139.155.13.21 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Connection to SSH Honeypot - Detected by HoneypotDB	2020-10-06 07:33:29
attack	Connection to SSH Honeypot - Detected by HoneypotDB	2020-10-05 23:49:56
attackspambots	Oct 5 09:18:04 ip106 sshd[15735]: Failed password for root from 139.155.13.21 port 43686 ssh2 ...	2020-10-05 15:50:01

相同子网IP讨论:

IP	类型	评论内容	时间
139.155.13.59	attack	sshd: Failed password for invalid user .... from 139.155.13.59 port 60208 ssh2 (8 attempts)	2020-10-13 17:34:17
139.155.13.81	attack	Invalid user administrator from 139.155.13.81 port 43454	2020-09-27 07:18:28
139.155.13.81	attack	Sep 26 17:09:11 ns382633 sshd\[29250\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.13.81 user=root Sep 26 17:09:13 ns382633 sshd\[29250\]: Failed password for root from 139.155.13.81 port 53970 ssh2 Sep 26 17:14:30 ns382633 sshd\[30199\]: Invalid user cisco from 139.155.13.81 port 51202 Sep 26 17:14:30 ns382633 sshd\[30199\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.13.81 Sep 26 17:14:32 ns382633 sshd\[30199\]: Failed password for invalid user cisco from 139.155.13.81 port 51202 ssh2	2020-09-26 23:47:41
139.155.13.81	attackspam	Invalid user user from 139.155.13.81 port 33844	2020-09-03 01:54:05
139.155.13.81	attack	$f2bV_matches	2020-09-02 17:22:41
139.155.13.81	attackspam	Sep 1 21:43:05 gw1 sshd[23425]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.13.81 Sep 1 21:43:07 gw1 sshd[23425]: Failed password for invalid user ares from 139.155.13.81 port 57732 ssh2 ...	2020-09-02 03:20:00
139.155.13.93	attackspambots	Sep 1 00:02:53 OPSO sshd\[26243\]: Invalid user tomcat from 139.155.13.93 port 54272 Sep 1 00:02:53 OPSO sshd\[26243\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.13.93 Sep 1 00:02:55 OPSO sshd\[26243\]: Failed password for invalid user tomcat from 139.155.13.93 port 54272 ssh2 Sep 1 00:07:53 OPSO sshd\[27204\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.13.93 user=root Sep 1 00:07:55 OPSO sshd\[27204\]: Failed password for root from 139.155.13.93 port 51722 ssh2	2020-09-01 07:24:26
139.155.13.115	attackspam	Aug 24 13:10:29 dignus sshd[22012]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.13.115 Aug 24 13:10:31 dignus sshd[22012]: Failed password for invalid user admin from 139.155.13.115 port 43126 ssh2 Aug 24 13:16:11 dignus sshd[22827]: Invalid user dh from 139.155.13.115 port 49642 Aug 24 13:16:11 dignus sshd[22827]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.13.115 Aug 24 13:16:14 dignus sshd[22827]: Failed password for invalid user dh from 139.155.13.115 port 49642 ssh2 ...	2020-08-25 04:32:01
139.155.13.93	attack	Aug 20 13:28:46 pixelmemory sshd[32913]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.13.93 user=root Aug 20 13:28:47 pixelmemory sshd[32913]: Failed password for root from 139.155.13.93 port 34184 ssh2 Aug 20 13:29:30 pixelmemory sshd[32930]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.13.93 user=root Aug 20 13:29:32 pixelmemory sshd[32930]: Failed password for root from 139.155.13.93 port 41704 ssh2 Aug 20 13:30:22 pixelmemory sshd[32946]: Invalid user ftp from 139.155.13.93 port 49224 ...	2020-08-21 05:27:02
139.155.13.81	attackbotsspam	web-1 [ssh] SSH Attack	2020-08-21 04:12:09
139.155.13.81	attackspambots	Aug 13 22:39:22 vps647732 sshd[9930]: Failed password for root from 139.155.13.81 port 48352 ssh2 ...	2020-08-14 06:34:20
139.155.13.81	attack	Aug 11 04:57:44 liveconfig01 sshd[9710]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.13.81 user=r.r Aug 11 04:57:46 liveconfig01 sshd[9710]: Failed password for r.r from 139.155.13.81 port 53748 ssh2 Aug 11 04:57:46 liveconfig01 sshd[9710]: Received disconnect from 139.155.13.81 port 53748:11: Bye Bye [preauth] Aug 11 04:57:46 liveconfig01 sshd[9710]: Disconnected from 139.155.13.81 port 53748 [preauth] Aug 11 05:12:49 liveconfig01 sshd[10416]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.13.81 user=r.r Aug 11 05:12:51 liveconfig01 sshd[10416]: Failed password for r.r from 139.155.13.81 port 58560 ssh2 Aug 11 05:12:51 liveconfig01 sshd[10416]: Received disconnect from 139.155.13.81 port 58560:11: Bye Bye [preauth] Aug 11 05:12:51 liveconfig01 sshd[10416]: Disconnected from 139.155.13.81 port 58560 [preauth] Aug 11 05:17:35 liveconfig01 sshd[10660]: pam_unix(sshd:auth........ -------------------------------	2020-08-12 00:38:10
139.155.13.81	attackspam	2020-08-07T03:55:29.268020abusebot-5.cloudsearch.cf sshd[5054]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.13.81 user=root 2020-08-07T03:55:31.038114abusebot-5.cloudsearch.cf sshd[5054]: Failed password for root from 139.155.13.81 port 44596 ssh2 2020-08-07T03:58:24.225594abusebot-5.cloudsearch.cf sshd[5071]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.13.81 user=root 2020-08-07T03:58:26.020743abusebot-5.cloudsearch.cf sshd[5071]: Failed password for root from 139.155.13.81 port 45620 ssh2 2020-08-07T04:01:08.813770abusebot-5.cloudsearch.cf sshd[5096]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.13.81 user=root 2020-08-07T04:01:10.789511abusebot-5.cloudsearch.cf sshd[5096]: Failed password for root from 139.155.13.81 port 46634 ssh2 2020-08-07T04:03:54.788950abusebot-5.cloudsearch.cf sshd[5109]: pam_unix(sshd:auth): authenticati ...	2020-08-07 15:52:18
139.155.13.93	attackbotsspam	Aug 5 06:34:06 buvik sshd[19690]: Failed password for root from 139.155.13.93 port 51322 ssh2 Aug 5 06:38:04 buvik sshd[20272]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.13.93 user=root Aug 5 06:38:06 buvik sshd[20272]: Failed password for root from 139.155.13.93 port 34560 ssh2 ...	2020-08-05 12:41:26
139.155.13.93	attackspambots	2020-08-04T10:20:27.231855shield sshd\[32233\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.13.93 user=root 2020-08-04T10:20:28.975900shield sshd\[32233\]: Failed password for root from 139.155.13.93 port 51552 ssh2 2020-08-04T10:25:06.045249shield sshd\[32758\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.13.93 user=root 2020-08-04T10:25:07.618937shield sshd\[32758\]: Failed password for root from 139.155.13.93 port 42960 ssh2 2020-08-04T10:29:30.288555shield sshd\[880\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.13.93 user=root	2020-08-04 22:10:37

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.155.13.21
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44800
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.155.13.21.			IN	A

;; AUTHORITY SECTION:
.			154	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020100500 1800 900 604800 86400

;; Query time: 232 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Oct 05 15:49:57 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 21.13.155.139.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 21.13.155.139.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
103.52.217.136	attackbots	Unauthorized connection attempt detected from IP address 103.52.217.136 to port 3052	2020-06-14 17:35:32
192.144.230.221	attackspam	Failed password for invalid user shaca from 192.144.230.221 port 52788 ssh2	2020-06-14 18:02:09
36.232.173.23	attackspambots	Unauthorised access (Jun 14) SRC=36.232.173.23 LEN=52 TTL=108 ID=32410 DF TCP DPT=445 WINDOW=8192 SYN	2020-06-14 17:38:16
222.186.180.147	attackbots	sshd jail - ssh hack attempt	2020-06-14 18:10:18
212.113.167.201	attackspambots	Brute force 76 attempts	2020-06-14 17:35:14
106.54.48.29	attackbots	Jun 14 05:45:44 cp sshd[9547]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.48.29 Jun 14 05:45:46 cp sshd[9547]: Failed password for invalid user xllu from 106.54.48.29 port 56842 ssh2 Jun 14 05:48:43 cp sshd[11106]: Failed password for root from 106.54.48.29 port 35480 ssh2	2020-06-14 17:47:49
14.29.162.139	attackbotsspam	Jun 14 08:13:40 srv-ubuntu-dev3 sshd[42054]: Invalid user wade from 14.29.162.139 Jun 14 08:13:40 srv-ubuntu-dev3 sshd[42054]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.29.162.139 Jun 14 08:13:40 srv-ubuntu-dev3 sshd[42054]: Invalid user wade from 14.29.162.139 Jun 14 08:13:42 srv-ubuntu-dev3 sshd[42054]: Failed password for invalid user wade from 14.29.162.139 port 21496 ssh2 Jun 14 08:17:35 srv-ubuntu-dev3 sshd[42684]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.29.162.139 user=root Jun 14 08:17:37 srv-ubuntu-dev3 sshd[42684]: Failed password for root from 14.29.162.139 port 59034 ssh2 Jun 14 08:21:08 srv-ubuntu-dev3 sshd[43292]: Invalid user pbcte from 14.29.162.139 Jun 14 08:21:08 srv-ubuntu-dev3 sshd[43292]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.29.162.139 Jun 14 08:21:08 srv-ubuntu-dev3 sshd[43292]: Invalid user pbcte from 14.29.162 ...	2020-06-14 17:57:30
92.63.194.104	attack	Port scanning	2020-06-14 17:43:53
47.241.10.157	attackbotsspam	DATE:2020-06-14 07:50:41, IP:47.241.10.157, PORT:ssh SSH brute force auth (docker-dc)	2020-06-14 17:39:07
172.96.200.143	attackspam	Jun 14 09:01:46 vmd48417 sshd[9451]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.96.200.143	2020-06-14 18:10:37
192.145.44.220	attackspam	Jun 13 11:42:21 m2 sshd[19244]: Invalid user rafi from 192.145.44.220 Jun 13 11:42:22 m2 sshd[19244]: Failed password for invalid user rafi from 192.145.44.220 port 37988 ssh2 Jun 13 11:53:56 m2 sshd[20585]: Invalid user oi from 192.145.44.220 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=192.145.44.220	2020-06-14 18:12:36
218.92.0.220	attackbotsspam	Lines containing failures of 218.92.0.220 Jun 13 15:12:41 * sshd[126111]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.220 user=r.r Jun 13 15:12:42 * sshd[126111]: Failed password for r.r from 218.92.0.220 port 61397 ssh2 Jun 13 15:12:47 * sshd[126111]: message repeated 2 serveres: [ Failed password for r.r from 218.92.0.220 port 61397 ssh2] Jun 13 15:12:47 * sshd[126111]: Received disconnect from 218.92.0.220 port 61397:11: [preauth] Jun 13 15:12:47 * sshd[126111]: Disconnected from authenticating user r.r 218.92.0.220 port 61397 [preauth] Jun 13 15:12:47 * sshd[126111]: PAM 2 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.220 user=r.r Jun 13 15:12:51 * sshd[126116]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.220 user=r.r Jun 13 15:12:54 * sshd[126116]: Failed password for r.r from 218.92.0.220 port 46607 ssh2 J........ ------------------------------	2020-06-14 17:44:45
101.231.124.6	attackspambots	Jun 14 07:01:34 ajax sshd[15560]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.231.124.6 Jun 14 07:01:36 ajax sshd[15560]: Failed password for invalid user felins from 101.231.124.6 port 48480 ssh2	2020-06-14 17:31:50
14.20.188.60	attackbots	Brute force attempt	2020-06-14 17:49:39
167.114.92.54	attack	CA_Pulse OVH_<177>1592106507 [1:2522019:4092] ET TOR Known Tor Relay/Router (Not Exit) Node TCP Traffic group 20 [Classification: Misc Attack] [Priority: 2]: {TCP} 167.114.92.54:50690	2020-06-14 17:53:58

最近上报的IP列表

62.212.235.246	68.183.81.50	182.225.157.58	198.98.130.82
189.208.94.96	116.5.168.217	39.37.217.202	179.113.50.141
14.254.96.4	180.215.166.244	112.160.152.199	51.81.82.253
149.117.245.133	11.72.69.14	244.92.113.97	57.142.227.95
114.119.145.237	80.200.181.33	60.187.150.120	65.135.74.1