必须是合法有效的IP地址, 可以是IPv4或者是IPv6, 例如127.0.0.1或者2001:DB8:0:0:8:800:200C:417A
基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): V6Yun (Beijing) Network Co. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:
类型 评论内容 时间
attack
Apr 29 17:01:02 vpn01 sshd[31494]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.20.202
Apr 29 17:01:04 vpn01 sshd[31494]: Failed password for invalid user crs from 139.199.20.202 port 59596 ssh2
...
2020-04-30 01:29:53
attackspambots
Apr 24 17:24:46 firewall sshd[851]: Invalid user postfix from 139.199.20.202
Apr 24 17:24:49 firewall sshd[851]: Failed password for invalid user postfix from 139.199.20.202 port 32880 ssh2
Apr 24 17:30:22 firewall sshd[983]: Invalid user smsd from 139.199.20.202
...
2020-04-25 05:17:08
attackbots
Apr 21 15:40:18 ws24vmsma01 sshd[145708]: Failed password for root from 139.199.20.202 port 53252 ssh2
...
2020-04-22 03:37:14
attack
Brute-force attempt banned
2020-04-20 21:27:30
attack
Apr 20 09:34:42 icinga sshd[11303]: Failed password for root from 139.199.20.202 port 46262 ssh2
Apr 20 09:44:09 icinga sshd[26041]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.20.202 
Apr 20 09:44:11 icinga sshd[26041]: Failed password for invalid user qk from 139.199.20.202 port 47618 ssh2
...
2020-04-20 17:58:40
attackbotsspam
Apr 19 22:27:55 ns381471 sshd[17975]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.20.202
Apr 19 22:27:56 ns381471 sshd[17975]: Failed password for invalid user gitolite from 139.199.20.202 port 53194 ssh2
2020-04-20 04:55:18
attack
Invalid user cssserver from 139.199.20.202 port 53108
2020-04-11 16:20:08
attackspambots
Invalid user tlt from 139.199.20.202 port 40968
2020-04-03 18:14:22
attackspam
Invalid user jl from 139.199.20.202 port 60256
2020-04-03 04:04:06
attack
Mar 22 05:40:10 areeb-Workstation sshd[20038]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.20.202 
Mar 22 05:40:12 areeb-Workstation sshd[20038]: Failed password for invalid user party from 139.199.20.202 port 49444 ssh2
...
2020-03-22 08:53:49
attack
Invalid user chang from 139.199.20.202 port 56392
2020-03-21 07:29:56
attackspam
Invalid user leo from 139.199.20.202 port 40344
2020-03-13 20:31:29
attackspam
Invalid user leo from 139.199.20.202 port 40344
2020-03-12 03:17:16
attackbotsspam
Mar  1 00:29:34 localhost sshd\[24977\]: Invalid user musicbot from 139.199.20.202
Mar  1 00:29:34 localhost sshd\[24977\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.20.202
Mar  1 00:29:36 localhost sshd\[24977\]: Failed password for invalid user musicbot from 139.199.20.202 port 37958 ssh2
Mar  1 00:35:37 localhost sshd\[25337\]: Invalid user harry from 139.199.20.202
Mar  1 00:35:37 localhost sshd\[25337\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.20.202
...
2020-03-01 09:27:15
attackbots
Unauthorized connection attempt detected from IP address 139.199.20.202 to port 2220 [J]
2020-01-25 08:49:04
attackspam
Invalid user catherine from 139.199.20.202 port 46940
2020-01-22 00:33:50
attackbotsspam
Nov 19 22:23:31 cp sshd[14439]: Failed password for root from 139.199.20.202 port 44036 ssh2
Nov 19 22:23:31 cp sshd[14439]: Failed password for root from 139.199.20.202 port 44036 ssh2
Nov 19 22:27:34 cp sshd[16681]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.20.202
2019-11-20 08:03:43
attack
frenzy
2019-11-03 05:02:28
attack
Oct 28 12:43:36 anodpoucpklekan sshd[59882]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.20.202  user=root
Oct 28 12:43:38 anodpoucpklekan sshd[59882]: Failed password for root from 139.199.20.202 port 34964 ssh2
...
2019-10-29 02:18:43
attackspam
Oct 20 15:10:05 MK-Soft-VM5 sshd[16848]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.20.202 
Oct 20 15:10:06 MK-Soft-VM5 sshd[16848]: Failed password for invalid user gordon from 139.199.20.202 port 46502 ssh2
...
2019-10-20 21:30:11
attack
2019-10-14T11:49:14.431850abusebot.cloudsearch.cf sshd\[16302\]: Invalid user Story123 from 139.199.20.202 port 39404
2019-10-14T11:49:14.439728abusebot.cloudsearch.cf sshd\[16302\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.20.202
2019-10-14 23:45:49
attack
Oct 13 18:04:14 Tower sshd[31081]: Connection from 139.199.20.202 port 37440 on 192.168.10.220 port 22
Oct 13 18:04:16 Tower sshd[31081]: Failed password for root from 139.199.20.202 port 37440 ssh2
Oct 13 18:04:16 Tower sshd[31081]: Received disconnect from 139.199.20.202 port 37440:11: Bye Bye [preauth]
Oct 13 18:04:16 Tower sshd[31081]: Disconnected from authenticating user root 139.199.20.202 port 37440 [preauth]
2019-10-14 08:05:52
attackspam
Oct 13 01:28:03 [host] sshd[25838]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.20.202  user=root
Oct 13 01:28:04 [host] sshd[25838]: Failed password for root from 139.199.20.202 port 60468 ssh2
Oct 13 01:32:24 [host] sshd[26009]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.20.202  user=root
2019-10-13 08:13:02
attackbotsspam
$f2bV_matches
2019-10-10 18:00:05
相同子网IP讨论:
IP 类型 评论内容 时间
139.199.201.141 attack
SSH invalid-user multiple login try
2020-10-13 00:07:39
139.199.201.141 attackbotsspam
Oct 12 08:22:23 mout sshd[16815]: Invalid user ru from 139.199.201.141 port 61071
2020-10-12 15:30:33
139.199.201.243 attackbots
1597351475 - 08/13/2020 22:44:35 Host: 139.199.201.243/139.199.201.243 Port: 445 TCP Blocked
2020-08-14 06:53:30
139.199.209.89 attackspambots
Jul  9 10:32:44 sip sshd[25980]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.209.89
Jul  9 10:32:46 sip sshd[25980]: Failed password for invalid user admin from 139.199.209.89 port 57462 ssh2
Jul  9 10:40:30 sip sshd[28939]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.209.89
2020-07-11 06:27:21
139.199.204.61 attackbotsspam
Invalid user lj from 139.199.204.61 port 59399
2020-07-08 00:38:41
139.199.204.61 attack
$f2bV_matches
2020-07-01 15:31:27
139.199.209.89 attack
Jun 25 06:27:01 eventyay sshd[22642]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.209.89
Jun 25 06:27:04 eventyay sshd[22642]: Failed password for invalid user elena from 139.199.209.89 port 55984 ssh2
Jun 25 06:33:57 eventyay sshd[22760]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.209.89
...
2020-06-25 12:41:22
139.199.209.89 attackspambots
Jun 22 16:33:43 lanister sshd[7517]: Invalid user uploader from 139.199.209.89
Jun 22 16:33:45 lanister sshd[7517]: Failed password for invalid user uploader from 139.199.209.89 port 57648 ssh2
Jun 22 16:36:31 lanister sshd[7564]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.209.89  user=root
Jun 22 16:36:33 lanister sshd[7564]: Failed password for root from 139.199.209.89 port 54252 ssh2
2020-06-23 05:31:02
139.199.204.61 attack
Jun 12 06:07:43 mail sshd\[7196\]: Invalid user admin from 139.199.204.61
Jun 12 06:07:43 mail sshd\[7196\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.204.61
Jun 12 06:07:45 mail sshd\[7196\]: Failed password for invalid user admin from 139.199.204.61 port 51298 ssh2
...
2020-06-12 12:32:46
139.199.204.61 attackbots
3x Failed Password
2020-06-04 07:44:50
139.199.209.89 attack
May 25 17:49:21 sso sshd[23340]: Failed password for root from 139.199.209.89 port 36574 ssh2
May 25 17:52:21 sso sshd[23672]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.209.89
...
2020-05-26 04:00:00
139.199.204.61 attack
2020-05-21T14:17:58.392776galaxy.wi.uni-potsdam.de sshd[6363]: Invalid user qux from 139.199.204.61 port 52613
2020-05-21T14:17:58.397810galaxy.wi.uni-potsdam.de sshd[6363]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.204.61
2020-05-21T14:17:58.392776galaxy.wi.uni-potsdam.de sshd[6363]: Invalid user qux from 139.199.204.61 port 52613
2020-05-21T14:18:00.648807galaxy.wi.uni-potsdam.de sshd[6363]: Failed password for invalid user qux from 139.199.204.61 port 52613 ssh2
2020-05-21T14:20:24.503418galaxy.wi.uni-potsdam.de sshd[6655]: Invalid user ayc from 139.199.204.61 port 36425
2020-05-21T14:20:24.508443galaxy.wi.uni-potsdam.de sshd[6655]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.204.61
2020-05-21T14:20:24.503418galaxy.wi.uni-potsdam.de sshd[6655]: Invalid user ayc from 139.199.204.61 port 36425
2020-05-21T14:20:26.467316galaxy.wi.uni-potsdam.de sshd[6655]: Failed password for inval
...
2020-05-21 21:30:40
139.199.201.141 attackbotsspam
May 19 11:24:48 lnxweb61 sshd[31891]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.201.141
May 19 11:24:49 lnxweb61 sshd[31891]: Failed password for invalid user esd from 139.199.201.141 port 54701 ssh2
May 19 11:30:24 lnxweb61 sshd[5696]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.201.141
2020-05-20 05:14:59
139.199.204.61 attackbotsspam
May  7 06:32:21 meumeu sshd[5261]: Failed password for git from 139.199.204.61 port 50579 ssh2
May  7 06:34:48 meumeu sshd[7852]: Failed password for root from 139.199.204.61 port 37583 ssh2
May  7 06:37:10 meumeu sshd[8193]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.204.61 
...
2020-05-07 16:55:31
139.199.204.61 attackspam
Apr 25 07:20:43 home sshd[12333]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.204.61
Apr 25 07:20:45 home sshd[12333]: Failed password for invalid user stpi from 139.199.204.61 port 52902 ssh2
Apr 25 07:25:30 home sshd[13011]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.204.61
...
2020-04-25 17:36:53
WHOIS信息:
b
DIG信息:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.199.20.202
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 61072
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.199.20.202.			IN	A

;; AUTHORITY SECTION:
.			374	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019101000 1800 900 604800 86400

;; Query time: 927 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Oct 10 18:00:01 CST 2019
;; MSG SIZE  rcvd: 118
HOST信息:
Host 202.20.199.139.in-addr.arpa. not found: 3(NXDOMAIN)
NSLOOKUP信息:
Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 202.20.199.139.in-addr.arpa: NXDOMAIN
相关IP信息:
最新评论:
IP 类型 评论内容 时间
45.143.220.112 attackbots
UDP scanned port list, 15080, 25080, 35080, 45080, 55080
2020-04-22 21:16:48
105.98.101.162 attackbots
Lines containing failures of 105.98.101.162
Apr 22 13:44:32 shared12 sshd[12407]: Invalid user pi from 105.98.101.162 port 16090
Apr 22 13:44:32 shared12 sshd[12407]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=105.98.101.162
Apr 22 13:44:34 shared12 sshd[12407]: Failed password for invalid user pi from 105.98.101.162 port 16090 ssh2
Apr 22 13:44:34 shared12 sshd[12407]: Connection closed by invalid user pi 105.98.101.162 port 16090 [preauth]


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=105.98.101.162
2020-04-22 21:39:47
51.38.231.11 attack
Apr 22 12:18:57 game-panel sshd[27360]: Failed password for root from 51.38.231.11 port 33748 ssh2
Apr 22 12:26:33 game-panel sshd[27668]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.231.11
Apr 22 12:26:36 game-panel sshd[27668]: Failed password for invalid user admin from 51.38.231.11 port 48638 ssh2
2020-04-22 21:18:39
176.31.93.62 attack
Apr 22 13:37:05 mail01 postfix/postscreen[28305]: CONNECT from [176.31.93.62]:33914 to [94.130.181.95]:25
Apr 22 13:37:05 mail01 postfix/dnsblog[28306]: addr 176.31.93.62 listed by domain ix.dnsbl.xxxxxx.net as 127.0.0.2
Apr 22 13:37:11 mail01 postfix/postscreen[28305]: PASS NEW [176.31.93.62]:33914
Apr 22 13:37:12 mail01 postfix/smtpd[28308]: connect from de.infolawsuhostname.com[176.31.93.62]
Apr x@x
Apr 22 13:37:12 mail01 postfix/smtpd[28308]: disconnect from de.infolawsuhostname.com[176.31.93.62] ehlo=2 starttls=1 mail=1 rcpt=0/1 quhostname=1 commands=5/6
Apr 22 13:42:05 mail01 postfix/postscreen[28305]: CONNECT from [176.31.93.62]:40401 to [94.130.181.95]:25
Apr 22 13:42:05 mail01 postfix/dnsblog[28307]: addr 176.31.93.62 listed by domain ix.dnsbl.xxxxxx.net as 127.0.0.2
Apr 22 13:42:05 mail01 postfix/postscreen[28305]: PASS OLD [176.31.93.62]:40401
Apr 22 13:42:05 mail01 postfix/smtpd[28308]: connect from de.infolawsuhostname.com[176.31.93.62]
Apr x@x
Apr 22 13:42........
-------------------------------
2020-04-22 21:15:39
197.2.80.168 attackbotsspam
Honeypot attack, port: 445, PTR: PTR record not found
2020-04-22 21:21:41
50.104.13.15 spambotsattack
This is 1 of several ip addresses stalking and hard my kids and me on internet for 2 in a half years. They have my credit card info all my passwords stole 7 email ACCTS that r still active and used with different names. They edit right on the screen everything even legal documents. My ip is 192.168.254.254 please look into this issue and block these psycho paths. Also they have my apps cloned so they can run them...they are blocking this from coming to u......also they edit the logs so PULL ever single one ther
2020-04-22 21:30:09
122.154.251.22 attackspambots
detected by Fail2Ban
2020-04-22 21:33:42
91.219.138.228 attackspambots
Honeypot attack, port: 445, PTR: PTR record not found
2020-04-22 21:33:19
45.55.219.114 attack
Found by fail2ban
2020-04-22 21:34:33
50.104.13.15 spambotsattack
This is 1 of several ip addresses stalking and hard my kids and me on internet for 2 in a half years. They have my credit card info all my passwords stole 7 email ACCTS that r still active and used with different names. They edit right on the screen everything even legal documents. My ip is 192.168.254.254 please look into this issue and block these psycho paths. Also they have my apps cloned so they can run them
2020-04-22 21:28:13
95.85.60.251 attackspambots
Apr 22 13:54:46 lock-38 sshd[1366258]: Disconnected from invalid user admin 95.85.60.251 port 56144 [preauth]
Apr 22 14:04:11 lock-38 sshd[1366516]: Invalid user xy from 95.85.60.251 port 60834
Apr 22 14:04:11 lock-38 sshd[1366516]: Invalid user xy from 95.85.60.251 port 60834
Apr 22 14:04:11 lock-38 sshd[1366516]: Failed password for invalid user xy from 95.85.60.251 port 60834 ssh2
Apr 22 14:04:11 lock-38 sshd[1366516]: Disconnected from invalid user xy 95.85.60.251 port 60834 [preauth]
...
2020-04-22 21:15:01
111.229.48.106 attackbots
Apr 22 09:50:27 dns1 sshd[8593]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.48.106 
Apr 22 09:50:30 dns1 sshd[8593]: Failed password for invalid user wv from 111.229.48.106 port 56660 ssh2
Apr 22 09:55:26 dns1 sshd[8928]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.48.106
2020-04-22 21:27:35
203.172.66.227 attack
2020-04-22T08:07:31.465491sorsha.thespaminator.com sshd[9099]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.172.66.227  user=root
2020-04-22T08:07:33.065353sorsha.thespaminator.com sshd[9099]: Failed password for root from 203.172.66.227 port 51976 ssh2
...
2020-04-22 21:41:47
180.215.204.139 attack
Apr 22 05:28:15 mockhub sshd[10380]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.215.204.139
Apr 22 05:28:17 mockhub sshd[10380]: Failed password for invalid user pw from 180.215.204.139 port 53582 ssh2
...
2020-04-22 21:22:01
177.99.206.10 attackbots
Apr 22 12:55:43 localhost sshd[45663]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.99.206.10  user=root
Apr 22 12:55:45 localhost sshd[45663]: Failed password for root from 177.99.206.10 port 47208 ssh2
Apr 22 13:01:04 localhost sshd[46265]: Invalid user wt from 177.99.206.10 port 33200
Apr 22 13:01:04 localhost sshd[46265]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.99.206.10
Apr 22 13:01:04 localhost sshd[46265]: Invalid user wt from 177.99.206.10 port 33200
Apr 22 13:01:06 localhost sshd[46265]: Failed password for invalid user wt from 177.99.206.10 port 33200 ssh2
...
2020-04-22 21:44:25

最近上报的IP列表

240.121.24.170 212.43.245.90 154.131.102.52 137.207.41.117
50.141.237.166 226.78.163.190 39.237.51.96 194.25.36.192
17.222.243.146 54.77.11.3 223.64.82.89 106.12.179.254
243.91.168.92 168.111.112.159 201.22.33.4 132.232.125.152
114.40.145.107 195.67.219.53 113.205.98.236 14.157.138.242