必须是合法有效的IP地址, 可以是IPv4或者是IPv6, 例如127.0.0.1或者2001:DB8:0:0:8:800:200C:417A
基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): V6Yun (Beijing) Network Co. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:
类型 评论内容 时间
attack
Apr 29 17:01:02 vpn01 sshd[31494]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.20.202
Apr 29 17:01:04 vpn01 sshd[31494]: Failed password for invalid user crs from 139.199.20.202 port 59596 ssh2
...
2020-04-30 01:29:53
attackspambots
Apr 24 17:24:46 firewall sshd[851]: Invalid user postfix from 139.199.20.202
Apr 24 17:24:49 firewall sshd[851]: Failed password for invalid user postfix from 139.199.20.202 port 32880 ssh2
Apr 24 17:30:22 firewall sshd[983]: Invalid user smsd from 139.199.20.202
...
2020-04-25 05:17:08
attackbots
Apr 21 15:40:18 ws24vmsma01 sshd[145708]: Failed password for root from 139.199.20.202 port 53252 ssh2
...
2020-04-22 03:37:14
attack
Brute-force attempt banned
2020-04-20 21:27:30
attack
Apr 20 09:34:42 icinga sshd[11303]: Failed password for root from 139.199.20.202 port 46262 ssh2
Apr 20 09:44:09 icinga sshd[26041]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.20.202 
Apr 20 09:44:11 icinga sshd[26041]: Failed password for invalid user qk from 139.199.20.202 port 47618 ssh2
...
2020-04-20 17:58:40
attackbotsspam
Apr 19 22:27:55 ns381471 sshd[17975]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.20.202
Apr 19 22:27:56 ns381471 sshd[17975]: Failed password for invalid user gitolite from 139.199.20.202 port 53194 ssh2
2020-04-20 04:55:18
attack
Invalid user cssserver from 139.199.20.202 port 53108
2020-04-11 16:20:08
attackspambots
Invalid user tlt from 139.199.20.202 port 40968
2020-04-03 18:14:22
attackspam
Invalid user jl from 139.199.20.202 port 60256
2020-04-03 04:04:06
attack
Mar 22 05:40:10 areeb-Workstation sshd[20038]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.20.202 
Mar 22 05:40:12 areeb-Workstation sshd[20038]: Failed password for invalid user party from 139.199.20.202 port 49444 ssh2
...
2020-03-22 08:53:49
attack
Invalid user chang from 139.199.20.202 port 56392
2020-03-21 07:29:56
attackspam
Invalid user leo from 139.199.20.202 port 40344
2020-03-13 20:31:29
attackspam
Invalid user leo from 139.199.20.202 port 40344
2020-03-12 03:17:16
attackbotsspam
Mar  1 00:29:34 localhost sshd\[24977\]: Invalid user musicbot from 139.199.20.202
Mar  1 00:29:34 localhost sshd\[24977\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.20.202
Mar  1 00:29:36 localhost sshd\[24977\]: Failed password for invalid user musicbot from 139.199.20.202 port 37958 ssh2
Mar  1 00:35:37 localhost sshd\[25337\]: Invalid user harry from 139.199.20.202
Mar  1 00:35:37 localhost sshd\[25337\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.20.202
...
2020-03-01 09:27:15
attackbots
Unauthorized connection attempt detected from IP address 139.199.20.202 to port 2220 [J]
2020-01-25 08:49:04
attackspam
Invalid user catherine from 139.199.20.202 port 46940
2020-01-22 00:33:50
attackbotsspam
Nov 19 22:23:31 cp sshd[14439]: Failed password for root from 139.199.20.202 port 44036 ssh2
Nov 19 22:23:31 cp sshd[14439]: Failed password for root from 139.199.20.202 port 44036 ssh2
Nov 19 22:27:34 cp sshd[16681]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.20.202
2019-11-20 08:03:43
attack
frenzy
2019-11-03 05:02:28
attack
Oct 28 12:43:36 anodpoucpklekan sshd[59882]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.20.202  user=root
Oct 28 12:43:38 anodpoucpklekan sshd[59882]: Failed password for root from 139.199.20.202 port 34964 ssh2
...
2019-10-29 02:18:43
attackspam
Oct 20 15:10:05 MK-Soft-VM5 sshd[16848]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.20.202 
Oct 20 15:10:06 MK-Soft-VM5 sshd[16848]: Failed password for invalid user gordon from 139.199.20.202 port 46502 ssh2
...
2019-10-20 21:30:11
attack
2019-10-14T11:49:14.431850abusebot.cloudsearch.cf sshd\[16302\]: Invalid user Story123 from 139.199.20.202 port 39404
2019-10-14T11:49:14.439728abusebot.cloudsearch.cf sshd\[16302\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.20.202
2019-10-14 23:45:49
attack
Oct 13 18:04:14 Tower sshd[31081]: Connection from 139.199.20.202 port 37440 on 192.168.10.220 port 22
Oct 13 18:04:16 Tower sshd[31081]: Failed password for root from 139.199.20.202 port 37440 ssh2
Oct 13 18:04:16 Tower sshd[31081]: Received disconnect from 139.199.20.202 port 37440:11: Bye Bye [preauth]
Oct 13 18:04:16 Tower sshd[31081]: Disconnected from authenticating user root 139.199.20.202 port 37440 [preauth]
2019-10-14 08:05:52
attackspam
Oct 13 01:28:03 [host] sshd[25838]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.20.202  user=root
Oct 13 01:28:04 [host] sshd[25838]: Failed password for root from 139.199.20.202 port 60468 ssh2
Oct 13 01:32:24 [host] sshd[26009]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.20.202  user=root
2019-10-13 08:13:02
attackbotsspam
$f2bV_matches
2019-10-10 18:00:05
相同子网IP讨论:
IP 类型 评论内容 时间
139.199.201.141 attack
SSH invalid-user multiple login try
2020-10-13 00:07:39
139.199.201.141 attackbotsspam
Oct 12 08:22:23 mout sshd[16815]: Invalid user ru from 139.199.201.141 port 61071
2020-10-12 15:30:33
139.199.201.243 attackbots
1597351475 - 08/13/2020 22:44:35 Host: 139.199.201.243/139.199.201.243 Port: 445 TCP Blocked
2020-08-14 06:53:30
139.199.209.89 attackspambots
Jul  9 10:32:44 sip sshd[25980]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.209.89
Jul  9 10:32:46 sip sshd[25980]: Failed password for invalid user admin from 139.199.209.89 port 57462 ssh2
Jul  9 10:40:30 sip sshd[28939]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.209.89
2020-07-11 06:27:21
139.199.204.61 attackbotsspam
Invalid user lj from 139.199.204.61 port 59399
2020-07-08 00:38:41
139.199.204.61 attack
$f2bV_matches
2020-07-01 15:31:27
139.199.209.89 attack
Jun 25 06:27:01 eventyay sshd[22642]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.209.89
Jun 25 06:27:04 eventyay sshd[22642]: Failed password for invalid user elena from 139.199.209.89 port 55984 ssh2
Jun 25 06:33:57 eventyay sshd[22760]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.209.89
...
2020-06-25 12:41:22
139.199.209.89 attackspambots
Jun 22 16:33:43 lanister sshd[7517]: Invalid user uploader from 139.199.209.89
Jun 22 16:33:45 lanister sshd[7517]: Failed password for invalid user uploader from 139.199.209.89 port 57648 ssh2
Jun 22 16:36:31 lanister sshd[7564]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.209.89  user=root
Jun 22 16:36:33 lanister sshd[7564]: Failed password for root from 139.199.209.89 port 54252 ssh2
2020-06-23 05:31:02
139.199.204.61 attack
Jun 12 06:07:43 mail sshd\[7196\]: Invalid user admin from 139.199.204.61
Jun 12 06:07:43 mail sshd\[7196\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.204.61
Jun 12 06:07:45 mail sshd\[7196\]: Failed password for invalid user admin from 139.199.204.61 port 51298 ssh2
...
2020-06-12 12:32:46
139.199.204.61 attackbots
3x Failed Password
2020-06-04 07:44:50
139.199.209.89 attack
May 25 17:49:21 sso sshd[23340]: Failed password for root from 139.199.209.89 port 36574 ssh2
May 25 17:52:21 sso sshd[23672]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.209.89
...
2020-05-26 04:00:00
139.199.204.61 attack
2020-05-21T14:17:58.392776galaxy.wi.uni-potsdam.de sshd[6363]: Invalid user qux from 139.199.204.61 port 52613
2020-05-21T14:17:58.397810galaxy.wi.uni-potsdam.de sshd[6363]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.204.61
2020-05-21T14:17:58.392776galaxy.wi.uni-potsdam.de sshd[6363]: Invalid user qux from 139.199.204.61 port 52613
2020-05-21T14:18:00.648807galaxy.wi.uni-potsdam.de sshd[6363]: Failed password for invalid user qux from 139.199.204.61 port 52613 ssh2
2020-05-21T14:20:24.503418galaxy.wi.uni-potsdam.de sshd[6655]: Invalid user ayc from 139.199.204.61 port 36425
2020-05-21T14:20:24.508443galaxy.wi.uni-potsdam.de sshd[6655]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.204.61
2020-05-21T14:20:24.503418galaxy.wi.uni-potsdam.de sshd[6655]: Invalid user ayc from 139.199.204.61 port 36425
2020-05-21T14:20:26.467316galaxy.wi.uni-potsdam.de sshd[6655]: Failed password for inval
...
2020-05-21 21:30:40
139.199.201.141 attackbotsspam
May 19 11:24:48 lnxweb61 sshd[31891]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.201.141
May 19 11:24:49 lnxweb61 sshd[31891]: Failed password for invalid user esd from 139.199.201.141 port 54701 ssh2
May 19 11:30:24 lnxweb61 sshd[5696]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.201.141
2020-05-20 05:14:59
139.199.204.61 attackbotsspam
May  7 06:32:21 meumeu sshd[5261]: Failed password for git from 139.199.204.61 port 50579 ssh2
May  7 06:34:48 meumeu sshd[7852]: Failed password for root from 139.199.204.61 port 37583 ssh2
May  7 06:37:10 meumeu sshd[8193]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.204.61 
...
2020-05-07 16:55:31
139.199.204.61 attackspam
Apr 25 07:20:43 home sshd[12333]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.204.61
Apr 25 07:20:45 home sshd[12333]: Failed password for invalid user stpi from 139.199.204.61 port 52902 ssh2
Apr 25 07:25:30 home sshd[13011]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.204.61
...
2020-04-25 17:36:53
WHOIS信息:
b
DIG信息:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.199.20.202
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 61072
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.199.20.202.			IN	A

;; AUTHORITY SECTION:
.			374	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019101000 1800 900 604800 86400

;; Query time: 927 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Oct 10 18:00:01 CST 2019
;; MSG SIZE  rcvd: 118
HOST信息:
Host 202.20.199.139.in-addr.arpa. not found: 3(NXDOMAIN)
NSLOOKUP信息:
Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 202.20.199.139.in-addr.arpa: NXDOMAIN
相关IP信息:
最新评论:
IP 类型 评论内容 时间
170.130.187.38 attackspambots
Found on   Binary Defense     / proto=6  .  srcport=57831  .  dstport=5060  .     (3769)
2020-10-05 06:59:38
103.129.95.34 attackspambots
139/tcp 445/tcp
[2020-10-01]2pkt
2020-10-05 07:12:59
154.57.193.2 attackbots
 TCP (SYN) 154.57.193.2:41096 -> port 445, len 44
2020-10-05 07:01:39
185.132.53.85 attackspambots
Oct  4 23:48:13 vps647732 sshd[7976]: Failed password for root from 185.132.53.85 port 51540 ssh2
...
2020-10-05 07:20:14
41.242.138.30 attackbots
(sshd) Failed SSH login from 41.242.138.30 (GH/Ghana/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct  3 16:39:44 server sshd[5790]: Did not receive identification string from 41.242.138.30 port 56756
Oct  3 16:39:44 server sshd[5789]: Did not receive identification string from 41.242.138.30 port 56748
Oct  3 16:39:44 server sshd[5791]: Did not receive identification string from 41.242.138.30 port 56717
Oct  3 16:39:44 server sshd[5792]: Did not receive identification string from 41.242.138.30 port 56736
Oct  3 16:39:44 server sshd[5793]: Did not receive identification string from 41.242.138.30 port 56830
2020-10-05 07:02:56
220.132.75.140 attackbots
SSH Bruteforce Attempt on Honeypot
2020-10-05 07:10:51
18.139.162.95 attack
Brute Force
2020-10-05 07:21:47
119.45.22.71 attackbotsspam
Brute%20Force%20SSH
2020-10-05 07:20:32
218.92.0.250 attackbotsspam
Oct  4 23:23:57 ip-172-31-16-56 sshd\[18062\]: Failed password for root from 218.92.0.250 port 34438 ssh2\
Oct  4 23:24:01 ip-172-31-16-56 sshd\[18062\]: Failed password for root from 218.92.0.250 port 34438 ssh2\
Oct  4 23:24:04 ip-172-31-16-56 sshd\[18062\]: Failed password for root from 218.92.0.250 port 34438 ssh2\
Oct  4 23:24:07 ip-172-31-16-56 sshd\[18062\]: Failed password for root from 218.92.0.250 port 34438 ssh2\
Oct  4 23:24:11 ip-172-31-16-56 sshd\[18062\]: Failed password for root from 218.92.0.250 port 34438 ssh2\
2020-10-05 07:26:38
103.130.109.20 attackspambots
$f2bV_matches
2020-10-05 07:06:26
217.160.25.39 attack
Brute forcing email accounts
2020-10-05 07:01:17
175.143.86.250 attackbots
Telnet Honeypot -> Telnet Bruteforce / Login
2020-10-05 07:17:43
159.89.199.195 attackbots
2020-10-04T07:51:13.238648shield sshd\[17519\]: Invalid user matheus from 159.89.199.195 port 55220
2020-10-04T07:51:13.246982shield sshd\[17519\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.199.195
2020-10-04T07:51:15.224214shield sshd\[17519\]: Failed password for invalid user matheus from 159.89.199.195 port 55220 ssh2
2020-10-04T07:55:26.680596shield sshd\[17909\]: Invalid user ryan from 159.89.199.195 port 33548
2020-10-04T07:55:26.689254shield sshd\[17909\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.199.195
2020-10-05 07:14:11
188.170.13.225 attackspam
Oct  4 19:43:56 cdc sshd[14555]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.170.13.225  user=root
Oct  4 19:43:59 cdc sshd[14555]: Failed password for invalid user root from 188.170.13.225 port 34396 ssh2
2020-10-05 07:25:14
106.13.167.62 attack
SSH Bruteforce Attempt on Honeypot
2020-10-05 07:34:09

最近上报的IP列表

240.121.24.170 212.43.245.90 154.131.102.52 137.207.41.117
50.141.237.166 226.78.163.190 39.237.51.96 194.25.36.192
17.222.243.146 54.77.11.3 223.64.82.89 106.12.179.254
243.91.168.92 168.111.112.159 201.22.33.4 132.232.125.152
114.40.145.107 195.67.219.53 113.205.98.236 14.157.138.242