139.199.122.96

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): V6Yun (Beijing) Network Co. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	$f2bV_matches	2020-04-08 14:46:12
attackbots	(sshd) Failed SSH login from 139.199.122.96 (US/United States/-): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Apr 4 19:40:43 ubnt-55d23 sshd[11391]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.122.96 user=root Apr 4 19:40:45 ubnt-55d23 sshd[11391]: Failed password for root from 139.199.122.96 port 15095 ssh2	2020-04-05 02:59:36
attackbots	Mar 31 01:06:26 [host] sshd[10250]: pam_unix(sshd: Mar 31 01:06:28 [host] sshd[10250]: Failed passwor Mar 31 01:10:40 [host] sshd[10689]: Invalid user a Mar 31 01:10:40 [host] sshd[10689]: pam_unix(sshd:	2020-03-31 07:54:03
attack	Mar 21 19:16:30 xeon sshd[64485]: Failed password for invalid user gayle from 139.199.122.96 port 59040 ssh2	2020-03-22 03:15:22
attack	SSH login attempts.	2020-03-19 17:22:56
attackspam	Feb 22 07:44:14 plex sshd[29723]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.122.96 user=root Feb 22 07:44:16 plex sshd[29723]: Failed password for root from 139.199.122.96 port 13964 ssh2	2020-02-22 15:12:21
attackspam	Unauthorized connection attempt detected from IP address 139.199.122.96 to port 2220 [J]	2020-01-14 03:03:27
attackbotsspam	Jan 10 16:17:50 vps46666688 sshd[11782]: Failed password for root from 139.199.122.96 port 11136 ssh2 Jan 10 16:20:45 vps46666688 sshd[11873]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.122.96 ...	2020-01-11 04:22:46
attackspambots	Unauthorized connection attempt detected from IP address 139.199.122.96 to port 22	2020-01-01 01:33:21
attackbots	2019-11-06T16:52:06.442305shield sshd\[3972\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.122.96 user=root 2019-11-06T16:52:08.990714shield sshd\[3972\]: Failed password for root from 139.199.122.96 port 47852 ssh2 2019-11-06T16:57:13.995759shield sshd\[4837\]: Invalid user helmuth from 139.199.122.96 port 26985 2019-11-06T16:57:14.002232shield sshd\[4837\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.122.96 2019-11-06T16:57:15.833085shield sshd\[4837\]: Failed password for invalid user helmuth from 139.199.122.96 port 26985 ssh2	2019-11-07 01:05:19
attack	Oct 23 05:49:09 MK-Soft-VM6 sshd[29811]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.122.96 Oct 23 05:49:10 MK-Soft-VM6 sshd[29811]: Failed password for invalid user kimura from 139.199.122.96 port 35031 ssh2 ...	2019-10-23 17:56:45
attackbots	Oct 20 22:58:33 ns37 sshd[7017]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.122.96 Oct 20 22:58:33 ns37 sshd[7017]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.122.96	2019-10-21 07:47:17
attack	Oct 12 00:11:10 icinga sshd[15865]: Failed password for root from 139.199.122.96 port 25128 ssh2 ...	2019-10-12 06:26:30
attack	Oct 8 09:16:57 TORMINT sshd\[4727\]: Invalid user Passw0rt1234% from 139.199.122.96 Oct 8 09:16:57 TORMINT sshd\[4727\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.122.96 Oct 8 09:16:59 TORMINT sshd\[4727\]: Failed password for invalid user Passw0rt1234% from 139.199.122.96 port 43957 ssh2 ...	2019-10-08 21:22:44
attack	2019-10-06T03:55:16.325079abusebot-3.cloudsearch.cf sshd\[29155\]: Invalid user Driver@123 from 139.199.122.96 port 52557	2019-10-06 12:16:19
attackspambots	Sep 28 19:14:30 server sshd\[3764\]: Invalid user ubuntu from 139.199.122.96 port 62571 Sep 28 19:14:30 server sshd\[3764\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.122.96 Sep 28 19:14:32 server sshd\[3764\]: Failed password for invalid user ubuntu from 139.199.122.96 port 62571 ssh2 Sep 28 19:20:57 server sshd\[21771\]: Invalid user jester from 139.199.122.96 port 45710 Sep 28 19:20:57 server sshd\[21771\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.122.96	2019-09-29 00:40:43
attack	Sep 21 09:13:14 dedicated sshd[353]: Invalid user ftp2 from 139.199.122.96 port 41023	2019-09-21 15:26:39
attackbotsspam	2019-09-12T16:40:35.571287mizuno.rwx.ovh sshd[10994]: Connection from 139.199.122.96 port 42985 on 78.46.61.178 port 22 2019-09-12T16:40:36.866618mizuno.rwx.ovh sshd[10994]: Invalid user ftpuser from 139.199.122.96 port 42985 2019-09-12T16:40:36.874342mizuno.rwx.ovh sshd[10994]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.122.96 2019-09-12T16:40:35.571287mizuno.rwx.ovh sshd[10994]: Connection from 139.199.122.96 port 42985 on 78.46.61.178 port 22 2019-09-12T16:40:36.866618mizuno.rwx.ovh sshd[10994]: Invalid user ftpuser from 139.199.122.96 port 42985 2019-09-12T16:40:38.844837mizuno.rwx.ovh sshd[10994]: Failed password for invalid user ftpuser from 139.199.122.96 port 42985 ssh2 ...	2019-09-13 08:14:39
attackbots	Sep 8 07:41:40 s64-1 sshd[7545]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.122.96 Sep 8 07:41:43 s64-1 sshd[7545]: Failed password for invalid user guest from 139.199.122.96 port 61143 ssh2 Sep 8 07:47:48 s64-1 sshd[7623]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.122.96 ...	2019-09-08 14:02:34
attackspam	Aug 20 07:40:19 lnxmail61 sshd[31787]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.122.96	2019-08-20 20:57:48
attackspam	Brute force SMTP login attempted. ...	2019-08-10 01:47:19
attack	$f2bV_matches	2019-07-14 17:17:13
attack	Jul 8 15:39:08 nbi-636 sshd[17331]: Invalid user celery from 139.199.122.96 port 19311 Jul 8 15:39:10 nbi-636 sshd[17331]: Failed password for invalid user celery from 139.199.122.96 port 19311 ssh2 Jul 8 15:39:10 nbi-636 sshd[17331]: Received disconnect from 139.199.122.96 port 19311:11: Bye Bye [preauth] Jul 8 15:39:10 nbi-636 sshd[17331]: Disconnected from 139.199.122.96 port 19311 [preauth] Jul 8 15:43:38 nbi-636 sshd[18093]: Invalid user oracle from 139.199.122.96 port 58781 Jul 8 15:43:40 nbi-636 sshd[18093]: Failed password for invalid user oracle from 139.199.122.96 port 58781 ssh2 Jul 8 15:43:40 nbi-636 sshd[18093]: Received disconnect from 139.199.122.96 port 58781:11: Bye Bye [preauth] Jul 8 15:43:40 nbi-636 sshd[18093]: Disconnected from 139.199.122.96 port 58781 [preauth] Jul 8 15:45:52 nbi-636 sshd[18458]: Invalid user dbms from 139.199.122.96 port 20014 Jul 8 15:45:54 nbi-636 sshd[18458]: Failed password for invalid user dbms from 139.199.122.96........ -------------------------------	2019-07-10 16:43:44
attack	Invalid user rkassim from 139.199.122.96 port 59816 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.122.96 Failed password for invalid user rkassim from 139.199.122.96 port 59816 ssh2 Invalid user hacker from 139.199.122.96 port 29211 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.122.96	2019-07-02 17:16:30

相同子网IP讨论:

IP	类型	评论内容	时间
139.199.122.210	attackbotsspam	Mar 28 04:52:31 sshd\[7919\]: Invalid user acs from 139.199.122.210Mar 28 04:52:33 sshd\[7919\]: Failed password for invalid user acs from 139.199.122.210 port 50820 ssh2 ...	2020-03-28 14:23:27
139.199.122.210	attack	Invalid user sdtdserver from 139.199.122.210 port 38980	2020-03-21 22:05:08
139.199.122.210	attack	5x Failed Password	2020-03-14 06:35:52
139.199.122.210	attackbots	$f2bV_matches	2020-03-12 09:05:58
139.199.122.210	attackspam	Feb 9 05:55:50 h1745522 sshd[21843]: Invalid user fsu from 139.199.122.210 port 39488 Feb 9 05:55:50 h1745522 sshd[21843]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.122.210 Feb 9 05:55:50 h1745522 sshd[21843]: Invalid user fsu from 139.199.122.210 port 39488 Feb 9 05:55:52 h1745522 sshd[21843]: Failed password for invalid user fsu from 139.199.122.210 port 39488 ssh2 Feb 9 05:59:32 h1745522 sshd[22083]: Invalid user cdm from 139.199.122.210 port 34098 Feb 9 05:59:32 h1745522 sshd[22083]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.122.210 Feb 9 05:59:32 h1745522 sshd[22083]: Invalid user cdm from 139.199.122.210 port 34098 Feb 9 05:59:34 h1745522 sshd[22083]: Failed password for invalid user cdm from 139.199.122.210 port 34098 ssh2 Feb 9 06:02:53 h1745522 sshd[22220]: Invalid user txw from 139.199.122.210 port 56920 ...	2020-02-09 13:21:13
139.199.122.210	attackspambots	Feb 8 13:15:55 plusreed sshd[14218]: Invalid user sbm from 139.199.122.210 ...	2020-02-09 05:56:03
139.199.122.210	attack	$f2bV_matches	2020-01-12 00:20:17
139.199.122.210	attackbots	Jan 10 14:15:04 ws26vmsma01 sshd[88481]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.122.210 Jan 10 14:15:06 ws26vmsma01 sshd[88481]: Failed password for invalid user training from 139.199.122.210 port 58342 ssh2 ...	2020-01-10 23:07:07
139.199.122.210	attack	Unauthorized connection attempt detected from IP address 139.199.122.210 to port 2220 [J]	2020-01-06 21:59:42
139.199.122.210	attack	Jan 5 23:38:14 SilenceServices sshd[30728]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.122.210 Jan 5 23:38:16 SilenceServices sshd[30728]: Failed password for invalid user guest1 from 139.199.122.210 port 39136 ssh2 Jan 5 23:40:46 SilenceServices sshd[31586]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.122.210	2020-01-06 07:28:20
139.199.122.210	attack	Jan 2 20:37:37 prox sshd[25831]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.122.210 Jan 2 20:37:38 prox sshd[25831]: Failed password for invalid user tomcat from 139.199.122.210 port 52166 ssh2	2020-01-03 06:15:51
139.199.122.210	attackspambots	Dec 20 11:53:37 auw2 sshd\[15359\]: Invalid user password from 139.199.122.210 Dec 20 11:53:37 auw2 sshd\[15359\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.122.210 Dec 20 11:53:39 auw2 sshd\[15359\]: Failed password for invalid user password from 139.199.122.210 port 56704 ssh2 Dec 20 12:00:45 auw2 sshd\[15981\]: Invalid user emelina from 139.199.122.210 Dec 20 12:00:45 auw2 sshd\[15981\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.122.210	2019-12-21 06:13:33
139.199.122.210	attackbots	leo_www	2019-12-19 13:02:45
139.199.122.210	attackbots	Dec 15 23:09:13 localhost sshd\[124625\]: Invalid user id from 139.199.122.210 port 38108 Dec 15 23:09:13 localhost sshd\[124625\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.122.210 Dec 15 23:09:15 localhost sshd\[124625\]: Failed password for invalid user id from 139.199.122.210 port 38108 ssh2 Dec 15 23:14:50 localhost sshd\[124858\]: Invalid user lippe from 139.199.122.210 port 34458 Dec 15 23:14:50 localhost sshd\[124858\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.122.210 ...	2019-12-16 07:20:27
139.199.122.210	attackspambots	$f2bV_matches	2019-12-09 18:46:06

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.199.122.96
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 59591
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.199.122.96.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019070200 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Jul 02 17:16:22 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 96.122.199.139.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 96.122.199.139.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
92.118.37.86	attackbots	11/04/2019-09:36:15.420124 92.118.37.86 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-11-04 22:50:16
159.203.193.43	attackspambots	scan r	2019-11-04 22:59:16
79.111.119.213	attackbots	xmlrpc attack	2019-11-04 22:42:15
195.154.82.61	attackspam	Failed password for invalid user testtest from 195.154.82.61 port 33768 ssh2 Invalid user toop147258369 from 195.154.82.61 port 43060 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.154.82.61 Failed password for invalid user toop147258369 from 195.154.82.61 port 43060 ssh2 Invalid user Admin1234%\^\&\* from 195.154.82.61 port 52342	2019-11-04 22:29:00
206.189.184.81	attackspam	$f2bV_matches	2019-11-04 22:18:34
129.211.10.228	attack	Nov 4 09:36:26 plusreed sshd[21462]: Invalid user password1@3qWeaSd from 129.211.10.228 Nov 4 09:36:26 plusreed sshd[21462]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.10.228 Nov 4 09:36:26 plusreed sshd[21462]: Invalid user password1@3qWeaSd from 129.211.10.228 Nov 4 09:36:28 plusreed sshd[21462]: Failed password for invalid user password1@3qWeaSd from 129.211.10.228 port 48590 ssh2 ...	2019-11-04 22:45:48
49.88.112.113	attackbots	Nov 4 15:39:52 bouncer sshd\[2149\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.113 user=root Nov 4 15:39:54 bouncer sshd\[2149\]: Failed password for root from 49.88.112.113 port 36274 ssh2 Nov 4 15:39:56 bouncer sshd\[2149\]: Failed password for root from 49.88.112.113 port 36274 ssh2 ...	2019-11-04 22:47:42
51.83.71.72	attackbots	2019-11-04T15:04:38.081390mail01 postfix/smtpd[2652]: warning: 72.ip-51-83-71.eu[51.83.71.72]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-11-04T15:06:55.164135mail01 postfix/smtpd[2652]: warning: 72.ip-51-83-71.eu[51.83.71.72]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-11-04T15:07:56.145103mail01 postfix/smtpd[24898]: warning: 72.ip-51-83-71.eu[51.83.71.72]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2019-11-04 22:18:01
80.117.26.75	attackspam	Automatic report - Port Scan Attack	2019-11-04 22:17:20
106.13.198.162	attackbotsspam	Tried sshing with brute force.	2019-11-04 22:27:00
35.211.103.155	attackspam	WordPress wp-login brute force :: 35.211.103.155 0.180 - [04/Nov/2019:09:08:54 0000] [censored_1] "POST /wp-login.php HTTP/1.1" 200 1472 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "HTTP/1.1"	2019-11-04 22:21:32
106.12.210.229	attackspam	Nov 4 08:22:28 root sshd[14983]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.210.229 Nov 4 08:22:29 root sshd[14983]: Failed password for invalid user aaron from 106.12.210.229 port 57016 ssh2 Nov 4 08:26:37 root sshd[15012]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.210.229 ...	2019-11-04 22:33:44
153.126.183.188	attackspam	Nov 4 19:44:10 gw1 sshd[30946]: Failed password for root from 153.126.183.188 port 42524 ssh2 ...	2019-11-04 22:50:59
77.40.3.183	attackspambots	2019-11-04T09:59:41.067789mail01 postfix/smtpd[23727]: warning: unknown[77.40.3.183]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-11-04T10:04:44.154838mail01 postfix/smtpd[13938]: warning: unknown[77.40.3.183]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-11-04T10:08:37.290899mail01 postfix/smtpd[9222]: warning: unknown[77.40.3.183]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2019-11-04 22:28:28
222.186.173.215	attack	sshd jail - ssh hack attempt	2019-11-04 22:47:25

最近上报的IP列表

146.185.25.165	132.232.4.33	36.237.132.198	176.197.137.46
137.59.213.4	1.174.27.185	200.35.8.220	191.240.84.13
91.218.65.30	157.97.240.219	177.68.129.207	43.239.78.4
114.232.72.226	141.126.205.20	117.159.64.254	14.169.210.121
1.165.100.240	104.248.10.36	223.221.240.218	177.130.160.195