139.155.1.62 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Tried sshing with brute force.	2020-10-06 06:47:19
attackbots	Oct 5 09:36:25 ws26vmsma01 sshd[85964]: Failed password for root from 139.155.1.62 port 51434 ssh2 ...	2020-10-05 22:56:42
attackbots	fail2ban detected bruce force on ssh iptables	2020-10-05 14:55:39
attackspambots	Aug 22 03:53:44 firewall sshd[18471]: Invalid user konan from 139.155.1.62 Aug 22 03:53:45 firewall sshd[18471]: Failed password for invalid user konan from 139.155.1.62 port 53474 ssh2 Aug 22 03:56:12 firewall sshd[18609]: Invalid user dll from 139.155.1.62 ...	2020-08-22 19:15:26
attackspambots	SSH brute-force attempt	2020-08-13 07:41:48
attackbotsspam	Jul 10 14:02:47 onepixel sshd[2125058]: Invalid user dywang from 139.155.1.62 port 53354 Jul 10 14:02:47 onepixel sshd[2125058]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.1.62 Jul 10 14:02:47 onepixel sshd[2125058]: Invalid user dywang from 139.155.1.62 port 53354 Jul 10 14:02:49 onepixel sshd[2125058]: Failed password for invalid user dywang from 139.155.1.62 port 53354 ssh2 Jul 10 14:04:57 onepixel sshd[2126214]: Invalid user marisol from 139.155.1.62 port 49498	2020-07-10 22:58:18
attackspam	Jun 29 21:44:23 mail sshd[3308]: Failed password for invalid user amir from 139.155.1.62 port 57416 ssh2 ...	2020-06-30 07:58:10
attackspam	Invalid user allan from 139.155.1.62 port 55934	2020-06-21 00:44:47
attackbotsspam	2020-06-13T19:16:32.546980billing sshd[18904]: Invalid user admin from 139.155.1.62 port 36950 2020-06-13T19:16:34.612139billing sshd[18904]: Failed password for invalid user admin from 139.155.1.62 port 36950 ssh2 2020-06-13T19:26:23.302332billing sshd[6789]: Invalid user zhoumin from 139.155.1.62 port 37928 ...	2020-06-13 22:57:53
attackbots	Jun 11 20:57:53 mockhub sshd[29111]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.1.62 Jun 11 20:57:55 mockhub sshd[29111]: Failed password for invalid user admin from 139.155.1.62 port 38102 ssh2 ...	2020-06-12 13:15:30
attackspambots	(sshd) Failed SSH login from 139.155.1.62 (CN/China/-): 5 in the last 3600 secs	2020-06-07 16:55:24
attack	May 25 07:18:38 sshd\[5007\]: User root from 139.155.1.62 not allowed because not listed in AllowUsersMay 25 07:18:40 sshd\[5007\]: Failed password for invalid user root from 139.155.1.62 port 44300 ssh2 ...	2020-05-25 17:03:53
attack	May 15 23:43:00 firewall sshd[31419]: Invalid user simon from 139.155.1.62 May 15 23:43:02 firewall sshd[31419]: Failed password for invalid user simon from 139.155.1.62 port 48898 ssh2 May 15 23:47:52 firewall sshd[31527]: Invalid user user11 from 139.155.1.62 ...	2020-05-16 14:55:23

相同子网IP讨论:

IP	类型	评论内容	时间
139.155.13.59	attack	sshd: Failed password for invalid user .... from 139.155.13.59 port 60208 ssh2 (8 attempts)	2020-10-13 17:34:17
139.155.13.21	attackspambots	Connection to SSH Honeypot - Detected by HoneypotDB	2020-10-06 07:33:29
139.155.13.21	attack	Connection to SSH Honeypot - Detected by HoneypotDB	2020-10-05 23:49:56
139.155.13.21	attackspambots	Oct 5 09:18:04 ip106 sshd[15735]: Failed password for root from 139.155.13.21 port 43686 ssh2 ...	2020-10-05 15:50:01
139.155.1.137	attackspam	Sep 27 22:58:36 roki-contabo sshd\[2611\]: Invalid user test from 139.155.1.137 Sep 27 22:58:37 roki-contabo sshd\[2611\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.1.137 Sep 27 22:58:39 roki-contabo sshd\[2611\]: Failed password for invalid user test from 139.155.1.137 port 52740 ssh2 Sep 27 23:10:15 roki-contabo sshd\[2765\]: Invalid user tom from 139.155.1.137 Sep 27 23:10:15 roki-contabo sshd\[2765\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.1.137 ...	2020-10-05 06:07:50
139.155.1.137	attack	Brute-force attempt banned	2020-10-04 22:06:28
139.155.1.137	attackbotsspam	5x Failed Password	2020-10-04 13:53:08
139.155.17.13	attackspambots	2020-09-28 UTC: (32x) - albert,ali,caixa,dev,ips,manager,mysql,nproc(2x),oracle,root(12x),steve,sun,sysadmin,teamspeak,test,testuser,user2,usuario1,yang,zope	2020-09-29 19:34:05
139.155.13.81	attack	Invalid user administrator from 139.155.13.81 port 43454	2020-09-27 07:18:28
139.155.13.81	attack	Sep 26 17:09:11 ns382633 sshd\[29250\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.13.81 user=root Sep 26 17:09:13 ns382633 sshd\[29250\]: Failed password for root from 139.155.13.81 port 53970 ssh2 Sep 26 17:14:30 ns382633 sshd\[30199\]: Invalid user cisco from 139.155.13.81 port 51202 Sep 26 17:14:30 ns382633 sshd\[30199\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.13.81 Sep 26 17:14:32 ns382633 sshd\[30199\]: Failed password for invalid user cisco from 139.155.13.81 port 51202 ssh2	2020-09-26 23:47:41
139.155.17.76	attackbotsspam	Sep 16 08:56:25 itv-usvr-01 sshd[28095]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.17.76 user=root Sep 16 08:56:26 itv-usvr-01 sshd[28095]: Failed password for root from 139.155.17.76 port 53894 ssh2 Sep 16 08:58:10 itv-usvr-01 sshd[28179]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.17.76 user=root Sep 16 08:58:12 itv-usvr-01 sshd[28179]: Failed password for root from 139.155.17.76 port 43986 ssh2 Sep 16 08:59:25 itv-usvr-01 sshd[28212]: Invalid user medical from 139.155.17.76	2020-09-16 12:13:07
139.155.17.76	attackspambots	Sep 15 19:15:20 master sshd[23060]: Failed password for root from 139.155.17.76 port 41072 ssh2 Sep 15 19:20:16 master sshd[23099]: Failed password for invalid user tortoisesvn from 139.155.17.76 port 56516 ssh2 Sep 15 19:23:05 master sshd[23112]: Failed password for root from 139.155.17.76 port 55714 ssh2 Sep 15 19:25:36 master sshd[23126]: Failed password for root from 139.155.17.76 port 54902 ssh2 Sep 15 19:28:12 master sshd[23140]: Failed password for root from 139.155.17.76 port 54090 ssh2 Sep 15 19:36:13 master sshd[23212]: Failed password for root from 139.155.17.76 port 51656 ssh2 Sep 15 19:38:48 master sshd[23236]: Failed password for invalid user greta from 139.155.17.76 port 50852 ssh2 Sep 15 19:43:57 master sshd[23269]: Failed password for invalid user macallister from 139.155.17.76 port 49246 ssh2 Sep 15 19:46:30 master sshd[23302]: Failed password for root from 139.155.17.76 port 48440 ssh2 Sep 15 19:49:03 master sshd[23325]: Failed password for root from 139.155.17.76 port 47634 ssh2	2020-09-16 04:02:12
139.155.11.173	attackbotsspam	Sep 13 17:16:19 prox sshd[24092]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.11.173 Sep 13 17:16:21 prox sshd[24092]: Failed password for invalid user bot from 139.155.11.173 port 45050 ssh2	2020-09-13 23:22:49
139.155.13.81	attackspam	Invalid user user from 139.155.13.81 port 33844	2020-09-03 01:54:05
139.155.13.81	attack	$f2bV_matches	2020-09-02 17:22:41

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.155.1.62
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 56445
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.155.1.62.			IN	A

;; AUTHORITY SECTION:
.			468	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020051600 1800 900 604800 86400

;; Query time: 57 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat May 16 14:55:18 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 62.1.155.139.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 62.1.155.139.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
119.28.132.211	attackbotsspam	$f2bV_matches	2020-09-16 02:12:37
147.135.133.88	attack	Sep 15 19:09:44 vpn01 sshd[8529]: Failed password for root from 147.135.133.88 port 49281 ssh2 ...	2020-09-16 02:07:08
177.139.136.73	attack	Sep 15 19:38:04 fhem-rasp sshd[26067]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.139.136.73 user=root Sep 15 19:38:06 fhem-rasp sshd[26067]: Failed password for root from 177.139.136.73 port 40354 ssh2 ...	2020-09-16 02:14:45
162.252.57.173	attack	Invalid user ftpuser from 162.252.57.173 port 58018	2020-09-16 02:37:58
154.180.78.59	attack	200x100MB request	2020-09-16 02:27:34
182.92.85.121	attackbotsspam	Attempting to access Wordpress login on a honeypot or private system.	2020-09-16 02:25:33
104.248.130.10	attack	2020-09-15T19:29:07.405866n23.at sshd[2270618]: Failed password for root from 104.248.130.10 port 35014 ssh2 2020-09-15T19:32:41.912417n23.at sshd[2273782]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.130.10 user=root 2020-09-15T19:32:44.317227n23.at sshd[2273782]: Failed password for root from 104.248.130.10 port 47248 ssh2 ...	2020-09-16 02:20:45
68.79.60.45	attackspambots	malicious Brute-Force reported by https://www.patrick-binder.de ...	2020-09-16 02:31:06
122.170.12.200	attackbotsspam	Unauthorized connection attempt from IP address 122.170.12.200 on Port 445(SMB)	2020-09-16 02:16:32
77.37.203.230	attack	Sep 15 14:01:35 ws22vmsma01 sshd[16234]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=77.37.203.230 ...	2020-09-16 02:01:38
179.216.176.168	attackspambots	Invalid user admin from 179.216.176.168 port 46853	2020-09-16 02:09:58
162.243.130.93	attackspambots	Brute force attack stopped by firewall	2020-09-16 02:08:56
36.111.150.124	attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-09-16 02:28:57
185.91.252.109	attack	Sep 14 18:40:47 h2865660 sshd[31421]: Invalid user admin from 185.91.252.109 port 24641 Sep 14 18:40:47 h2865660 sshd[31421]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.91.252.109 Sep 14 18:40:47 h2865660 sshd[31421]: Invalid user admin from 185.91.252.109 port 24641 Sep 14 18:40:49 h2865660 sshd[31421]: Failed password for invalid user admin from 185.91.252.109 port 24641 ssh2 Sep 14 18:56:55 h2865660 sshd[32047]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.91.252.109 user=root Sep 14 18:56:57 h2865660 sshd[32047]: Failed password for root from 185.91.252.109 port 33313 ssh2 ...	2020-09-16 02:23:46
167.71.38.104	attackspambots	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-09-16 02:15:47

最近上报的IP列表

210.2.132.18	183.60.227.18	180.242.28.181	182.190.218.57
180.183.196.249	191.240.100.11	103.206.191.5	14.177.249.48
62.234.137.26	167.99.172.96	106.53.40.79	106.247.23.237
79.175.62.238	125.6.143.89	32.89.0.228	115.79.136.117
83.97.20.226	183.17.235.191	14.228.148.62	77.68.72.86