139.199.108.74

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Sep 5 06:02:53 markkoudstaal sshd[12209]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.108.74 Sep 5 06:02:55 markkoudstaal sshd[12209]: Failed password for invalid user deploy from 139.199.108.74 port 56202 ssh2 Sep 5 06:07:17 markkoudstaal sshd[12570]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.108.74	2019-09-05 12:14:09

类型

评论内容

时间

attack

Sep  5 06:02:53 markkoudstaal sshd[12209]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.108.74
Sep  5 06:02:55 markkoudstaal sshd[12209]: Failed password for invalid user deploy from 139.199.108.74 port 56202 ssh2
Sep  5 06:07:17 markkoudstaal sshd[12570]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.108.74

2019-09-05 12:14:09

相同子网IP讨论:

IP	类型	评论内容	时间
139.199.108.83	attackspam	Aug 29 22:09:42 ns382633 sshd\[8755\]: Invalid user hadoop from 139.199.108.83 port 36236 Aug 29 22:09:42 ns382633 sshd\[8755\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.108.83 Aug 29 22:09:44 ns382633 sshd\[8755\]: Failed password for invalid user hadoop from 139.199.108.83 port 36236 ssh2 Aug 29 22:21:27 ns382633 sshd\[10909\]: Invalid user eddie from 139.199.108.83 port 33008 Aug 29 22:21:27 ns382633 sshd\[10909\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.108.83	2020-08-30 08:07:22
139.199.108.83	attackbots	Jul 14 03:53:33 ip-172-31-61-156 sshd[18256]: Failed password for invalid user timo from 139.199.108.83 port 44162 ssh2 Jul 14 03:53:30 ip-172-31-61-156 sshd[18256]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.108.83 Jul 14 03:53:30 ip-172-31-61-156 sshd[18256]: Invalid user timo from 139.199.108.83 Jul 14 03:53:33 ip-172-31-61-156 sshd[18256]: Failed password for invalid user timo from 139.199.108.83 port 44162 ssh2 Jul 14 03:56:09 ip-172-31-61-156 sshd[18444]: Invalid user yg from 139.199.108.83 ...	2020-07-14 12:22:34
139.199.108.83	attackbotsspam	Jun 24 08:50:47 vps sshd[3851]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.108.83 Jun 24 08:50:49 vps sshd[3851]: Failed password for invalid user yar from 139.199.108.83 port 37722 ssh2 Jun 24 08:56:16 vps sshd[4118]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.108.83 ...	2020-06-24 16:25:03
139.199.108.83	attack	Invalid user mariadb from 139.199.108.83 port 34400	2020-06-18 01:58:04
139.199.108.83	attack	Jun 14 22:01:04 ns382633 sshd\[8007\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.108.83 user=root Jun 14 22:01:07 ns382633 sshd\[8007\]: Failed password for root from 139.199.108.83 port 37604 ssh2 Jun 14 22:07:53 ns382633 sshd\[9029\]: Invalid user nodeproxy from 139.199.108.83 port 49828 Jun 14 22:07:53 ns382633 sshd\[9029\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.108.83 Jun 14 22:07:55 ns382633 sshd\[9029\]: Failed password for invalid user nodeproxy from 139.199.108.83 port 49828 ssh2	2020-06-15 05:25:13
139.199.108.83	attackspambots	Jun 10 06:34:39 vps687878 sshd\[31312\]: Failed password for invalid user danar from 139.199.108.83 port 42298 ssh2 Jun 10 06:39:06 vps687878 sshd\[31761\]: Invalid user xjd from 139.199.108.83 port 36970 Jun 10 06:39:06 vps687878 sshd\[31761\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.108.83 Jun 10 06:39:08 vps687878 sshd\[31761\]: Failed password for invalid user xjd from 139.199.108.83 port 36970 ssh2 Jun 10 06:43:43 vps687878 sshd\[32304\]: Invalid user ftpuser from 139.199.108.83 port 59876 Jun 10 06:43:43 vps687878 sshd\[32304\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.108.83 ...	2020-06-10 16:46:32
139.199.108.83	attack	" "	2020-06-04 22:19:48
139.199.108.83	attackspam	May 26 01:23:29 nas sshd[24155]: Failed password for root from 139.199.108.83 port 46390 ssh2 May 26 01:33:13 nas sshd[24485]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.108.83 May 26 01:33:15 nas sshd[24485]: Failed password for invalid user hargreaves from 139.199.108.83 port 59174 ssh2 ...	2020-05-26 09:48:13
139.199.108.83	attackspambots	May 24 15:15:24 inter-technics sshd[16003]: Invalid user jtrejo from 139.199.108.83 port 36546 May 24 15:15:24 inter-technics sshd[16003]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.108.83 May 24 15:15:24 inter-technics sshd[16003]: Invalid user jtrejo from 139.199.108.83 port 36546 May 24 15:15:25 inter-technics sshd[16003]: Failed password for invalid user jtrejo from 139.199.108.83 port 36546 ssh2 May 24 15:20:23 inter-technics sshd[16257]: Invalid user admin from 139.199.108.83 port 59552 ...	2020-05-24 22:16:06
139.199.108.83	attack	W 5701,/var/log/auth.log,-,-	2020-05-23 07:26:36
139.199.108.83	attack	21 attempts against mh-ssh on cloud	2020-05-03 14:50:05
139.199.108.70	attack	Oct 12 12:11:52 vps691689 sshd[8879]: Failed password for root from 139.199.108.70 port 47544 ssh2 Oct 12 12:16:42 vps691689 sshd[8955]: Failed password for root from 139.199.108.70 port 56652 ssh2 ...	2019-10-12 18:21:24
139.199.108.70	attackbots	Sep 26 23:51:29 friendsofhawaii sshd\[11063\]: Invalid user wv from 139.199.108.70 Sep 26 23:51:30 friendsofhawaii sshd\[11063\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.108.70 Sep 26 23:51:32 friendsofhawaii sshd\[11063\]: Failed password for invalid user wv from 139.199.108.70 port 36502 ssh2 Sep 26 23:55:40 friendsofhawaii sshd\[11392\]: Invalid user tpuser from 139.199.108.70 Sep 26 23:55:40 friendsofhawaii sshd\[11392\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.108.70	2019-09-27 20:06:01
139.199.108.70	attackspambots	Sep 9 01:59:09 php1 sshd\[3901\]: Invalid user ubuntu from 139.199.108.70 Sep 9 01:59:09 php1 sshd\[3901\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.108.70 Sep 9 01:59:11 php1 sshd\[3901\]: Failed password for invalid user ubuntu from 139.199.108.70 port 56700 ssh2 Sep 9 02:04:49 php1 sshd\[4630\]: Invalid user demo from 139.199.108.70 Sep 9 02:04:49 php1 sshd\[4630\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.108.70	2019-09-09 21:52:22
139.199.108.70	attackspambots	Aug 22 02:39:49 lcdev sshd\[13633\]: Invalid user mathilde from 139.199.108.70 Aug 22 02:39:49 lcdev sshd\[13633\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.108.70 Aug 22 02:39:51 lcdev sshd\[13633\]: Failed password for invalid user mathilde from 139.199.108.70 port 43114 ssh2 Aug 22 02:44:44 lcdev sshd\[14084\]: Invalid user kumari from 139.199.108.70 Aug 22 02:44:44 lcdev sshd\[14084\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.108.70	2019-08-22 23:23:30

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.199.108.74
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 25500
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.199.108.74.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019090402 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Sep 05 12:14:01 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 74.108.199.139.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 74.108.199.139.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
112.85.42.195	attackspambots	Sep 24 03:05:42 onepixel sshd[2174800]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.195 user=root Sep 24 03:05:44 onepixel sshd[2174800]: Failed password for root from 112.85.42.195 port 13864 ssh2 Sep 24 03:05:42 onepixel sshd[2174800]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.195 user=root Sep 24 03:05:44 onepixel sshd[2174800]: Failed password for root from 112.85.42.195 port 13864 ssh2 Sep 24 03:05:48 onepixel sshd[2174800]: Failed password for root from 112.85.42.195 port 13864 ssh2	2020-09-24 17:43:22
190.66.3.92	attack	Bruteforce detected by fail2ban	2020-09-24 17:22:30
185.220.101.13	attackbots	CMS (WordPress or Joomla) login attempt.	2020-09-24 17:39:42
200.46.231.146	attack	Unauthorized connection attempt from IP address 200.46.231.146 on Port 445(SMB)	2020-09-24 17:46:03
148.72.209.9	attackspambots	148.72.209.9 - - [24/Sep/2020:09:44:59 +0100] "POST /wp-login.php HTTP/1.1" 200 2191 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 148.72.209.9 - - [24/Sep/2020:09:45:02 +0100] "POST /wp-login.php HTTP/1.1" 200 2173 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 148.72.209.9 - - [24/Sep/2020:09:45:03 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-24 17:26:03
178.128.210.138	attackbotsspam	$f2bV_matches	2020-09-24 17:42:51
103.48.192.48	attack	Auto Fail2Ban report, multiple SSH login attempts.	2020-09-24 17:18:19
160.153.154.4	attackbotsspam	Automatic report - Banned IP Access	2020-09-24 17:10:05
150.136.208.168	attackspambots	2020-09-24 01:28:16.090397-0500 localhost sshd[69354]: Failed password for invalid user d from 150.136.208.168 port 46464 ssh2	2020-09-24 17:06:38
119.45.236.83	attack	119.45.236.83 - - \[23/Sep/2020:20:02:17 +0200\] "POST /xmlrpc.php HTTP/1.0" 200 738 "-" "Apache-HttpClient/4.5.2 $Java/1.8.0_161$" 119.45.236.83 - - \[23/Sep/2020:20:02:17 +0200\] "POST /xmlrpc.php HTTP/1.0" 200 738 "-" "Apache-HttpClient/4.5.2 $Java/1.8.0_161$" 119.45.236.83 - - \[23/Sep/2020:20:02:18 +0200\] "POST /xmlrpc.php HTTP/1.0" 200 738 "-" "Apache-HttpClient/4.5.2 $Java/1.8.0_161$"	2020-09-24 17:13:42
42.3.120.202	attackspam	Automatic report - Banned IP Access	2020-09-24 17:11:05
122.176.122.118	attackspambots	Unauthorized connection attempt from IP address 122.176.122.118 on Port 445(SMB)	2020-09-24 17:09:17
183.230.248.81	attackbotsspam	Connection to SSH Honeypot - Detected by HoneypotDB	2020-09-24 17:40:15
180.67.72.138	attackspambots	Sep 23 19:13:24 ssh2 sshd[72427]: Invalid user netman from 180.67.72.138 port 55204 Sep 23 19:13:25 ssh2 sshd[72427]: Failed password for invalid user netman from 180.67.72.138 port 55204 ssh2 Sep 23 19:13:25 ssh2 sshd[72427]: Connection closed by invalid user netman 180.67.72.138 port 55204 [preauth] ...	2020-09-24 17:06:09
51.158.189.0	attackspam	Sep 24 09:22:18 ns308116 sshd[9563]: Invalid user nexus from 51.158.189.0 port 34352 Sep 24 09:22:18 ns308116 sshd[9563]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.158.189.0 Sep 24 09:22:20 ns308116 sshd[9563]: Failed password for invalid user nexus from 51.158.189.0 port 34352 ssh2 Sep 24 09:30:23 ns308116 sshd[22755]: Invalid user daniel from 51.158.189.0 port 34632 Sep 24 09:30:23 ns308116 sshd[22755]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.158.189.0 ...	2020-09-24 17:11:59

最近上报的IP列表

255.204.98.172	24.76.166.16	151.53.104.157	47.91.187.133
159.229.105.207	92.57.35.56	3.247.101.161	196.49.249.252
165.227.92.60	78.200.188.186	187.176.190.225	217.22.170.3
3.1.124.239	204.59.58.203	18.84.54.16	189.186.139.189
130.150.204.98	43.101.229.94	192.227.252.30	60.223.255.14