139.199.183.185

基本信息:

城市(city): Beijing

省份(region): Beijing

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): Shenzhen Tencent Computer Systems Company Limited

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	banned on SSHD	2020-03-30 17:51:02
attackspam	Mar 2 05:12:28 localhost sshd[117928]: Invalid user liuzezhang from 139.199.183.185 port 52120 Mar 2 05:12:28 localhost sshd[117928]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.183.185 Mar 2 05:12:28 localhost sshd[117928]: Invalid user liuzezhang from 139.199.183.185 port 52120 Mar 2 05:12:30 localhost sshd[117928]: Failed password for invalid user liuzezhang from 139.199.183.185 port 52120 ssh2 Mar 2 05:19:15 localhost sshd[118624]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.183.185 user=root Mar 2 05:19:16 localhost sshd[118624]: Failed password for root from 139.199.183.185 port 44508 ssh2 ...	2020-03-02 13:22:07
attack	Feb 26 02:27:21 localhost sshd\[18988\]: Invalid user william from 139.199.183.185 port 59606 Feb 26 02:27:21 localhost sshd\[18988\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.183.185 Feb 26 02:27:23 localhost sshd\[18988\]: Failed password for invalid user william from 139.199.183.185 port 59606 ssh2	2020-02-26 09:36:47
attackbotsspam	Unauthorized connection attempt detected from IP address 139.199.183.185 to port 2220 [J]	2020-01-06 21:02:48
attackbots	Dec 18 04:53:52 game-panel sshd[12174]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.183.185 Dec 18 04:53:54 game-panel sshd[12174]: Failed password for invalid user abhiram from 139.199.183.185 port 51962 ssh2 Dec 18 04:58:11 game-panel sshd[12422]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.183.185	2019-12-18 13:47:10
attackspambots	2019-12-16T22:55:30.680733centos sshd\[13776\]: Invalid user pujara from 139.199.183.185 port 51832 2019-12-16T22:55:30.686692centos sshd\[13776\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.183.185 2019-12-16T22:55:32.267590centos sshd\[13776\]: Failed password for invalid user pujara from 139.199.183.185 port 51832 ssh2	2019-12-17 06:02:04
attackspambots	Dec 8 16:59:39 MK-Soft-VM5 sshd[5358]: Failed password for root from 139.199.183.185 port 48744 ssh2 ...	2019-12-09 00:15:45
attackbotsspam	Dec 2 11:22:54 ns41 sshd[1592]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.183.185 Dec 2 11:22:54 ns41 sshd[1592]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.183.185	2019-12-02 18:52:01
attackspam	SSH authentication failure x 6 reported by Fail2Ban ...	2019-11-23 06:02:04
attackspam	Nov 22 11:34:31 server sshd\[32704\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.183.185 user=root Nov 22 11:34:33 server sshd\[32704\]: Failed password for root from 139.199.183.185 port 49770 ssh2 Nov 22 11:39:25 server sshd\[1485\]: Invalid user colten from 139.199.183.185 Nov 22 11:39:25 server sshd\[1485\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.183.185 Nov 22 11:39:28 server sshd\[1485\]: Failed password for invalid user colten from 139.199.183.185 port 57256 ssh2 ...	2019-11-22 16:52:58
attackspambots	Automatic report - Banned IP Access	2019-11-09 21:31:38
attackspambots	Nov 8 06:03:13 vps647732 sshd[17545]: Failed password for root from 139.199.183.185 port 35282 ssh2 ...	2019-11-08 13:11:11
attackspambots	2019-11-04T22:42:09.567305abusebot.cloudsearch.cf sshd\[28114\]: Invalid user jim from 139.199.183.185 port 53522	2019-11-05 08:55:17
attackbotsspam	2019-11-03T05:54:06.416198abusebot-7.cloudsearch.cf sshd\[2020\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.183.185 user=root	2019-11-03 15:27:33
attackspam	Oct 17 06:51:32 www sshd\[54740\]: Invalid user paintball from 139.199.183.185Oct 17 06:51:34 www sshd\[54740\]: Failed password for invalid user paintball from 139.199.183.185 port 34680 ssh2Oct 17 06:56:04 www sshd\[54990\]: Failed password for root from 139.199.183.185 port 44410 ssh2 ...	2019-10-17 13:06:37
attack	Oct 9 11:20:03 marvibiene sshd[18929]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.183.185 user=root Oct 9 11:20:05 marvibiene sshd[18929]: Failed password for root from 139.199.183.185 port 58014 ssh2 Oct 9 11:41:08 marvibiene sshd[19204]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.183.185 user=root Oct 9 11:41:10 marvibiene sshd[19204]: Failed password for root from 139.199.183.185 port 52730 ssh2 ...	2019-10-09 20:26:48
attackbots	Oct 7 07:41:57 vps691689 sshd[29253]: Failed password for root from 139.199.183.185 port 36374 ssh2 Oct 7 07:46:36 vps691689 sshd[29410]: Failed password for root from 139.199.183.185 port 42296 ssh2 ...	2019-10-07 13:47:35
attackbots	Oct 6 15:41:43 microserver sshd[44794]: Invalid user Wash123 from 139.199.183.185 port 57306 Oct 6 15:41:43 microserver sshd[44794]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.183.185 Oct 6 15:41:45 microserver sshd[44794]: Failed password for invalid user Wash123 from 139.199.183.185 port 57306 ssh2 Oct 6 15:45:54 microserver sshd[45402]: Invalid user Par0la_123 from 139.199.183.185 port 60124 Oct 6 15:45:54 microserver sshd[45402]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.183.185 Oct 6 15:58:05 microserver sshd[46850]: Invalid user Science@123 from 139.199.183.185 port 40328 Oct 6 15:58:05 microserver sshd[46850]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.183.185 Oct 6 15:58:07 microserver sshd[46850]: Failed password for invalid user Science@123 from 139.199.183.185 port 40328 ssh2 Oct 6 16:02:15 microserver sshd[47482]: Invalid user Gera	2019-10-06 22:39:27
attackspam	Oct 3 00:27:51 mail sshd\[4923\]: Invalid user Eemil from 139.199.183.185 port 57050 Oct 3 00:27:51 mail sshd\[4923\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.183.185 Oct 3 00:27:53 mail sshd\[4923\]: Failed password for invalid user Eemil from 139.199.183.185 port 57050 ssh2 Oct 3 00:31:34 mail sshd\[5251\]: Invalid user c from 139.199.183.185 port 60206 Oct 3 00:31:34 mail sshd\[5251\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.183.185	2019-10-03 06:34:50
attack	Sep 30 18:48:59 gw1 sshd[6559]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.183.185 Sep 30 18:49:01 gw1 sshd[6559]: Failed password for invalid user fish from 139.199.183.185 port 35398 ssh2 ...	2019-09-30 22:08:22
attackspambots	2019-09-26T21:54:11.316786abusebot-3.cloudsearch.cf sshd\[32384\]: Invalid user clear!@\# from 139.199.183.185 port 54690	2019-09-27 06:06:17
attack	Sep 24 21:15:43 tdfoods sshd\[9561\]: Invalid user intro1 from 139.199.183.185 Sep 24 21:15:43 tdfoods sshd\[9561\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.183.185 Sep 24 21:15:45 tdfoods sshd\[9561\]: Failed password for invalid user intro1 from 139.199.183.185 port 40040 ssh2 Sep 24 21:19:30 tdfoods sshd\[9963\]: Invalid user vbox from 139.199.183.185 Sep 24 21:19:30 tdfoods sshd\[9963\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.183.185	2019-09-25 20:00:50
attackbotsspam	Sep 23 11:45:37 MK-Soft-Root2 sshd[9788]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.183.185 Sep 23 11:45:39 MK-Soft-Root2 sshd[9788]: Failed password for invalid user yocona from 139.199.183.185 port 58518 ssh2 ...	2019-09-23 19:54:01
attackbots	Sep 22 06:37:00 v22018076622670303 sshd\[29376\]: Invalid user support from 139.199.183.185 port 41688 Sep 22 06:37:00 v22018076622670303 sshd\[29376\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.183.185 Sep 22 06:37:03 v22018076622670303 sshd\[29376\]: Failed password for invalid user support from 139.199.183.185 port 41688 ssh2 ...	2019-09-22 12:38:04
attackspam	Invalid user teamspeak from 139.199.183.185 port 45172 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.183.185 Failed password for invalid user teamspeak from 139.199.183.185 port 45172 ssh2 Invalid user webmaster from 139.199.183.185 port 46394 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.183.185	2019-09-14 06:55:09
attackspambots	Sep 10 13:59:16 eddieflores sshd\[22019\]: Invalid user teamspeak from 139.199.183.185 Sep 10 13:59:16 eddieflores sshd\[22019\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.183.185 Sep 10 13:59:17 eddieflores sshd\[22019\]: Failed password for invalid user teamspeak from 139.199.183.185 port 33508 ssh2 Sep 10 14:02:45 eddieflores sshd\[22340\]: Invalid user temp from 139.199.183.185 Sep 10 14:02:45 eddieflores sshd\[22340\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.183.185	2019-09-11 10:44:09
attackbots	2019-09-08T11:23:05.323244abusebot-8.cloudsearch.cf sshd\[8803\]: Invalid user 35 from 139.199.183.185 port 46670	2019-09-08 19:30:52
attack	Sep 5 21:01:33 web9 sshd\[1888\]: Invalid user 123qwe from 139.199.183.185 Sep 5 21:01:33 web9 sshd\[1888\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.183.185 Sep 5 21:01:35 web9 sshd\[1888\]: Failed password for invalid user 123qwe from 139.199.183.185 port 58092 ssh2 Sep 5 21:05:57 web9 sshd\[2777\]: Invalid user 123456 from 139.199.183.185 Sep 5 21:05:57 web9 sshd\[2777\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.183.185	2019-09-06 18:28:13
attack	Jul 3 16:35:31 lnxweb61 sshd[23476]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.183.185	2019-07-04 01:39:53

相同子网IP讨论:

IP	类型	评论内容	时间
139.199.183.14	attack	This client attempted to login to an administrator account on a Website, or abused from another resource.	2020-08-05 04:28:41
139.199.183.14	attackspambots	2020-07-27T16:06:18.343262devel sshd[16339]: Invalid user shiyang from 139.199.183.14 port 53680 2020-07-27T16:06:19.993743devel sshd[16339]: Failed password for invalid user shiyang from 139.199.183.14 port 53680 ssh2 2020-07-27T16:13:35.696294devel sshd[17363]: Invalid user zyn from 139.199.183.14 port 51090	2020-07-28 04:45:16
139.199.183.14	attackspam	Apr 7 01:18:44 ns382633 sshd\[29481\]: Invalid user vagrant from 139.199.183.14 port 44346 Apr 7 01:18:44 ns382633 sshd\[29481\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.183.14 Apr 7 01:18:45 ns382633 sshd\[29481\]: Failed password for invalid user vagrant from 139.199.183.14 port 44346 ssh2 Apr 7 01:50:29 ns382633 sshd\[6880\]: Invalid user deploy from 139.199.183.14 port 57580 Apr 7 01:50:29 ns382633 sshd\[6880\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.183.14	2020-04-07 08:26:27
139.199.183.14	attackbotsspam	(sshd) Failed SSH login from 139.199.183.14 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Apr 2 23:27:37 localhost sshd[19417]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.183.14 user=root Apr 2 23:27:40 localhost sshd[19417]: Failed password for root from 139.199.183.14 port 41150 ssh2 Apr 2 23:44:56 localhost sshd[20576]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.183.14 user=root Apr 2 23:44:59 localhost sshd[20576]: Failed password for root from 139.199.183.14 port 54598 ssh2 Apr 2 23:47:27 localhost sshd[20769]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.183.14 user=root	2020-04-03 19:04:08
139.199.183.14	attackbots	$f2bV_matches	2020-03-25 00:45:48
139.199.183.14	attackspambots	SSH brutforce	2020-03-21 15:33:52

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.199.183.185
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 65241
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.199.183.185.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019040801 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Tue Apr 09 10:34:07 +08 2019
;; MSG SIZE  rcvd: 119

HOST信息:

Host 185.183.199.139.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 185.183.199.139.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
69.94.134.209	attack	Mar 7 06:30:16 mail.srvfarm.net postfix/smtpd[2613528]: NOQUEUE: reject: RCPT from unknown[69.94.134.209]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Mar 7 06:30:16 mail.srvfarm.net postfix/smtpd[2613288]: NOQUEUE: reject: RCPT from unknown[69.94.134.209]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Mar 7 06:30:16 mail.srvfarm.net postfix/smtpd[2609359]: NOQUEUE: reject: RCPT from unknown[69.94.134.209]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Mar 7 06:34:20 mail.srvfarm.net postfix/smtpd[2611674]: NOQUEUE: reject: RCPT from unknown[69.94	2020-03-07 18:56:04
210.212.210.98	attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-03-07 19:23:55
222.186.15.158	attackspambots	2020-03-07T11:46:42.937063scmdmz1 sshd[27175]: Failed password for root from 222.186.15.158 port 25133 ssh2 2020-03-07T11:46:44.997737scmdmz1 sshd[27175]: Failed password for root from 222.186.15.158 port 25133 ssh2 2020-03-07T11:46:46.998290scmdmz1 sshd[27175]: Failed password for root from 222.186.15.158 port 25133 ssh2 ...	2020-03-07 18:59:50
116.109.39.128	attack	Unauthorised access (Mar 7) SRC=116.109.39.128 LEN=44 TTL=48 ID=5888 TCP DPT=23 WINDOW=49983 SYN	2020-03-07 19:10:35
45.82.34.144	attackspam	Mar 7 05:24:21 mail.srvfarm.net postfix/smtpd[2589509]: NOQUEUE: reject: RCPT from unknown[45.82.34.144]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Mar 7 05:24:35 mail.srvfarm.net postfix/smtpd[2589509]: NOQUEUE: reject: RCPT from unknown[45.82.34.144]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Mar 7 05:28:44 mail.srvfarm.net postfix/smtpd[2593157]: NOQUEUE: reject: RCPT from unknown[45.82.34.144]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Mar 7 05:29:09 mail.srvfarm.net postfix/smtpd[2591616]: NOQUEUE: reject: RCPT from unknown[45.82.34.1	2020-03-07 18:58:40
61.222.56.80	attackbotsspam	Mar 6 19:43:44 server sshd\[25048\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61-222-56-80.hinet-ip.hinet.net user=root Mar 6 19:43:47 server sshd\[25048\]: Failed password for root from 61.222.56.80 port 41546 ssh2 Mar 7 10:35:47 server sshd\[3124\]: Invalid user ubuntu from 61.222.56.80 Mar 7 10:35:47 server sshd\[3124\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61-222-56-80.hinet-ip.hinet.net Mar 7 10:35:50 server sshd\[3124\]: Failed password for invalid user ubuntu from 61.222.56.80 port 35500 ssh2 ...	2020-03-07 19:30:20
27.78.36.91	attackspambots	unauthorized connection attempt	2020-03-07 19:23:21
23.67.176.129	attack	" "	2020-03-07 19:22:59
150.109.164.28	attackspambots	Mar 7 06:30:25 NPSTNNYC01T sshd[31321]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.109.164.28 Mar 7 06:30:27 NPSTNNYC01T sshd[31321]: Failed password for invalid user telnet from 150.109.164.28 port 48466 ssh2 Mar 7 06:37:21 NPSTNNYC01T sshd[31946]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.109.164.28 ...	2020-03-07 19:41:35
187.94.146.51	attackspam	$f2bV_matches	2020-03-07 19:24:25
27.75.181.230	attack	port scan and connect, tcp 23 (telnet)	2020-03-07 19:20:49
94.23.219.41	attack	Automatic report - XMLRPC Attack	2020-03-07 19:05:28
51.68.251.201	attack	Mar 7 11:53:53 vps647732 sshd[6788]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.251.201 Mar 7 11:53:55 vps647732 sshd[6788]: Failed password for invalid user vivek from 51.68.251.201 port 37888 ssh2 ...	2020-03-07 19:08:20
36.68.123.255	attack	Honeypot attack, port: 81, PTR: PTR record not found	2020-03-07 19:13:55
105.216.57.122	attack	Brute force attempt	2020-03-07 19:07:36

最近上报的IP列表

197.44.33.114	118.69.225.11	46.160.226.21	37.49.224.98
35.229.108.3	41.75.120.10	183.88.234.15	179.43.96.110
113.183.59.142	59.125.75.149	116.97.206.121	138.68.4.8
111.231.112.235	51.255.106.203	197.247.4.201	138.118.214.71
14.251.40.204	71.6.233.117	23.250.23.113	61.165.157.117