139.199.113.236

基本信息:

城市(city): Beijing

省份(region): Beijing

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Nov 25 04:32:45 sachi sshd\[21528\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.113.236 user=root Nov 25 04:32:47 sachi sshd\[21528\]: Failed password for root from 139.199.113.236 port 39898 ssh2 Nov 25 04:32:53 sachi sshd\[21546\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.113.236 user=root Nov 25 04:32:55 sachi sshd\[21546\]: Failed password for root from 139.199.113.236 port 40194 ssh2 Nov 25 04:32:57 sachi sshd\[21552\]: Invalid user pi from 139.199.113.236	2019-11-26 04:15:41

类型

评论内容

时间

attackbotsspam

Nov 25 04:32:45 sachi sshd\[21528\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.113.236  user=root
Nov 25 04:32:47 sachi sshd\[21528\]: Failed password for root from 139.199.113.236 port 39898 ssh2
Nov 25 04:32:53 sachi sshd\[21546\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.113.236  user=root
Nov 25 04:32:55 sachi sshd\[21546\]: Failed password for root from 139.199.113.236 port 40194 ssh2
Nov 25 04:32:57 sachi sshd\[21552\]: Invalid user pi from 139.199.113.236

2019-11-26 04:15:41

相同子网IP讨论:

IP	类型	评论内容	时间
139.199.113.140	attackspam	Feb 12 08:26:55 xeon sshd[34309]: Failed password for root from 139.199.113.140 port 52310 ssh2	2020-02-12 19:11:15
139.199.113.140	attackspam	Feb 9 00:05:04 dedicated sshd[18470]: Invalid user ehz from 139.199.113.140 port 45070	2020-02-09 07:07:17
139.199.113.140	attackbotsspam	Feb 4 16:54:17 v22018076622670303 sshd\[20656\]: Invalid user weblogic from 139.199.113.140 port 37650 Feb 4 16:54:17 v22018076622670303 sshd\[20656\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.113.140 Feb 4 16:54:19 v22018076622670303 sshd\[20656\]: Failed password for invalid user weblogic from 139.199.113.140 port 37650 ssh2 ...	2020-02-05 01:02:58
139.199.113.140	attackbotsspam	Invalid user alban from 139.199.113.140 port 48772	2020-01-19 03:16:17
139.199.113.140	attackspam	Unauthorized connection attempt detected from IP address 139.199.113.140 to port 2220 [J]	2020-01-17 04:09:07
139.199.113.140	attackspambots	Jan 14 00:41:51 dedicated sshd[5361]: Invalid user buero from 139.199.113.140 port 41044	2020-01-14 07:59:47
139.199.113.2	attackbots	$f2bV_matches	2020-01-12 00:20:35
139.199.113.140	attackspambots	Dec 27 02:01:40 server sshd\[9494\]: Invalid user sonoyama from 139.199.113.140 Dec 27 02:01:40 server sshd\[9494\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.113.140 Dec 27 02:01:41 server sshd\[9494\]: Failed password for invalid user sonoyama from 139.199.113.140 port 44750 ssh2 Dec 27 02:19:32 server sshd\[12790\]: Invalid user admin from 139.199.113.140 Dec 27 02:19:32 server sshd\[12790\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.113.140 ...	2019-12-27 07:57:34
139.199.113.140	attack	Invalid user asterisk from 139.199.113.140 port 59708	2019-12-24 21:37:54
139.199.113.140	attack	2019-12-18T07:30:19.480353centos sshd\[8732\]: Invalid user gnuhealth from 139.199.113.140 port 48482 2019-12-18T07:30:19.487851centos sshd\[8732\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.113.140 2019-12-18T07:30:21.139555centos sshd\[8732\]: Failed password for invalid user gnuhealth from 139.199.113.140 port 48482 ssh2	2019-12-18 14:57:22
139.199.113.140	attackspambots	Dec 15 08:53:48 cp sshd[13927]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.113.140	2019-12-15 16:44:43
139.199.113.140	attackbotsspam	Dec 4 09:13:31 [host] sshd[25665]: Invalid user cowlishaw from 139.199.113.140 Dec 4 09:13:31 [host] sshd[25665]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.113.140 Dec 4 09:13:33 [host] sshd[25665]: Failed password for invalid user cowlishaw from 139.199.113.140 port 59044 ssh2	2019-12-04 16:36:35
139.199.113.140	attackspam	Nov 30 00:39:44 kapalua sshd\[22436\]: Invalid user test from 139.199.113.140 Nov 30 00:39:44 kapalua sshd\[22436\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.113.140 Nov 30 00:39:46 kapalua sshd\[22436\]: Failed password for invalid user test from 139.199.113.140 port 59022 ssh2 Nov 30 00:47:13 kapalua sshd\[22916\]: Invalid user yoyo from 139.199.113.140 Nov 30 00:47:13 kapalua sshd\[22916\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.113.140	2019-11-30 18:59:25
139.199.113.2	attackspambots	Nov 27 14:50:02 legacy sshd[22145]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.113.2 Nov 27 14:50:04 legacy sshd[22145]: Failed password for invalid user mazenc from 139.199.113.2 port 49862 ssh2 Nov 27 14:58:51 legacy sshd[22467]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.113.2 ...	2019-11-27 22:04:13
139.199.113.140	attack	SSH Bruteforce attempt	2019-11-24 05:52:59

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.199.113.236
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 4204
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.199.113.236.		IN	A

;; AUTHORITY SECTION:
.			142	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019112501 1800 900 604800 86400

;; Query time: 118 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Nov 26 04:15:38 CST 2019
;; MSG SIZE  rcvd: 119

HOST信息:

Host 236.113.199.139.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 236.113.199.139.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
163.172.54.70	attackbots	163.172.54.70 - - [08/Aug/2019:04:15:34 +0200] "GET /wp-login.php HTTP/1.1" 200 1237 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 163.172.54.70 - - [08/Aug/2019:04:15:34 +0200] "POST /wp-login.php HTTP/1.1" 200 1632 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 163.172.54.70 - - [08/Aug/2019:04:15:34 +0200] "GET /wp-login.php HTTP/1.1" 200 1237 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 163.172.54.70 - - [08/Aug/2019:04:15:34 +0200] "POST /wp-login.php HTTP/1.1" 200 1631 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 163.172.54.70 - - [08/Aug/2019:04:15:34 +0200] "GET /wp-login.php HTTP/1.1" 200 1237 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 163.172.54.70 - - [08/Aug/2019:04:15:34 +0200] "POST /wp-login.php HTTP/1.1" 200 1630 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-08-08 16:58:45
104.248.170.45	attackbots	Aug 8 10:33:44 icinga sshd[8244]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.170.45 Aug 8 10:33:45 icinga sshd[8244]: Failed password for invalid user abc from 104.248.170.45 port 36350 ssh2 ...	2019-08-08 16:40:05
82.64.140.9	attackspam	Triggered by Fail2Ban at Ares web server	2019-08-08 17:07:43
149.210.70.107	attackspambots	Aug 8 03:52:35 h2034429 sshd[8276]: Invalid user admin from 149.210.70.107 Aug 8 03:52:35 h2034429 sshd[8276]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.210.70.107 Aug 8 03:52:37 h2034429 sshd[8276]: Failed password for invalid user admin from 149.210.70.107 port 39327 ssh2 Aug 8 03:52:39 h2034429 sshd[8276]: Failed password for invalid user admin from 149.210.70.107 port 39327 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=149.210.70.107	2019-08-08 17:26:05
120.197.55.161	attackspambots	Aug 8 02:14:45 DDOS Attack: SRC=120.197.55.161 DST=[Masked] LEN=40 TOS=0x08 PREC=0x20 TTL=48 DF PROTO=TCP SPT=41328 DPT=80 WINDOW=0 RES=0x00 RST URGP=0	2019-08-08 17:26:38
180.126.239.229	attackspam	Aug 8 10:11:33 webhost01 sshd[21927]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.126.239.229 Aug 8 10:11:35 webhost01 sshd[21927]: Failed password for invalid user user from 180.126.239.229 port 36014 ssh2 ...	2019-08-08 17:03:21
106.251.169.200	attackbots	Aug 8 06:15:58 server sshd\[5422\]: Invalid user Zmeu from 106.251.169.200 port 53832 Aug 8 06:15:58 server sshd\[5422\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.251.169.200 Aug 8 06:16:00 server sshd\[5422\]: Failed password for invalid user Zmeu from 106.251.169.200 port 53832 ssh2 Aug 8 06:20:46 server sshd\[24131\]: Invalid user 123123 from 106.251.169.200 port 48354 Aug 8 06:20:46 server sshd\[24131\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.251.169.200	2019-08-08 16:53:45
186.52.89.122	attackbots	Aug 8 03:42:57 h2421860 postfix/postscreen[21617]: CONNECT from [186.52.89.122]:44312 to [85.214.119.52]:25 Aug 8 03:42:58 h2421860 postfix/dnsblog[21623]: addr 186.52.89.122 listed by domain ix.dnsbl.xxxxxx.net as 127.0.0.2 Aug 8 03:42:58 h2421860 postfix/dnsblog[21779]: addr 186.52.89.122 listed by domain zen.spamhaus.org as 127.0.0.11 Aug 8 03:42:58 h2421860 postfix/dnsblog[21779]: addr 186.52.89.122 listed by domain zen.spamhaus.org as 127.0.0.4 Aug 8 03:42:58 h2421860 postfix/dnsblog[21623]: addr 186.52.89.122 listed by domain Unknown.trblspam.com as 185.53.179.7 Aug 8 03:42:58 h2421860 postfix/dnsblog[21778]: addr 186.52.89.122 listed by domain dnsbl.sorbs.net as 127.0.0.10 Aug 8 03:42:58 h2421860 postfix/dnsblog[21618]: addr 186.52.89.122 listed by domain b.barracudacentral.org as 127.0.0.2 Aug 8 03:43:03 h2421860 postfix/postscreen[21617]: DNSBL rank 8 for [186.52.89.122]:44312 Aug x@x Aug 8 03:43:04 h2421860 postfix/postscreen[21617]: HANGUP after 1.1 ........ -------------------------------	2019-08-08 17:04:21
106.12.125.27	attackbots	Aug 8 09:44:58 [host] sshd[28317]: Invalid user atlasmaritime from 106.12.125.27 Aug 8 09:44:58 [host] sshd[28317]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.27 Aug 8 09:45:00 [host] sshd[28317]: Failed password for invalid user atlasmaritime from 106.12.125.27 port 44434 ssh2	2019-08-08 16:50:27
81.183.213.222	attackbots	Aug 8 06:14:04 dedicated sshd[9574]: Invalid user web12 from 81.183.213.222 port 15745	2019-08-08 17:23:03
106.12.89.190	attack	Aug 8 09:06:31 MK-Soft-VM7 sshd\[18288\]: Invalid user r00t from 106.12.89.190 port 43742 Aug 8 09:06:31 MK-Soft-VM7 sshd\[18288\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.89.190 Aug 8 09:06:34 MK-Soft-VM7 sshd\[18288\]: Failed password for invalid user r00t from 106.12.89.190 port 43742 ssh2 ...	2019-08-08 17:19:19
190.233.66.74	attack	Aug 8 03:39:37 pl3server sshd[1729497]: Invalid user admin from 190.233.66.74 Aug 8 03:39:37 pl3server sshd[1729497]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.233.66.74 Aug 8 03:39:39 pl3server sshd[1729497]: Failed password for invalid user admin from 190.233.66.74 port 44595 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=190.233.66.74	2019-08-08 16:55:00
79.137.86.205	attack	Aug 8 09:31:00 [host] sshd[28072]: Invalid user ubuntu from 79.137.86.205 Aug 8 09:31:00 [host] sshd[28072]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=79.137.86.205 Aug 8 09:31:02 [host] sshd[28072]: Failed password for invalid user ubuntu from 79.137.86.205 port 55050 ssh2	2019-08-08 17:10:46
119.96.232.49	attackspambots	Aug 7 23:37:13 aat-srv002 sshd[28917]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.96.232.49 Aug 7 23:37:15 aat-srv002 sshd[28917]: Failed password for invalid user ple from 119.96.232.49 port 36217 ssh2 Aug 7 23:53:14 aat-srv002 sshd[29328]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.96.232.49 Aug 7 23:53:16 aat-srv002 sshd[29328]: Failed password for invalid user ye from 119.96.232.49 port 50603 ssh2 ...	2019-08-08 17:18:13
107.173.145.168	attackbotsspam	Aug 8 05:26:35 work-partkepr sshd\[21902\]: Invalid user leos from 107.173.145.168 port 60618 Aug 8 05:26:35 work-partkepr sshd\[21902\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.173.145.168 ...	2019-08-08 16:33:50

最近上报的IP列表

201.23.72.226	89.11.130.111	63.81.87.211	119.58.132.198
194.41.105.146	188.251.97.81	121.129.202.149	44.215.23.29
194.133.212.161	50.242.136.149	124.66.240.107	126.9.123.180
71.186.229.252	189.130.235.187	220.2.126.4	122.117.67.122
1.191.206.174	62.21.158.182	2.219.220.245	32.233.245.142