139.199.113.236

基本信息:

城市(city): Beijing

省份(region): Beijing

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Nov 25 04:32:45 sachi sshd\[21528\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.113.236 user=root Nov 25 04:32:47 sachi sshd\[21528\]: Failed password for root from 139.199.113.236 port 39898 ssh2 Nov 25 04:32:53 sachi sshd\[21546\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.113.236 user=root Nov 25 04:32:55 sachi sshd\[21546\]: Failed password for root from 139.199.113.236 port 40194 ssh2 Nov 25 04:32:57 sachi sshd\[21552\]: Invalid user pi from 139.199.113.236	2019-11-26 04:15:41

类型

评论内容

时间

attackbotsspam

Nov 25 04:32:45 sachi sshd\[21528\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.113.236  user=root
Nov 25 04:32:47 sachi sshd\[21528\]: Failed password for root from 139.199.113.236 port 39898 ssh2
Nov 25 04:32:53 sachi sshd\[21546\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.113.236  user=root
Nov 25 04:32:55 sachi sshd\[21546\]: Failed password for root from 139.199.113.236 port 40194 ssh2
Nov 25 04:32:57 sachi sshd\[21552\]: Invalid user pi from 139.199.113.236

2019-11-26 04:15:41

相同子网IP讨论:

IP	类型	评论内容	时间
139.199.113.140	attackspam	Feb 12 08:26:55 xeon sshd[34309]: Failed password for root from 139.199.113.140 port 52310 ssh2	2020-02-12 19:11:15
139.199.113.140	attackspam	Feb 9 00:05:04 dedicated sshd[18470]: Invalid user ehz from 139.199.113.140 port 45070	2020-02-09 07:07:17
139.199.113.140	attackbotsspam	Feb 4 16:54:17 v22018076622670303 sshd\[20656\]: Invalid user weblogic from 139.199.113.140 port 37650 Feb 4 16:54:17 v22018076622670303 sshd\[20656\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.113.140 Feb 4 16:54:19 v22018076622670303 sshd\[20656\]: Failed password for invalid user weblogic from 139.199.113.140 port 37650 ssh2 ...	2020-02-05 01:02:58
139.199.113.140	attackbotsspam	Invalid user alban from 139.199.113.140 port 48772	2020-01-19 03:16:17
139.199.113.140	attackspam	Unauthorized connection attempt detected from IP address 139.199.113.140 to port 2220 [J]	2020-01-17 04:09:07
139.199.113.140	attackspambots	Jan 14 00:41:51 dedicated sshd[5361]: Invalid user buero from 139.199.113.140 port 41044	2020-01-14 07:59:47
139.199.113.2	attackbots	$f2bV_matches	2020-01-12 00:20:35
139.199.113.140	attackspambots	Dec 27 02:01:40 server sshd\[9494\]: Invalid user sonoyama from 139.199.113.140 Dec 27 02:01:40 server sshd\[9494\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.113.140 Dec 27 02:01:41 server sshd\[9494\]: Failed password for invalid user sonoyama from 139.199.113.140 port 44750 ssh2 Dec 27 02:19:32 server sshd\[12790\]: Invalid user admin from 139.199.113.140 Dec 27 02:19:32 server sshd\[12790\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.113.140 ...	2019-12-27 07:57:34
139.199.113.140	attack	Invalid user asterisk from 139.199.113.140 port 59708	2019-12-24 21:37:54
139.199.113.140	attack	2019-12-18T07:30:19.480353centos sshd\[8732\]: Invalid user gnuhealth from 139.199.113.140 port 48482 2019-12-18T07:30:19.487851centos sshd\[8732\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.113.140 2019-12-18T07:30:21.139555centos sshd\[8732\]: Failed password for invalid user gnuhealth from 139.199.113.140 port 48482 ssh2	2019-12-18 14:57:22
139.199.113.140	attackspambots	Dec 15 08:53:48 cp sshd[13927]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.113.140	2019-12-15 16:44:43
139.199.113.140	attackbotsspam	Dec 4 09:13:31 [host] sshd[25665]: Invalid user cowlishaw from 139.199.113.140 Dec 4 09:13:31 [host] sshd[25665]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.113.140 Dec 4 09:13:33 [host] sshd[25665]: Failed password for invalid user cowlishaw from 139.199.113.140 port 59044 ssh2	2019-12-04 16:36:35
139.199.113.140	attackspam	Nov 30 00:39:44 kapalua sshd\[22436\]: Invalid user test from 139.199.113.140 Nov 30 00:39:44 kapalua sshd\[22436\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.113.140 Nov 30 00:39:46 kapalua sshd\[22436\]: Failed password for invalid user test from 139.199.113.140 port 59022 ssh2 Nov 30 00:47:13 kapalua sshd\[22916\]: Invalid user yoyo from 139.199.113.140 Nov 30 00:47:13 kapalua sshd\[22916\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.113.140	2019-11-30 18:59:25
139.199.113.2	attackspambots	Nov 27 14:50:02 legacy sshd[22145]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.113.2 Nov 27 14:50:04 legacy sshd[22145]: Failed password for invalid user mazenc from 139.199.113.2 port 49862 ssh2 Nov 27 14:58:51 legacy sshd[22467]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.113.2 ...	2019-11-27 22:04:13
139.199.113.140	attack	SSH Bruteforce attempt	2019-11-24 05:52:59

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.199.113.236
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 4204
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.199.113.236.		IN	A

;; AUTHORITY SECTION:
.			142	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019112501 1800 900 604800 86400

;; Query time: 118 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Nov 26 04:15:38 CST 2019
;; MSG SIZE  rcvd: 119

HOST信息:

Host 236.113.199.139.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 236.113.199.139.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
103.52.52.23	attack	Sep 9 06:55:57 legacy sshd[28312]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.52.52.23 Sep 9 06:55:59 legacy sshd[28312]: Failed password for invalid user csgoserver from 103.52.52.23 port 40084 ssh2 Sep 9 07:01:10 legacy sshd[28436]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.52.52.23 ...	2019-09-09 13:10:35
112.87.157.209	attackbotsspam	2019-09-09T11:41:24.250974enmeeting.mahidol.ac.th sshd\[10039\]: User root from 112.87.157.209 not allowed because not listed in AllowUsers 2019-09-09T11:41:24.377748enmeeting.mahidol.ac.th sshd\[10039\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.87.157.209 user=root 2019-09-09T11:41:26.703149enmeeting.mahidol.ac.th sshd\[10039\]: Failed password for invalid user root from 112.87.157.209 port 10230 ssh2 ...	2019-09-09 12:51:34
141.98.9.195	attackbots	Sep 9 06:40:12 relay postfix/smtpd\[13406\]: warning: unknown\[141.98.9.195\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 9 06:40:55 relay postfix/smtpd\[31276\]: warning: unknown\[141.98.9.195\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 9 06:41:03 relay postfix/smtpd\[12165\]: warning: unknown\[141.98.9.195\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 9 06:41:47 relay postfix/smtpd\[16941\]: warning: unknown\[141.98.9.195\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 9 06:41:57 relay postfix/smtpd\[13406\]: warning: unknown\[141.98.9.195\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-09-09 12:53:09
151.226.22.72	attack	Automatic report - Port Scan Attack	2019-09-09 12:40:29
51.68.46.156	attackspam	Sep 9 06:36:04 SilenceServices sshd[6989]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.46.156 Sep 9 06:36:06 SilenceServices sshd[6989]: Failed password for invalid user deploy123 from 51.68.46.156 port 40150 ssh2 Sep 9 06:41:32 SilenceServices sshd[9228]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.46.156	2019-09-09 12:46:22
112.220.85.26	attackspambots	Sep 9 07:06:27 localhost sshd\[10603\]: Invalid user localadmin from 112.220.85.26 port 55964 Sep 9 07:06:27 localhost sshd\[10603\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.220.85.26 Sep 9 07:06:29 localhost sshd\[10603\]: Failed password for invalid user localadmin from 112.220.85.26 port 55964 ssh2	2019-09-09 13:21:41
125.22.98.171	attackbotsspam	Sep 9 06:07:33 vtv3 sshd\[29575\]: Invalid user support from 125.22.98.171 port 39070 Sep 9 06:07:33 vtv3 sshd\[29575\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.22.98.171 Sep 9 06:07:36 vtv3 sshd\[29575\]: Failed password for invalid user support from 125.22.98.171 port 39070 ssh2 Sep 9 06:14:52 vtv3 sshd\[732\]: Invalid user teamspeak3 from 125.22.98.171 port 44908 Sep 9 06:14:52 vtv3 sshd\[732\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.22.98.171 Sep 9 06:29:45 vtv3 sshd\[8782\]: Invalid user ftp from 125.22.98.171 port 56278 Sep 9 06:29:45 vtv3 sshd\[8782\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.22.98.171 Sep 9 06:29:47 vtv3 sshd\[8782\]: Failed password for invalid user ftp from 125.22.98.171 port 56278 ssh2 Sep 9 06:37:08 vtv3 sshd\[12887\]: Invalid user test from 125.22.98.171 port 33790 Sep 9 06:37:08 vtv3 sshd\[12887\]: pam_unix	2019-09-09 13:07:03
2.228.149.174	attackspam	Sep 9 06:18:55 vps01 sshd[20557]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.228.149.174 Sep 9 06:18:57 vps01 sshd[20557]: Failed password for invalid user userftp from 2.228.149.174 port 48844 ssh2	2019-09-09 12:37:32
106.13.121.175	attack	Sep 9 06:51:02 s64-1 sshd[29800]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.121.175 Sep 9 06:51:04 s64-1 sshd[29800]: Failed password for invalid user tom from 106.13.121.175 port 55774 ssh2 Sep 9 06:56:45 s64-1 sshd[30002]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.121.175 ...	2019-09-09 13:11:32
46.166.151.47	attackspambots	\[2019-09-09 00:36:44\] SECURITY\[1849\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-09-09T00:36:44.984-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="01246406820574",SessionID="0x7fd9a88fa448",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/46.166.151.47/57617",ACLName="no_extension_match" \[2019-09-09 00:37:18\] SECURITY\[1849\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-09-09T00:37:18.971-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="01246462607509",SessionID="0x7fd9a88fa448",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/46.166.151.47/54575",ACLName="no_extension_match" \[2019-09-09 00:41:22\] SECURITY\[1849\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-09-09T00:41:22.860-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="01646812410249",SessionID="0x7fd9a84259e8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/46.166.151.47/52007",ACLName="no_extens	2019-09-09 12:55:01
129.213.202.242	attackspambots	Sep 8 18:55:51 sachi sshd\[7962\]: Invalid user postgres from 129.213.202.242 Sep 8 18:55:51 sachi sshd\[7962\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.202.242 Sep 8 18:55:53 sachi sshd\[7962\]: Failed password for invalid user postgres from 129.213.202.242 port 29423 ssh2 Sep 8 19:03:26 sachi sshd\[8596\]: Invalid user admin from 129.213.202.242 Sep 8 19:03:26 sachi sshd\[8596\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.202.242	2019-09-09 13:05:09
106.13.48.157	attackspambots	Sep 9 06:41:27 saschabauer sshd[2067]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.157 Sep 9 06:41:29 saschabauer sshd[2067]: Failed password for invalid user password from 106.13.48.157 port 35490 ssh2	2019-09-09 12:48:32
192.144.253.79	attackbots	$f2bV_matches	2019-09-09 13:09:46
104.131.178.223	attackspambots	Sep 8 18:35:46 tdfoods sshd\[22141\]: Invalid user weblogic from 104.131.178.223 Sep 8 18:35:46 tdfoods sshd\[22141\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.178.223 Sep 8 18:35:49 tdfoods sshd\[22141\]: Failed password for invalid user weblogic from 104.131.178.223 port 60783 ssh2 Sep 8 18:41:27 tdfoods sshd\[22754\]: Invalid user postgres from 104.131.178.223 Sep 8 18:41:27 tdfoods sshd\[22754\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.178.223	2019-09-09 12:46:41
159.65.164.133	attackspambots	Sep 8 18:28:52 tdfoods sshd\[21477\]: Invalid user wp-user from 159.65.164.133 Sep 8 18:28:52 tdfoods sshd\[21477\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=zonlytics.com Sep 8 18:28:53 tdfoods sshd\[21477\]: Failed password for invalid user wp-user from 159.65.164.133 port 50344 ssh2 Sep 8 18:34:28 tdfoods sshd\[21995\]: Invalid user ubuntu from 159.65.164.133 Sep 8 18:34:28 tdfoods sshd\[21995\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=zonlytics.com	2019-09-09 12:39:45

最近上报的IP列表

201.23.72.226	89.11.130.111	63.81.87.211	119.58.132.198
194.41.105.146	188.251.97.81	121.129.202.149	44.215.23.29
194.133.212.161	50.242.136.149	124.66.240.107	126.9.123.180
71.186.229.252	189.130.235.187	220.2.126.4	122.117.67.122
1.191.206.174	62.21.158.182	2.219.220.245	32.233.245.142