139.199.115.133

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): V6Yun (Beijing) Network Co. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	21 attempts against mh-ssh on echoip	2020-06-20 02:47:15
attack	Jun 17 22:53:12 srv-ubuntu-dev3 sshd[23057]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.115.133 user=root Jun 17 22:53:14 srv-ubuntu-dev3 sshd[23057]: Failed password for root from 139.199.115.133 port 35540 ssh2 Jun 17 22:57:34 srv-ubuntu-dev3 sshd[23670]: Invalid user xiao from 139.199.115.133 Jun 17 22:57:34 srv-ubuntu-dev3 sshd[23670]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.115.133 Jun 17 22:57:34 srv-ubuntu-dev3 sshd[23670]: Invalid user xiao from 139.199.115.133 Jun 17 22:57:36 srv-ubuntu-dev3 sshd[23670]: Failed password for invalid user xiao from 139.199.115.133 port 59238 ssh2 Jun 17 23:02:04 srv-ubuntu-dev3 sshd[24499]: Invalid user istian from 139.199.115.133 Jun 17 23:02:04 srv-ubuntu-dev3 sshd[24499]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.115.133 Jun 17 23:02:04 srv-ubuntu-dev3 sshd[24499]: Invalid user ist ...	2020-06-18 05:11:06
attack	2020-06-16T17:32:16.312353afi-git.jinr.ru sshd[20909]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.115.133 2020-06-16T17:32:16.309184afi-git.jinr.ru sshd[20909]: Invalid user spring from 139.199.115.133 port 33734 2020-06-16T17:32:18.713747afi-git.jinr.ru sshd[20909]: Failed password for invalid user spring from 139.199.115.133 port 33734 ssh2 2020-06-16T17:34:06.620368afi-git.jinr.ru sshd[21284]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.115.133 user=root 2020-06-16T17:34:08.790668afi-git.jinr.ru sshd[21284]: Failed password for root from 139.199.115.133 port 52298 ssh2 ...	2020-06-16 22:44:28
attackspam	Jun 14 01:16:54 pi sshd[8749]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.115.133 Jun 14 01:16:56 pi sshd[8749]: Failed password for invalid user wei1 from 139.199.115.133 port 52286 ssh2	2020-06-14 16:35:29
attackspambots	Jun 10 13:57:22 lukav-desktop sshd\[31841\]: Invalid user vomocil from 139.199.115.133 Jun 10 13:57:22 lukav-desktop sshd\[31841\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.115.133 Jun 10 13:57:23 lukav-desktop sshd\[31841\]: Failed password for invalid user vomocil from 139.199.115.133 port 39772 ssh2 Jun 10 14:01:57 lukav-desktop sshd\[31919\]: Invalid user iizuka from 139.199.115.133 Jun 10 14:01:57 lukav-desktop sshd\[31919\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.115.133	2020-06-10 20:15:25

相同子网IP讨论:

IP	类型	评论内容	时间
139.199.115.210	attackbotsspam	Sep 26 19:56:29 vmd17057 sshd[17985]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.115.210 Sep 26 19:56:31 vmd17057 sshd[17985]: Failed password for invalid user student3 from 139.199.115.210 port 58668 ssh2 ...	2020-09-27 04:36:20
139.199.115.210	attackspambots	Invalid user gzw from 139.199.115.210 port 27202	2020-09-26 20:44:00
139.199.115.210	attackspambots	Invalid user daniel from 139.199.115.210 port 55740	2020-09-26 12:27:08
139.199.115.210	attackbots	Aug 4 05:53:20 sso sshd[28412]: Failed password for root from 139.199.115.210 port 25313 ssh2 ...	2020-08-04 12:17:47
139.199.115.210	attackbotsspam	2020-07-27T13:10:52.980754+02:00 sshd[22882]: Failed password for invalid user vx from 139.199.115.210 port 32972 ssh2	2020-07-27 19:26:38
139.199.115.210	attackspam	Exploited Host.	2020-07-26 02:26:38
139.199.115.210	attackbotsspam	$f2bV_matches	2020-06-22 14:26:27
139.199.115.210	attackspambots	$f2bV_matches	2020-06-17 20:14:17
139.199.115.210	attackspam	Failed password for invalid user justify from 139.199.115.210 port 24670 ssh2	2020-06-10 19:15:35
139.199.115.210	attackspambots	Jun 3 06:28:29 roki-contabo sshd\[23560\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.115.210 user=root Jun 3 06:28:30 roki-contabo sshd\[23560\]: Failed password for root from 139.199.115.210 port 26968 ssh2 Jun 3 06:47:34 roki-contabo sshd\[23821\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.115.210 user=root Jun 3 06:47:36 roki-contabo sshd\[23821\]: Failed password for root from 139.199.115.210 port 21629 ssh2 Jun 3 06:51:58 roki-contabo sshd\[23874\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.115.210 user=root ...	2020-06-03 13:43:17
139.199.115.210	attackspam	2020-05-28T12:31:52.527069afi-git.jinr.ru sshd[9185]: Invalid user dejan from 139.199.115.210 port 44323 2020-05-28T12:31:52.530549afi-git.jinr.ru sshd[9185]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.115.210 2020-05-28T12:31:52.527069afi-git.jinr.ru sshd[9185]: Invalid user dejan from 139.199.115.210 port 44323 2020-05-28T12:31:55.129796afi-git.jinr.ru sshd[9185]: Failed password for invalid user dejan from 139.199.115.210 port 44323 ssh2 2020-05-28T12:36:40.804084afi-git.jinr.ru sshd[10405]: Invalid user hartwick from 139.199.115.210 port 40130 ...	2020-05-28 18:47:28
139.199.115.210	attackspambots	May 21 08:18:40 plex sshd[29185]: Invalid user pcp from 139.199.115.210 port 34676	2020-05-21 18:41:32
139.199.115.210	attackspam	May 16 00:22:03 vmd48417 sshd[1482]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.115.210	2020-05-16 12:31:38
139.199.115.225	attackbots	W 31101,/var/log/nginx/access.log,-,-	2020-05-16 01:28:45
139.199.115.210	attackbots	SSH Brute-Force reported by Fail2Ban	2020-05-15 08:45:11

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.199.115.133
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 13260
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.199.115.133.		IN	A

;; AUTHORITY SECTION:
.			433	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020061000 1800 900 604800 86400

;; Query time: 63 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jun 10 20:15:21 CST 2020
;; MSG SIZE  rcvd: 119

HOST信息:

Host 133.115.199.139.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 133.115.199.139.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
80.51.100.5	attack	Automatic report - Port Scan Attack	2019-08-07 23:50:24
12.146.53.98	attack	Multiple failed RDP login attempts	2019-08-08 00:35:23
130.180.193.73	attackbotsspam	Aug 7 09:21:07 Ubuntu-1404-trusty-64-minimal sshd\[12090\]: Invalid user eggbreaker2 from 130.180.193.73 Aug 7 09:21:07 Ubuntu-1404-trusty-64-minimal sshd\[12090\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=130.180.193.73 Aug 7 09:21:10 Ubuntu-1404-trusty-64-minimal sshd\[12090\]: Failed password for invalid user eggbreaker2 from 130.180.193.73 port 50536 ssh2 Aug 7 09:41:29 Ubuntu-1404-trusty-64-minimal sshd\[22459\]: Invalid user farid from 130.180.193.73 Aug 7 09:41:29 Ubuntu-1404-trusty-64-minimal sshd\[22459\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=130.180.193.73	2019-08-08 00:52:06
14.240.255.190	attackspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-08-07 05:16:16,642 INFO [amun_request_handler] PortScan Detected on Port: 445 (14.240.255.190)	2019-08-08 00:40:54
36.71.45.160	attackbots	Aug 7 08:26:25 v26 sshd[14385]: Did not receive identification string from 36.71.45.160 port 58528 Aug 7 08:26:25 v26 sshd[14386]: Did not receive identification string from 36.71.45.160 port 53878 Aug 7 08:26:25 v26 sshd[14387]: Did not receive identification string from 36.71.45.160 port 59063 Aug 7 08:26:29 v26 sshd[14392]: Did not receive identification string from 36.71.45.160 port 53049 Aug 7 08:26:29 v26 sshd[14391]: Did not receive identification string from 36.71.45.160 port 53051 Aug 7 08:26:29 v26 sshd[14390]: Did not receive identification string from 36.71.45.160 port 53047 Aug 7 08:26:33 v26 sshd[14388]: Invalid user sniffer from 36.71.45.160 port 55133 Aug 7 08:26:34 v26 sshd[14389]: Invalid user sniffer from 36.71.45.160 port 56826 Aug 7 08:26:36 v26 sshd[14388]: Failed password for invalid user sniffer from 36.71.45.160 port 55133 ssh2 Aug 7 08:26:36 v26 sshd[14389]: Failed password for invalid user sniffer from 36.71.45.160 port 56826 ssh2 Au........ -------------------------------	2019-08-08 00:22:45
139.219.107.11	attackspambots	Mar 5 19:37:16 vtv3 sshd\[24643\]: Invalid user bh from 139.219.107.11 port 37436 Mar 5 19:37:16 vtv3 sshd\[24643\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.219.107.11 Mar 5 19:37:18 vtv3 sshd\[24643\]: Failed password for invalid user bh from 139.219.107.11 port 37436 ssh2 Mar 5 19:46:18 vtv3 sshd\[27594\]: Invalid user vagrant from 139.219.107.11 port 42684 Mar 5 19:46:18 vtv3 sshd\[27594\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.219.107.11 Mar 24 01:18:35 vtv3 sshd\[30021\]: Invalid user wp from 139.219.107.11 port 47716 Mar 24 01:18:35 vtv3 sshd\[30021\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.219.107.11 Mar 24 01:18:37 vtv3 sshd\[30021\]: Failed password for invalid user wp from 139.219.107.11 port 47716 ssh2 Mar 24 01:24:11 vtv3 sshd\[32229\]: Invalid user kh from 139.219.107.11 port 55076 Mar 24 01:24:11 vtv3 sshd\[32229\]: pam_unix\	2019-08-08 00:37:52
185.176.27.170	attack	Aug 7 15:01:35 TCP Attack: SRC=185.176.27.170 DST=[Masked] LEN=40 TOS=0x08 PREC=0x20 TTL=244 PROTO=TCP SPT=44749 DPT=42326 WINDOW=1024 RES=0x00 SYN URGP=0	2019-08-08 00:18:53
182.61.168.122	attackspambots	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-08-07 06:07:49,099 INFO [shellcode_manager] (182.61.168.122) no match, writing hexdump (45f5ef579da1aec0efd29e07011afce4 :1851432) - SMB (Unknown)	2019-08-08 00:56:19
212.174.75.38	attackbotsspam	Unauthorised access (Aug 7) SRC=212.174.75.38 LEN=48 TTL=109 ID=20444 DF TCP DPT=445 WINDOW=8192 SYN Unauthorised access (Aug 6) SRC=212.174.75.38 LEN=52 TTL=109 ID=12725 DF TCP DPT=445 WINDOW=8192 SYN	2019-08-08 00:46:50
162.144.84.235	attackbots	162.144.84.235 - - [07/Aug/2019:11:24:54 +0200] "GET /wp-login.php HTTP/1.1" 200 1237 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 162.144.84.235 - - [07/Aug/2019:11:24:55 +0200] "POST /wp-login.php HTTP/1.1" 200 1632 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 162.144.84.235 - - [07/Aug/2019:11:24:55 +0200] "GET /wp-login.php HTTP/1.1" 200 1237 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 162.144.84.235 - - [07/Aug/2019:11:24:56 +0200] "POST /wp-login.php HTTP/1.1" 200 1631 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 162.144.84.235 - - [07/Aug/2019:11:24:56 +0200] "GET /wp-login.php HTTP/1.1" 200 1237 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 162.144.84.235 - - [07/Aug/2019:11:24:57 +0200] "POST /wp-login.php HTTP/1.1" 200 1630 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-08-08 00:25:28
115.110.249.114	attack	Aug 7 09:50:21 srv-4 sshd\[24457\]: Invalid user deployer from 115.110.249.114 Aug 7 09:50:21 srv-4 sshd\[24457\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.110.249.114 Aug 7 09:50:23 srv-4 sshd\[24457\]: Failed password for invalid user deployer from 115.110.249.114 port 45546 ssh2 ...	2019-08-08 00:03:00
85.198.81.2	attackspam	[portscan] Port scan	2019-08-07 23:58:49
216.218.191.102	attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-08-08 01:06:51
103.103.181.19	attackspambots	Automatic report - Banned IP Access	2019-08-08 00:39:22
134.209.155.245	attack	SSH Server BruteForce Attack	2019-08-08 00:14:52

最近上报的IP列表

106.12.148.170	49.145.167.237	164.160.141.95	46.166.143.102
167.71.203.254	178.120.208.41	85.214.163.128	189.18.49.252
168.90.13.227	36.225.155.2	159.89.46.11	125.72.26.69
85.46.191.12	180.177.33.3	111.39.55.182	79.126.86.170
194.88.106.146	107.189.10.254	13.235.114.12	122.160.10.125