139.155.1.252 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	2020-02-13T05:54:43.814813centos sshd\[28019\]: Invalid user weblogic from 139.155.1.252 port 45138 2020-02-13T05:54:43.821617centos sshd\[28019\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.1.252 2020-02-13T05:54:45.286925centos sshd\[28019\]: Failed password for invalid user weblogic from 139.155.1.252 port 45138 ssh2	2020-02-13 13:47:24
attack	Feb 6 05:49:51 legacy sshd[20571]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.1.252 Feb 6 05:49:53 legacy sshd[20571]: Failed password for invalid user alx from 139.155.1.252 port 59986 ssh2 Feb 6 05:52:17 legacy sshd[20703]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.1.252 ...	2020-02-06 19:12:47
attack	Unauthorized connection attempt detected from IP address 139.155.1.252 to port 2220 [J]	2020-01-23 11:06:32
attackbotsspam	Automatic report - Banned IP Access	2020-01-04 00:05:44
attackspam	Dec 21 06:10:33 XXXXXX sshd[62930]: Invalid user mykrantz from 139.155.1.252 port 56072	2019-12-21 17:55:39
attack	2019-12-10T06:59:31.569045abusebot.cloudsearch.cf sshd\[23247\]: Invalid user http from 139.155.1.252 port 55264	2019-12-10 16:47:07
attackbots	2019-12-09 11:13:38 server sshd[93118]: Failed password for invalid user pofique from 139.155.1.252 port 48614 ssh2	2019-12-10 06:49:51
attackspam	2019-11-18 20:02:36 server sshd[20534]: Failed password for invalid user bin from 139.155.1.252 port 39784 ssh2	2019-11-20 02:20:47
attackbots	Nov 17 00:07:12 odroid64 sshd\[22697\]: Invalid user Tualatin from 139.155.1.252 Nov 17 00:07:12 odroid64 sshd\[22697\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.1.252 ...	2019-11-17 07:25:54
attackspam	$f2bV_matches	2019-11-16 23:20:53
attackbotsspam	Nov 7 06:29:26 legacy sshd[27842]: Failed password for root from 139.155.1.252 port 41652 ssh2 Nov 7 06:33:30 legacy sshd[27987]: Failed password for root from 139.155.1.252 port 41360 ssh2 Nov 7 06:37:35 legacy sshd[28113]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.1.252 ...	2019-11-07 13:41:35
attackspam	Invalid user web10 from 139.155.1.252 port 42082	2019-10-25 19:53:56
attackspambots	SSH Brute-Forcing (ownc)	2019-10-18 00:52:25
attackbots	2019-10-16T08:18:48.669850scmdmz1 sshd\[17175\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.1.252 user=root 2019-10-16T08:18:50.903024scmdmz1 sshd\[17175\]: Failed password for root from 139.155.1.252 port 54680 ssh2 2019-10-16T08:23:29.589944scmdmz1 sshd\[17542\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.1.252 user=root ...	2019-10-16 14:49:49
attackbotsspam	Oct 15 12:40:44 itv-usvr-02 sshd[18554]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.1.252 user=root Oct 15 12:40:46 itv-usvr-02 sshd[18554]: Failed password for root from 139.155.1.252 port 56114 ssh2 Oct 15 12:45:37 itv-usvr-02 sshd[19090]: Invalid user mpsoc from 139.155.1.252 port 33222 Oct 15 12:45:37 itv-usvr-02 sshd[19090]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.1.252 Oct 15 12:45:37 itv-usvr-02 sshd[19090]: Invalid user mpsoc from 139.155.1.252 port 33222 Oct 15 12:45:39 itv-usvr-02 sshd[19090]: Failed password for invalid user mpsoc from 139.155.1.252 port 33222 ssh2	2019-10-15 15:37:34
attack	Oct 14 13:34:35 ns381471 sshd[5435]: Failed password for root from 139.155.1.252 port 49716 ssh2 Oct 14 13:39:32 ns381471 sshd[5782]: Failed password for root from 139.155.1.252 port 58740 ssh2	2019-10-15 02:28:42
attackspambots	Oct 8 01:18:03 legacy sshd[14657]: Failed password for root from 139.155.1.252 port 37038 ssh2 Oct 8 01:21:43 legacy sshd[14784]: Failed password for root from 139.155.1.252 port 41982 ssh2 ...	2019-10-08 07:36:01
attackspam	Sep 27 04:06:06 www_kotimaassa_fi sshd[18728]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.1.252 Sep 27 04:06:08 www_kotimaassa_fi sshd[18728]: Failed password for invalid user server from 139.155.1.252 port 51920 ssh2 ...	2019-09-27 16:49:29
attackspambots	Sep 25 02:47:04 php1 sshd\[3836\]: Invalid user admin from 139.155.1.252 Sep 25 02:47:04 php1 sshd\[3836\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.1.252 Sep 25 02:47:06 php1 sshd\[3836\]: Failed password for invalid user admin from 139.155.1.252 port 39680 ssh2 Sep 25 02:49:47 php1 sshd\[4102\]: Invalid user valeria from 139.155.1.252 Sep 25 02:49:47 php1 sshd\[4102\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.1.252	2019-09-25 20:57:00
attackspam	Sep 17 06:58:23 markkoudstaal sshd[25425]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.1.252 Sep 17 06:58:24 markkoudstaal sshd[25425]: Failed password for invalid user sqlsrv from 139.155.1.252 port 40664 ssh2 Sep 17 07:03:51 markkoudstaal sshd[25933]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.1.252	2019-09-17 14:53:22
attackbots	Sep 10 13:37:52 lcdev sshd\[31369\]: Invalid user 123qwe from 139.155.1.252 Sep 10 13:37:52 lcdev sshd\[31369\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.1.252 Sep 10 13:37:55 lcdev sshd\[31369\]: Failed password for invalid user 123qwe from 139.155.1.252 port 37620 ssh2 Sep 10 13:43:07 lcdev sshd\[31951\]: Invalid user postgres@123 from 139.155.1.252 Sep 10 13:43:07 lcdev sshd\[31951\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.1.252	2019-09-11 07:45:47

相同子网IP讨论:

IP	类型	评论内容	时间
139.155.13.59	attack	sshd: Failed password for invalid user .... from 139.155.13.59 port 60208 ssh2 (8 attempts)	2020-10-13 17:34:17
139.155.13.21	attackspambots	Connection to SSH Honeypot - Detected by HoneypotDB	2020-10-06 07:33:29
139.155.1.62	attack	Tried sshing with brute force.	2020-10-06 06:47:19
139.155.13.21	attack	Connection to SSH Honeypot - Detected by HoneypotDB	2020-10-05 23:49:56
139.155.1.62	attackbots	Oct 5 09:36:25 ws26vmsma01 sshd[85964]: Failed password for root from 139.155.1.62 port 51434 ssh2 ...	2020-10-05 22:56:42
139.155.13.21	attackspambots	Oct 5 09:18:04 ip106 sshd[15735]: Failed password for root from 139.155.13.21 port 43686 ssh2 ...	2020-10-05 15:50:01
139.155.1.62	attackbots	fail2ban detected bruce force on ssh iptables	2020-10-05 14:55:39
139.155.1.137	attackspam	Sep 27 22:58:36 roki-contabo sshd\[2611\]: Invalid user test from 139.155.1.137 Sep 27 22:58:37 roki-contabo sshd\[2611\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.1.137 Sep 27 22:58:39 roki-contabo sshd\[2611\]: Failed password for invalid user test from 139.155.1.137 port 52740 ssh2 Sep 27 23:10:15 roki-contabo sshd\[2765\]: Invalid user tom from 139.155.1.137 Sep 27 23:10:15 roki-contabo sshd\[2765\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.1.137 ...	2020-10-05 06:07:50
139.155.1.137	attack	Brute-force attempt banned	2020-10-04 22:06:28
139.155.1.137	attackbotsspam	5x Failed Password	2020-10-04 13:53:08
139.155.17.13	attackspambots	2020-09-28 UTC: (32x) - albert,ali,caixa,dev,ips,manager,mysql,nproc(2x),oracle,root(12x),steve,sun,sysadmin,teamspeak,test,testuser,user2,usuario1,yang,zope	2020-09-29 19:34:05
139.155.13.81	attack	Invalid user administrator from 139.155.13.81 port 43454	2020-09-27 07:18:28
139.155.13.81	attack	Sep 26 17:09:11 ns382633 sshd\[29250\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.13.81 user=root Sep 26 17:09:13 ns382633 sshd\[29250\]: Failed password for root from 139.155.13.81 port 53970 ssh2 Sep 26 17:14:30 ns382633 sshd\[30199\]: Invalid user cisco from 139.155.13.81 port 51202 Sep 26 17:14:30 ns382633 sshd\[30199\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.13.81 Sep 26 17:14:32 ns382633 sshd\[30199\]: Failed password for invalid user cisco from 139.155.13.81 port 51202 ssh2	2020-09-26 23:47:41
139.155.17.76	attackbotsspam	Sep 16 08:56:25 itv-usvr-01 sshd[28095]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.17.76 user=root Sep 16 08:56:26 itv-usvr-01 sshd[28095]: Failed password for root from 139.155.17.76 port 53894 ssh2 Sep 16 08:58:10 itv-usvr-01 sshd[28179]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.17.76 user=root Sep 16 08:58:12 itv-usvr-01 sshd[28179]: Failed password for root from 139.155.17.76 port 43986 ssh2 Sep 16 08:59:25 itv-usvr-01 sshd[28212]: Invalid user medical from 139.155.17.76	2020-09-16 12:13:07
139.155.17.76	attackspambots	Sep 15 19:15:20 master sshd[23060]: Failed password for root from 139.155.17.76 port 41072 ssh2 Sep 15 19:20:16 master sshd[23099]: Failed password for invalid user tortoisesvn from 139.155.17.76 port 56516 ssh2 Sep 15 19:23:05 master sshd[23112]: Failed password for root from 139.155.17.76 port 55714 ssh2 Sep 15 19:25:36 master sshd[23126]: Failed password for root from 139.155.17.76 port 54902 ssh2 Sep 15 19:28:12 master sshd[23140]: Failed password for root from 139.155.17.76 port 54090 ssh2 Sep 15 19:36:13 master sshd[23212]: Failed password for root from 139.155.17.76 port 51656 ssh2 Sep 15 19:38:48 master sshd[23236]: Failed password for invalid user greta from 139.155.17.76 port 50852 ssh2 Sep 15 19:43:57 master sshd[23269]: Failed password for invalid user macallister from 139.155.17.76 port 49246 ssh2 Sep 15 19:46:30 master sshd[23302]: Failed password for root from 139.155.17.76 port 48440 ssh2 Sep 15 19:49:03 master sshd[23325]: Failed password for root from 139.155.17.76 port 47634 ssh2	2020-09-16 04:02:12

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.155.1.252
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 64616
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.155.1.252.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019091003 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Sep 11 07:45:41 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 252.1.155.139.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 252.1.155.139.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
60.18.200.246	attack	Unauthorised access (Sep 27) SRC=60.18.200.246 LEN=40 TTL=46 ID=22799 TCP DPT=23 WINDOW=20021 SYN	2020-09-27 16:54:30
192.241.222.79	attackspambots	Threat Management Alert 3: Detection of a Network Scan. Signature ET SCAN Zmap User-Agent (Inbound). From: 192.241.222.79:48234, to: 192.168.x.x:80, protocol: TCP	2020-09-27 17:01:14
20.48.19.154	attackbots	Sep 27 01:34:08 propaganda sshd[70029]: Connection from 20.48.19.154 port 27637 on 10.0.0.161 port 22 rdomain "" Sep 27 01:34:09 propaganda sshd[70029]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=20.48.19.154 user=root Sep 27 01:34:10 propaganda sshd[70029]: Failed password for root from 20.48.19.154 port 27637 ssh2	2020-09-27 17:08:46
202.51.74.92	attackspam	Time: Sun Sep 27 01:36:29 2020 +0000 IP: 202.51.74.92 (NP/Nepal/server.channakyasoft.com) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Sep 27 01:20:40 activeserver sshd[1266]: Invalid user webdev from 202.51.74.92 port 59610 Sep 27 01:20:42 activeserver sshd[1266]: Failed password for invalid user webdev from 202.51.74.92 port 59610 ssh2 Sep 27 01:30:55 activeserver sshd[28605]: Invalid user spotlight from 202.51.74.92 port 53502 Sep 27 01:30:58 activeserver sshd[28605]: Failed password for invalid user spotlight from 202.51.74.92 port 53502 ssh2 Sep 27 01:36:23 activeserver sshd[10083]: Invalid user admin from 202.51.74.92 port 51054	2020-09-27 17:27:37
177.207.251.18	attackbots	Sep 27 08:09:47 db sshd[5342]: Invalid user sandy from 177.207.251.18 port 5104 ...	2020-09-27 16:57:12
187.57.230.251	attackspam	Automatic report - Port Scan Attack	2020-09-27 17:01:44
151.80.183.134	attackspambots	Connection to SSH Honeypot - Detected by HoneypotDB	2020-09-27 17:20:06
113.111.140.77	attackbotsspam	Sep 27 10:47:59 ncomp sshd[19538]: Invalid user pi from 113.111.140.77 port 58640 Sep 27 10:48:01 ncomp sshd[19540]: Invalid user pi from 113.111.140.77 port 58648	2020-09-27 17:12:13
185.123.164.54	attackbots	<6 unauthorized SSH connections	2020-09-27 17:24:16
13.79.154.188	attack	Sep 27 10:23:09 db sshd[11527]: Invalid user 230 from 13.79.154.188 port 48528 ...	2020-09-27 17:05:47
120.131.13.198	attack	$f2bV_matches	2020-09-27 17:19:19
62.210.185.4	attack	62.210.185.4 - - [27/Sep/2020:09:54:34 +0100] "POST /wp-login.php HTTP/1.1" 200 2255 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 62.210.185.4 - - [27/Sep/2020:09:54:35 +0100] "POST /wp-login.php HTTP/1.1" 200 2183 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 62.210.185.4 - - [27/Sep/2020:09:54:35 +0100] "POST /xmlrpc.php HTTP/1.1" 200 247 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-27 17:02:07
197.235.10.121	attackbots	Sep 27 08:14:07 mavik sshd[19131]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.235.10.121 user=root Sep 27 08:14:09 mavik sshd[19131]: Failed password for root from 197.235.10.121 port 50210 ssh2 Sep 27 08:19:21 mavik sshd[19298]: Invalid user tiago from 197.235.10.121 Sep 27 08:19:21 mavik sshd[19298]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.235.10.121 Sep 27 08:19:23 mavik sshd[19298]: Failed password for invalid user tiago from 197.235.10.121 port 55962 ssh2 ...	2020-09-27 16:55:43
203.195.175.47	attack	Sep 27 10:45:49 vmd17057 sshd[5500]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.195.175.47 Sep 27 10:45:51 vmd17057 sshd[5500]: Failed password for invalid user titan from 203.195.175.47 port 45462 ssh2 ...	2020-09-27 17:34:34
165.22.121.56	attackspambots	$f2bV_matches	2020-09-27 17:26:33

最近上报的IP列表

80.78.255.87	39.106.16.138	205.228.160.220	49.142.26.173
102.237.15.77	190.232.137.134	100.235.211.217	50.165.1.212
107.253.137.117	232.134.87.69	92.107.147.34	216.1.214.168
136.27.225.157	167.99.71.142	26.245.136.49	188.129.120.163
199.53.79.143	31.132.51.170	39.162.202.95	49.191.129.246