139.199.18.194

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Oct 12 10:00:06 ajax sshd[20406]: Failed password for root from 139.199.18.194 port 40928 ssh2	2020-10-12 21:33:16
attackspambots	$f2bV_matches	2020-10-12 13:04:40
attackbots	Aug 23 18:17:16 dhoomketu sshd[2600315]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.18.194 Aug 23 18:17:16 dhoomketu sshd[2600315]: Invalid user ksk from 139.199.18.194 port 53220 Aug 23 18:17:19 dhoomketu sshd[2600315]: Failed password for invalid user ksk from 139.199.18.194 port 53220 ssh2 Aug 23 18:21:58 dhoomketu sshd[2600400]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.18.194 user=root Aug 23 18:22:00 dhoomketu sshd[2600400]: Failed password for root from 139.199.18.194 port 50882 ssh2 ...	2020-08-23 20:53:24
attackbots	Aug 3 20:55:29 propaganda sshd[72500]: Connection from 139.199.18.194 port 58866 on 10.0.0.160 port 22 rdomain "" Aug 3 20:55:30 propaganda sshd[72500]: Connection closed by 139.199.18.194 port 58866 [preauth]	2020-08-04 14:47:30
attackbotsspam	Jul 29 14:54:16 havingfunrightnow sshd[6878]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.18.194 Jul 29 14:54:17 havingfunrightnow sshd[6878]: Failed password for invalid user greatwall from 139.199.18.194 port 55260 ssh2 Jul 29 14:55:30 havingfunrightnow sshd[6945]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.18.194 ...	2020-07-30 02:45:53
attackbotsspam	Invalid user git from 139.199.18.194 port 52336	2020-06-30 19:23:06
attackspambots	SSH Invalid Login	2020-06-26 06:40:09
attackspam	Jun 23 10:55:04 master sshd[825]: Failed password for invalid user teamspeak from 139.199.18.194 port 57440 ssh2 Jun 23 11:16:46 master sshd[3895]: Failed password for invalid user daniela from 139.199.18.194 port 56800 ssh2	2020-06-23 18:13:57
attack	TCP (SYN) 139.199.18.194:56405 -> port 5, len 44	2020-06-22 17:30:33
attackbotsspam	Tried sshing with brute force.	2020-06-09 15:51:33
attackbots	Jun 6 11:29:49 abendstille sshd\[16103\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.18.194 user=root Jun 6 11:29:50 abendstille sshd\[16103\]: Failed password for root from 139.199.18.194 port 36154 ssh2 Jun 6 11:31:07 abendstille sshd\[17559\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.18.194 user=root Jun 6 11:31:09 abendstille sshd\[17559\]: Failed password for root from 139.199.18.194 port 53040 ssh2 Jun 6 11:32:27 abendstille sshd\[18927\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.18.194 user=root ...	2020-06-06 18:12:36
attack	May 29 06:45:43 h2779839 sshd[20234]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.18.194 user=root May 29 06:45:45 h2779839 sshd[20234]: Failed password for root from 139.199.18.194 port 36880 ssh2 May 29 06:46:42 h2779839 sshd[20251]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.18.194 user=root May 29 06:46:44 h2779839 sshd[20251]: Failed password for root from 139.199.18.194 port 48522 ssh2 May 29 06:47:43 h2779839 sshd[20281]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.18.194 user=root May 29 06:47:45 h2779839 sshd[20281]: Failed password for root from 139.199.18.194 port 60172 ssh2 May 29 06:48:44 h2779839 sshd[20295]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.18.194 user=root May 29 06:48:45 h2779839 sshd[20295]: Failed password for root from 139.199.18.194 port 43588 s ...	2020-05-29 13:33:29
attack	May 10 05:55:47 ns382633 sshd\[31418\]: Invalid user postgres from 139.199.18.194 port 54310 May 10 05:55:47 ns382633 sshd\[31418\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.18.194 May 10 05:55:49 ns382633 sshd\[31418\]: Failed password for invalid user postgres from 139.199.18.194 port 54310 ssh2 May 10 05:56:43 ns382633 sshd\[31477\]: Invalid user zhuang from 139.199.18.194 port 35854 May 10 05:56:43 ns382633 sshd\[31477\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.18.194	2020-05-10 12:25:31
attackspambots	Invalid user pgm from 139.199.18.194 port 47420	2020-05-03 15:40:31
attackbots	Invalid user leticia from 139.199.18.194 port 34640	2020-05-01 14:13:36
attack	5x Failed Password	2020-04-28 03:51:50
attackbots	Apr 18 07:35:48 nbi-636 sshd[31845]: Invalid user v from 139.199.18.194 port 57476 Apr 18 07:35:48 nbi-636 sshd[31845]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.18.194 Apr 18 07:35:50 nbi-636 sshd[31845]: Failed password for invalid user v from 139.199.18.194 port 57476 ssh2 Apr 18 07:35:51 nbi-636 sshd[31845]: Received disconnect from 139.199.18.194 port 57476:11: Bye Bye [preauth] Apr 18 07:35:51 nbi-636 sshd[31845]: Disconnected from invalid user v 139.199.18.194 port 57476 [preauth] Apr 18 07:52:09 nbi-636 sshd[4956]: Invalid user desktop from 139.199.18.194 port 52072 Apr 18 07:52:09 nbi-636 sshd[4956]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.18.194 Apr 18 07:52:11 nbi-636 sshd[4956]: Failed password for invalid user desktop from 139.199.18.194 port 52072 ssh2 Apr 18 07:52:14 nbi-636 sshd[4956]: Received disconnect from 139.199.18.194 port 52072:11: Bye ........ -------------------------------	2020-04-18 14:47:28

相同子网IP讨论:

IP	类型	评论内容	时间
139.199.18.200	attackspambots	Sep 26 00:45:19 eventyay sshd[21666]: Failed password for root from 139.199.18.200 port 34240 ssh2 Sep 26 00:46:15 eventyay sshd[21670]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.18.200 Sep 26 00:46:17 eventyay sshd[21670]: Failed password for invalid user anonymous from 139.199.18.200 port 48158 ssh2 ...	2020-09-26 07:02:41
139.199.18.200	attackspam	2020-09-25T13:40:16.318090lavrinenko.info sshd[3429]: Failed password for invalid user grid from 139.199.18.200 port 58952 ssh2 2020-09-25T13:44:58.367058lavrinenko.info sshd[9739]: Invalid user user7 from 139.199.18.200 port 56360 2020-09-25T13:44:58.378352lavrinenko.info sshd[9739]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.18.200 2020-09-25T13:44:58.367058lavrinenko.info sshd[9739]: Invalid user user7 from 139.199.18.200 port 56360 2020-09-25T13:44:59.922678lavrinenko.info sshd[9739]: Failed password for invalid user user7 from 139.199.18.200 port 56360 ssh2 ...	2020-09-26 00:10:48
139.199.18.200	attack	Automatic Fail2ban report - Trying login SSH	2020-09-25 15:47:34
139.199.189.158	attackbots	2020-09-14T11:34:46.670400server.espacesoutien.com sshd[14677]: Invalid user dresden from 139.199.189.158 port 36066 2020-09-14T11:34:46.687398server.espacesoutien.com sshd[14677]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.189.158 2020-09-14T11:34:46.670400server.espacesoutien.com sshd[14677]: Invalid user dresden from 139.199.189.158 port 36066 2020-09-14T11:34:49.065942server.espacesoutien.com sshd[14677]: Failed password for invalid user dresden from 139.199.189.158 port 36066 ssh2 ...	2020-09-14 20:37:35
139.199.189.158	attack	"Unauthorized connection attempt on SSHD detected"	2020-09-14 12:30:20
139.199.189.158	attackspambots	"Unauthorized connection attempt on SSHD detected"	2020-09-14 04:31:38
139.199.18.200	attack	Sep 8 22:17:59 george sshd[3959]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.18.200 user=root Sep 8 22:18:02 george sshd[3959]: Failed password for root from 139.199.18.200 port 43684 ssh2 Sep 8 22:19:53 george sshd[3966]: Invalid user cisco from 139.199.18.200 port 40592 Sep 8 22:19:53 george sshd[3966]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.18.200 Sep 8 22:19:55 george sshd[3966]: Failed password for invalid user cisco from 139.199.18.200 port 40592 ssh2 ...	2020-09-09 18:01:48
139.199.18.200	attack	Failed password for invalid user test from 139.199.18.200 port 41916 ssh2	2020-09-01 08:12:30
139.199.189.158	attackspam	Aug 30 22:31:16 minden010 sshd[6081]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.189.158 Aug 30 22:31:18 minden010 sshd[6081]: Failed password for invalid user appuser from 139.199.189.158 port 50124 ssh2 Aug 30 22:39:25 minden010 sshd[9002]: Failed password for root from 139.199.189.158 port 40276 ssh2 ...	2020-08-31 05:20:04
139.199.18.200	attackbotsspam	$f2bV_matches	2020-08-27 03:38:23
139.199.18.200	attackbots	Unauthorised connection attempt detected at AUO NODE 4. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-08-21 01:44:20
139.199.18.200	attack	Invalid user elias from 139.199.18.200 port 49768	2020-08-20 15:30:17
139.199.189.158	attackbotsspam	Aug 17 22:30:13 scw-6657dc sshd[16586]: Failed password for root from 139.199.189.158 port 47704 ssh2 Aug 17 22:30:13 scw-6657dc sshd[16586]: Failed password for root from 139.199.189.158 port 47704 ssh2 Aug 17 22:35:26 scw-6657dc sshd[16842]: Invalid user amministratore from 139.199.189.158 port 52470 ...	2020-08-18 06:54:50
139.199.18.200	attackspambots	Aug 17 20:27:32 IngegnereFirenze sshd[5027]: Failed password for invalid user frank from 139.199.18.200 port 51528 ssh2 ...	2020-08-18 05:31:39
139.199.183.14	attack	This client attempted to login to an administrator account on a Website, or abused from another resource.	2020-08-05 04:28:41

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.199.18.194
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 31012
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.199.18.194.			IN	A

;; AUTHORITY SECTION:
.			598	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020041800 1800 900 604800 86400

;; Query time: 53 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Apr 18 14:47:25 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 194.18.199.139.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 194.18.199.139.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
114.226.35.254	attackspam	Oct 4 22:32:44 georgia postfix/smtpd[11542]: connect from unknown[114.226.35.254] Oct 4 22:32:45 georgia postfix/smtpd[11542]: warning: unknown[114.226.35.254]: SASL LOGIN authentication failed: authentication failure Oct 4 22:32:46 georgia postfix/smtpd[11542]: lost connection after AUTH from unknown[114.226.35.254] Oct 4 22:32:46 georgia postfix/smtpd[11542]: disconnect from unknown[114.226.35.254] ehlo=2 starttls=1 auth=0/1 commands=3/4 Oct 4 22:32:46 georgia postfix/smtpd[11542]: connect from unknown[114.226.35.254] Oct 4 22:32:50 georgia postfix/smtpd[11542]: warning: unknown[114.226.35.254]: SASL LOGIN authentication failed: authentication failure Oct 4 22:32:50 georgia postfix/smtpd[11542]: lost connection after AUTH from unknown[114.226.35.254] Oct 4 22:32:50 georgia postfix/smtpd[11542]: disconnect from unknown[114.226.35.254] ehlo=2 starttls=1 auth=0/1 commands=3/4 Oct 4 22:32:50 georgia postfix/smtpd[11542]: connect from unknown[114.226.35.254] Oct ........ -------------------------------	2020-10-05 12:38:27
129.211.24.104	attackspambots	Oct 5 04:41:38 amit sshd\[8384\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.24.104 user=root Oct 5 04:41:40 amit sshd\[8384\]: Failed password for root from 129.211.24.104 port 44908 ssh2 Oct 5 04:47:28 amit sshd\[21156\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.24.104 user=root ...	2020-10-05 12:56:11
171.217.92.33	attackbotsspam	TCP (SYN) 171.217.92.33:63337 -> port 3456, len 44	2020-10-05 12:37:11
39.79.146.74	attackspam	Listed on zen-spamhaus also abuseat.org / proto=6 . srcport=1503 . dstport=23 Telnet . (3557)	2020-10-05 12:52:43
165.227.205.128	attackbotsspam	SSH brute-force attack detected from [165.227.205.128]	2020-10-05 12:51:02
94.180.24.77	attackbots	Found on CINS badguys / proto=6 . srcport=7537 . dstport=23 Telnet . (3559)	2020-10-05 12:45:54
71.6.233.75	attackspambots	[N3.H3.VM3] Port Scanner Detected Blocked by UFW	2020-10-05 13:06:38
34.105.147.199	attack	CMS (WordPress or Joomla) login attempt.	2020-10-05 12:58:48
120.148.160.166	attackbotsspam	Oct 4 19:22:42 firewall sshd[20630]: Failed password for root from 120.148.160.166 port 33215 ssh2 Oct 4 19:27:19 firewall sshd[20708]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.148.160.166 user=root Oct 4 19:27:21 firewall sshd[20708]: Failed password for root from 120.148.160.166 port 33110 ssh2 ...	2020-10-05 12:45:22
140.238.95.47	attackspam	[N1.H1.VM1] Bad Bot Blocked by UFW	2020-10-05 12:47:49
176.100.102.150	attack	1433/tcp 445/tcp [2020-09-29/10-04]2pkt	2020-10-05 12:58:29
83.18.149.38	attack	Oct 5 05:57:34 ns382633 sshd\[32164\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=83.18.149.38 user=root Oct 5 05:57:36 ns382633 sshd\[32164\]: Failed password for root from 83.18.149.38 port 46970 ssh2 Oct 5 06:09:16 ns382633 sshd\[1673\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=83.18.149.38 user=root Oct 5 06:09:18 ns382633 sshd\[1673\]: Failed password for root from 83.18.149.38 port 48775 ssh2 Oct 5 06:15:49 ns382633 sshd\[2799\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=83.18.149.38 user=root	2020-10-05 12:35:14
92.63.94.17	attackspambots	TCP (SYN) 92.63.94.17:13349 -> port 23, len 44	2020-10-05 12:42:37
62.210.177.248	attackbotsspam	62.210.177.248 - - [05/Oct/2020:04:21:33 +0100] "POST //xmlrpc.php HTTP/1.1" 200 413 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 62.210.177.248 - - [05/Oct/2020:04:21:33 +0100] "POST //xmlrpc.php HTTP/1.1" 200 413 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 62.210.177.248 - - [05/Oct/2020:04:21:34 +0100] "POST //xmlrpc.php HTTP/1.1" 200 415 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" ...	2020-10-05 12:51:56
112.85.42.151	attackspambots	Oct 5 06:34:31 server sshd[38636]: Failed none for root from 112.85.42.151 port 32204 ssh2 Oct 5 06:34:34 server sshd[38636]: Failed password for root from 112.85.42.151 port 32204 ssh2 Oct 5 06:34:40 server sshd[38636]: Failed password for root from 112.85.42.151 port 32204 ssh2	2020-10-05 12:38:49

最近上报的IP列表

104.239.168.149	61.181.93.10	180.111.6.64	49.233.193.237
114.231.41.90	27.1.253.142	251.108.193.127	194.28.61.132
185.36.72.157	6.233.82.182	60.59.48.10	242.17.126.43
45.87.151.197	203.238.189.44	163.109.117.102	209.93.255.165
210.179.36.189	183.131.84.141	240.90.106.226	49.233.141.58