城市(city): unknown
省份(region): unknown
国家(country): China
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 139.199.192.159 | attack | 2019-11-03T14:59:11.448645abusebot.cloudsearch.cf sshd\[9134\]: Invalid user checkfs from 139.199.192.159 port 40132 |
2019-11-04 02:38:17 |
| 139.199.192.159 | attackspam | SSH Bruteforce attempt |
2019-11-03 17:58:08 |
| 139.199.192.159 | attack | Oct 23 04:46:22 firewall sshd[6394]: Failed password for root from 139.199.192.159 port 48662 ssh2 Oct 23 04:51:05 firewall sshd[6542]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.192.159 user=root Oct 23 04:51:06 firewall sshd[6542]: Failed password for root from 139.199.192.159 port 56238 ssh2 ... |
2019-10-23 16:19:46 |
| 139.199.192.159 | attackspam | *Port Scan* detected from 139.199.192.159 (CN/China/-). 4 hits in the last 191 seconds |
2019-10-23 05:47:04 |
| 139.199.192.159 | attackbots | Oct 16 05:27:35 * sshd[14712]: Failed password for root from 139.199.192.159 port 47358 ssh2 Oct 16 05:32:08 * sshd[15233]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.192.159 |
2019-10-16 11:42:24 |
| 139.199.192.159 | attack | (sshd) Failed SSH login from 139.199.192.159 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 15 22:42:31 server2 sshd[24223]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.192.159 user=root Oct 15 22:42:33 server2 sshd[24223]: Failed password for root from 139.199.192.159 port 48140 ssh2 Oct 15 23:01:20 server2 sshd[25055]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.192.159 user=root Oct 15 23:01:22 server2 sshd[25055]: Failed password for root from 139.199.192.159 port 46218 ssh2 Oct 15 23:05:46 server2 sshd[25236]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.192.159 user=root |
2019-10-16 07:42:25 |
| 139.199.192.159 | attackbotsspam | Oct 15 05:54:58 vps647732 sshd[29435]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.192.159 Oct 15 05:55:00 vps647732 sshd[29435]: Failed password for invalid user cmbc from 139.199.192.159 port 43710 ssh2 ... |
2019-10-15 12:04:54 |
| 139.199.192.159 | attack | Oct 11 21:34:29 sachi sshd\[9961\]: Invalid user @\#\$werSDFxcv from 139.199.192.159 Oct 11 21:34:29 sachi sshd\[9961\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.192.159 Oct 11 21:34:32 sachi sshd\[9961\]: Failed password for invalid user @\#\$werSDFxcv from 139.199.192.159 port 58908 ssh2 Oct 11 21:40:23 sachi sshd\[11143\]: Invalid user Serial2017 from 139.199.192.159 Oct 11 21:40:23 sachi sshd\[11143\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.192.159 |
2019-10-12 15:49:03 |
| 139.199.192.159 | attackbotsspam | Automatic report - Banned IP Access |
2019-09-26 20:05:54 |
| 139.199.192.159 | attackspambots | Sep 24 23:17:19 nextcloud sshd\[15337\]: Invalid user shan from 139.199.192.159 Sep 24 23:17:19 nextcloud sshd\[15337\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.192.159 Sep 24 23:17:22 nextcloud sshd\[15337\]: Failed password for invalid user shan from 139.199.192.159 port 52984 ssh2 ... |
2019-09-25 05:52:04 |
| 139.199.192.159 | attackspambots | Sep 6 08:44:24 lnxded64 sshd[5221]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.192.159 |
2019-09-06 18:07:02 |
| 139.199.192.159 | attack | Aug 25 21:45:41 MK-Soft-Root1 sshd\[9367\]: Invalid user jojo from 139.199.192.159 port 60568 Aug 25 21:45:41 MK-Soft-Root1 sshd\[9367\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.192.159 Aug 25 21:45:44 MK-Soft-Root1 sshd\[9367\]: Failed password for invalid user jojo from 139.199.192.159 port 60568 ssh2 ... |
2019-08-26 08:13:49 |
| 139.199.192.159 | attackbotsspam | Aug 23 06:56:30 SilenceServices sshd[15953]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.192.159 Aug 23 06:56:32 SilenceServices sshd[15953]: Failed password for invalid user vi from 139.199.192.159 port 56996 ssh2 Aug 23 06:59:54 SilenceServices sshd[19060]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.192.159 |
2019-08-23 13:15:30 |
| 139.199.192.159 | attackspam | Aug 16 12:48:50 tux-35-217 sshd\[6074\]: Invalid user paula from 139.199.192.159 port 35186 Aug 16 12:48:50 tux-35-217 sshd\[6074\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.192.159 Aug 16 12:48:53 tux-35-217 sshd\[6074\]: Failed password for invalid user paula from 139.199.192.159 port 35186 ssh2 Aug 16 12:53:31 tux-35-217 sshd\[6097\]: Invalid user disk from 139.199.192.159 port 43494 Aug 16 12:53:31 tux-35-217 sshd\[6097\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.192.159 ... |
2019-08-16 20:49:45 |
| 139.199.192.159 | attackspam | Jul 28 07:47:03 debian sshd\[17435\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.192.159 user=root Jul 28 07:47:05 debian sshd\[17435\]: Failed password for root from 139.199.192.159 port 35134 ssh2 ... |
2019-07-28 14:51:14 |
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#
NetRange: 139.199.0.0 - 139.199.255.255
CIDR: 139.199.0.0/16
NetName: APNIC-ERX-139-199-0-0
NetHandle: NET-139-199-0-0-1
Parent: NET139 (NET-139-0-0-0-0)
NetType: Early Registrations, Transferred to APNIC
OriginAS:
Organization: Asia Pacific Network Information Centre (APNIC)
RegDate: 2010-11-03
Updated: 2010-11-17
Comment: This IP address range is not registered in the ARIN database.
Comment: This range was transferred to the APNIC Whois Database as
Comment: part of the ERX (Early Registration Transfer) project.
Comment: For details, refer to the APNIC Whois Database via
Comment: WHOIS.APNIC.NET or http://wq.apnic.net/apnic-bin/whois.pl
Comment:
Comment: ** IMPORTANT NOTE: APNIC is the Regional Internet Registry
Comment: for the Asia Pacific region. APNIC does not operate networks
Comment: using this IP address range and is not able to investigate
Comment: spam or abuse reports relating to these addresses. For more
Comment: help, refer to http://www.apnic.net/apnic-info/whois_search2/abuse-and-spamming
Ref: https://rdap.arin.net/registry/ip/139.199.0.0
ResourceLink: https://apps.db.ripe.net/db-web-ui/query
ResourceLink: whois.apnic.net
OrgName: Asia Pacific Network Information Centre
OrgId: APNIC
Address: PO Box 3646
City: South Brisbane
StateProv: QLD
PostalCode: 4101
Country: AU
RegDate:
Updated: 2012-01-24
Ref: https://rdap.arin.net/registry/entity/APNIC
ReferralServer: whois://whois.apnic.net
ResourceLink: http://wq.apnic.net/whois-search/static/search.html
OrgAbuseHandle: AWC12-ARIN
OrgAbuseName: APNIC Whois Contact
OrgAbusePhone: +61 7 3858 3188
OrgAbuseEmail: search-apnic-not-arin@apnic.net
OrgAbuseRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
OrgTechHandle: AWC12-ARIN
OrgTechName: APNIC Whois Contact
OrgTechPhone: +61 7 3858 3188
OrgTechEmail: search-apnic-not-arin@apnic.net
OrgTechRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#
Found a referral to whois.apnic.net.
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
% Information related to '139.199.0.0 - 139.199.255.255'
% Abuse contact for '139.199.0.0 - 139.199.255.255' is 'abuse@tencent.com'
inetnum: 139.199.0.0 - 139.199.255.255
netname: TencentCloud
descr: Tencent cloud computing (Beijing) Co., Ltd.
descr: Floor 6, Yinke Building,38 Haidian St,
descr: Haidian District Beijing
country: CN
admin-c: JT1125-AP
tech-c: JX1747-AP
abuse-c: AC1601-AP
status: ALLOCATED PORTABLE
mnt-by: MAINT-CNNIC-AP
mnt-irt: IRT-TENCENTCLOUD-CN
mnt-lower: MAINT-CNNIC-AP
mnt-routes: MAINT-CNNIC-AP
last-modified: 2023-11-28T00:57:06Z
source: APNIC
irt: IRT-TencentCloud-CN
address: 9F, FIYTA Building, Gaoxinnanyi Road, Southern
address: District of Hi-tech Park, Shenzhen
e-mail: tencent_noc@tencent.com
admin-c: JT1125-AP
tech-c: JX1747-AP
abuse-mailbox: abuse@tencent.com
auth: # Filtered
remarks: abuse@tencent.com was validated on 2026-05-15
remarks: tencent_noc@tencent.com was validated on 2026-06-05
mnt-by: MAINT-CNNIC-AP
last-modified: 2026-06-05T07:58:46Z
source: APNIC
role: ABUSE CNNICCN
country: ZZ
address: Beijing, China
phone: +000000000
e-mail: ipas@cnnic.cn
admin-c: IP50-AP
tech-c: IP50-AP
nic-hdl: AC1601-AP
remarks: Generated from irt object IRT-CNNIC-CN
remarks: ipas@cnnic.cn is invalid
abuse-mailbox: ipas@cnnic.cn
mnt-by: APNIC-ABUSE
last-modified: 2025-09-19T17:20:32Z
source: APNIC
person: James Tian
address: 9F, FIYTA Building, Gaoxinnanyi Road,Southern
address: District of Hi-tech Park, Shenzhen
country: CN
phone: +86-755-86013388-84952
e-mail: johnsonqu@tencent.com
nic-hdl: JT1125-AP
mnt-by: MAINT-CNNIC-AP
last-modified: 2024-03-19T08:21:31Z
source: APNIC
person: Jimmy Xiao
address: 9F, FIYTA Building, Gaoxinnanyi Road,Southern
address: District of Hi-tech Park, Shenzhen
country: CN
phone: +86-755-86013388-80224
e-mail: klayliang@tencent.com
nic-hdl: JX1747-AP
mnt-by: MAINT-CNNIC-AP
last-modified: 2021-09-17T00:38:09Z
source: APNIC
% Information related to '139.199.0.0/16AS45090'
route: 139.199.0.0/16
descr: TencentCloud
descr: Tencent cloud computing (Beijing) Co., Ltd.
country: CN
origin: AS45090
notify: jimmyxiao@tencent.com
mnt-by: MAINT-CNNIC-AP
last-modified: 2016-01-21T09:24:01Z
source: APNIC
% This query was served by the APNIC Whois Service version 1.88.48 (WHOIS-AU5); <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.199.192.232
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 40383
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;139.199.192.232. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2026062400 1800 900 604800 86400
;; Query time: 8 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jun 24 22:34:53 CST 2026
;; MSG SIZE rcvd: 108Host 232.192.199.139.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 232.192.199.139.in-addr.arpa: NXDOMAIN| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 51.91.255.147 | attack | Brute-force attempt banned |
2020-04-14 03:28:14 |
| 87.170.202.167 | attackspambots | RDP Brute-Force (Grieskirchen RZ2) |
2020-04-14 04:06:44 |
| 35.198.119.187 | attackbots | bruteforce detected |
2020-04-14 03:42:10 |
| 118.89.69.159 | attackbotsspam | auto-add |
2020-04-14 03:56:55 |
| 185.176.27.102 | attack | firewall-block, port(s): 21781/tcp |
2020-04-14 03:43:00 |
| 128.199.151.123 | attackspambots | 128.199.151.123 - - [13/Apr/2020:21:25:56 +0200] "GET /wp-login.php HTTP/1.1" 200 5702 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 128.199.151.123 - - [13/Apr/2020:21:25:59 +0200] "POST /wp-login.php HTTP/1.1" 200 6601 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 128.199.151.123 - - [13/Apr/2020:21:26:01 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" |
2020-04-14 03:51:59 |
| 176.31.250.160 | attackbotsspam | Apr 13 21:29:33 vpn01 sshd[9980]: Failed password for root from 176.31.250.160 port 55596 ssh2 ... |
2020-04-14 03:59:08 |
| 203.110.215.167 | attackspambots | Fail2Ban Ban Triggered |
2020-04-14 04:05:21 |
| 208.68.36.57 | attackbots | $f2bV_matches |
2020-04-14 03:54:55 |
| 14.189.248.114 | attack | Icarus honeypot on github |
2020-04-14 03:40:52 |
| 159.203.191.221 | attackspambots | Apr 13 19:18:30 debian-2gb-nbg1-2 kernel: \[9057303.353916\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=159.203.191.221 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=56701 PROTO=TCP SPT=50980 DPT=4199 WINDOW=1024 RES=0x00 SYN URGP=0 |
2020-04-14 03:38:25 |
| 218.92.0.145 | attack | Automatic report BANNED IP |
2020-04-14 03:46:06 |
| 104.154.239.199 | attackspam | Apr 13 14:20:16 ws12vmsma01 sshd[3476]: Failed password for invalid user testman from 104.154.239.199 port 48706 ssh2 Apr 13 14:22:06 ws12vmsma01 sshd[3735]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=199.239.154.104.bc.googleusercontent.com user=root Apr 13 14:22:08 ws12vmsma01 sshd[3735]: Failed password for root from 104.154.239.199 port 46032 ssh2 ... |
2020-04-14 03:38:51 |
| 104.206.128.30 | attackspambots | Port Scan: Events[1] countPorts[1]: 5060 .. |
2020-04-14 03:39:34 |
| 82.6.141.117 | attackbotsspam | Apr 13 18:18:35 pi sshd[10533]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.6.141.117 user=root Apr 13 18:18:38 pi sshd[10533]: Failed password for invalid user root from 82.6.141.117 port 34204 ssh2 |
2020-04-14 03:32:24 |