139.199.69.199

基本信息:

城市(city): Beijing

省份(region): Beijing

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Honeypot attack, port: 445, PTR: PTR record not found	2020-03-07 01:52:20
attackbots	Honeypot attack, port: 445, PTR: PTR record not found	2020-01-15 14:58:25
attack	firewall-block, port(s): 1433/tcp	2019-12-26 03:42:52

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.199.69.199
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 51068
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.199.69.199.			IN	A

;; AUTHORITY SECTION:
.			570	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019122501 1800 900 604800 86400

;; Query time: 58 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Dec 26 03:42:48 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 199.69.199.139.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 199.69.199.139.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
191.235.102.75	attackspam	Lines containing failures of 191.235.102.75 Aug 28 11:55:08 shared11 sshd[24330]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.235.102.75 user=r.r Aug 28 11:55:09 shared11 sshd[24330]: Failed password for r.r from 191.235.102.75 port 35826 ssh2 Aug 28 11:55:09 shared11 sshd[24330]: Received disconnect from 191.235.102.75 port 35826:11: Bye Bye [preauth] Aug 28 11:55:09 shared11 sshd[24330]: Disconnected from authenticating user r.r 191.235.102.75 port 35826 [preauth] Aug 28 11:59:29 shared11 sshd[26058]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.235.102.75 user=r.r Aug 28 11:59:30 shared11 sshd[26058]: Failed password for r.r from 191.235.102.75 port 33146 ssh2 Aug 28 11:59:30 shared11 sshd[26058]: Received disconnect from 191.235.102.75 port 33146:11: Bye Bye [preauth] Aug 28 11:59:30 shared11 sshd[26058]: Disconnected from authenticating user r.r 191.235.102.75 port 33146........ ------------------------------	2020-08-29 00:22:12
185.144.28.76	attackbots	Aug 28 17:43:27 our-server-hostname postfix/smtpd[8597]: connect from unknown[185.144.28.76] Aug 28 17:43:28 our-server-hostname postfix/smtpd[8597]: SSL_accept error from unknown[185.144.28.76]: -1 Aug 28 17:43:28 our-server-hostname postfix/smtpd[8597]: lost connection after STARTTLS from unknown[185.144.28.76] Aug 28 17:43:28 our-server-hostname postfix/smtpd[8597]: disconnect from unknown[185.144.28.76] Aug 28 17:43:29 our-server-hostname postfix/smtpd[8676]: connect from unknown[185.144.28.76] Aug x@x Aug 28 17:43:30 our-server-hostname postfix/smtpd[8676]: disconnect from unknown[185.144.28.76] Aug 28 17:43:40 our-server-hostname postfix/smtpd[8688]: connect from unknown[185.144.28.76] Aug 28 17:43:42 our-server-hostname postfix/smtpd[8688]: SSL_accept error from unknown[185.144.28.76]: -1 Aug 28 17:43:42 our-server-hostname postfix/smtpd[8688]: lost connection after STARTTLS from unknown[185.144.28.76] Aug 28 17:43:42 our-server-hostname postfix/smtpd[8688]: disc........ -------------------------------	2020-08-29 00:08:16
193.112.96.42	attackbotsspam	2020-08-28T14:12:57.246601shield sshd\[13346\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.96.42 user=root 2020-08-28T14:12:58.915457shield sshd\[13346\]: Failed password for root from 193.112.96.42 port 43806 ssh2 2020-08-28T14:17:39.443787shield sshd\[13667\]: Invalid user vt from 193.112.96.42 port 37780 2020-08-28T14:17:39.453165shield sshd\[13667\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.96.42 2020-08-28T14:17:41.167257shield sshd\[13667\]: Failed password for invalid user vt from 193.112.96.42 port 37780 ssh2	2020-08-29 00:17:57
112.173.225.241	attackspam	Automatic report - Port Scan Attack	2020-08-29 00:05:32
50.107.134.171	attack	ssh 22	2020-08-29 00:38:40
218.92.0.168	attackbotsspam	Fail2Ban Ban Triggered	2020-08-28 23:56:17
189.240.94.115	attackbotsspam	Aug 28 08:02:08 host sshd\[2997\]: Invalid user wbiadmin from 189.240.94.115 Aug 28 08:02:08 host sshd\[2997\]: Failed password for invalid user wbiadmin from 189.240.94.115 port 3584 ssh2 Aug 28 08:06:16 host sshd\[4080\]: Failed password for root from 189.240.94.115 port 3585 ssh2 ...	2020-08-29 00:01:44
124.74.248.218	attackspam	Aug 28 15:05:14 meumeu sshd[514587]: Invalid user brian from 124.74.248.218 port 55747 Aug 28 15:05:14 meumeu sshd[514587]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.74.248.218 Aug 28 15:05:14 meumeu sshd[514587]: Invalid user brian from 124.74.248.218 port 55747 Aug 28 15:05:16 meumeu sshd[514587]: Failed password for invalid user brian from 124.74.248.218 port 55747 ssh2 Aug 28 15:08:59 meumeu sshd[514741]: Invalid user iaw from 124.74.248.218 port 16306 Aug 28 15:08:59 meumeu sshd[514741]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.74.248.218 Aug 28 15:08:59 meumeu sshd[514741]: Invalid user iaw from 124.74.248.218 port 16306 Aug 28 15:09:01 meumeu sshd[514741]: Failed password for invalid user iaw from 124.74.248.218 port 16306 ssh2 Aug 28 15:10:30 meumeu sshd[514922]: Invalid user stu from 124.74.248.218 port 24833 ...	2020-08-29 00:21:04
141.98.80.66	attackspam	Aug 28 18:10:06 relay postfix/smtpd\[27737\]: warning: unknown\[141.98.80.66\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 28 18:10:06 relay postfix/smtpd\[26386\]: warning: unknown\[141.98.80.66\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 28 18:10:06 relay postfix/smtpd\[27524\]: warning: unknown\[141.98.80.66\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 28 18:10:10 relay postfix/smtpd\[27738\]: warning: unknown\[141.98.80.66\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 28 18:10:10 relay postfix/smtpd\[26639\]: warning: unknown\[141.98.80.66\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 28 18:10:10 relay postfix/smtpd\[26423\]: warning: unknown\[141.98.80.66\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-08-29 00:15:33
92.62.131.106	attack	2020-08-28T16:19:43+0200 Failed SSH Authentication/Brute Force Attack. (Server 5)	2020-08-29 00:15:51
167.172.201.94	attackbots	Aug 28 19:05:46 webhost01 sshd[1449]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.172.201.94 Aug 28 19:05:48 webhost01 sshd[1449]: Failed password for invalid user kran from 167.172.201.94 port 41178 ssh2 ...	2020-08-29 00:26:52
188.92.209.154	attackspambots	(smtpauth) Failed SMTP AUTH login from 188.92.209.154 (GE/Georgia/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-08-28 16:35:53 plain authenticator failed for ([188.92.209.154]) [188.92.209.154]: 535 Incorrect authentication data (set_id=info)	2020-08-29 00:16:54
87.251.66.30	attack	RDP brute force attack detected by fail2ban	2020-08-29 00:32:26
51.91.157.101	attackspambots	Aug 28 09:46:50 askasleikir sshd[40115]: Failed password for invalid user samba from 51.91.157.101 port 57230 ssh2	2020-08-29 00:28:54
116.55.103.37	attackbots	1598616344 - 08/28/2020 14:05:44 Host: 116.55.103.37/116.55.103.37 Port: 445 TCP Blocked	2020-08-29 00:31:42

最近上报的IP列表

68.242.193.17	128.198.229.251	89.218.93.207	83.97.20.198
123.173.125.209	74.250.93.136	113.53.180.127	95.120.229.33
93.87.234.77	36.80.82.144	128.213.129.244	156.195.231.167
113.188.203.247	45.177.97.154	185.117.152.80	61.136.173.35
173.132.84.30	61.136.75.238	60.214.157.202	124.6.235.238