139.199.20.202

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): V6Yun (Beijing) Network Co. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Apr 29 17:01:02 vpn01 sshd[31494]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.20.202 Apr 29 17:01:04 vpn01 sshd[31494]: Failed password for invalid user crs from 139.199.20.202 port 59596 ssh2 ...	2020-04-30 01:29:53
attackspambots	Apr 24 17:24:46 firewall sshd[851]: Invalid user postfix from 139.199.20.202 Apr 24 17:24:49 firewall sshd[851]: Failed password for invalid user postfix from 139.199.20.202 port 32880 ssh2 Apr 24 17:30:22 firewall sshd[983]: Invalid user smsd from 139.199.20.202 ...	2020-04-25 05:17:08
attackbots	Apr 21 15:40:18 ws24vmsma01 sshd[145708]: Failed password for root from 139.199.20.202 port 53252 ssh2 ...	2020-04-22 03:37:14
attack	Brute-force attempt banned	2020-04-20 21:27:30
attack	Apr 20 09:34:42 icinga sshd[11303]: Failed password for root from 139.199.20.202 port 46262 ssh2 Apr 20 09:44:09 icinga sshd[26041]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.20.202 Apr 20 09:44:11 icinga sshd[26041]: Failed password for invalid user qk from 139.199.20.202 port 47618 ssh2 ...	2020-04-20 17:58:40
attackbotsspam	Apr 19 22:27:55 ns381471 sshd[17975]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.20.202 Apr 19 22:27:56 ns381471 sshd[17975]: Failed password for invalid user gitolite from 139.199.20.202 port 53194 ssh2	2020-04-20 04:55:18
attack	Invalid user cssserver from 139.199.20.202 port 53108	2020-04-11 16:20:08
attackspambots	Invalid user tlt from 139.199.20.202 port 40968	2020-04-03 18:14:22
attackspam	Invalid user jl from 139.199.20.202 port 60256	2020-04-03 04:04:06
attack	Mar 22 05:40:10 areeb-Workstation sshd[20038]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.20.202 Mar 22 05:40:12 areeb-Workstation sshd[20038]: Failed password for invalid user party from 139.199.20.202 port 49444 ssh2 ...	2020-03-22 08:53:49
attack	Invalid user chang from 139.199.20.202 port 56392	2020-03-21 07:29:56
attackspam	Invalid user leo from 139.199.20.202 port 40344	2020-03-13 20:31:29
attackspam	Invalid user leo from 139.199.20.202 port 40344	2020-03-12 03:17:16
attackbotsspam	Mar 1 00:29:34 localhost sshd\[24977\]: Invalid user musicbot from 139.199.20.202 Mar 1 00:29:34 localhost sshd\[24977\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.20.202 Mar 1 00:29:36 localhost sshd\[24977\]: Failed password for invalid user musicbot from 139.199.20.202 port 37958 ssh2 Mar 1 00:35:37 localhost sshd\[25337\]: Invalid user harry from 139.199.20.202 Mar 1 00:35:37 localhost sshd\[25337\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.20.202 ...	2020-03-01 09:27:15
attackbots	Unauthorized connection attempt detected from IP address 139.199.20.202 to port 2220 [J]	2020-01-25 08:49:04
attackspam	Invalid user catherine from 139.199.20.202 port 46940	2020-01-22 00:33:50
attackbotsspam	Nov 19 22:23:31 cp sshd[14439]: Failed password for root from 139.199.20.202 port 44036 ssh2 Nov 19 22:23:31 cp sshd[14439]: Failed password for root from 139.199.20.202 port 44036 ssh2 Nov 19 22:27:34 cp sshd[16681]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.20.202	2019-11-20 08:03:43
attack	frenzy	2019-11-03 05:02:28
attack	Oct 28 12:43:36 anodpoucpklekan sshd[59882]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.20.202 user=root Oct 28 12:43:38 anodpoucpklekan sshd[59882]: Failed password for root from 139.199.20.202 port 34964 ssh2 ...	2019-10-29 02:18:43
attackspam	Oct 20 15:10:05 MK-Soft-VM5 sshd[16848]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.20.202 Oct 20 15:10:06 MK-Soft-VM5 sshd[16848]: Failed password for invalid user gordon from 139.199.20.202 port 46502 ssh2 ...	2019-10-20 21:30:11
attack	2019-10-14T11:49:14.431850abusebot.cloudsearch.cf sshd\[16302\]: Invalid user Story123 from 139.199.20.202 port 39404 2019-10-14T11:49:14.439728abusebot.cloudsearch.cf sshd\[16302\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.20.202	2019-10-14 23:45:49
attack	Oct 13 18:04:14 Tower sshd[31081]: Connection from 139.199.20.202 port 37440 on 192.168.10.220 port 22 Oct 13 18:04:16 Tower sshd[31081]: Failed password for root from 139.199.20.202 port 37440 ssh2 Oct 13 18:04:16 Tower sshd[31081]: Received disconnect from 139.199.20.202 port 37440:11: Bye Bye [preauth] Oct 13 18:04:16 Tower sshd[31081]: Disconnected from authenticating user root 139.199.20.202 port 37440 [preauth]	2019-10-14 08:05:52
attackspam	Oct 13 01:28:03 [host] sshd[25838]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.20.202 user=root Oct 13 01:28:04 [host] sshd[25838]: Failed password for root from 139.199.20.202 port 60468 ssh2 Oct 13 01:32:24 [host] sshd[26009]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.20.202 user=root	2019-10-13 08:13:02
attackbotsspam	$f2bV_matches	2019-10-10 18:00:05

相同子网IP讨论:

IP	类型	评论内容	时间
139.199.201.141	attack	SSH invalid-user multiple login try	2020-10-13 00:07:39
139.199.201.141	attackbotsspam	Oct 12 08:22:23 mout sshd[16815]: Invalid user ru from 139.199.201.141 port 61071	2020-10-12 15:30:33
139.199.201.243	attackbots	1597351475 - 08/13/2020 22:44:35 Host: 139.199.201.243/139.199.201.243 Port: 445 TCP Blocked	2020-08-14 06:53:30
139.199.209.89	attackspambots	Jul 9 10:32:44 sip sshd[25980]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.209.89 Jul 9 10:32:46 sip sshd[25980]: Failed password for invalid user admin from 139.199.209.89 port 57462 ssh2 Jul 9 10:40:30 sip sshd[28939]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.209.89	2020-07-11 06:27:21
139.199.204.61	attackbotsspam	Invalid user lj from 139.199.204.61 port 59399	2020-07-08 00:38:41
139.199.204.61	attack	$f2bV_matches	2020-07-01 15:31:27
139.199.209.89	attack	Jun 25 06:27:01 eventyay sshd[22642]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.209.89 Jun 25 06:27:04 eventyay sshd[22642]: Failed password for invalid user elena from 139.199.209.89 port 55984 ssh2 Jun 25 06:33:57 eventyay sshd[22760]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.209.89 ...	2020-06-25 12:41:22
139.199.209.89	attackspambots	Jun 22 16:33:43 lanister sshd[7517]: Invalid user uploader from 139.199.209.89 Jun 22 16:33:45 lanister sshd[7517]: Failed password for invalid user uploader from 139.199.209.89 port 57648 ssh2 Jun 22 16:36:31 lanister sshd[7564]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.209.89 user=root Jun 22 16:36:33 lanister sshd[7564]: Failed password for root from 139.199.209.89 port 54252 ssh2	2020-06-23 05:31:02
139.199.204.61	attack	Jun 12 06:07:43 mail sshd\[7196\]: Invalid user admin from 139.199.204.61 Jun 12 06:07:43 mail sshd\[7196\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.204.61 Jun 12 06:07:45 mail sshd\[7196\]: Failed password for invalid user admin from 139.199.204.61 port 51298 ssh2 ...	2020-06-12 12:32:46
139.199.204.61	attackbots	3x Failed Password	2020-06-04 07:44:50
139.199.209.89	attack	May 25 17:49:21 sso sshd[23340]: Failed password for root from 139.199.209.89 port 36574 ssh2 May 25 17:52:21 sso sshd[23672]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.209.89 ...	2020-05-26 04:00:00
139.199.204.61	attack	2020-05-21T14:17:58.392776galaxy.wi.uni-potsdam.de sshd[6363]: Invalid user qux from 139.199.204.61 port 52613 2020-05-21T14:17:58.397810galaxy.wi.uni-potsdam.de sshd[6363]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.204.61 2020-05-21T14:17:58.392776galaxy.wi.uni-potsdam.de sshd[6363]: Invalid user qux from 139.199.204.61 port 52613 2020-05-21T14:18:00.648807galaxy.wi.uni-potsdam.de sshd[6363]: Failed password for invalid user qux from 139.199.204.61 port 52613 ssh2 2020-05-21T14:20:24.503418galaxy.wi.uni-potsdam.de sshd[6655]: Invalid user ayc from 139.199.204.61 port 36425 2020-05-21T14:20:24.508443galaxy.wi.uni-potsdam.de sshd[6655]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.204.61 2020-05-21T14:20:24.503418galaxy.wi.uni-potsdam.de sshd[6655]: Invalid user ayc from 139.199.204.61 port 36425 2020-05-21T14:20:26.467316galaxy.wi.uni-potsdam.de sshd[6655]: Failed password for inval ...	2020-05-21 21:30:40
139.199.201.141	attackbotsspam	May 19 11:24:48 lnxweb61 sshd[31891]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.201.141 May 19 11:24:49 lnxweb61 sshd[31891]: Failed password for invalid user esd from 139.199.201.141 port 54701 ssh2 May 19 11:30:24 lnxweb61 sshd[5696]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.201.141	2020-05-20 05:14:59
139.199.204.61	attackbotsspam	May 7 06:32:21 meumeu sshd[5261]: Failed password for git from 139.199.204.61 port 50579 ssh2 May 7 06:34:48 meumeu sshd[7852]: Failed password for root from 139.199.204.61 port 37583 ssh2 May 7 06:37:10 meumeu sshd[8193]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.204.61 ...	2020-05-07 16:55:31
139.199.204.61	attackspam	Apr 25 07:20:43 home sshd[12333]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.204.61 Apr 25 07:20:45 home sshd[12333]: Failed password for invalid user stpi from 139.199.204.61 port 52902 ssh2 Apr 25 07:25:30 home sshd[13011]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.204.61 ...	2020-04-25 17:36:53

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.199.20.202
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 61072
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.199.20.202.			IN	A

;; AUTHORITY SECTION:
.			374	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019101000 1800 900 604800 86400

;; Query time: 927 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Oct 10 18:00:01 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 202.20.199.139.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 202.20.199.139.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
170.130.187.38	attackspambots	Found on Binary Defense / proto=6 . srcport=57831 . dstport=5060 . (3769)	2020-10-05 06:59:38
103.129.95.34	attackspambots	139/tcp 445/tcp [2020-10-01]2pkt	2020-10-05 07:12:59
154.57.193.2	attackbots	TCP (SYN) 154.57.193.2:41096 -> port 445, len 44	2020-10-05 07:01:39
185.132.53.85	attackspambots	Oct 4 23:48:13 vps647732 sshd[7976]: Failed password for root from 185.132.53.85 port 51540 ssh2 ...	2020-10-05 07:20:14
41.242.138.30	attackbots	(sshd) Failed SSH login from 41.242.138.30 (GH/Ghana/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 3 16:39:44 server sshd[5790]: Did not receive identification string from 41.242.138.30 port 56756 Oct 3 16:39:44 server sshd[5789]: Did not receive identification string from 41.242.138.30 port 56748 Oct 3 16:39:44 server sshd[5791]: Did not receive identification string from 41.242.138.30 port 56717 Oct 3 16:39:44 server sshd[5792]: Did not receive identification string from 41.242.138.30 port 56736 Oct 3 16:39:44 server sshd[5793]: Did not receive identification string from 41.242.138.30 port 56830	2020-10-05 07:02:56
220.132.75.140	attackbots	SSH Bruteforce Attempt on Honeypot	2020-10-05 07:10:51
18.139.162.95	attack	Brute Force	2020-10-05 07:21:47
119.45.22.71	attackbotsspam	Brute%20Force%20SSH	2020-10-05 07:20:32
218.92.0.250	attackbotsspam	Oct 4 23:23:57 ip-172-31-16-56 sshd\[18062\]: Failed password for root from 218.92.0.250 port 34438 ssh2\ Oct 4 23:24:01 ip-172-31-16-56 sshd\[18062\]: Failed password for root from 218.92.0.250 port 34438 ssh2\ Oct 4 23:24:04 ip-172-31-16-56 sshd\[18062\]: Failed password for root from 218.92.0.250 port 34438 ssh2\ Oct 4 23:24:07 ip-172-31-16-56 sshd\[18062\]: Failed password for root from 218.92.0.250 port 34438 ssh2\ Oct 4 23:24:11 ip-172-31-16-56 sshd\[18062\]: Failed password for root from 218.92.0.250 port 34438 ssh2\	2020-10-05 07:26:38
103.130.109.20	attackspambots	$f2bV_matches	2020-10-05 07:06:26
217.160.25.39	attack	Brute forcing email accounts	2020-10-05 07:01:17
175.143.86.250	attackbots	Telnet Honeypot -> Telnet Bruteforce / Login	2020-10-05 07:17:43
159.89.199.195	attackbots	2020-10-04T07:51:13.238648shield sshd\[17519\]: Invalid user matheus from 159.89.199.195 port 55220 2020-10-04T07:51:13.246982shield sshd\[17519\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.199.195 2020-10-04T07:51:15.224214shield sshd\[17519\]: Failed password for invalid user matheus from 159.89.199.195 port 55220 ssh2 2020-10-04T07:55:26.680596shield sshd\[17909\]: Invalid user ryan from 159.89.199.195 port 33548 2020-10-04T07:55:26.689254shield sshd\[17909\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.199.195	2020-10-05 07:14:11
188.170.13.225	attackspam	Oct 4 19:43:56 cdc sshd[14555]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.170.13.225 user=root Oct 4 19:43:59 cdc sshd[14555]: Failed password for invalid user root from 188.170.13.225 port 34396 ssh2	2020-10-05 07:25:14
106.13.167.62	attack	SSH Bruteforce Attempt on Honeypot	2020-10-05 07:34:09

最近上报的IP列表

240.121.24.170	212.43.245.90	154.131.102.52	137.207.41.117
50.141.237.166	226.78.163.190	39.237.51.96	194.25.36.192
17.222.243.146	54.77.11.3	223.64.82.89	106.12.179.254
243.91.168.92	168.111.112.159	201.22.33.4	132.232.125.152
114.40.145.107	195.67.219.53	113.205.98.236	14.157.138.242