139.199.19.219

基本信息:

城市(city): Beijing

省份(region): Beijing

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Invalid user lw from 139.199.19.219 port 50338	2020-04-23 04:04:06
attack	Apr 19 00:37:10 ns382633 sshd\[15008\]: Invalid user kw from 139.199.19.219 port 57888 Apr 19 00:37:10 ns382633 sshd\[15008\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.19.219 Apr 19 00:37:13 ns382633 sshd\[15008\]: Failed password for invalid user kw from 139.199.19.219 port 57888 ssh2 Apr 19 00:48:32 ns382633 sshd\[17337\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.19.219 user=root Apr 19 00:48:34 ns382633 sshd\[17337\]: Failed password for root from 139.199.19.219 port 38316 ssh2	2020-04-19 08:05:58
attackbots	2020-04-13T19:30:11.402505abusebot-5.cloudsearch.cf sshd[2583]: Invalid user tads from 139.199.19.219 port 56962 2020-04-13T19:30:11.412145abusebot-5.cloudsearch.cf sshd[2583]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.19.219 2020-04-13T19:30:11.402505abusebot-5.cloudsearch.cf sshd[2583]: Invalid user tads from 139.199.19.219 port 56962 2020-04-13T19:30:12.968331abusebot-5.cloudsearch.cf sshd[2583]: Failed password for invalid user tads from 139.199.19.219 port 56962 ssh2 2020-04-13T19:33:22.174486abusebot-5.cloudsearch.cf sshd[2638]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.19.219 user=root 2020-04-13T19:33:24.283011abusebot-5.cloudsearch.cf sshd[2638]: Failed password for root from 139.199.19.219 port 38230 ssh2 2020-04-13T19:36:51.416950abusebot-5.cloudsearch.cf sshd[2646]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.19.219 ...	2020-04-14 04:27:21
attackbots	Apr 10 05:48:24 ns382633 sshd\[15420\]: Invalid user es from 139.199.19.219 port 58536 Apr 10 05:48:24 ns382633 sshd\[15420\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.19.219 Apr 10 05:48:26 ns382633 sshd\[15420\]: Failed password for invalid user es from 139.199.19.219 port 58536 ssh2 Apr 10 05:58:42 ns382633 sshd\[17321\]: Invalid user deploy from 139.199.19.219 port 42154 Apr 10 05:58:42 ns382633 sshd\[17321\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.19.219	2020-04-10 12:25:10
attackbots	IP blocked	2020-04-10 04:26:31
attackbots	(sshd) Failed SSH login from 139.199.19.219 (JP/Japan/-): 5 in the last 3600 secs	2020-04-02 21:22:46

相同子网IP讨论:

IP	类型	评论内容	时间
139.199.197.45	attack	$f2bV_matches	2020-09-17 00:45:09
139.199.197.45	attack	$f2bV_matches	2020-09-16 17:00:33
139.199.196.23	attack	2967/tcp 8080/tcp [2020-03-02/23]2pkt	2020-03-23 18:27:20
139.199.193.202	attackspambots	Mar 22 01:58:20 Ubuntu-1404-trusty-64-minimal sshd\[32595\]: Invalid user dasusr1 from 139.199.193.202 Mar 22 01:58:20 Ubuntu-1404-trusty-64-minimal sshd\[32595\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.193.202 Mar 22 01:58:21 Ubuntu-1404-trusty-64-minimal sshd\[32595\]: Failed password for invalid user dasusr1 from 139.199.193.202 port 33424 ssh2 Mar 22 02:02:29 Ubuntu-1404-trusty-64-minimal sshd\[6984\]: Invalid user ts3 from 139.199.193.202 Mar 22 02:02:29 Ubuntu-1404-trusty-64-minimal sshd\[6984\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.193.202	2020-03-22 09:15:24
139.199.193.202	attackspam	Mar 19 14:23:06 h1745522 sshd[1663]: Invalid user jboss from 139.199.193.202 port 43522 Mar 19 14:23:06 h1745522 sshd[1663]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.193.202 Mar 19 14:23:06 h1745522 sshd[1663]: Invalid user jboss from 139.199.193.202 port 43522 Mar 19 14:23:08 h1745522 sshd[1663]: Failed password for invalid user jboss from 139.199.193.202 port 43522 ssh2 Mar 19 14:26:13 h1745522 sshd[1903]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.193.202 user=root Mar 19 14:26:15 h1745522 sshd[1903]: Failed password for root from 139.199.193.202 port 50068 ssh2 Mar 19 14:29:16 h1745522 sshd[2072]: Invalid user mqm from 139.199.193.202 port 56616 Mar 19 14:29:17 h1745522 sshd[2072]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.193.202 Mar 19 14:29:16 h1745522 sshd[2072]: Invalid user mqm from 139.199.193.202 port 56616 Mar 19 ...	2020-03-20 01:42:56
139.199.19.227	attack	404 NOT FOUND	2020-03-18 12:15:33
139.199.193.202	attackspambots	fail2ban	2020-03-07 09:39:17
139.199.193.202	attack	Brute-force attempt banned	2020-03-03 22:08:22
139.199.193.202	attackspam	Unauthorized connection attempt detected from IP address 139.199.193.202 to port 2220 [J]	2020-02-01 02:22:20
139.199.191.112	attackspam	Unauthorized connection attempt detected from IP address 139.199.191.112 to port 1433 [J]	2020-01-27 01:52:36
139.199.193.202	attackspam	Unauthorized connection attempt detected from IP address 139.199.193.202 to port 2220 [J]	2020-01-25 21:17:37
139.199.19.227	attackbotsspam	Unauthorized connection attempt detected from IP address 139.199.19.227 to port 1433 [T]	2020-01-15 23:15:37
139.199.193.202	attackspambots	2020-01-09T16:01:13.301811scmdmz1 sshd[21932]: Invalid user yvx from 139.199.193.202 port 41860 2020-01-09T16:01:13.304323scmdmz1 sshd[21932]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.193.202 2020-01-09T16:01:13.301811scmdmz1 sshd[21932]: Invalid user yvx from 139.199.193.202 port 41860 2020-01-09T16:01:15.281543scmdmz1 sshd[21932]: Failed password for invalid user yvx from 139.199.193.202 port 41860 ssh2 2020-01-09T16:07:41.762178scmdmz1 sshd[22481]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.193.202 user=nobody 2020-01-09T16:07:43.673766scmdmz1 sshd[22481]: Failed password for nobody from 139.199.193.202 port 50214 ssh2 ...	2020-01-10 00:03:00
139.199.191.112	attackbotsspam	Unauthorized connection attempt detected from IP address 139.199.191.112 to port 445	2019-12-31 09:13:46
139.199.191.112	attack	Unauthorized connection attempt detected from IP address 139.199.191.112 to port 1433	2019-12-31 02:58:26

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.199.19.219
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1385
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.199.19.219.			IN	A

;; AUTHORITY SECTION:
.			128	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020033102 1800 900 604800 86400

;; Query time: 86 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Apr 01 11:36:00 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 219.19.199.139.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 219.19.199.139.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
134.209.41.17	attackspambots	Mar 28 22:37:12 [HOSTNAME] sshd[21790]: Invalid user ip from 134.209.41.17 port 54452 Mar 28 22:37:12 [HOSTNAME] sshd[21790]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.41.17 Mar 28 22:37:14 [HOSTNAME] sshd[21790]: Failed password for invalid user ip from 134.209.41.17 port 54452 ssh2 ...	2020-03-29 05:50:47
45.224.105.203	attackbotsspam	(imapd) Failed IMAP login from 45.224.105.203 (AR/Argentina/-): 1 in the last 3600 secs	2020-03-29 05:35:35
154.72.195.154	attackbotsspam	fail2ban	2020-03-29 05:49:15
213.184.249.113	attack	2020-03-28T17:34:57.484001xentho-1 sshd[138764]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.184.249.113 user=root 2020-03-28T17:34:59.295397xentho-1 sshd[138764]: Failed password for root from 213.184.249.113 port 44744 ssh2 2020-03-28T17:35:31.585085xentho-1 sshd[138786]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.184.249.113 user=root 2020-03-28T17:35:33.396801xentho-1 sshd[138786]: Failed password for root from 213.184.249.113 port 41664 ssh2 2020-03-28T17:36:09.193841xentho-1 sshd[138792]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.184.249.113 user=root 2020-03-28T17:36:10.889832xentho-1 sshd[138792]: Failed password for root from 213.184.249.113 port 38586 ssh2 2020-03-28T17:36:43.867965xentho-1 sshd[138804]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.184.249.113 user=root 2020-03-28T ...	2020-03-29 05:43:17
18.206.156.210	attackbotsspam	Mar 28 22:32:39 v22019038103785759 sshd\[11309\]: Invalid user elq from 18.206.156.210 port 36222 Mar 28 22:32:39 v22019038103785759 sshd\[11309\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=18.206.156.210 Mar 28 22:32:41 v22019038103785759 sshd\[11309\]: Failed password for invalid user elq from 18.206.156.210 port 36222 ssh2 Mar 28 22:37:10 v22019038103785759 sshd\[11580\]: Invalid user dva from 18.206.156.210 port 59548 Mar 28 22:37:10 v22019038103785759 sshd\[11580\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=18.206.156.210 ...	2020-03-29 05:54:53
187.162.225.139	attackspambots	Mar 28 22:27:53 rotator sshd\[17469\]: Invalid user sandeep from 187.162.225.139Mar 28 22:27:55 rotator sshd\[17469\]: Failed password for invalid user sandeep from 187.162.225.139 port 59772 ssh2Mar 28 22:32:35 rotator sshd\[18236\]: Invalid user destiny from 187.162.225.139Mar 28 22:32:37 rotator sshd\[18236\]: Failed password for invalid user destiny from 187.162.225.139 port 45924 ssh2Mar 28 22:37:18 rotator sshd\[19000\]: Invalid user gareth from 187.162.225.139Mar 28 22:37:19 rotator sshd\[19000\]: Failed password for invalid user gareth from 187.162.225.139 port 60310 ssh2 ...	2020-03-29 05:40:12
182.16.249.130	attack	DATE:2020-03-28 22:37:15, IP:182.16.249.130, PORT:ssh SSH brute force auth (docker-dc)	2020-03-29 05:49:52
179.228.207.8	attackspam	3x Failed Password	2020-03-29 06:03:26
104.248.170.45	attackspambots	invalid login attempt (fim)	2020-03-29 05:30:12
111.229.242.91	attackspambots	Triggered by Fail2Ban at Ares web server	2020-03-29 06:00:09
222.41.193.211	attackspam	Mar 28 21:33:24 localhost sshd[89238]: Invalid user kye from 222.41.193.211 port 16914 Mar 28 21:33:24 localhost sshd[89238]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.41.193.211 Mar 28 21:33:24 localhost sshd[89238]: Invalid user kye from 222.41.193.211 port 16914 Mar 28 21:33:27 localhost sshd[89238]: Failed password for invalid user kye from 222.41.193.211 port 16914 ssh2 Mar 28 21:37:15 localhost sshd[89686]: Invalid user gwj from 222.41.193.211 port 44867 ...	2020-03-29 05:47:45
92.118.38.34	attackspambots	2020-03-28 22:20:51 dovecot_login authenticator failed for $User$ \[92.118.38.34\]: 535 Incorrect authentication data $set_id=lyris@no-server.de$ 2020-03-28 22:21:01 dovecot_login authenticator failed for $User$ \[92.118.38.34\]: 535 Incorrect authentication data $set_id=lyris@no-server.de$ 2020-03-28 22:21:16 dovecot_login authenticator failed for $User$ \[92.118.38.34\]: 535 Incorrect authentication data $set_id=purple@no-server.de$ 2020-03-28 22:21:26 dovecot_login authenticator failed for $User$ \[92.118.38.34\]: 535 Incorrect authentication data $set_id=purple@no-server.de$ 2020-03-28 22:21:40 dovecot_login authenticator failed for $User$ \[92.118.38.34\]: 535 Incorrect authentication data $set_id=ilahiyat@no-server.de$ ...	2020-03-29 05:28:04
47.23.79.50	attackspam	[27/Mar/2020:23:53:51 -0400] "POST /boaform/admin/formPing HTTP/1.1" "polaris botnet"	2020-03-29 05:22:38
121.229.19.200	attack	3x Failed Password	2020-03-29 05:22:54
148.153.12.206	attackbots	Honeypot attack, port: 445, PTR: mail206.hoogege.net.	2020-03-29 05:25:51

最近上报的IP列表

173.97.114.63	165.138.159.92	126.3.108.76	17.243.76.180
105.183.49.152	203.112.30.22	110.77.238.80	147.160.171.85
89.128.65.66	65.171.44.96	152.1.82.16	37.15.144.201
33.62.60.204	219.110.125.126	171.45.147.20	115.225.82.4
41.248.190.5	175.115.29.50	115.111.11.61	127.202.121.139