必须是合法有效的IP地址, 可以是IPv4或者是IPv6, 例如127.0.0.1或者2001:DB8:0:0:8:800:200C:417A
基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:
类型 评论内容 时间
attackspam
Oct 12 10:00:06 ajax sshd[20406]: Failed password for root from 139.199.18.194 port 40928 ssh2
2020-10-12 21:33:16
attackspambots
$f2bV_matches
2020-10-12 13:04:40
attackbots
Aug 23 18:17:16 dhoomketu sshd[2600315]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.18.194 
Aug 23 18:17:16 dhoomketu sshd[2600315]: Invalid user ksk from 139.199.18.194 port 53220
Aug 23 18:17:19 dhoomketu sshd[2600315]: Failed password for invalid user ksk from 139.199.18.194 port 53220 ssh2
Aug 23 18:21:58 dhoomketu sshd[2600400]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.18.194  user=root
Aug 23 18:22:00 dhoomketu sshd[2600400]: Failed password for root from 139.199.18.194 port 50882 ssh2
...
2020-08-23 20:53:24
attackbots
Aug  3 20:55:29 propaganda sshd[72500]: Connection from 139.199.18.194 port 58866 on 10.0.0.160 port 22 rdomain ""
Aug  3 20:55:30 propaganda sshd[72500]: Connection closed by 139.199.18.194 port 58866 [preauth]
2020-08-04 14:47:30
attackbotsspam
Jul 29 14:54:16 havingfunrightnow sshd[6878]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.18.194 
Jul 29 14:54:17 havingfunrightnow sshd[6878]: Failed password for invalid user greatwall from 139.199.18.194 port 55260 ssh2
Jul 29 14:55:30 havingfunrightnow sshd[6945]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.18.194 
...
2020-07-30 02:45:53
attackbotsspam
Invalid user git from 139.199.18.194 port 52336
2020-06-30 19:23:06
attackspambots
SSH Invalid Login
2020-06-26 06:40:09
attackspam
Jun 23 10:55:04 master sshd[825]: Failed password for invalid user teamspeak from 139.199.18.194 port 57440 ssh2
Jun 23 11:16:46 master sshd[3895]: Failed password for invalid user daniela from 139.199.18.194 port 56800 ssh2
2020-06-23 18:13:57
attack
 TCP (SYN) 139.199.18.194:56405 -> port 5, len 44
2020-06-22 17:30:33
attackbotsspam
Tried sshing with brute force.
2020-06-09 15:51:33
attackbots
Jun  6 11:29:49 abendstille sshd\[16103\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.18.194  user=root
Jun  6 11:29:50 abendstille sshd\[16103\]: Failed password for root from 139.199.18.194 port 36154 ssh2
Jun  6 11:31:07 abendstille sshd\[17559\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.18.194  user=root
Jun  6 11:31:09 abendstille sshd\[17559\]: Failed password for root from 139.199.18.194 port 53040 ssh2
Jun  6 11:32:27 abendstille sshd\[18927\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.18.194  user=root
...
2020-06-06 18:12:36
attack
May 29 06:45:43 h2779839 sshd[20234]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.18.194  user=root
May 29 06:45:45 h2779839 sshd[20234]: Failed password for root from 139.199.18.194 port 36880 ssh2
May 29 06:46:42 h2779839 sshd[20251]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.18.194  user=root
May 29 06:46:44 h2779839 sshd[20251]: Failed password for root from 139.199.18.194 port 48522 ssh2
May 29 06:47:43 h2779839 sshd[20281]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.18.194  user=root
May 29 06:47:45 h2779839 sshd[20281]: Failed password for root from 139.199.18.194 port 60172 ssh2
May 29 06:48:44 h2779839 sshd[20295]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.18.194  user=root
May 29 06:48:45 h2779839 sshd[20295]: Failed password for root from 139.199.18.194 port 43588 s
...
2020-05-29 13:33:29
attack
May 10 05:55:47 ns382633 sshd\[31418\]: Invalid user postgres from 139.199.18.194 port 54310
May 10 05:55:47 ns382633 sshd\[31418\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.18.194
May 10 05:55:49 ns382633 sshd\[31418\]: Failed password for invalid user postgres from 139.199.18.194 port 54310 ssh2
May 10 05:56:43 ns382633 sshd\[31477\]: Invalid user zhuang from 139.199.18.194 port 35854
May 10 05:56:43 ns382633 sshd\[31477\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.18.194
2020-05-10 12:25:31
attackspambots
Invalid user pgm from 139.199.18.194 port 47420
2020-05-03 15:40:31
attackbots
Invalid user leticia from 139.199.18.194 port 34640
2020-05-01 14:13:36
attack
5x Failed Password
2020-04-28 03:51:50
attackbots
Apr 18 07:35:48 nbi-636 sshd[31845]: Invalid user v from 139.199.18.194 port 57476
Apr 18 07:35:48 nbi-636 sshd[31845]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.18.194 
Apr 18 07:35:50 nbi-636 sshd[31845]: Failed password for invalid user v from 139.199.18.194 port 57476 ssh2
Apr 18 07:35:51 nbi-636 sshd[31845]: Received disconnect from 139.199.18.194 port 57476:11: Bye Bye [preauth]
Apr 18 07:35:51 nbi-636 sshd[31845]: Disconnected from invalid user v 139.199.18.194 port 57476 [preauth]
Apr 18 07:52:09 nbi-636 sshd[4956]: Invalid user desktop from 139.199.18.194 port 52072
Apr 18 07:52:09 nbi-636 sshd[4956]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.18.194 
Apr 18 07:52:11 nbi-636 sshd[4956]: Failed password for invalid user desktop from 139.199.18.194 port 52072 ssh2
Apr 18 07:52:14 nbi-636 sshd[4956]: Received disconnect from 139.199.18.194 port 52072:11: Bye ........
-------------------------------
2020-04-18 14:47:28
相同子网IP讨论:
IP 类型 评论内容 时间
139.199.18.200 attackspambots
Sep 26 00:45:19 eventyay sshd[21666]: Failed password for root from 139.199.18.200 port 34240 ssh2
Sep 26 00:46:15 eventyay sshd[21670]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.18.200
Sep 26 00:46:17 eventyay sshd[21670]: Failed password for invalid user anonymous from 139.199.18.200 port 48158 ssh2
...
2020-09-26 07:02:41
139.199.18.200 attackspam
2020-09-25T13:40:16.318090lavrinenko.info sshd[3429]: Failed password for invalid user grid from 139.199.18.200 port 58952 ssh2
2020-09-25T13:44:58.367058lavrinenko.info sshd[9739]: Invalid user user7 from 139.199.18.200 port 56360
2020-09-25T13:44:58.378352lavrinenko.info sshd[9739]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.18.200
2020-09-25T13:44:58.367058lavrinenko.info sshd[9739]: Invalid user user7 from 139.199.18.200 port 56360
2020-09-25T13:44:59.922678lavrinenko.info sshd[9739]: Failed password for invalid user user7 from 139.199.18.200 port 56360 ssh2
...
2020-09-26 00:10:48
139.199.18.200 attack
Automatic Fail2ban report - Trying login SSH
2020-09-25 15:47:34
139.199.189.158 attackbots
2020-09-14T11:34:46.670400server.espacesoutien.com sshd[14677]: Invalid user dresden from 139.199.189.158 port 36066
2020-09-14T11:34:46.687398server.espacesoutien.com sshd[14677]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.189.158
2020-09-14T11:34:46.670400server.espacesoutien.com sshd[14677]: Invalid user dresden from 139.199.189.158 port 36066
2020-09-14T11:34:49.065942server.espacesoutien.com sshd[14677]: Failed password for invalid user dresden from 139.199.189.158 port 36066 ssh2
...
2020-09-14 20:37:35
139.199.189.158 attack
"Unauthorized connection attempt on SSHD detected"
2020-09-14 12:30:20
139.199.189.158 attackspambots
"Unauthorized connection attempt on SSHD detected"
2020-09-14 04:31:38
139.199.18.200 attack
Sep  8 22:17:59 george sshd[3959]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.18.200  user=root
Sep  8 22:18:02 george sshd[3959]: Failed password for root from 139.199.18.200 port 43684 ssh2
Sep  8 22:19:53 george sshd[3966]: Invalid user cisco from 139.199.18.200 port 40592
Sep  8 22:19:53 george sshd[3966]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.18.200 
Sep  8 22:19:55 george sshd[3966]: Failed password for invalid user cisco from 139.199.18.200 port 40592 ssh2
...
2020-09-09 18:01:48
139.199.18.200 attack
Failed password for invalid user test from 139.199.18.200 port 41916 ssh2
2020-09-01 08:12:30
139.199.189.158 attackspam
Aug 30 22:31:16 minden010 sshd[6081]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.189.158
Aug 30 22:31:18 minden010 sshd[6081]: Failed password for invalid user appuser from 139.199.189.158 port 50124 ssh2
Aug 30 22:39:25 minden010 sshd[9002]: Failed password for root from 139.199.189.158 port 40276 ssh2
...
2020-08-31 05:20:04
139.199.18.200 attackbotsspam
$f2bV_matches
2020-08-27 03:38:23
139.199.18.200 attackbots
Unauthorised connection attempt detected at AUO NODE 4. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)
2020-08-21 01:44:20
139.199.18.200 attack
Invalid user elias from 139.199.18.200 port 49768
2020-08-20 15:30:17
139.199.189.158 attackbotsspam
Aug 17 22:30:13 scw-6657dc sshd[16586]: Failed password for root from 139.199.189.158 port 47704 ssh2
Aug 17 22:30:13 scw-6657dc sshd[16586]: Failed password for root from 139.199.189.158 port 47704 ssh2
Aug 17 22:35:26 scw-6657dc sshd[16842]: Invalid user amministratore from 139.199.189.158 port 52470
...
2020-08-18 06:54:50
139.199.18.200 attackspambots
Aug 17 20:27:32 IngegnereFirenze sshd[5027]: Failed password for invalid user frank from 139.199.18.200 port 51528 ssh2
...
2020-08-18 05:31:39
139.199.183.14 attack
This client attempted to login to an administrator account on a Website, or abused from another resource.
2020-08-05 04:28:41
WHOIS信息:
b
DIG信息:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.199.18.194
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 31012
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.199.18.194.			IN	A

;; AUTHORITY SECTION:
.			598	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020041800 1800 900 604800 86400

;; Query time: 53 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Apr 18 14:47:25 CST 2020
;; MSG SIZE  rcvd: 118
HOST信息:
Host 194.18.199.139.in-addr.arpa. not found: 3(NXDOMAIN)
NSLOOKUP信息:
Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 194.18.199.139.in-addr.arpa: NXDOMAIN
相关IP信息:
最新评论:
IP 类型 评论内容 时间
114.226.35.254 attackspam
Oct  4 22:32:44 georgia postfix/smtpd[11542]: connect from unknown[114.226.35.254]
Oct  4 22:32:45 georgia postfix/smtpd[11542]: warning: unknown[114.226.35.254]: SASL LOGIN authentication failed: authentication failure
Oct  4 22:32:46 georgia postfix/smtpd[11542]: lost connection after AUTH from unknown[114.226.35.254]
Oct  4 22:32:46 georgia postfix/smtpd[11542]: disconnect from unknown[114.226.35.254] ehlo=2 starttls=1 auth=0/1 commands=3/4
Oct  4 22:32:46 georgia postfix/smtpd[11542]: connect from unknown[114.226.35.254]
Oct  4 22:32:50 georgia postfix/smtpd[11542]: warning: unknown[114.226.35.254]: SASL LOGIN authentication failed: authentication failure
Oct  4 22:32:50 georgia postfix/smtpd[11542]: lost connection after AUTH from unknown[114.226.35.254]
Oct  4 22:32:50 georgia postfix/smtpd[11542]: disconnect from unknown[114.226.35.254] ehlo=2 starttls=1 auth=0/1 commands=3/4
Oct  4 22:32:50 georgia postfix/smtpd[11542]: connect from unknown[114.226.35.254]
Oct  ........
-------------------------------
2020-10-05 12:38:27
129.211.24.104 attackspambots
Oct  5 04:41:38 amit sshd\[8384\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.24.104  user=root
Oct  5 04:41:40 amit sshd\[8384\]: Failed password for root from 129.211.24.104 port 44908 ssh2
Oct  5 04:47:28 amit sshd\[21156\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.24.104  user=root
...
2020-10-05 12:56:11
171.217.92.33 attackbotsspam
 TCP (SYN) 171.217.92.33:63337 -> port 3456, len 44
2020-10-05 12:37:11
39.79.146.74 attackspam
Listed on    zen-spamhaus also abuseat.org   / proto=6  .  srcport=1503  .  dstport=23 Telnet  .     (3557)
2020-10-05 12:52:43
165.227.205.128 attackbotsspam
SSH brute-force attack detected from [165.227.205.128]
2020-10-05 12:51:02
94.180.24.77 attackbots
Found on   CINS badguys     / proto=6  .  srcport=7537  .  dstport=23 Telnet  .     (3559)
2020-10-05 12:45:54
71.6.233.75 attackspambots
[N3.H3.VM3] Port Scanner Detected Blocked by UFW
2020-10-05 13:06:38
34.105.147.199 attack
CMS (WordPress or Joomla) login attempt.
2020-10-05 12:58:48
120.148.160.166 attackbotsspam
Oct  4 19:22:42 firewall sshd[20630]: Failed password for root from 120.148.160.166 port 33215 ssh2
Oct  4 19:27:19 firewall sshd[20708]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.148.160.166  user=root
Oct  4 19:27:21 firewall sshd[20708]: Failed password for root from 120.148.160.166 port 33110 ssh2
...
2020-10-05 12:45:22
140.238.95.47 attackspam
[N1.H1.VM1] Bad Bot Blocked by UFW
2020-10-05 12:47:49
176.100.102.150 attack
1433/tcp 445/tcp
[2020-09-29/10-04]2pkt
2020-10-05 12:58:29
83.18.149.38 attack
Oct  5 05:57:34 ns382633 sshd\[32164\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=83.18.149.38  user=root
Oct  5 05:57:36 ns382633 sshd\[32164\]: Failed password for root from 83.18.149.38 port 46970 ssh2
Oct  5 06:09:16 ns382633 sshd\[1673\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=83.18.149.38  user=root
Oct  5 06:09:18 ns382633 sshd\[1673\]: Failed password for root from 83.18.149.38 port 48775 ssh2
Oct  5 06:15:49 ns382633 sshd\[2799\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=83.18.149.38  user=root
2020-10-05 12:35:14
92.63.94.17 attackspambots
 TCP (SYN) 92.63.94.17:13349 -> port 23, len 44
2020-10-05 12:42:37
62.210.177.248 attackbotsspam
62.210.177.248 - - [05/Oct/2020:04:21:33 +0100] "POST //xmlrpc.php HTTP/1.1" 200 413 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36"
62.210.177.248 - - [05/Oct/2020:04:21:33 +0100] "POST //xmlrpc.php HTTP/1.1" 200 413 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36"
62.210.177.248 - - [05/Oct/2020:04:21:34 +0100] "POST //xmlrpc.php HTTP/1.1" 200 415 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36"
...
2020-10-05 12:51:56
112.85.42.151 attackspambots
Oct  5 06:34:31 server sshd[38636]: Failed none for root from 112.85.42.151 port 32204 ssh2
Oct  5 06:34:34 server sshd[38636]: Failed password for root from 112.85.42.151 port 32204 ssh2
Oct  5 06:34:40 server sshd[38636]: Failed password for root from 112.85.42.151 port 32204 ssh2
2020-10-05 12:38:49

最近上报的IP列表

104.239.168.149 61.181.93.10 180.111.6.64 49.233.193.237
114.231.41.90 27.1.253.142 251.108.193.127 194.28.61.132
185.36.72.157 6.233.82.182 60.59.48.10 242.17.126.43
45.87.151.197 203.238.189.44 163.109.117.102 209.93.255.165
210.179.36.189 183.131.84.141 240.90.106.226 49.233.141.58