必须是合法有效的IP地址, 可以是IPv4或者是IPv6, 例如127.0.0.1或者2001:DB8:0:0:8:800:200C:417A
基本信息:

城市(city): Beijing

省份(region): Beijing

国家(country): China

运营商(isp): Microsoft (China) Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:
类型 评论内容 时间
attack
prod11
...
2020-09-09 20:01:02
attackbots
Sep  9 01:32:47 mail sshd\[63284\]: Invalid user shera from 139.219.0.102
...
2020-09-09 13:58:26
attackbots
Sep  1 15:30:43 jane sshd[18170]: Failed password for root from 139.219.0.102 port 52504 ssh2
...
2020-09-02 01:16:17
attack
Tried sshing with brute force.
2020-08-16 08:34:13
attackspambots
Aug 14 06:46:06 rancher-0 sshd[1076642]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.219.0.102  user=root
Aug 14 06:46:09 rancher-0 sshd[1076642]: Failed password for root from 139.219.0.102 port 49292 ssh2
...
2020-08-14 14:08:38
attackbots
Failed password for root from 139.219.0.102 port 21566 ssh2
pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.219.0.102  user=root
Failed password for root from 139.219.0.102 port 63408 ssh2
pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.219.0.102  user=root
Failed password for root from 139.219.0.102 port 49744 ssh2
2020-08-02 04:51:21
attack
Jul 31 23:31:34 santamaria sshd\[24041\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.219.0.102  user=root
Jul 31 23:31:36 santamaria sshd\[24041\]: Failed password for root from 139.219.0.102 port 62796 ssh2
Jul 31 23:35:57 santamaria sshd\[24174\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.219.0.102  user=root
...
2020-08-01 08:19:45
attack
Jul 31 15:09:10 abendstille sshd\[31748\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.219.0.102  user=root
Jul 31 15:09:11 abendstille sshd\[31748\]: Failed password for root from 139.219.0.102 port 45710 ssh2
Jul 31 15:12:53 abendstille sshd\[2746\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.219.0.102  user=root
Jul 31 15:12:55 abendstille sshd\[2746\]: Failed password for root from 139.219.0.102 port 22766 ssh2
Jul 31 15:16:46 abendstille sshd\[6345\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.219.0.102  user=root
...
2020-08-01 04:11:08
attackbotsspam
Jul 29 19:28:15 ift sshd\[14466\]: Invalid user gengxin from 139.219.0.102Jul 29 19:28:18 ift sshd\[14466\]: Failed password for invalid user gengxin from 139.219.0.102 port 59032 ssh2Jul 29 19:31:02 ift sshd\[15229\]: Invalid user arjun from 139.219.0.102Jul 29 19:31:03 ift sshd\[15229\]: Failed password for invalid user arjun from 139.219.0.102 port 63240 ssh2Jul 29 19:33:49 ift sshd\[15462\]: Invalid user xn from 139.219.0.102
...
2020-07-30 02:28:00
attackspambots
Jul 25 17:27:33 vmd36147 sshd[9571]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.219.0.102
Jul 25 17:27:35 vmd36147 sshd[9571]: Failed password for invalid user sona from 139.219.0.102 port 25978 ssh2
Jul 25 17:31:30 vmd36147 sshd[18209]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.219.0.102
...
2020-07-26 01:15:49
attackbots
Jul 24 16:34:57 mail sshd[24068]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.219.0.102
Jul 24 16:34:58 mail sshd[24068]: Failed password for invalid user manoj from 139.219.0.102 port 10934 ssh2
...
2020-07-24 23:41:43
attackspambots
Invalid user rolo from 139.219.0.102 port 24558
2020-07-15 08:58:29
attack
2020-07-11T10:15:05.810912vps773228.ovh.net sshd[10786]: Invalid user xxshi from 139.219.0.102 port 58152
2020-07-11T10:15:05.827025vps773228.ovh.net sshd[10786]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.219.0.102
2020-07-11T10:15:05.810912vps773228.ovh.net sshd[10786]: Invalid user xxshi from 139.219.0.102 port 58152
2020-07-11T10:15:08.101727vps773228.ovh.net sshd[10786]: Failed password for invalid user xxshi from 139.219.0.102 port 58152 ssh2
2020-07-11T10:18:06.198175vps773228.ovh.net sshd[10807]: Invalid user juliette from 139.219.0.102 port 16978
...
2020-07-11 16:33:50
attackspambots
Invalid user russel from 139.219.0.102 port 39168
2020-07-11 08:05:10
attackspam
$f2bV_matches
2020-06-29 13:30:16
attackspambots
Jun  9 06:27:56 ns381471 sshd[1659]: Failed password for root from 139.219.0.102 port 45720 ssh2
2020-06-09 12:59:42
attackbots
2020-06-06T17:33:36.218763  sshd[6431]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.219.0.102  user=root
2020-06-06T17:33:38.003014  sshd[6431]: Failed password for root from 139.219.0.102 port 14836 ssh2
2020-06-06T17:37:28.361788  sshd[6492]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.219.0.102  user=root
2020-06-06T17:37:30.663021  sshd[6492]: Failed password for root from 139.219.0.102 port 42588 ssh2
...
2020-06-07 03:53:56
attackspambots
Invalid user mw from 139.219.0.102 port 60118
2020-05-26 03:11:20
attack
Invalid user reports from 139.219.0.102 port 24922
2020-05-16 17:54:16
attackbots
May 14 16:17:01 ns381471 sshd[19649]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.219.0.102
May 14 16:17:03 ns381471 sshd[19649]: Failed password for invalid user an from 139.219.0.102 port 29684 ssh2
2020-05-14 22:19:59
attackbotsspam
May 12 05:34:44 mx01 sshd[10160]: Invalid user bill from 139.219.0.102
May 12 05:34:44 mx01 sshd[10160]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.219.0.102 
May 12 05:34:47 mx01 sshd[10160]: Failed password for invalid user bill from 139.219.0.102 port 19618 ssh2
May 12 05:34:47 mx01 sshd[10160]: Received disconnect from 139.219.0.102: 11: Bye Bye [preauth]
May 12 05:48:09 mx01 sshd[12428]: Invalid user deploy from 139.219.0.102
May 12 05:48:09 mx01 sshd[12428]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.219.0.102 
May 12 05:48:10 mx01 sshd[12428]: Failed password for invalid user deploy from 139.219.0.102 port 50390 ssh2
May 12 05:48:11 mx01 sshd[12428]: Received disconnect from 139.219.0.102: 11: Bye Bye [preauth]
May 12 05:52:14 mx01 sshd[13203]: Invalid user donna from 139.219.0.102
May 12 05:52:14 mx01 sshd[13203]: pam_unix(sshd:auth): authentication failure; logname........
-------------------------------
2020-05-14 06:56:04
相同子网IP讨论:
IP 类型 评论内容 时间
139.219.0.29 attackspambots
SSH brute force
2020-03-17 15:06:11
139.219.0.29 attackbotsspam
Invalid user andoria from 139.219.0.29 port 57020
2020-03-14 04:43:01
139.219.0.20 attack
Invalid user backup from 139.219.0.20 port 47876
2020-02-23 07:00:50
139.219.0.20 attackspam
Feb 20 17:51:02 ws25vmsma01 sshd[78016]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.219.0.20
Feb 20 17:51:03 ws25vmsma01 sshd[78016]: Failed password for invalid user logadmin from 139.219.0.20 port 46554 ssh2
...
2020-02-21 04:09:05
139.219.0.29 attackspambots
$f2bV_matches
2020-02-13 16:08:41
139.219.0.29 attackbots
Automatic report - Banned IP Access
2020-02-09 15:59:20
139.219.0.29 attack
Feb  9 01:41:05 ovpn sshd\[15370\]: Invalid user jce from 139.219.0.29
Feb  9 01:41:05 ovpn sshd\[15370\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.219.0.29
Feb  9 01:41:07 ovpn sshd\[15370\]: Failed password for invalid user jce from 139.219.0.29 port 36204 ssh2
Feb  9 01:45:14 ovpn sshd\[16497\]: Invalid user qvv from 139.219.0.29
Feb  9 01:45:14 ovpn sshd\[16497\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.219.0.29
2020-02-09 11:02:01
139.219.0.20 attack
Jan 31 10:50:54 Invalid user sonita from 139.219.0.20 port 48340
2020-01-31 18:04:07
139.219.0.20 attackspambots
Invalid user postgres from 139.219.0.20 port 45946
2020-01-22 07:19:11
139.219.0.20 attackbotsspam
Unauthorized connection attempt detected from IP address 139.219.0.20 to port 2220 [J]
2020-01-19 18:12:41
139.219.0.29 attackspambots
Unauthorized connection attempt detected from IP address 139.219.0.29 to port 2220 [J]
2020-01-12 02:28:39
139.219.0.20 attack
$f2bV_matches
2020-01-12 00:09:20
139.219.0.20 attackspam
Jan  8 13:13:41 server sshd\[1869\]: Invalid user user10 from 139.219.0.20
Jan  8 13:13:41 server sshd\[1869\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.219.0.20 
Jan  8 13:13:43 server sshd\[1869\]: Failed password for invalid user user10 from 139.219.0.20 port 40544 ssh2
Jan  8 16:06:12 server sshd\[9356\]: Invalid user nanamiya from 139.219.0.20
Jan  8 16:06:12 server sshd\[9356\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.219.0.20 
...
2020-01-08 21:50:11
139.219.0.29 attackbotsspam
Invalid user mj from 139.219.0.29 port 54058
2020-01-04 04:33:45
139.219.0.20 attackbots
Lines containing failures of 139.219.0.20
Dec 31 02:21:43 shared06 sshd[19150]: Invalid user seremet from 139.219.0.20 port 52094
Dec 31 02:21:43 shared06 sshd[19150]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.219.0.20
Dec 31 02:21:45 shared06 sshd[19150]: Failed password for invalid user seremet from 139.219.0.20 port 52094 ssh2
Dec 31 02:21:45 shared06 sshd[19150]: Received disconnect from 139.219.0.20 port 52094:11: Bye Bye [preauth]
Dec 31 02:21:45 shared06 sshd[19150]: Disconnected from invalid user seremet 139.219.0.20 port 52094 [preauth]


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=139.219.0.20
2020-01-01 15:38:15
WHOIS信息:
b
DIG信息:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.219.0.102
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10469
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.219.0.102.			IN	A

;; AUTHORITY SECTION:
.			451	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020051302 1800 900 604800 86400

;; Query time: 155 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu May 14 06:56:00 CST 2020
;; MSG SIZE  rcvd: 117
HOST信息:
Host 102.0.219.139.in-addr.arpa. not found: 3(NXDOMAIN)
NSLOOKUP信息:
Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 102.0.219.139.in-addr.arpa: NXDOMAIN
相关IP信息:
最新评论:
IP 类型 评论内容 时间
196.245.219.38 attackspam
Unauthorized access detected from black listed ip!
2020-08-11 04:58:34
222.186.175.167 attackbotsspam
Aug 10 23:00:47 santamaria sshd\[16716\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.167  user=root
Aug 10 23:00:49 santamaria sshd\[16716\]: Failed password for root from 222.186.175.167 port 48160 ssh2
Aug 10 23:01:05 santamaria sshd\[16718\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.167  user=root
...
2020-08-11 05:02:47
77.87.100.22 attackspam
Unauthorized connection attempt from IP address 77.87.100.22 on Port 445(SMB)
2020-08-11 05:10:05
195.158.26.238 attackbots
Aug 10 22:29:16 pve1 sshd[5385]: Failed password for root from 195.158.26.238 port 59116 ssh2
...
2020-08-11 05:08:27
5.45.207.88 attack
[Tue Aug 11 03:32:15.192015 2020] [:error] [pid 30746:tid 140057298159360] [client 5.45.207.88:48768] [client 5.45.207.88] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "XzGuzyk7w1nLo8eepFxxVwAAAcQ"]
...
2020-08-11 04:37:59
187.237.146.62 attack
Unauthorized connection attempt from IP address 187.237.146.62 on Port 445(SMB)
2020-08-11 04:56:10
95.149.190.2 attack
Automatic report - Port Scan Attack
2020-08-11 04:50:38
222.186.175.150 attackspambots
Aug 10 23:01:40 nextcloud sshd\[3833\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.150  user=root
Aug 10 23:01:43 nextcloud sshd\[3833\]: Failed password for root from 222.186.175.150 port 20000 ssh2
Aug 10 23:02:07 nextcloud sshd\[4551\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.150  user=root
2020-08-11 05:04:48
185.220.100.243 attack
Automatic report - Banned IP Access
2020-08-11 04:42:08
201.75.53.29 attack
2020-08-10T22:20:44.368641mail.broermann.family sshd[18101]: Failed password for root from 201.75.53.29 port 54620 ssh2
2020-08-10T22:26:17.916533mail.broermann.family sshd[18333]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.75.53.29  user=root
2020-08-10T22:26:20.174558mail.broermann.family sshd[18333]: Failed password for root from 201.75.53.29 port 60386 ssh2
2020-08-10T22:31:50.946254mail.broermann.family sshd[18553]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.75.53.29  user=root
2020-08-10T22:31:52.918470mail.broermann.family sshd[18553]: Failed password for root from 201.75.53.29 port 37914 ssh2
...
2020-08-11 04:48:45
199.203.111.132 attackspam
Automatic report - Banned IP Access
2020-08-11 04:47:51
119.45.36.221 attack
Banned for a week because repeated abuses, for example SSH, but not only
2020-08-11 04:50:19
164.90.196.91 attackspambots
Aug 10 22:36:11 risk sshd[30417]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.90.196.91  user=r.r
Aug 10 22:36:12 risk sshd[30417]: Failed password for r.r from 164.90.196.91 port 58124 ssh2
Aug 10 22:36:13 risk sshd[30419]: Invalid user admin from 164.90.196.91
Aug 10 22:36:13 risk sshd[30419]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.90.196.91 
Aug 10 22:36:14 risk sshd[30419]: Failed password for invalid user admin from 164.90.196.91 port 60754 ssh2
Aug 10 22:36:14 risk sshd[30423]: Invalid user admin from 164.90.196.91
Aug 10 22:36:14 risk sshd[30423]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.90.196.91 
Aug 10 22:36:16 risk sshd[30423]: Failed password for invalid user admin from 164.90.196.91 port 34816 ssh2
Aug 10 22:36:16 risk sshd[30425]: Invalid user user from 164.90.196.91
Aug 10 22:36:16 risk sshd[30425]: pam_un........
-------------------------------
2020-08-11 04:46:32
81.70.37.55 attack
81.70.37.55 - - \[10/Aug/2020:22:32:02 +0200\] "GET /TP/public/index.php HTTP/1.1" 403 436 "-" "Mozilla/5.0 \(Windows\; U\; Windows NT 6.0\;en-US\; rv:1.9.2\) Gecko/20100115 Firefox/3.6\)"
81.70.37.55 - - \[10/Aug/2020:22:32:02 +0200\] "GET /TP/index.php HTTP/1.1" 403 436 "-" "Mozilla/5.0 \(Windows\; U\; Windows NT 6.0\;en-US\; rv:1.9.2\) Gecko/20100115 Firefox/3.6\)"
81.70.37.55 - - \[10/Aug/2020:22:32:02 +0200\] "GET /thinkphp/html/public/index.php HTTP/1.1" 403 436 "-" "Mozilla/5.0 \(Windows\; U\; Windows NT 6.0\;en-US\; rv:1.9.2\) Gecko/20100115 Firefox/3.6\)"
...
2020-08-11 04:45:23
76.14.133.76 attackspambots
Port scan on 1 port(s): 22
2020-08-11 04:49:35

最近上报的IP列表

135.100.224.119 10.137.96.76 250.62.166.189 17.214.106.142
123.90.14.12 177.17.107.172 74.103.151.242 139.40.103.11
49.135.41.14 111.200.51.207 153.204.139.194 134.3.223.34
75.206.198.46 178.128.92.40 52.11.238.6 185.207.109.103
102.55.216.210 195.229.53.92 139.214.127.158 191.173.39.250