin from 107.173.255.202 port 40074 ssh2
Jan 18 17:28:17 vtv3 sshd[17956]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.173.255.202 
Jan 18 17:28:19 vtv3 sshd[17956]: Failed password for invalid user eddy from 107.173.255.202 port 42786 ssh2
Jan 18 17:31:42 vtv3 sshd[19827]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.173.255.202 
Jan 20 13:51:00 vtv3 sshd[4110]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.173.255.202 
Jan 20 13:51:02 vtv3 sshd[4110]: Failed password for invalid user git from 107.173.255.202 port 48858 ssh2
Jan 20 13:55:55 vtv3 sshd[6641]: Failed password for root from 107.173.255.202 port 52034 ssh2
Jan 20 14:06:43 vtv3 sshd[11954]: pam_unix(ss
2020-01-20 22:07:45
193.188.22.98 attackbotsspam
Unauthorized connection attempt detected from IP address 193.188.22.98 to port 3389 [J]
2020-01-20 22:16:38
93.188.204.42 attack
Jan 20 12:34:56 mailrelay sshd[31049]: Invalid user fieke from 93.188.204.42 port 60131
Jan 20 12:34:56 mailrelay sshd[31049]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.188.204.42
Jan 20 12:34:59 mailrelay sshd[31049]: Failed password for invalid user fieke from 93.188.204.42 port 60131 ssh2
Jan 20 12:34:59 mailrelay sshd[31049]: Received disconnect from 93.188.204.42 port 60131:11: Bye Bye [preauth]
Jan 20 12:34:59 mailrelay sshd[31049]: Disconnected from 93.188.204.42 port 60131 [preauth]
Jan 20 13:10:40 mailrelay sshd[31369]: Connection closed by 93.188.204.42 port 48792 [preauth]
Jan 20 13:21:26 mailrelay sshd[31444]: Connection closed by 93.188.204.42 port 45828 [preauth]
Jan 20 13:32:08 mailrelay sshd[31527]: Connection closed by 93.188.204.42 port 42575 [preauth]
Jan 20 13:43:08 mailrelay sshd[31604]: Invalid user oper01 from 93.188.204.42 port 38997
Jan 20 13:43:08 mailrelay sshd[31604]: pam_unix(sshd:auth): authe........
-------------------------------
2020-01-20 22:36:14

最近上报的IP列表

255.204.98.172 24.76.166.16 151.53.104.157 47.91.187.133
159.229.105.207 92.57.35.56 3.247.101.161 196.49.249.252
165.227.92.60 78.200.188.186 187.176.190.225 217.22.170.3
3.1.124.239 204.59.58.203 18.84.54.16 189.186.139.189
130.150.204.98 43.101.229.94 192.227.252.30 60.223.255.14