必须是合法有效的IP地址, 可以是IPv4或者是IPv6, 例如127.0.0.1或者2001:DB8:0:0:8:800:200C:417A
基本信息:

城市(city): Beijing

省份(region): Beijing

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): Shenzhen Tencent Computer Systems Company Limited

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:
类型 评论内容 时间
attackspambots
Feb 23 03:22:13 motanud sshd\[30052\]: Invalid user andrew from 139.199.34.112 port 33302
Feb 23 03:22:13 motanud sshd\[30052\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.34.112
Feb 23 03:22:15 motanud sshd\[30052\]: Failed password for invalid user andrew from 139.199.34.112 port 33302 ssh2
2019-08-04 14:42:56
attackspambots
SSH-BruteForce
2019-07-31 14:25:08
attack
Invalid user vsftpd from 139.199.34.112 port 55342
pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.34.112
Failed password for invalid user vsftpd from 139.199.34.112 port 55342 ssh2
Invalid user anna from 139.199.34.112 port 36992
pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.34.112
2019-06-30 12:46:36
相同子网IP讨论:
IP 类型 评论内容 时间
139.199.34.54 attackbots
May  2 09:56:18 santamaria sshd\[22903\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.34.54  user=root
May  2 09:56:20 santamaria sshd\[22903\]: Failed password for root from 139.199.34.54 port 26637 ssh2
May  2 10:01:24 santamaria sshd\[22997\]: Invalid user vel from 139.199.34.54
May  2 10:01:24 santamaria sshd\[22997\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.34.54
...
2020-05-02 16:24:21
139.199.34.54 attackspam
Apr 30 16:04:41 webhost01 sshd[21041]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.34.54
Apr 30 16:04:43 webhost01 sshd[21041]: Failed password for invalid user ratna from 139.199.34.54 port 30154 ssh2
...
2020-04-30 17:33:19
139.199.34.54 attackbotsspam
Apr 27 06:03:20 h2646465 sshd[789]: Invalid user gene from 139.199.34.54
Apr 27 06:03:20 h2646465 sshd[789]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.34.54
Apr 27 06:03:20 h2646465 sshd[789]: Invalid user gene from 139.199.34.54
Apr 27 06:03:22 h2646465 sshd[789]: Failed password for invalid user gene from 139.199.34.54 port 64556 ssh2
Apr 27 06:14:52 h2646465 sshd[2284]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.34.54  user=root
Apr 27 06:14:54 h2646465 sshd[2284]: Failed password for root from 139.199.34.54 port 45286 ssh2
Apr 27 06:17:48 h2646465 sshd[2869]: Invalid user ubuntu from 139.199.34.54
Apr 27 06:17:48 h2646465 sshd[2869]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.34.54
Apr 27 06:17:48 h2646465 sshd[2869]: Invalid user ubuntu from 139.199.34.54
Apr 27 06:17:51 h2646465 sshd[2869]: Failed password for invalid user ubuntu from 139.199.34.
2020-04-27 12:48:11
139.199.34.54 attack
Apr 18 13:25:30 lanister sshd[31799]: Failed password for invalid user ubuntu from 139.199.34.54 port 11170 ssh2
Apr 18 13:42:23 lanister sshd[32150]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.34.54  user=postgres
Apr 18 13:42:25 lanister sshd[32150]: Failed password for postgres from 139.199.34.54 port 16947 ssh2
Apr 18 13:49:02 lanister sshd[32260]: Invalid user xv from 139.199.34.54
2020-04-19 02:03:48
139.199.34.54 attack
Apr 16 14:09:38 eventyay sshd[3617]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.34.54
Apr 16 14:09:41 eventyay sshd[3617]: Failed password for invalid user demo from 139.199.34.54 port 39839 ssh2
Apr 16 14:12:40 eventyay sshd[3726]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.34.54
...
2020-04-16 23:54:12
139.199.34.54 attackspam
leo_www
2020-04-07 13:30:08
139.199.34.54 attackbots
Automatic report - SSH Brute-Force Attack
2020-03-12 03:37:11
139.199.34.54 attackbotsspam
Invalid user cpaneleximfilter from 139.199.34.54 port 11931
2020-03-11 17:17:46
139.199.34.54 attackspambots
SSH bruteforce (Triggered fail2ban)
2020-03-08 20:26:30
139.199.34.54 attack
suspicious action Wed, 26 Feb 2020 15:32:50 -0300
2020-02-27 03:30:23
139.199.34.54 attackspambots
Invalid user ivan from 139.199.34.54 port 38183
2020-02-18 16:33:02
139.199.34.191 attack
[SatNov1615:51:48.0385302019][:error][pid2258:tid140571762964224][client139.199.34.191:24201][client139.199.34.191]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch"\(\?:\\\\\\\\\(chr\?\\\\\\\\\(\?[0-9]{1\,3}\?\\\\\\\\\)\|\?=\?f\(\?:open\|write\)\?\\\\\\\\\(\|\\\\\\\\b\(\?:passthru\|serialize\|php_uname\|phpinfo\|shell_exec\|preg_\\\\\\\\w \|mysql_query\|exec\|eval\|base64_decode\|decode_base64\|rot13\|base64_url_decode\|gz\(\?:inflate\|decode\|uncompress\)\|strrev\|zlib_\\\\\\\\w \)\\\\\\\\b\?\(\?..."atARGS:admin.[file"/usr/local/apache.ea3/conf/modsec_rules/10_asl_rules.conf"][line"767"][id"340095"][rev"53"][msg"Atomicorp.comWAFRules:AttackBlocked-PHPfunctioninArgument-thismaybeanattack."][data"die\(@md5\,ARGS:admin"][severity"CRITICAL"][hostname"81.17.25.237"][uri"/App.php"][unique_id"XdANBES@OZ7eHP60T7GfSAAAANE"][SatNov1615:52:11.3014982019][:error][pid2171:tid140571855283968][client139.199.34.191:28165][client139.199.34.191]ModSecurity:Accessdeniedwithcode403\(phase2\).Patt
2019-11-16 23:31:16
139.199.34.191 attackspam
ECShop Remote Code Execution Vulnerability, PTR: PTR record not found
2019-09-08 19:53:02
WHOIS信息:
b
DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.199.34.112
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 31303
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.199.34.112.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019040903 1800 900 604800 86400

;; Query time: 71 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Wed Apr 10 10:28:04 +08 2019
;; MSG SIZE  rcvd: 118

HOST信息:
Host 112.34.199.139.in-addr.arpa. not found: 3(NXDOMAIN)
NSLOOKUP信息:
Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 112.34.199.139.in-addr.arpa: NXDOMAIN

相关IP信息:
最新评论:
IP 类型 评论内容 时间
106.75.165.127 attackbots
May 15 07:41:31 debian-2gb-nbg1-2 kernel: \[11780141.959683\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=106.75.165.127 DST=195.201.40.59 LEN=44 TOS=0x00 PREC=0x00 TTL=237 ID=24696 PROTO=TCP SPT=58914 DPT=4782 WINDOW=1024 RES=0x00 SYN URGP=0
2020-05-15 20:24:49
64.90.40.100 attack
CMS (WordPress or Joomla) login attempt.
2020-05-15 19:56:54
165.22.63.27 attackbotsspam
Auto Fail2Ban report, multiple SSH login attempts.
2020-05-15 20:27:46
45.225.216.80 attack
May 15 12:29:51 srv-ubuntu-dev3 sshd[1672]: Invalid user ubuntu from 45.225.216.80
May 15 12:29:51 srv-ubuntu-dev3 sshd[1672]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.225.216.80
May 15 12:29:51 srv-ubuntu-dev3 sshd[1672]: Invalid user ubuntu from 45.225.216.80
May 15 12:29:54 srv-ubuntu-dev3 sshd[1672]: Failed password for invalid user ubuntu from 45.225.216.80 port 56964 ssh2
May 15 12:32:09 srv-ubuntu-dev3 sshd[2100]: Invalid user panasonic from 45.225.216.80
May 15 12:32:09 srv-ubuntu-dev3 sshd[2100]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.225.216.80
May 15 12:32:09 srv-ubuntu-dev3 sshd[2100]: Invalid user panasonic from 45.225.216.80
May 15 12:32:11 srv-ubuntu-dev3 sshd[2100]: Failed password for invalid user panasonic from 45.225.216.80 port 54796 ssh2
May 15 12:34:27 srv-ubuntu-dev3 sshd[2517]: Invalid user privoxy from 45.225.216.80
...
2020-05-15 20:21:34
106.12.2.221 attack
May 15 08:58:04 santamaria sshd\[27226\]: Invalid user bdos from 106.12.2.221
May 15 08:58:04 santamaria sshd\[27226\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.2.221
May 15 08:58:06 santamaria sshd\[27226\]: Failed password for invalid user bdos from 106.12.2.221 port 56510 ssh2
...
2020-05-15 20:19:52
129.226.118.77 attackbots
May 15 13:43:31 web1 sshd[23478]: Invalid user samba from 129.226.118.77 port 39458
May 15 13:43:31 web1 sshd[23478]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.226.118.77
May 15 13:43:31 web1 sshd[23478]: Invalid user samba from 129.226.118.77 port 39458
May 15 13:43:33 web1 sshd[23478]: Failed password for invalid user samba from 129.226.118.77 port 39458 ssh2
May 15 13:53:53 web1 sshd[26154]: Invalid user monika from 129.226.118.77 port 52008
May 15 13:53:53 web1 sshd[26154]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.226.118.77
May 15 13:53:53 web1 sshd[26154]: Invalid user monika from 129.226.118.77 port 52008
May 15 13:53:55 web1 sshd[26154]: Failed password for invalid user monika from 129.226.118.77 port 52008 ssh2
May 15 14:02:35 web1 sshd[28341]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.226.118.77  user=root
May 15 14:02:37 web1 
...
2020-05-15 20:20:38
183.89.211.57 attackspambots
Dovecot Invalid User Login Attempt.
2020-05-15 20:23:50
106.54.205.236 attackbotsspam
2020-05-15T12:24:54.144989shield sshd\[27380\]: Invalid user admin from 106.54.205.236 port 35306
2020-05-15T12:24:54.153607shield sshd\[27380\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.205.236
2020-05-15T12:24:56.222210shield sshd\[27380\]: Failed password for invalid user admin from 106.54.205.236 port 35306 ssh2
2020-05-15T12:29:01.106791shield sshd\[28276\]: Invalid user wartung from 106.54.205.236 port 55816
2020-05-15T12:29:01.111876shield sshd\[28276\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.205.236
2020-05-15 20:32:03
203.147.83.52 attack
(imapd) Failed IMAP login from 203.147.83.52 (NC/New Caledonia/host-203-147-83-52.h36.canl.nc): 1 in the last 3600 secs
2020-05-15 19:51:01
103.123.87.233 attackspam
May 15 05:24:40 server1 sshd\[3069\]: Failed password for invalid user user from 103.123.87.233 port 48360 ssh2
May 15 05:27:02 server1 sshd\[3760\]: Invalid user zf from 103.123.87.233
May 15 05:27:02 server1 sshd\[3760\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.123.87.233 
May 15 05:27:04 server1 sshd\[3760\]: Failed password for invalid user zf from 103.123.87.233 port 50366 ssh2
May 15 05:29:43 server1 sshd\[4602\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.123.87.233  user=root
...
2020-05-15 19:51:32
68.183.12.80 attackspambots
Invalid user payroll from 68.183.12.80 port 37124
2020-05-15 20:19:13
123.255.202.118 attack
honeypot 22 port
2020-05-15 20:15:17
49.232.165.42 attackspam
Invalid user admissions from 49.232.165.42 port 42524
2020-05-15 20:05:35
117.89.71.219 attackbotsspam
Unauthorized connection attempt detected from IP address 117.89.71.219 to port 1433 [T]
2020-05-15 20:12:34
194.177.219.164 attackspambots
May 15 12:39:43 www4 sshd\[9251\]: Invalid user user from 194.177.219.164
May 15 12:39:43 www4 sshd\[9251\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.177.219.164
May 15 12:39:45 www4 sshd\[9251\]: Failed password for invalid user user from 194.177.219.164 port 24072 ssh2
...
2020-05-15 20:03:49

最近上报的IP列表

40.92.67.102 116.196.113.25 123.162.174.251 121.128.205.185
37.9.169.7 27.147.131.130 8.26.94.190 185.29.25.198
198.211.98.13 212.114.58.34 195.158.22.86 5.196.243.201
117.34.25.155 23.95.81.236 13.92.226.173 2.244.78.12
123.206.56.45 59.173.55.163 182.73.47.154 121.7.127.92