139.199.5.74 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Apr 27 16:11:39 server sshd\[37099\]: Invalid user campionii from 139.199.5.74 Apr 27 16:11:39 server sshd\[37099\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.5.74 Apr 27 16:11:42 server sshd\[37099\]: Failed password for invalid user campionii from 139.199.5.74 port 32997 ssh2 ...	2019-07-12 07:50:12

类型

评论内容

时间

attackspambots

Apr 27 16:11:39 server sshd\[37099\]: Invalid user campionii from 139.199.5.74
Apr 27 16:11:39 server sshd\[37099\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.5.74
Apr 27 16:11:42 server sshd\[37099\]: Failed password for invalid user campionii from 139.199.5.74 port 32997 ssh2
...

2019-07-12 07:50:12

相同子网IP讨论:

IP	类型	评论内容	时间
139.199.5.50	attackspambots	Oct 12 12:46:29 lanister sshd[30633]: Invalid user kazuhisa from 139.199.5.50 Oct 12 12:46:29 lanister sshd[30633]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.5.50 Oct 12 12:46:29 lanister sshd[30633]: Invalid user kazuhisa from 139.199.5.50 Oct 12 12:46:31 lanister sshd[30633]: Failed password for invalid user kazuhisa from 139.199.5.50 port 60894 ssh2	2020-10-13 00:50:20
139.199.5.50	attackspam	Oct 11 20:17:17 mockhub sshd[1232386]: Invalid user julie from 139.199.5.50 port 47312 Oct 11 20:17:19 mockhub sshd[1232386]: Failed password for invalid user julie from 139.199.5.50 port 47312 ssh2 Oct 11 20:20:33 mockhub sshd[1232501]: Invalid user ih from 139.199.5.50 port 40938 ...	2020-10-12 16:14:24
139.199.5.50	attackspambots	139.199.5.50 (CN/China/-), 6 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Oct 6 16:17:19 server2 sshd[5279]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.35.118.42 user=root Oct 6 16:17:21 server2 sshd[5279]: Failed password for root from 117.35.118.42 port 54764 ssh2 Oct 6 16:19:31 server2 sshd[5675]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.98.124.86 user=root Oct 6 16:19:32 server2 sshd[5671]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.5.50 user=root Oct 6 16:19:14 server2 sshd[5636]: Failed password for root from 60.220.185.64 port 36822 ssh2 Oct 6 16:19:11 server2 sshd[5636]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.220.185.64 user=root IP Addresses Blocked: 117.35.118.42 (CN/China/-) 66.98.124.86 (US/United States/-)	2020-10-07 05:01:01
139.199.5.50	attackspambots	Oct 6 08:02:29 firewall sshd[6834]: Failed password for root from 139.199.5.50 port 51790 ssh2 Oct 6 08:06:14 firewall sshd[6912]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.5.50 user=root Oct 6 08:06:16 firewall sshd[6912]: Failed password for root from 139.199.5.50 port 45618 ssh2 ...	2020-10-06 21:08:11
139.199.5.50	attackspambots	Oct 6 02:46:56 hidden sshd[29517]: Failed password for hidden from 139.199.5.50 port 54982 ssh2 Oct 6 02:50:42 hidden sshd[30971]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.5.50 user=root Oct 6 02:50:45 hidden sshd[30971]: Failed password for hidden from 139.199.5.50 port 56904 ssh2 Oct 6 02:54:23 hidden sshd[32323]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.5.50 user=root Oct 6 02:54:24 hidden sshd[32323]: Failed password for hidden from 139.199.5.50 port 58804 ssh2	2020-10-06 12:48:58
139.199.5.50	attackbotsspam	Invalid user support3 from 139.199.5.50 port 54350	2020-10-02 08:01:32
139.199.5.50	attackspambots	Invalid user support3 from 139.199.5.50 port 54350	2020-10-02 00:37:47
139.199.5.50	attackbotsspam	fail2ban -- 139.199.5.50 ...	2020-10-01 16:42:39
139.199.5.50	attack	frenzy	2020-09-13 01:58:14
139.199.5.50	attackspambots	frenzy	2020-09-12 17:58:10
139.199.5.50	attack	Aug 30 13:51:48 gamehost-one sshd[5925]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.5.50 Aug 30 13:51:50 gamehost-one sshd[5925]: Failed password for invalid user tester from 139.199.5.50 port 58266 ssh2 Aug 30 14:16:11 gamehost-one sshd[8694]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.5.50 ...	2020-08-30 20:46:51
139.199.5.50	attack	Aug 28 16:18:51 ws22vmsma01 sshd[27380]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.5.50 Aug 28 16:18:54 ws22vmsma01 sshd[27380]: Failed password for invalid user postgres from 139.199.5.50 port 43594 ssh2 ...	2020-08-29 03:49:52
139.199.5.50	attackbotsspam	Aug 25 15:20:05 george sshd[5010]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.5.50 Aug 25 15:20:07 george sshd[5010]: Failed password for invalid user test10 from 139.199.5.50 port 58590 ssh2 Aug 25 15:23:53 george sshd[5063]: Invalid user prueba1 from 139.199.5.50 port 56318 Aug 25 15:23:53 george sshd[5063]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.5.50 Aug 25 15:23:55 george sshd[5063]: Failed password for invalid user prueba1 from 139.199.5.50 port 56318 ssh2 ...	2020-08-26 03:43:54
139.199.5.50	attackspambots	Aug 13 07:00:34 piServer sshd[1876]: Failed password for root from 139.199.5.50 port 48472 ssh2 Aug 13 07:03:43 piServer sshd[2297]: Failed password for root from 139.199.5.50 port 59670 ssh2 ...	2020-08-13 13:24:02
139.199.5.50	attackbotsspam	Aug 11 20:11:17 lunarastro sshd[23349]: Failed password for root from 139.199.5.50 port 33716 ssh2 Aug 11 20:25:31 lunarastro sshd[23576]: Failed password for root from 139.199.5.50 port 50524 ssh2	2020-08-12 03:57:07

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.199.5.74
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 35468
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.199.5.74.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019042401 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Thu Apr 25 08:04:21 +08 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 74.5.199.139.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 74.5.199.139.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
2.32.113.118	attackspam	$f2bV_matches	2019-06-24 02:20:23
72.23.152.87	attackbots	Jun 23 12:47:34 srv-4 sshd\[23628\]: Invalid user admin from 72.23.152.87 Jun 23 12:47:34 srv-4 sshd\[23628\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=72.23.152.87 Jun 23 12:47:36 srv-4 sshd\[23628\]: Failed password for invalid user admin from 72.23.152.87 port 57547 ssh2 ...	2019-06-24 01:54:18
222.84.72.84	attack	8080/tcp [2019-06-23]1pkt	2019-06-24 02:10:42
120.29.87.67	attackbots	445/tcp 445/tcp [2019-06-23]2pkt	2019-06-24 02:14:51
151.95.23.212	attackbotsspam	[ES hit] Tried to deliver spam.	2019-06-24 02:13:51
177.21.129.206	attack	failed_logins	2019-06-24 02:26:25
183.103.61.243	attack	Jun 23 09:42:21 ip-172-31-62-245 sshd\[14682\]: Invalid user sonar from 183.103.61.243\ Jun 23 09:42:22 ip-172-31-62-245 sshd\[14682\]: Failed password for invalid user sonar from 183.103.61.243 port 46844 ssh2\ Jun 23 09:46:16 ip-172-31-62-245 sshd\[14726\]: Invalid user grey from 183.103.61.243\ Jun 23 09:46:19 ip-172-31-62-245 sshd\[14726\]: Failed password for invalid user grey from 183.103.61.243 port 55032 ssh2\ Jun 23 09:47:47 ip-172-31-62-245 sshd\[14731\]: Invalid user titan from 183.103.61.243\	2019-06-24 01:59:49
109.230.238.117	attackbots	$f2bV_matches	2019-06-24 02:02:52
185.101.156.127	attack	Unauthorised access (Jun 23) SRC=185.101.156.127 LEN=40 TTL=241 ID=280 TCP DPT=445 WINDOW=1024 SYN	2019-06-24 02:32:00
138.122.39.5	attackbotsspam	Unauthorized SMTP/IMAP/POP3 connection attempt	2019-06-24 01:55:18
177.154.234.43	attackbots	Brute force attempt	2019-06-24 02:09:44
168.91.42.63	attack	NAME : BLAZINGSEO-US-143 CIDR : 168.91.41.0/24 \| STATUS : 200 ROBOT {Looking for resource vulnerabilities} DDoS Attack USA - Nebraska - block certain countries :) IP: 168.91.42.63 Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN - data recovery https://help-dysk.pl	2019-06-24 02:19:50
37.59.56.20	attack	Automatic report - Web App Attack	2019-06-24 02:21:26
77.40.63.203	attackbots	Jun 23 12:50:57 mail postfix/smtps/smtpd\[12286\]: warning: unknown\[77.40.63.203\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 23 12:50:57 mail postfix/smtps/smtpd\[12287\]: warning: unknown\[77.40.63.203\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 23 12:51:04 mail postfix/smtps/smtpd\[12286\]: warning: unknown\[77.40.63.203\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2019-06-24 01:50:50
191.53.199.225	attack	Brute force attempt	2019-06-24 01:52:15

最近上报的IP列表

210.2.154.76	61.50.130.146	219.146.127.6	211.21.92.211
108.178.61.58	59.55.128.170	219.136.241.59	199.249.230.117
149.178.18.54	192.145.239.33	192.210.220.58	80.78.68.222
157.230.124.228	103.221.222.251	92.222.72.234	185.244.25.213
118.71.237.234	72.21.81.200	77.247.109.70	101.122.86.16