139.199.18.194

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Oct 12 10:00:06 ajax sshd[20406]: Failed password for root from 139.199.18.194 port 40928 ssh2	2020-10-12 21:33:16
attackspambots	$f2bV_matches	2020-10-12 13:04:40
attackbots	Aug 23 18:17:16 dhoomketu sshd[2600315]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.18.194 Aug 23 18:17:16 dhoomketu sshd[2600315]: Invalid user ksk from 139.199.18.194 port 53220 Aug 23 18:17:19 dhoomketu sshd[2600315]: Failed password for invalid user ksk from 139.199.18.194 port 53220 ssh2 Aug 23 18:21:58 dhoomketu sshd[2600400]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.18.194 user=root Aug 23 18:22:00 dhoomketu sshd[2600400]: Failed password for root from 139.199.18.194 port 50882 ssh2 ...	2020-08-23 20:53:24
attackbots	Aug 3 20:55:29 propaganda sshd[72500]: Connection from 139.199.18.194 port 58866 on 10.0.0.160 port 22 rdomain "" Aug 3 20:55:30 propaganda sshd[72500]: Connection closed by 139.199.18.194 port 58866 [preauth]	2020-08-04 14:47:30
attackbotsspam	Jul 29 14:54:16 havingfunrightnow sshd[6878]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.18.194 Jul 29 14:54:17 havingfunrightnow sshd[6878]: Failed password for invalid user greatwall from 139.199.18.194 port 55260 ssh2 Jul 29 14:55:30 havingfunrightnow sshd[6945]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.18.194 ...	2020-07-30 02:45:53
attackbotsspam	Invalid user git from 139.199.18.194 port 52336	2020-06-30 19:23:06
attackspambots	SSH Invalid Login	2020-06-26 06:40:09
attackspam	Jun 23 10:55:04 master sshd[825]: Failed password for invalid user teamspeak from 139.199.18.194 port 57440 ssh2 Jun 23 11:16:46 master sshd[3895]: Failed password for invalid user daniela from 139.199.18.194 port 56800 ssh2	2020-06-23 18:13:57
attack	TCP (SYN) 139.199.18.194:56405 -> port 5, len 44	2020-06-22 17:30:33
attackbotsspam	Tried sshing with brute force.	2020-06-09 15:51:33
attackbots	Jun 6 11:29:49 abendstille sshd\[16103\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.18.194 user=root Jun 6 11:29:50 abendstille sshd\[16103\]: Failed password for root from 139.199.18.194 port 36154 ssh2 Jun 6 11:31:07 abendstille sshd\[17559\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.18.194 user=root Jun 6 11:31:09 abendstille sshd\[17559\]: Failed password for root from 139.199.18.194 port 53040 ssh2 Jun 6 11:32:27 abendstille sshd\[18927\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.18.194 user=root ...	2020-06-06 18:12:36
attack	May 29 06:45:43 h2779839 sshd[20234]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.18.194 user=root May 29 06:45:45 h2779839 sshd[20234]: Failed password for root from 139.199.18.194 port 36880 ssh2 May 29 06:46:42 h2779839 sshd[20251]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.18.194 user=root May 29 06:46:44 h2779839 sshd[20251]: Failed password for root from 139.199.18.194 port 48522 ssh2 May 29 06:47:43 h2779839 sshd[20281]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.18.194 user=root May 29 06:47:45 h2779839 sshd[20281]: Failed password for root from 139.199.18.194 port 60172 ssh2 May 29 06:48:44 h2779839 sshd[20295]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.18.194 user=root May 29 06:48:45 h2779839 sshd[20295]: Failed password for root from 139.199.18.194 port 43588 s ...	2020-05-29 13:33:29
attack	May 10 05:55:47 ns382633 sshd\[31418\]: Invalid user postgres from 139.199.18.194 port 54310 May 10 05:55:47 ns382633 sshd\[31418\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.18.194 May 10 05:55:49 ns382633 sshd\[31418\]: Failed password for invalid user postgres from 139.199.18.194 port 54310 ssh2 May 10 05:56:43 ns382633 sshd\[31477\]: Invalid user zhuang from 139.199.18.194 port 35854 May 10 05:56:43 ns382633 sshd\[31477\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.18.194	2020-05-10 12:25:31
attackspambots	Invalid user pgm from 139.199.18.194 port 47420	2020-05-03 15:40:31
attackbots	Invalid user leticia from 139.199.18.194 port 34640	2020-05-01 14:13:36
attack	5x Failed Password	2020-04-28 03:51:50
attackbots	Apr 18 07:35:48 nbi-636 sshd[31845]: Invalid user v from 139.199.18.194 port 57476 Apr 18 07:35:48 nbi-636 sshd[31845]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.18.194 Apr 18 07:35:50 nbi-636 sshd[31845]: Failed password for invalid user v from 139.199.18.194 port 57476 ssh2 Apr 18 07:35:51 nbi-636 sshd[31845]: Received disconnect from 139.199.18.194 port 57476:11: Bye Bye [preauth] Apr 18 07:35:51 nbi-636 sshd[31845]: Disconnected from invalid user v 139.199.18.194 port 57476 [preauth] Apr 18 07:52:09 nbi-636 sshd[4956]: Invalid user desktop from 139.199.18.194 port 52072 Apr 18 07:52:09 nbi-636 sshd[4956]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.18.194 Apr 18 07:52:11 nbi-636 sshd[4956]: Failed password for invalid user desktop from 139.199.18.194 port 52072 ssh2 Apr 18 07:52:14 nbi-636 sshd[4956]: Received disconnect from 139.199.18.194 port 52072:11: Bye ........ -------------------------------	2020-04-18 14:47:28

相同子网IP讨论:

IP	类型	评论内容	时间
139.199.18.200	attackspambots	Sep 26 00:45:19 eventyay sshd[21666]: Failed password for root from 139.199.18.200 port 34240 ssh2 Sep 26 00:46:15 eventyay sshd[21670]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.18.200 Sep 26 00:46:17 eventyay sshd[21670]: Failed password for invalid user anonymous from 139.199.18.200 port 48158 ssh2 ...	2020-09-26 07:02:41
139.199.18.200	attackspam	2020-09-25T13:40:16.318090lavrinenko.info sshd[3429]: Failed password for invalid user grid from 139.199.18.200 port 58952 ssh2 2020-09-25T13:44:58.367058lavrinenko.info sshd[9739]: Invalid user user7 from 139.199.18.200 port 56360 2020-09-25T13:44:58.378352lavrinenko.info sshd[9739]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.18.200 2020-09-25T13:44:58.367058lavrinenko.info sshd[9739]: Invalid user user7 from 139.199.18.200 port 56360 2020-09-25T13:44:59.922678lavrinenko.info sshd[9739]: Failed password for invalid user user7 from 139.199.18.200 port 56360 ssh2 ...	2020-09-26 00:10:48
139.199.18.200	attack	Automatic Fail2ban report - Trying login SSH	2020-09-25 15:47:34
139.199.189.158	attackbots	2020-09-14T11:34:46.670400server.espacesoutien.com sshd[14677]: Invalid user dresden from 139.199.189.158 port 36066 2020-09-14T11:34:46.687398server.espacesoutien.com sshd[14677]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.189.158 2020-09-14T11:34:46.670400server.espacesoutien.com sshd[14677]: Invalid user dresden from 139.199.189.158 port 36066 2020-09-14T11:34:49.065942server.espacesoutien.com sshd[14677]: Failed password for invalid user dresden from 139.199.189.158 port 36066 ssh2 ...	2020-09-14 20:37:35
139.199.189.158	attack	"Unauthorized connection attempt on SSHD detected"	2020-09-14 12:30:20
139.199.189.158	attackspambots	"Unauthorized connection attempt on SSHD detected"	2020-09-14 04:31:38
139.199.18.200	attack	Sep 8 22:17:59 george sshd[3959]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.18.200 user=root Sep 8 22:18:02 george sshd[3959]: Failed password for root from 139.199.18.200 port 43684 ssh2 Sep 8 22:19:53 george sshd[3966]: Invalid user cisco from 139.199.18.200 port 40592 Sep 8 22:19:53 george sshd[3966]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.18.200 Sep 8 22:19:55 george sshd[3966]: Failed password for invalid user cisco from 139.199.18.200 port 40592 ssh2 ...	2020-09-09 18:01:48
139.199.18.200	attack	Failed password for invalid user test from 139.199.18.200 port 41916 ssh2	2020-09-01 08:12:30
139.199.189.158	attackspam	Aug 30 22:31:16 minden010 sshd[6081]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.189.158 Aug 30 22:31:18 minden010 sshd[6081]: Failed password for invalid user appuser from 139.199.189.158 port 50124 ssh2 Aug 30 22:39:25 minden010 sshd[9002]: Failed password for root from 139.199.189.158 port 40276 ssh2 ...	2020-08-31 05:20:04
139.199.18.200	attackbotsspam	$f2bV_matches	2020-08-27 03:38:23
139.199.18.200	attackbots	Unauthorised connection attempt detected at AUO NODE 4. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-08-21 01:44:20
139.199.18.200	attack	Invalid user elias from 139.199.18.200 port 49768	2020-08-20 15:30:17
139.199.189.158	attackbotsspam	Aug 17 22:30:13 scw-6657dc sshd[16586]: Failed password for root from 139.199.189.158 port 47704 ssh2 Aug 17 22:30:13 scw-6657dc sshd[16586]: Failed password for root from 139.199.189.158 port 47704 ssh2 Aug 17 22:35:26 scw-6657dc sshd[16842]: Invalid user amministratore from 139.199.189.158 port 52470 ...	2020-08-18 06:54:50
139.199.18.200	attackspambots	Aug 17 20:27:32 IngegnereFirenze sshd[5027]: Failed password for invalid user frank from 139.199.18.200 port 51528 ssh2 ...	2020-08-18 05:31:39
139.199.183.14	attack	This client attempted to login to an administrator account on a Website, or abused from another resource.	2020-08-05 04:28:41

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.199.18.194
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 31012
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.199.18.194.			IN	A

;; AUTHORITY SECTION:
.			598	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020041800 1800 900 604800 86400

;; Query time: 53 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Apr 18 14:47:25 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 194.18.199.139.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 194.18.199.139.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
59.93.29.88	attackspam	1583156069 - 03/02/2020 14:34:29 Host: 59.93.29.88/59.93.29.88 Port: 445 TCP Blocked	2020-03-03 03:44:19
200.43.187.44	attackspam	Honeypot Attack, Port 23	2020-03-03 04:03:03
222.186.175.217	attackspambots	Mar 3 03:57:26 bacztwo sshd[32442]: error: PAM: Authentication failure for root from 222.186.175.217 Mar 3 03:57:29 bacztwo sshd[32442]: error: PAM: Authentication failure for root from 222.186.175.217 Mar 3 03:57:32 bacztwo sshd[32442]: error: PAM: Authentication failure for root from 222.186.175.217 Mar 3 03:57:32 bacztwo sshd[32442]: Failed keyboard-interactive/pam for root from 222.186.175.217 port 50024 ssh2 Mar 3 03:57:23 bacztwo sshd[32442]: error: PAM: Authentication failure for root from 222.186.175.217 Mar 3 03:57:26 bacztwo sshd[32442]: error: PAM: Authentication failure for root from 222.186.175.217 Mar 3 03:57:29 bacztwo sshd[32442]: error: PAM: Authentication failure for root from 222.186.175.217 Mar 3 03:57:32 bacztwo sshd[32442]: error: PAM: Authentication failure for root from 222.186.175.217 Mar 3 03:57:32 bacztwo sshd[32442]: Failed keyboard-interactive/pam for root from 222.186.175.217 port 50024 ssh2 Mar 3 03:57:36 bacztwo sshd[32442]: error: PAM: Authent ...	2020-03-03 03:58:12
36.224.222.214	attack	Unauthorized connection attempt detected from IP address 36.224.222.214 to port 23 [J]	2020-03-03 04:00:09
222.186.42.75	attackspambots	Mar 2 09:36:20 tdfoods sshd\[9964\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.75 user=root Mar 2 09:36:23 tdfoods sshd\[9964\]: Failed password for root from 222.186.42.75 port 44282 ssh2 Mar 2 09:36:25 tdfoods sshd\[9964\]: Failed password for root from 222.186.42.75 port 44282 ssh2 Mar 2 09:36:27 tdfoods sshd\[9964\]: Failed password for root from 222.186.42.75 port 44282 ssh2 Mar 2 09:41:15 tdfoods sshd\[10361\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.75 user=root	2020-03-03 03:41:31
128.199.186.61	attackspam	Mar 2 14:34:06 * sshd[19937]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.186.61 Mar 2 14:34:08 * sshd[19937]: Failed password for invalid user chengm from 128.199.186.61 port 45518 ssh2	2020-03-03 04:00:56
113.233.109.237	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-03-03 03:32:41
92.63.194.106	attackspam	Mar 2 20:14:02 debian64 sshd[12210]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.63.194.106 Mar 2 20:14:05 debian64 sshd[12210]: Failed password for invalid user user from 92.63.194.106 port 37709 ssh2 ...	2020-03-03 03:22:55
212.92.105.107	attackbots	B: Magento admin pass test (wrong country)	2020-03-03 03:51:01
128.199.207.183	attackspam	Mar 2 09:21:39 eddieflores sshd\[16326\]: Invalid user uftp from 128.199.207.183 Mar 2 09:21:39 eddieflores sshd\[16326\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.207.183 Mar 2 09:21:41 eddieflores sshd\[16326\]: Failed password for invalid user uftp from 128.199.207.183 port 54262 ssh2 Mar 2 09:29:08 eddieflores sshd\[16951\]: Invalid user mouzj from 128.199.207.183 Mar 2 09:29:08 eddieflores sshd\[16951\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.207.183	2020-03-03 03:37:49
167.99.183.191	attackspam	Mar 2 20:34:03 silence02 sshd[22799]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.183.191 Mar 2 20:34:05 silence02 sshd[22799]: Failed password for invalid user upload from 167.99.183.191 port 45098 ssh2 Mar 2 20:42:20 silence02 sshd[26266]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.183.191	2020-03-03 03:43:55
66.70.160.187	attackbotsspam	$f2bV_matches	2020-03-03 03:48:35
82.80.176.84	attackspambots	Unauthorized connection attempt detected from IP address 82.80.176.84 to port 23 [J]	2020-03-03 03:58:49
184.167.114.81	attack	Brute forcing email accounts	2020-03-03 04:01:23
149.135.121.242	attackbotsspam	Mar 2 19:33:51 gw1 sshd[13050]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.135.121.242 Mar 2 19:33:53 gw1 sshd[13050]: Failed password for invalid user zengzhen from 149.135.121.242 port 49730 ssh2 ...	2020-03-03 03:33:17

最近上报的IP列表

104.239.168.149	61.181.93.10	180.111.6.64	49.233.193.237
114.231.41.90	27.1.253.142	251.108.193.127	194.28.61.132
185.36.72.157	6.233.82.182	60.59.48.10	242.17.126.43
45.87.151.197	203.238.189.44	163.109.117.102	209.93.255.165
210.179.36.189	183.131.84.141	240.90.106.226	49.233.141.58