139.199.20.202

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): V6Yun (Beijing) Network Co. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Apr 29 17:01:02 vpn01 sshd[31494]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.20.202 Apr 29 17:01:04 vpn01 sshd[31494]: Failed password for invalid user crs from 139.199.20.202 port 59596 ssh2 ...	2020-04-30 01:29:53
attackspambots	Apr 24 17:24:46 firewall sshd[851]: Invalid user postfix from 139.199.20.202 Apr 24 17:24:49 firewall sshd[851]: Failed password for invalid user postfix from 139.199.20.202 port 32880 ssh2 Apr 24 17:30:22 firewall sshd[983]: Invalid user smsd from 139.199.20.202 ...	2020-04-25 05:17:08
attackbots	Apr 21 15:40:18 ws24vmsma01 sshd[145708]: Failed password for root from 139.199.20.202 port 53252 ssh2 ...	2020-04-22 03:37:14
attack	Brute-force attempt banned	2020-04-20 21:27:30
attack	Apr 20 09:34:42 icinga sshd[11303]: Failed password for root from 139.199.20.202 port 46262 ssh2 Apr 20 09:44:09 icinga sshd[26041]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.20.202 Apr 20 09:44:11 icinga sshd[26041]: Failed password for invalid user qk from 139.199.20.202 port 47618 ssh2 ...	2020-04-20 17:58:40
attackbotsspam	Apr 19 22:27:55 ns381471 sshd[17975]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.20.202 Apr 19 22:27:56 ns381471 sshd[17975]: Failed password for invalid user gitolite from 139.199.20.202 port 53194 ssh2	2020-04-20 04:55:18
attack	Invalid user cssserver from 139.199.20.202 port 53108	2020-04-11 16:20:08
attackspambots	Invalid user tlt from 139.199.20.202 port 40968	2020-04-03 18:14:22
attackspam	Invalid user jl from 139.199.20.202 port 60256	2020-04-03 04:04:06
attack	Mar 22 05:40:10 areeb-Workstation sshd[20038]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.20.202 Mar 22 05:40:12 areeb-Workstation sshd[20038]: Failed password for invalid user party from 139.199.20.202 port 49444 ssh2 ...	2020-03-22 08:53:49
attack	Invalid user chang from 139.199.20.202 port 56392	2020-03-21 07:29:56
attackspam	Invalid user leo from 139.199.20.202 port 40344	2020-03-13 20:31:29
attackspam	Invalid user leo from 139.199.20.202 port 40344	2020-03-12 03:17:16
attackbotsspam	Mar 1 00:29:34 localhost sshd\[24977\]: Invalid user musicbot from 139.199.20.202 Mar 1 00:29:34 localhost sshd\[24977\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.20.202 Mar 1 00:29:36 localhost sshd\[24977\]: Failed password for invalid user musicbot from 139.199.20.202 port 37958 ssh2 Mar 1 00:35:37 localhost sshd\[25337\]: Invalid user harry from 139.199.20.202 Mar 1 00:35:37 localhost sshd\[25337\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.20.202 ...	2020-03-01 09:27:15
attackbots	Unauthorized connection attempt detected from IP address 139.199.20.202 to port 2220 [J]	2020-01-25 08:49:04
attackspam	Invalid user catherine from 139.199.20.202 port 46940	2020-01-22 00:33:50
attackbotsspam	Nov 19 22:23:31 cp sshd[14439]: Failed password for root from 139.199.20.202 port 44036 ssh2 Nov 19 22:23:31 cp sshd[14439]: Failed password for root from 139.199.20.202 port 44036 ssh2 Nov 19 22:27:34 cp sshd[16681]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.20.202	2019-11-20 08:03:43
attack	frenzy	2019-11-03 05:02:28
attack	Oct 28 12:43:36 anodpoucpklekan sshd[59882]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.20.202 user=root Oct 28 12:43:38 anodpoucpklekan sshd[59882]: Failed password for root from 139.199.20.202 port 34964 ssh2 ...	2019-10-29 02:18:43
attackspam	Oct 20 15:10:05 MK-Soft-VM5 sshd[16848]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.20.202 Oct 20 15:10:06 MK-Soft-VM5 sshd[16848]: Failed password for invalid user gordon from 139.199.20.202 port 46502 ssh2 ...	2019-10-20 21:30:11
attack	2019-10-14T11:49:14.431850abusebot.cloudsearch.cf sshd\[16302\]: Invalid user Story123 from 139.199.20.202 port 39404 2019-10-14T11:49:14.439728abusebot.cloudsearch.cf sshd\[16302\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.20.202	2019-10-14 23:45:49
attack	Oct 13 18:04:14 Tower sshd[31081]: Connection from 139.199.20.202 port 37440 on 192.168.10.220 port 22 Oct 13 18:04:16 Tower sshd[31081]: Failed password for root from 139.199.20.202 port 37440 ssh2 Oct 13 18:04:16 Tower sshd[31081]: Received disconnect from 139.199.20.202 port 37440:11: Bye Bye [preauth] Oct 13 18:04:16 Tower sshd[31081]: Disconnected from authenticating user root 139.199.20.202 port 37440 [preauth]	2019-10-14 08:05:52
attackspam	Oct 13 01:28:03 [host] sshd[25838]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.20.202 user=root Oct 13 01:28:04 [host] sshd[25838]: Failed password for root from 139.199.20.202 port 60468 ssh2 Oct 13 01:32:24 [host] sshd[26009]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.20.202 user=root	2019-10-13 08:13:02
attackbotsspam	$f2bV_matches	2019-10-10 18:00:05

相同子网IP讨论:

IP	类型	评论内容	时间
139.199.201.141	attack	SSH invalid-user multiple login try	2020-10-13 00:07:39
139.199.201.141	attackbotsspam	Oct 12 08:22:23 mout sshd[16815]: Invalid user ru from 139.199.201.141 port 61071	2020-10-12 15:30:33
139.199.201.243	attackbots	1597351475 - 08/13/2020 22:44:35 Host: 139.199.201.243/139.199.201.243 Port: 445 TCP Blocked	2020-08-14 06:53:30
139.199.209.89	attackspambots	Jul 9 10:32:44 sip sshd[25980]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.209.89 Jul 9 10:32:46 sip sshd[25980]: Failed password for invalid user admin from 139.199.209.89 port 57462 ssh2 Jul 9 10:40:30 sip sshd[28939]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.209.89	2020-07-11 06:27:21
139.199.204.61	attackbotsspam	Invalid user lj from 139.199.204.61 port 59399	2020-07-08 00:38:41
139.199.204.61	attack	$f2bV_matches	2020-07-01 15:31:27
139.199.209.89	attack	Jun 25 06:27:01 eventyay sshd[22642]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.209.89 Jun 25 06:27:04 eventyay sshd[22642]: Failed password for invalid user elena from 139.199.209.89 port 55984 ssh2 Jun 25 06:33:57 eventyay sshd[22760]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.209.89 ...	2020-06-25 12:41:22
139.199.209.89	attackspambots	Jun 22 16:33:43 lanister sshd[7517]: Invalid user uploader from 139.199.209.89 Jun 22 16:33:45 lanister sshd[7517]: Failed password for invalid user uploader from 139.199.209.89 port 57648 ssh2 Jun 22 16:36:31 lanister sshd[7564]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.209.89 user=root Jun 22 16:36:33 lanister sshd[7564]: Failed password for root from 139.199.209.89 port 54252 ssh2	2020-06-23 05:31:02
139.199.204.61	attack	Jun 12 06:07:43 mail sshd\[7196\]: Invalid user admin from 139.199.204.61 Jun 12 06:07:43 mail sshd\[7196\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.204.61 Jun 12 06:07:45 mail sshd\[7196\]: Failed password for invalid user admin from 139.199.204.61 port 51298 ssh2 ...	2020-06-12 12:32:46
139.199.204.61	attackbots	3x Failed Password	2020-06-04 07:44:50
139.199.209.89	attack	May 25 17:49:21 sso sshd[23340]: Failed password for root from 139.199.209.89 port 36574 ssh2 May 25 17:52:21 sso sshd[23672]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.209.89 ...	2020-05-26 04:00:00
139.199.204.61	attack	2020-05-21T14:17:58.392776galaxy.wi.uni-potsdam.de sshd[6363]: Invalid user qux from 139.199.204.61 port 52613 2020-05-21T14:17:58.397810galaxy.wi.uni-potsdam.de sshd[6363]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.204.61 2020-05-21T14:17:58.392776galaxy.wi.uni-potsdam.de sshd[6363]: Invalid user qux from 139.199.204.61 port 52613 2020-05-21T14:18:00.648807galaxy.wi.uni-potsdam.de sshd[6363]: Failed password for invalid user qux from 139.199.204.61 port 52613 ssh2 2020-05-21T14:20:24.503418galaxy.wi.uni-potsdam.de sshd[6655]: Invalid user ayc from 139.199.204.61 port 36425 2020-05-21T14:20:24.508443galaxy.wi.uni-potsdam.de sshd[6655]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.204.61 2020-05-21T14:20:24.503418galaxy.wi.uni-potsdam.de sshd[6655]: Invalid user ayc from 139.199.204.61 port 36425 2020-05-21T14:20:26.467316galaxy.wi.uni-potsdam.de sshd[6655]: Failed password for inval ...	2020-05-21 21:30:40
139.199.201.141	attackbotsspam	May 19 11:24:48 lnxweb61 sshd[31891]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.201.141 May 19 11:24:49 lnxweb61 sshd[31891]: Failed password for invalid user esd from 139.199.201.141 port 54701 ssh2 May 19 11:30:24 lnxweb61 sshd[5696]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.201.141	2020-05-20 05:14:59
139.199.204.61	attackbotsspam	May 7 06:32:21 meumeu sshd[5261]: Failed password for git from 139.199.204.61 port 50579 ssh2 May 7 06:34:48 meumeu sshd[7852]: Failed password for root from 139.199.204.61 port 37583 ssh2 May 7 06:37:10 meumeu sshd[8193]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.204.61 ...	2020-05-07 16:55:31
139.199.204.61	attackspam	Apr 25 07:20:43 home sshd[12333]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.204.61 Apr 25 07:20:45 home sshd[12333]: Failed password for invalid user stpi from 139.199.204.61 port 52902 ssh2 Apr 25 07:25:30 home sshd[13011]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.204.61 ...	2020-04-25 17:36:53

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.199.20.202
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 61072
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.199.20.202.			IN	A

;; AUTHORITY SECTION:
.			374	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019101000 1800 900 604800 86400

;; Query time: 927 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Oct 10 18:00:01 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 202.20.199.139.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 202.20.199.139.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
45.143.220.112	attackbots	UDP scanned port list, 15080, 25080, 35080, 45080, 55080	2020-04-22 21:16:48
105.98.101.162	attackbots	Lines containing failures of 105.98.101.162 Apr 22 13:44:32 shared12 sshd[12407]: Invalid user pi from 105.98.101.162 port 16090 Apr 22 13:44:32 shared12 sshd[12407]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=105.98.101.162 Apr 22 13:44:34 shared12 sshd[12407]: Failed password for invalid user pi from 105.98.101.162 port 16090 ssh2 Apr 22 13:44:34 shared12 sshd[12407]: Connection closed by invalid user pi 105.98.101.162 port 16090 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=105.98.101.162	2020-04-22 21:39:47
51.38.231.11	attack	Apr 22 12:18:57 game-panel sshd[27360]: Failed password for root from 51.38.231.11 port 33748 ssh2 Apr 22 12:26:33 game-panel sshd[27668]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.231.11 Apr 22 12:26:36 game-panel sshd[27668]: Failed password for invalid user admin from 51.38.231.11 port 48638 ssh2	2020-04-22 21:18:39
176.31.93.62	attack	Apr 22 13:37:05 mail01 postfix/postscreen[28305]: CONNECT from [176.31.93.62]:33914 to [94.130.181.95]:25 Apr 22 13:37:05 mail01 postfix/dnsblog[28306]: addr 176.31.93.62 listed by domain ix.dnsbl.xxxxxx.net as 127.0.0.2 Apr 22 13:37:11 mail01 postfix/postscreen[28305]: PASS NEW [176.31.93.62]:33914 Apr 22 13:37:12 mail01 postfix/smtpd[28308]: connect from de.infolawsuhostname.com[176.31.93.62] Apr x@x Apr 22 13:37:12 mail01 postfix/smtpd[28308]: disconnect from de.infolawsuhostname.com[176.31.93.62] ehlo=2 starttls=1 mail=1 rcpt=0/1 quhostname=1 commands=5/6 Apr 22 13:42:05 mail01 postfix/postscreen[28305]: CONNECT from [176.31.93.62]:40401 to [94.130.181.95]:25 Apr 22 13:42:05 mail01 postfix/dnsblog[28307]: addr 176.31.93.62 listed by domain ix.dnsbl.xxxxxx.net as 127.0.0.2 Apr 22 13:42:05 mail01 postfix/postscreen[28305]: PASS OLD [176.31.93.62]:40401 Apr 22 13:42:05 mail01 postfix/smtpd[28308]: connect from de.infolawsuhostname.com[176.31.93.62] Apr x@x Apr 22 13:42........ -------------------------------	2020-04-22 21:15:39
197.2.80.168	attackbotsspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-04-22 21:21:41
50.104.13.15	spambotsattack	This is 1 of several ip addresses stalking and hard my kids and me on internet for 2 in a half years. They have my credit card info all my passwords stole 7 email ACCTS that r still active and used with different names. They edit right on the screen everything even legal documents. My ip is 192.168.254.254 please look into this issue and block these psycho paths. Also they have my apps cloned so they can run them...they are blocking this from coming to u......also they edit the logs so PULL ever single one ther	2020-04-22 21:30:09
122.154.251.22	attackspambots	detected by Fail2Ban	2020-04-22 21:33:42
91.219.138.228	attackspambots	Honeypot attack, port: 445, PTR: PTR record not found	2020-04-22 21:33:19
45.55.219.114	attack	Found by fail2ban	2020-04-22 21:34:33
50.104.13.15	spambotsattack	This is 1 of several ip addresses stalking and hard my kids and me on internet for 2 in a half years. They have my credit card info all my passwords stole 7 email ACCTS that r still active and used with different names. They edit right on the screen everything even legal documents. My ip is 192.168.254.254 please look into this issue and block these psycho paths. Also they have my apps cloned so they can run them	2020-04-22 21:28:13
95.85.60.251	attackspambots	Apr 22 13:54:46 lock-38 sshd[1366258]: Disconnected from invalid user admin 95.85.60.251 port 56144 [preauth] Apr 22 14:04:11 lock-38 sshd[1366516]: Invalid user xy from 95.85.60.251 port 60834 Apr 22 14:04:11 lock-38 sshd[1366516]: Invalid user xy from 95.85.60.251 port 60834 Apr 22 14:04:11 lock-38 sshd[1366516]: Failed password for invalid user xy from 95.85.60.251 port 60834 ssh2 Apr 22 14:04:11 lock-38 sshd[1366516]: Disconnected from invalid user xy 95.85.60.251 port 60834 [preauth] ...	2020-04-22 21:15:01
111.229.48.106	attackbots	Apr 22 09:50:27 dns1 sshd[8593]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.48.106 Apr 22 09:50:30 dns1 sshd[8593]: Failed password for invalid user wv from 111.229.48.106 port 56660 ssh2 Apr 22 09:55:26 dns1 sshd[8928]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.48.106	2020-04-22 21:27:35
203.172.66.227	attack	2020-04-22T08:07:31.465491sorsha.thespaminator.com sshd[9099]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.172.66.227 user=root 2020-04-22T08:07:33.065353sorsha.thespaminator.com sshd[9099]: Failed password for root from 203.172.66.227 port 51976 ssh2 ...	2020-04-22 21:41:47
180.215.204.139	attack	Apr 22 05:28:15 mockhub sshd[10380]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.215.204.139 Apr 22 05:28:17 mockhub sshd[10380]: Failed password for invalid user pw from 180.215.204.139 port 53582 ssh2 ...	2020-04-22 21:22:01
177.99.206.10	attackbots	Apr 22 12:55:43 localhost sshd[45663]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.99.206.10 user=root Apr 22 12:55:45 localhost sshd[45663]: Failed password for root from 177.99.206.10 port 47208 ssh2 Apr 22 13:01:04 localhost sshd[46265]: Invalid user wt from 177.99.206.10 port 33200 Apr 22 13:01:04 localhost sshd[46265]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.99.206.10 Apr 22 13:01:04 localhost sshd[46265]: Invalid user wt from 177.99.206.10 port 33200 Apr 22 13:01:06 localhost sshd[46265]: Failed password for invalid user wt from 177.99.206.10 port 33200 ssh2 ...	2020-04-22 21:44:25

最近上报的IP列表

240.121.24.170	212.43.245.90	154.131.102.52	137.207.41.117
50.141.237.166	226.78.163.190	39.237.51.96	194.25.36.192
17.222.243.146	54.77.11.3	223.64.82.89	106.12.179.254
243.91.168.92	168.111.112.159	201.22.33.4	132.232.125.152
114.40.145.107	195.67.219.53	113.205.98.236	14.157.138.242