139.199.18.194

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Oct 12 10:00:06 ajax sshd[20406]: Failed password for root from 139.199.18.194 port 40928 ssh2	2020-10-12 21:33:16
attackspambots	$f2bV_matches	2020-10-12 13:04:40
attackbots	Aug 23 18:17:16 dhoomketu sshd[2600315]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.18.194 Aug 23 18:17:16 dhoomketu sshd[2600315]: Invalid user ksk from 139.199.18.194 port 53220 Aug 23 18:17:19 dhoomketu sshd[2600315]: Failed password for invalid user ksk from 139.199.18.194 port 53220 ssh2 Aug 23 18:21:58 dhoomketu sshd[2600400]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.18.194 user=root Aug 23 18:22:00 dhoomketu sshd[2600400]: Failed password for root from 139.199.18.194 port 50882 ssh2 ...	2020-08-23 20:53:24
attackbots	Aug 3 20:55:29 propaganda sshd[72500]: Connection from 139.199.18.194 port 58866 on 10.0.0.160 port 22 rdomain "" Aug 3 20:55:30 propaganda sshd[72500]: Connection closed by 139.199.18.194 port 58866 [preauth]	2020-08-04 14:47:30
attackbotsspam	Jul 29 14:54:16 havingfunrightnow sshd[6878]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.18.194 Jul 29 14:54:17 havingfunrightnow sshd[6878]: Failed password for invalid user greatwall from 139.199.18.194 port 55260 ssh2 Jul 29 14:55:30 havingfunrightnow sshd[6945]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.18.194 ...	2020-07-30 02:45:53
attackbotsspam	Invalid user git from 139.199.18.194 port 52336	2020-06-30 19:23:06
attackspambots	SSH Invalid Login	2020-06-26 06:40:09
attackspam	Jun 23 10:55:04 master sshd[825]: Failed password for invalid user teamspeak from 139.199.18.194 port 57440 ssh2 Jun 23 11:16:46 master sshd[3895]: Failed password for invalid user daniela from 139.199.18.194 port 56800 ssh2	2020-06-23 18:13:57
attack	TCP (SYN) 139.199.18.194:56405 -> port 5, len 44	2020-06-22 17:30:33
attackbotsspam	Tried sshing with brute force.	2020-06-09 15:51:33
attackbots	Jun 6 11:29:49 abendstille sshd\[16103\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.18.194 user=root Jun 6 11:29:50 abendstille sshd\[16103\]: Failed password for root from 139.199.18.194 port 36154 ssh2 Jun 6 11:31:07 abendstille sshd\[17559\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.18.194 user=root Jun 6 11:31:09 abendstille sshd\[17559\]: Failed password for root from 139.199.18.194 port 53040 ssh2 Jun 6 11:32:27 abendstille sshd\[18927\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.18.194 user=root ...	2020-06-06 18:12:36
attack	May 29 06:45:43 h2779839 sshd[20234]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.18.194 user=root May 29 06:45:45 h2779839 sshd[20234]: Failed password for root from 139.199.18.194 port 36880 ssh2 May 29 06:46:42 h2779839 sshd[20251]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.18.194 user=root May 29 06:46:44 h2779839 sshd[20251]: Failed password for root from 139.199.18.194 port 48522 ssh2 May 29 06:47:43 h2779839 sshd[20281]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.18.194 user=root May 29 06:47:45 h2779839 sshd[20281]: Failed password for root from 139.199.18.194 port 60172 ssh2 May 29 06:48:44 h2779839 sshd[20295]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.18.194 user=root May 29 06:48:45 h2779839 sshd[20295]: Failed password for root from 139.199.18.194 port 43588 s ...	2020-05-29 13:33:29
attack	May 10 05:55:47 ns382633 sshd\[31418\]: Invalid user postgres from 139.199.18.194 port 54310 May 10 05:55:47 ns382633 sshd\[31418\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.18.194 May 10 05:55:49 ns382633 sshd\[31418\]: Failed password for invalid user postgres from 139.199.18.194 port 54310 ssh2 May 10 05:56:43 ns382633 sshd\[31477\]: Invalid user zhuang from 139.199.18.194 port 35854 May 10 05:56:43 ns382633 sshd\[31477\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.18.194	2020-05-10 12:25:31
attackspambots	Invalid user pgm from 139.199.18.194 port 47420	2020-05-03 15:40:31
attackbots	Invalid user leticia from 139.199.18.194 port 34640	2020-05-01 14:13:36
attack	5x Failed Password	2020-04-28 03:51:50
attackbots	Apr 18 07:35:48 nbi-636 sshd[31845]: Invalid user v from 139.199.18.194 port 57476 Apr 18 07:35:48 nbi-636 sshd[31845]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.18.194 Apr 18 07:35:50 nbi-636 sshd[31845]: Failed password for invalid user v from 139.199.18.194 port 57476 ssh2 Apr 18 07:35:51 nbi-636 sshd[31845]: Received disconnect from 139.199.18.194 port 57476:11: Bye Bye [preauth] Apr 18 07:35:51 nbi-636 sshd[31845]: Disconnected from invalid user v 139.199.18.194 port 57476 [preauth] Apr 18 07:52:09 nbi-636 sshd[4956]: Invalid user desktop from 139.199.18.194 port 52072 Apr 18 07:52:09 nbi-636 sshd[4956]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.18.194 Apr 18 07:52:11 nbi-636 sshd[4956]: Failed password for invalid user desktop from 139.199.18.194 port 52072 ssh2 Apr 18 07:52:14 nbi-636 sshd[4956]: Received disconnect from 139.199.18.194 port 52072:11: Bye ........ -------------------------------	2020-04-18 14:47:28

相同子网IP讨论:

IP	类型	评论内容	时间
139.199.18.200	attackspambots	Sep 26 00:45:19 eventyay sshd[21666]: Failed password for root from 139.199.18.200 port 34240 ssh2 Sep 26 00:46:15 eventyay sshd[21670]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.18.200 Sep 26 00:46:17 eventyay sshd[21670]: Failed password for invalid user anonymous from 139.199.18.200 port 48158 ssh2 ...	2020-09-26 07:02:41
139.199.18.200	attackspam	2020-09-25T13:40:16.318090lavrinenko.info sshd[3429]: Failed password for invalid user grid from 139.199.18.200 port 58952 ssh2 2020-09-25T13:44:58.367058lavrinenko.info sshd[9739]: Invalid user user7 from 139.199.18.200 port 56360 2020-09-25T13:44:58.378352lavrinenko.info sshd[9739]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.18.200 2020-09-25T13:44:58.367058lavrinenko.info sshd[9739]: Invalid user user7 from 139.199.18.200 port 56360 2020-09-25T13:44:59.922678lavrinenko.info sshd[9739]: Failed password for invalid user user7 from 139.199.18.200 port 56360 ssh2 ...	2020-09-26 00:10:48
139.199.18.200	attack	Automatic Fail2ban report - Trying login SSH	2020-09-25 15:47:34
139.199.189.158	attackbots	2020-09-14T11:34:46.670400server.espacesoutien.com sshd[14677]: Invalid user dresden from 139.199.189.158 port 36066 2020-09-14T11:34:46.687398server.espacesoutien.com sshd[14677]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.189.158 2020-09-14T11:34:46.670400server.espacesoutien.com sshd[14677]: Invalid user dresden from 139.199.189.158 port 36066 2020-09-14T11:34:49.065942server.espacesoutien.com sshd[14677]: Failed password for invalid user dresden from 139.199.189.158 port 36066 ssh2 ...	2020-09-14 20:37:35
139.199.189.158	attack	"Unauthorized connection attempt on SSHD detected"	2020-09-14 12:30:20
139.199.189.158	attackspambots	"Unauthorized connection attempt on SSHD detected"	2020-09-14 04:31:38
139.199.18.200	attack	Sep 8 22:17:59 george sshd[3959]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.18.200 user=root Sep 8 22:18:02 george sshd[3959]: Failed password for root from 139.199.18.200 port 43684 ssh2 Sep 8 22:19:53 george sshd[3966]: Invalid user cisco from 139.199.18.200 port 40592 Sep 8 22:19:53 george sshd[3966]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.18.200 Sep 8 22:19:55 george sshd[3966]: Failed password for invalid user cisco from 139.199.18.200 port 40592 ssh2 ...	2020-09-09 18:01:48
139.199.18.200	attack	Failed password for invalid user test from 139.199.18.200 port 41916 ssh2	2020-09-01 08:12:30
139.199.189.158	attackspam	Aug 30 22:31:16 minden010 sshd[6081]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.189.158 Aug 30 22:31:18 minden010 sshd[6081]: Failed password for invalid user appuser from 139.199.189.158 port 50124 ssh2 Aug 30 22:39:25 minden010 sshd[9002]: Failed password for root from 139.199.189.158 port 40276 ssh2 ...	2020-08-31 05:20:04
139.199.18.200	attackbotsspam	$f2bV_matches	2020-08-27 03:38:23
139.199.18.200	attackbots	Unauthorised connection attempt detected at AUO NODE 4. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-08-21 01:44:20
139.199.18.200	attack	Invalid user elias from 139.199.18.200 port 49768	2020-08-20 15:30:17
139.199.189.158	attackbotsspam	Aug 17 22:30:13 scw-6657dc sshd[16586]: Failed password for root from 139.199.189.158 port 47704 ssh2 Aug 17 22:30:13 scw-6657dc sshd[16586]: Failed password for root from 139.199.189.158 port 47704 ssh2 Aug 17 22:35:26 scw-6657dc sshd[16842]: Invalid user amministratore from 139.199.189.158 port 52470 ...	2020-08-18 06:54:50
139.199.18.200	attackspambots	Aug 17 20:27:32 IngegnereFirenze sshd[5027]: Failed password for invalid user frank from 139.199.18.200 port 51528 ssh2 ...	2020-08-18 05:31:39
139.199.183.14	attack	This client attempted to login to an administrator account on a Website, or abused from another resource.	2020-08-05 04:28:41

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.199.18.194
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 31012
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.199.18.194.			IN	A

;; AUTHORITY SECTION:
.			598	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020041800 1800 900 604800 86400

;; Query time: 53 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Apr 18 14:47:25 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 194.18.199.139.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 194.18.199.139.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
103.83.192.12	attack	Automatic report - Banned IP Access	2020-07-20 19:46:55
190.144.79.157	attack	Invalid user taki from 190.144.79.157 port 40198	2020-07-20 19:17:07
177.23.184.99	attackspambots	Invalid user aruncs from 177.23.184.99 port 49250	2020-07-20 19:26:16
50.63.194.169	attackspam	Automatic report - XMLRPC Attack	2020-07-20 19:38:48
62.109.19.68	attackbotsspam	20 attempts against mh_ha-misbehave-ban on beach	2020-07-20 19:19:31
118.163.38.83	attack	firewall-block, port(s): 23/tcp	2020-07-20 19:38:29
191.220.98.149	attackspam	Jul 20 15:45:11 itv-usvr-01 sshd[652]: Invalid user davis from 191.220.98.149 Jul 20 15:45:11 itv-usvr-01 sshd[652]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.220.98.149 Jul 20 15:45:11 itv-usvr-01 sshd[652]: Invalid user davis from 191.220.98.149 Jul 20 15:45:13 itv-usvr-01 sshd[652]: Failed password for invalid user davis from 191.220.98.149 port 33790 ssh2 Jul 20 15:51:27 itv-usvr-01 sshd[906]: Invalid user cam from 191.220.98.149	2020-07-20 19:06:50
178.209.170.75	attackspam	WordPress login Brute force / Web App Attack on client site.	2020-07-20 19:17:46
49.88.112.72	attack	Brute-force attempt banned	2020-07-20 19:40:47
18.237.122.241	attackbots	Jul 20 05:50:28 vm1 sshd[31071]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=18.237.122.241 Jul 20 05:50:31 vm1 sshd[31071]: Failed password for invalid user tester from 18.237.122.241 port 48420 ssh2 ...	2020-07-20 19:08:11
104.238.120.3	attackbots	Automatic report - XMLRPC Attack	2020-07-20 19:12:43
91.218.65.213	attack	Jul 20 08:25:39 server sshd[31432]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.218.65.213 Jul 20 08:25:41 server sshd[31432]: Failed password for invalid user icaro from 91.218.65.213 port 51644 ssh2 Jul 20 08:29:20 server sshd[31684]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.218.65.213 ...	2020-07-20 19:09:03
138.197.171.79	attackspam	Jul 20 07:11:55 ny01 sshd[29492]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.171.79 Jul 20 07:11:57 ny01 sshd[29492]: Failed password for invalid user tester from 138.197.171.79 port 45074 ssh2 Jul 20 07:16:07 ny01 sshd[30110]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.171.79	2020-07-20 19:36:13
65.49.20.105	attackspambots	trying to access non-authorized port	2020-07-20 19:29:50
129.204.148.56	attack	SSH Brute-Force attacks	2020-07-20 19:02:09

最近上报的IP列表

104.239.168.149	61.181.93.10	180.111.6.64	49.233.193.237
114.231.41.90	27.1.253.142	251.108.193.127	194.28.61.132
185.36.72.157	6.233.82.182	60.59.48.10	242.17.126.43
45.87.151.197	203.238.189.44	163.109.117.102	209.93.255.165
210.179.36.189	183.131.84.141	240.90.106.226	49.233.141.58