139.199.112.85

基本信息:

城市(city): Beijing

省份(region): Beijing

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): Shenzhen Tencent Computer Systems Company Limited

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	2020-02-26T02:58:39.452830shield sshd\[17911\]: Invalid user magda from 139.199.112.85 port 47870 2020-02-26T02:58:39.457308shield sshd\[17911\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.112.85 2020-02-26T02:58:40.685184shield sshd\[17911\]: Failed password for invalid user magda from 139.199.112.85 port 47870 ssh2 2020-02-26T03:02:20.107745shield sshd\[18494\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.112.85 user=root 2020-02-26T03:02:22.008133shield sshd\[18494\]: Failed password for root from 139.199.112.85 port 35760 ssh2	2020-02-26 11:04:42
attackspambots	Feb 23 06:45:14 localhost sshd\[10040\]: Invalid user HTTP from 139.199.112.85 port 58878 Feb 23 06:45:14 localhost sshd\[10040\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.112.85 Feb 23 06:45:16 localhost sshd\[10040\]: Failed password for invalid user HTTP from 139.199.112.85 port 58878 ssh2	2020-02-23 13:50:47
attackbots	Feb 18 01:23:50 MK-Soft-VM8 sshd[30053]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.112.85 Feb 18 01:23:52 MK-Soft-VM8 sshd[30053]: Failed password for invalid user monkey from 139.199.112.85 port 34720 ssh2 ...	2020-02-18 09:25:42
attack	Unauthorized connection attempt detected from IP address 139.199.112.85 to port 2220 [J]	2020-01-31 09:32:29
attack	Unauthorized connection attempt detected from IP address 139.199.112.85 to port 2220 [J]	2020-01-23 14:19:57
attackbots	Unauthorized connection attempt detected from IP address 139.199.112.85 to port 2220 [J]	2020-01-19 01:02:36
attack	Invalid user suratinah from 139.199.112.85 port 59786	2020-01-01 07:30:32
attackspambots	Dec 30 21:32:32 web9 sshd\[6551\]: Invalid user ts3srv from 139.199.112.85 Dec 30 21:32:32 web9 sshd\[6551\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.112.85 Dec 30 21:32:34 web9 sshd\[6551\]: Failed password for invalid user ts3srv from 139.199.112.85 port 37822 ssh2 Dec 30 21:33:59 web9 sshd\[6744\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.112.85 user=root Dec 30 21:34:02 web9 sshd\[6744\]: Failed password for root from 139.199.112.85 port 46974 ssh2	2019-12-31 15:42:21
attackspam	Aug 25 10:19:03 pornomens sshd\[32285\]: Invalid user server from 139.199.112.85 port 47538 Aug 25 10:19:03 pornomens sshd\[32285\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.112.85 Aug 25 10:19:05 pornomens sshd\[32285\]: Failed password for invalid user server from 139.199.112.85 port 47538 ssh2 ...	2019-08-25 18:50:09
attackspambots	Aug 19 21:30:21 SilenceServices sshd[7589]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.112.85 Aug 19 21:30:23 SilenceServices sshd[7589]: Failed password for invalid user tiny from 139.199.112.85 port 56990 ssh2 Aug 19 21:33:07 SilenceServices sshd[9233]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.112.85	2019-08-20 07:05:47
attackbots	Jul 14 09:17:18 OPSO sshd\[19458\]: Invalid user tomcat1 from 139.199.112.85 port 42258 Jul 14 09:17:18 OPSO sshd\[19458\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.112.85 Jul 14 09:17:20 OPSO sshd\[19458\]: Failed password for invalid user tomcat1 from 139.199.112.85 port 42258 ssh2 Jul 14 09:21:22 OPSO sshd\[19955\]: Invalid user james from 139.199.112.85 port 49558 Jul 14 09:21:22 OPSO sshd\[19955\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.112.85	2019-07-14 15:24:32
attackbotsspam	Jul 12 11:47:10 icinga sshd[1206]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.112.85 Jul 12 11:47:12 icinga sshd[1206]: Failed password for invalid user hp from 139.199.112.85 port 41806 ssh2 ...	2019-07-12 18:20:11
attackspambots	Jun 25 13:16:03 srv-4 sshd\[14903\]: Invalid user sysadmin from 139.199.112.85 Jun 25 13:16:03 srv-4 sshd\[14903\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.112.85 Jun 25 13:16:06 srv-4 sshd\[14903\]: Failed password for invalid user sysadmin from 139.199.112.85 port 41054 ssh2 ...	2019-06-25 18:27:02

相同子网IP讨论:

IP	类型	评论内容	时间
139.199.112.48	attackspambots	Jul 9 19:18:15 localhost kernel: [13958488.835801] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=139.199.112.48 DST=[mungedIP2] LEN=60 TOS=0x08 PREC=0x00 TTL=42 ID=62521 DF PROTO=TCP SPT=42994 DPT=6379 WINDOW=29200 RES=0x00 SYN URGP=0 Jul 9 19:18:15 localhost kernel: [13958488.835834] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=139.199.112.48 DST=[mungedIP2] LEN=60 TOS=0x08 PREC=0x00 TTL=42 ID=62521 DF PROTO=TCP SPT=42994 DPT=6379 SEQ=1296604 ACK=0 WINDOW=29200 RES=0x00 SYN URGP=0 OPT (020405900402080A03BD3CE50000000001030307) Jul 9 19:18:15 localhost kernel: [13958489.075846] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=139.199.112.48 DST=[mungedIP2] LEN=60 TOS=0x00 PREC=0x00 TTL=42 ID=918 DF PROTO=TCP SPT=34260 DPT=7002 WINDOW=29200 RES=0x00 SYN URGP=0 Jul 9 19:18:15 localhost kernel: [13958489.075871] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08	2019-07-10 15:16:10

类型

评论内容

时间

139.199.112.48

attackspambots

Jul  9 19:18:15 localhost kernel: [13958488.835801] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=139.199.112.48 DST=[mungedIP2] LEN=60 TOS=0x08 PREC=0x00 TTL=42 ID=62521 DF PROTO=TCP SPT=42994 DPT=6379 WINDOW=29200 RES=0x00 SYN URGP=0 
Jul  9 19:18:15 localhost kernel: [13958488.835834] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=139.199.112.48 DST=[mungedIP2] LEN=60 TOS=0x08 PREC=0x00 TTL=42 ID=62521 DF PROTO=TCP SPT=42994 DPT=6379 SEQ=1296604 ACK=0 WINDOW=29200 RES=0x00 SYN URGP=0 OPT (020405900402080A03BD3CE50000000001030307) 
Jul  9 19:18:15 localhost kernel: [13958489.075846] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=139.199.112.48 DST=[mungedIP2] LEN=60 TOS=0x00 PREC=0x00 TTL=42 ID=918 DF PROTO=TCP SPT=34260 DPT=7002 WINDOW=29200 RES=0x00 SYN URGP=0 
Jul  9 19:18:15 localhost kernel: [13958489.075871] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08

2019-07-10 15:16:10

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.199.112.85
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 17135
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.199.112.85.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019032900 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Fri Mar 29 19:46:31 +08 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 85.112.199.139.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 85.112.199.139.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
59.120.197.109	attack	20/6/13@08:27:00: FAIL: Alarm-Network address from=59.120.197.109 20/6/13@08:27:00: FAIL: Alarm-Network address from=59.120.197.109 ...	2020-06-13 22:16:19
51.77.111.30	attackbots	Jun 13 16:15:53 nextcloud sshd\[27042\]: Invalid user mia from 51.77.111.30 Jun 13 16:15:53 nextcloud sshd\[27042\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.111.30 Jun 13 16:15:55 nextcloud sshd\[27042\]: Failed password for invalid user mia from 51.77.111.30 port 43910 ssh2	2020-06-13 22:55:57
193.122.172.254	attackbotsspam	Jun 13 14:38:01 ip-172-31-61-156 sshd[20719]: Failed password for invalid user nxautomation from 193.122.172.254 port 40242 ssh2 Jun 13 14:37:59 ip-172-31-61-156 sshd[20719]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.122.172.254 Jun 13 14:37:59 ip-172-31-61-156 sshd[20719]: Invalid user nxautomation from 193.122.172.254 Jun 13 14:38:01 ip-172-31-61-156 sshd[20719]: Failed password for invalid user nxautomation from 193.122.172.254 port 40242 ssh2 Jun 13 14:42:16 ip-172-31-61-156 sshd[21181]: Invalid user admin from 193.122.172.254 ...	2020-06-13 22:59:08
185.200.118.86	attackbots	ET DROP Dshield Block Listed Source group 1 - port: 1723 proto: TCP cat: Misc Attack	2020-06-13 22:35:31
174.138.20.105	attack	Jun 11 08:55:16 lvpxxxxxxx88-92-201-20 sshd[16208]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.20.105 user=r.r Jun 11 08:55:18 lvpxxxxxxx88-92-201-20 sshd[16208]: Failed password for r.r from 174.138.20.105 port 40800 ssh2 Jun 11 08:55:18 lvpxxxxxxx88-92-201-20 sshd[16208]: Received disconnect from 174.138.20.105: 11: Bye Bye [preauth] Jun 11 09:01:51 lvpxxxxxxx88-92-201-20 sshd[16451]: Failed password for invalid user price from 174.138.20.105 port 44752 ssh2 Jun 11 09:01:52 lvpxxxxxxx88-92-201-20 sshd[16451]: Received disconnect from 174.138.20.105: 11: Bye Bye [preauth] Jun 11 09:05:16 lvpxxxxxxx88-92-201-20 sshd[16599]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.20.105 user=r.r Jun 11 09:05:18 lvpxxxxxxx88-92-201-20 sshd[16599]: Failed password for r.r from 174.138.20.105 port 51020 ssh2 Jun 11 09:05:18 lvpxxxxxxx88-92-201-20 sshd[16599]: Received disconnect f........ -------------------------------	2020-06-13 22:31:19
111.229.57.3	attack	Jun 13 12:22:30 powerpi2 sshd[6432]: Failed password for invalid user test from 111.229.57.3 port 56244 ssh2 Jun 13 12:26:51 powerpi2 sshd[6704]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.57.3 user=sshd Jun 13 12:26:54 powerpi2 sshd[6704]: Failed password for sshd from 111.229.57.3 port 39934 ssh2 ...	2020-06-13 22:22:45
222.186.180.147	attack	Jun 13 16:30:12 server sshd[18900]: Failed none for root from 222.186.180.147 port 60014 ssh2 Jun 13 16:30:14 server sshd[18900]: Failed password for root from 222.186.180.147 port 60014 ssh2 Jun 13 16:30:18 server sshd[18900]: Failed password for root from 222.186.180.147 port 60014 ssh2	2020-06-13 22:33:33
177.23.225.169	attack	Icarus honeypot on github	2020-06-13 22:47:43
185.39.10.31	attack	06/13/2020-09:34:00.533978 185.39.10.31 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-06-13 22:20:58
49.235.58.253	attack	2020-06-13T16:24:51.140829lavrinenko.info sshd[8925]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.58.253 user=root 2020-06-13T16:24:52.921163lavrinenko.info sshd[8925]: Failed password for root from 49.235.58.253 port 43032 ssh2 2020-06-13T16:28:00.327445lavrinenko.info sshd[9108]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.58.253 user=root 2020-06-13T16:28:02.388451lavrinenko.info sshd[9108]: Failed password for root from 49.235.58.253 port 50442 ssh2 2020-06-13T16:31:06.982632lavrinenko.info sshd[9253]: Invalid user rawman from 49.235.58.253 port 57750 ...	2020-06-13 22:41:36
91.121.30.96	attack	5x Failed Password	2020-06-13 22:19:27
138.197.179.111	attack	sshd	2020-06-13 22:24:13
5.39.77.117	attack	Jun 13 14:53:40 OPSO sshd\[6596\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.39.77.117 user=admin Jun 13 14:53:41 OPSO sshd\[6596\]: Failed password for admin from 5.39.77.117 port 53248 ssh2 Jun 13 14:59:07 OPSO sshd\[7919\]: Invalid user oracle from 5.39.77.117 port 54749 Jun 13 14:59:07 OPSO sshd\[7919\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.39.77.117 Jun 13 14:59:09 OPSO sshd\[7919\]: Failed password for invalid user oracle from 5.39.77.117 port 54749 ssh2	2020-06-13 22:29:51
68.183.61.57	attackbots	68.183.61.57 - - [13/Jun/2020:14:06:39 +0200] "POST /wp-login.php HTTP/1.1" 200 5391 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 68.183.61.57 - - [13/Jun/2020:14:06:40 +0200] "POST /wp-login.php HTTP/1.1" 200 5388 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 68.183.61.57 - - [13/Jun/2020:14:06:42 +0200] "POST /wp-login.php HTTP/1.1" 200 5361 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 68.183.61.57 - - [13/Jun/2020:14:06:43 +0200] "POST /wp-login.php HTTP/1.1" 200 5360 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 68.183.61.57 - - [13/Jun/2020:14:26:21 +0200] "POST /wp-login.php HTTP/1.1" 200 5380 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-06-13 23:00:11
51.75.122.213	attackspambots	Jun 13 15:37:43 serwer sshd\[15142\]: Invalid user tf2 from 51.75.122.213 port 40608 Jun 13 15:37:43 serwer sshd\[15142\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.122.213 Jun 13 15:37:45 serwer sshd\[15142\]: Failed password for invalid user tf2 from 51.75.122.213 port 40608 ssh2 ...	2020-06-13 22:21:13

最近上报的IP列表

140.143.230.161	119.207.126.86	118.25.46.72	111.161.210.55
106.37.72.212	106.12.159.39	106.12.113.131	106.12.17.97
104.236.81.204	104.131.113.106	103.54.219.108	76.30.213.208
68.96.196.38	67.68.23.111	54.38.159.215	52.224.13.204
51.38.239.50	46.105.117.4	46.101.88.10	46.29.161.31