必须是合法有效的IP地址, 可以是IPv4或者是IPv6, 例如127.0.0.1或者2001:DB8:0:0:8:800:200C:417A
基本信息:

城市(city): Beijing

省份(region): Beijing

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:
类型 评论内容 时间
attackspambots
Invalid user lw from 139.199.19.219 port 50338
2020-04-23 04:04:06
attack
Apr 19 00:37:10 ns382633 sshd\[15008\]: Invalid user kw from 139.199.19.219 port 57888
Apr 19 00:37:10 ns382633 sshd\[15008\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.19.219
Apr 19 00:37:13 ns382633 sshd\[15008\]: Failed password for invalid user kw from 139.199.19.219 port 57888 ssh2
Apr 19 00:48:32 ns382633 sshd\[17337\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.19.219  user=root
Apr 19 00:48:34 ns382633 sshd\[17337\]: Failed password for root from 139.199.19.219 port 38316 ssh2
2020-04-19 08:05:58
attackbots
2020-04-13T19:30:11.402505abusebot-5.cloudsearch.cf sshd[2583]: Invalid user tads from 139.199.19.219 port 56962
2020-04-13T19:30:11.412145abusebot-5.cloudsearch.cf sshd[2583]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.19.219
2020-04-13T19:30:11.402505abusebot-5.cloudsearch.cf sshd[2583]: Invalid user tads from 139.199.19.219 port 56962
2020-04-13T19:30:12.968331abusebot-5.cloudsearch.cf sshd[2583]: Failed password for invalid user tads from 139.199.19.219 port 56962 ssh2
2020-04-13T19:33:22.174486abusebot-5.cloudsearch.cf sshd[2638]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.19.219  user=root
2020-04-13T19:33:24.283011abusebot-5.cloudsearch.cf sshd[2638]: Failed password for root from 139.199.19.219 port 38230 ssh2
2020-04-13T19:36:51.416950abusebot-5.cloudsearch.cf sshd[2646]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.19.219
...
2020-04-14 04:27:21
attackbots
Apr 10 05:48:24 ns382633 sshd\[15420\]: Invalid user es from 139.199.19.219 port 58536
Apr 10 05:48:24 ns382633 sshd\[15420\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.19.219
Apr 10 05:48:26 ns382633 sshd\[15420\]: Failed password for invalid user es from 139.199.19.219 port 58536 ssh2
Apr 10 05:58:42 ns382633 sshd\[17321\]: Invalid user deploy from 139.199.19.219 port 42154
Apr 10 05:58:42 ns382633 sshd\[17321\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.19.219
2020-04-10 12:25:10
attackbots
IP blocked
2020-04-10 04:26:31
attackbots
(sshd) Failed SSH login from 139.199.19.219 (JP/Japan/-): 5 in the last 3600 secs
2020-04-02 21:22:46
相同子网IP讨论:
IP 类型 评论内容 时间
139.199.197.45 attack
$f2bV_matches
2020-09-17 00:45:09
139.199.197.45 attack
$f2bV_matches
2020-09-16 17:00:33
139.199.196.23 attack
2967/tcp 8080/tcp
[2020-03-02/23]2pkt
2020-03-23 18:27:20
139.199.193.202 attackspambots
Mar 22 01:58:20 Ubuntu-1404-trusty-64-minimal sshd\[32595\]: Invalid user dasusr1 from 139.199.193.202
Mar 22 01:58:20 Ubuntu-1404-trusty-64-minimal sshd\[32595\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.193.202
Mar 22 01:58:21 Ubuntu-1404-trusty-64-minimal sshd\[32595\]: Failed password for invalid user dasusr1 from 139.199.193.202 port 33424 ssh2
Mar 22 02:02:29 Ubuntu-1404-trusty-64-minimal sshd\[6984\]: Invalid user ts3 from 139.199.193.202
Mar 22 02:02:29 Ubuntu-1404-trusty-64-minimal sshd\[6984\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.193.202
2020-03-22 09:15:24
139.199.193.202 attackspam
Mar 19 14:23:06 h1745522 sshd[1663]: Invalid user jboss from 139.199.193.202 port 43522
Mar 19 14:23:06 h1745522 sshd[1663]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.193.202
Mar 19 14:23:06 h1745522 sshd[1663]: Invalid user jboss from 139.199.193.202 port 43522
Mar 19 14:23:08 h1745522 sshd[1663]: Failed password for invalid user jboss from 139.199.193.202 port 43522 ssh2
Mar 19 14:26:13 h1745522 sshd[1903]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.193.202  user=root
Mar 19 14:26:15 h1745522 sshd[1903]: Failed password for root from 139.199.193.202 port 50068 ssh2
Mar 19 14:29:16 h1745522 sshd[2072]: Invalid user mqm from 139.199.193.202 port 56616
Mar 19 14:29:17 h1745522 sshd[2072]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.193.202
Mar 19 14:29:16 h1745522 sshd[2072]: Invalid user mqm from 139.199.193.202 port 56616
Mar 19
...
2020-03-20 01:42:56
139.199.19.227 attack
404 NOT FOUND
2020-03-18 12:15:33
139.199.193.202 attackspambots
fail2ban
2020-03-07 09:39:17
139.199.193.202 attack
Brute-force attempt banned
2020-03-03 22:08:22
139.199.193.202 attackspam
Unauthorized connection attempt detected from IP address 139.199.193.202 to port 2220 [J]
2020-02-01 02:22:20
139.199.191.112 attackspam
Unauthorized connection attempt detected from IP address 139.199.191.112 to port 1433 [J]
2020-01-27 01:52:36
139.199.193.202 attackspam
Unauthorized connection attempt detected from IP address 139.199.193.202 to port 2220 [J]
2020-01-25 21:17:37
139.199.19.227 attackbotsspam
Unauthorized connection attempt detected from IP address 139.199.19.227 to port 1433 [T]
2020-01-15 23:15:37
139.199.193.202 attackspambots
2020-01-09T16:01:13.301811scmdmz1 sshd[21932]: Invalid user yvx from 139.199.193.202 port 41860
2020-01-09T16:01:13.304323scmdmz1 sshd[21932]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.193.202
2020-01-09T16:01:13.301811scmdmz1 sshd[21932]: Invalid user yvx from 139.199.193.202 port 41860
2020-01-09T16:01:15.281543scmdmz1 sshd[21932]: Failed password for invalid user yvx from 139.199.193.202 port 41860 ssh2
2020-01-09T16:07:41.762178scmdmz1 sshd[22481]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.193.202  user=nobody
2020-01-09T16:07:43.673766scmdmz1 sshd[22481]: Failed password for nobody from 139.199.193.202 port 50214 ssh2
...
2020-01-10 00:03:00
139.199.191.112 attackbotsspam
Unauthorized connection attempt detected from IP address 139.199.191.112 to port 445
2019-12-31 09:13:46
139.199.191.112 attack
Unauthorized connection attempt detected from IP address 139.199.191.112 to port 1433
2019-12-31 02:58:26
WHOIS信息:
b
DIG信息:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.199.19.219
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1385
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.199.19.219.			IN	A

;; AUTHORITY SECTION:
.			128	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020033102 1800 900 604800 86400

;; Query time: 86 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Apr 01 11:36:00 CST 2020
;; MSG SIZE  rcvd: 118
HOST信息:
Host 219.19.199.139.in-addr.arpa. not found: 3(NXDOMAIN)
NSLOOKUP信息:
Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 219.19.199.139.in-addr.arpa: NXDOMAIN
相关IP信息:
最新评论:
IP 类型 评论内容 时间
62.48.150.175 attack
Oct 10 10:46:16 web9 sshd\[1412\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.48.150.175  user=root
Oct 10 10:46:18 web9 sshd\[1412\]: Failed password for root from 62.48.150.175 port 36842 ssh2
Oct 10 10:50:55 web9 sshd\[2162\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.48.150.175  user=root
Oct 10 10:50:57 web9 sshd\[2162\]: Failed password for root from 62.48.150.175 port 51284 ssh2
Oct 10 10:55:31 web9 sshd\[2834\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.48.150.175  user=root
2019-10-11 05:04:50
2.238.193.59 attackbotsspam
Oct 10 20:02:36 marvibiene sshd[18070]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.238.193.59  user=root
Oct 10 20:02:37 marvibiene sshd[18070]: Failed password for root from 2.238.193.59 port 47628 ssh2
Oct 10 20:10:59 marvibiene sshd[18162]: Invalid user 123 from 2.238.193.59 port 53454
...
2019-10-11 04:54:04
185.36.81.236 attack
Oct 10 18:16:54 heicom postfix/smtpd\[10239\]: warning: unknown\[185.36.81.236\]: SASL LOGIN authentication failed: authentication failure
Oct 10 18:45:49 heicom postfix/smtpd\[10810\]: warning: unknown\[185.36.81.236\]: SASL LOGIN authentication failed: authentication failure
Oct 10 19:14:30 heicom postfix/smtpd\[12637\]: warning: unknown\[185.36.81.236\]: SASL LOGIN authentication failed: authentication failure
Oct 10 19:42:45 heicom postfix/smtpd\[12303\]: warning: unknown\[185.36.81.236\]: SASL LOGIN authentication failed: authentication failure
Oct 10 20:11:04 heicom postfix/smtpd\[13374\]: warning: unknown\[185.36.81.236\]: SASL LOGIN authentication failed: authentication failure
...
2019-10-11 04:49:34
36.71.117.246 attack
Attempt to attack host OS, exploiting network vulnerabilities, on 10-10-2019 21:10:23.
2019-10-11 05:13:49
190.186.58.189 attack
Attempt to attack host OS, exploiting network vulnerabilities, on 10-10-2019 21:10:23.
2019-10-11 05:14:24
91.194.53.185 attackspam
TCP src-port=41304   dst-port=25   Listed on   zen-spamhaus eatingmonkey rbldns-ru         (882)
2019-10-11 04:36:40
222.186.175.155 attack
$f2bV_matches
2019-10-11 05:02:02
201.55.199.143 attackbotsspam
Oct 10 22:39:35 core sshd[12573]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.55.199.143  user=root
Oct 10 22:39:37 core sshd[12573]: Failed password for root from 201.55.199.143 port 40640 ssh2
...
2019-10-11 04:42:29
220.164.2.61 attackbotsspam
Oct 10 **REMOVED** dovecot: imap-login: Disconnected \(auth failed, 1 attempts in 16 secs\): user=\, method=PLAIN, rip=220.164.2.61, lip=**REMOVED**, TLS, session=\
Oct 10 **REMOVED** dovecot: imap-login: Disconnected \(auth failed, 1 attempts in 6 secs\): user=\, method=PLAIN, rip=220.164.2.61, lip=**REMOVED**, TLS, session=\
Oct 10 **REMOVED** dovecot: imap-login: Disconnected \(auth failed, 1 attempts in 6 secs\): user=\<**REMOVED**.dekrvbrd@**REMOVED**.de\>, method=PLAIN, rip=220.164.2.61, lip=**REMOVED**, TLS: Disconnected, session=\<2vkvIZSUmaTcpAI9\>
2019-10-11 05:24:34
23.94.133.28 attackspambots
Oct 10 23:20:33 sauna sshd[86633]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=23.94.133.28
Oct 10 23:20:35 sauna sshd[86633]: Failed password for invalid user Passw0rt_1@3 from 23.94.133.28 port 60672 ssh2
...
2019-10-11 04:37:05
185.176.27.174 attackspambots
10/10/2019-22:10:10.888657 185.176.27.174 Protocol: 6 ET DROP Dshield Block Listed Source group 1
2019-10-11 05:22:36
138.68.12.43 attackspam
Oct 10 22:05:58 legacy sshd[10404]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.12.43
Oct 10 22:06:00 legacy sshd[10404]: Failed password for invalid user Montblanc_123 from 138.68.12.43 port 34782 ssh2
Oct 10 22:11:00 legacy sshd[10544]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.12.43
...
2019-10-11 04:51:55
79.43.58.201 attackspam
Portscan detected
2019-10-11 04:39:35
80.211.158.23 attackspam
Oct  6 06:32:30 shadeyouvpn sshd[15778]: Address 80.211.158.23 maps to jbwastats.pl, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!
Oct  6 06:32:30 shadeyouvpn sshd[15778]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.158.23  user=r.r
Oct  6 06:32:32 shadeyouvpn sshd[15778]: Failed password for r.r from 80.211.158.23 port 40772 ssh2
Oct  6 06:32:32 shadeyouvpn sshd[15778]: Received disconnect from 80.211.158.23: 11: Bye Bye [preauth]
Oct  6 06:36:29 shadeyouvpn sshd[19024]: Address 80.211.158.23 maps to jbwastats.pl, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!
Oct  6 06:36:29 shadeyouvpn sshd[19024]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.158.23  user=r.r
Oct  6 06:36:31 shadeyouv
.... truncated .... 

Oct  6 06:32:30 shadeyouvpn sshd[15778]: Address 80.211.158.23 maps to jbwastats.pl, but this does not map back to ........
-------------------------------
2019-10-11 04:44:06
183.15.123.216 attackspam
Oct 10 19:54:31 nbi-636 sshd[27924]: User r.r from 183.15.123.216 not allowed because not listed in AllowUsers
Oct 10 19:54:31 nbi-636 sshd[27924]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.15.123.216  user=r.r
Oct 10 19:54:33 nbi-636 sshd[27924]: Failed password for invalid user r.r from 183.15.123.216 port 49690 ssh2
Oct 10 19:54:34 nbi-636 sshd[27924]: Received disconnect from 183.15.123.216 port 49690:11: Bye Bye [preauth]
Oct 10 19:54:34 nbi-636 sshd[27924]: Disconnected from 183.15.123.216 port 49690 [preauth]
Oct 10 20:11:04 nbi-636 sshd[31438]: User r.r from 183.15.123.216 not allowed because not listed in AllowUsers
Oct 10 20:11:04 nbi-636 sshd[31438]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.15.123.216  user=r.r
Oct 10 20:11:07 nbi-636 sshd[31438]: Failed password for invalid user r.r from 183.15.123.216 port 48860 ssh2
Oct 10 20:11:07 nbi-636 sshd[31438]: Rece........
-------------------------------
2019-10-11 04:55:01

最近上报的IP列表

173.97.114.63 165.138.159.92 126.3.108.76 17.243.76.180
105.183.49.152 203.112.30.22 110.77.238.80 147.160.171.85
89.128.65.66 65.171.44.96 152.1.82.16 37.15.144.201
33.62.60.204 219.110.125.126 171.45.147.20 115.225.82.4
41.248.190.5 175.115.29.50 115.111.11.61 127.202.121.139