139.155.130.201

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Aug 22 11:45:02 www sshd\[2364\]: Invalid user admin from 139.155.130.201Aug 22 11:45:05 www sshd\[2364\]: Failed password for invalid user admin from 139.155.130.201 port 57816 ssh2Aug 22 11:47:44 www sshd\[2373\]: Invalid user usr1cv8 from 139.155.130.201 ...	2019-08-22 17:13:19

类型

评论内容

时间

attack

Aug 22 11:45:02 www sshd\[2364\]: Invalid user admin from 139.155.130.201Aug 22 11:45:05 www sshd\[2364\]: Failed password for invalid user admin from 139.155.130.201 port 57816 ssh2Aug 22 11:47:44 www sshd\[2373\]: Invalid user usr1cv8 from 139.155.130.201
...

2019-08-22 17:13:19

相同子网IP讨论:

IP	类型	评论内容	时间
139.155.130.130	attack	SSH Brute-Forcing (ownc)	2019-08-19 16:56:05
139.155.130.153	attackbots	Aug 17 19:03:27 spiceship sshd\[64550\]: Invalid user legend from 139.155.130.153 Aug 17 19:03:27 spiceship sshd\[64550\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.130.153 ...	2019-08-18 09:13:38

类型

评论内容

时间

139.155.130.130

attack

SSH Brute-Forcing (ownc)

2019-08-19 16:56:05

139.155.130.153

attackbots

Aug 17 19:03:27 spiceship sshd\[64550\]: Invalid user legend from 139.155.130.153
Aug 17 19:03:27 spiceship sshd\[64550\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.130.153
...

2019-08-18 09:13:38

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.155.130.201
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 18142
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.155.130.201.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019082200 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Aug 22 17:13:00 CST 2019
;; MSG SIZE  rcvd: 119

HOST信息:

Host 201.130.155.139.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 201.130.155.139.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
160.153.154.6	attackbotsspam	C1,DEF GET /blog/wp-includes/wlwmanifest.xml	2020-08-31 13:51:52
192.241.239.82	attack	firewall-block, port(s): 1900/udp	2020-08-31 13:20:09
202.104.112.217	attack	Aug 31 05:02:09 vps-51d81928 sshd[123453]: Failed password for root from 202.104.112.217 port 43107 ssh2 Aug 31 05:04:24 vps-51d81928 sshd[123461]: Invalid user ajay from 202.104.112.217 port 55021 Aug 31 05:04:24 vps-51d81928 sshd[123461]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.104.112.217 Aug 31 05:04:24 vps-51d81928 sshd[123461]: Invalid user ajay from 202.104.112.217 port 55021 Aug 31 05:04:26 vps-51d81928 sshd[123461]: Failed password for invalid user ajay from 202.104.112.217 port 55021 ssh2 ...	2020-08-31 13:18:37
128.201.78.223	attackbots	This client attempted to login to an administrator account on a Website, or abused from another resource.	2020-08-31 13:47:22
185.234.219.85	attackbots	TCP (SYN) 185.234.219.85:6000 -> port 1433, len 40	2020-08-31 13:15:22
27.72.97.58	attackbots	Brute forcing RDP port 3389	2020-08-31 13:18:06
218.61.128.226	attackbotsspam	Unauthorised access (Aug 31) SRC=218.61.128.226 LEN=52 TTL=109 ID=25936 DF TCP DPT=1433 WINDOW=8192 SYN	2020-08-31 13:26:57
192.35.168.235	attackspambots	9055/tcp 9533/tcp 3384/tcp... [2020-06-30/08-31]303pkt,263pt.(tcp)	2020-08-31 13:25:15
222.186.31.166	attack	Aug 31 07:51:08 abendstille sshd\[3280\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.31.166 user=root Aug 31 07:51:11 abendstille sshd\[3280\]: Failed password for root from 222.186.31.166 port 33120 ssh2 Aug 31 07:51:29 abendstille sshd\[3740\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.31.166 user=root Aug 31 07:51:31 abendstille sshd\[3740\]: Failed password for root from 222.186.31.166 port 64747 ssh2 Aug 31 07:51:41 abendstille sshd\[3902\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.31.166 user=root ...	2020-08-31 13:53:32
79.127.107.12	attackspambots	Unauthorised access (Aug 31) SRC=79.127.107.12 LEN=52 TTL=114 ID=30352 DF TCP DPT=445 WINDOW=8192 SYN	2020-08-31 13:26:20
51.38.227.167	attack	C1,DEF GET /old/wp-includes/wlwmanifest.xml	2020-08-31 13:28:04
128.14.230.12	attack	$f2bV_matches	2020-08-31 13:47:38
103.75.101.59	attack	Aug 31 06:41:10 cp sshd[18526]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.75.101.59	2020-08-31 13:34:23
119.45.5.31	attack	Banned for a week because repeated abuses, for example SSH, but not only	2020-08-31 13:13:17
184.168.193.147	attackspam	Brute Force	2020-08-31 13:54:32

最近上报的IP列表

61.93.253.70	128.199.252.156	45.199.152.34	115.124.88.114
253.188.210.173	184.57.109.118	27.102.11.185	101.86.164.226
165.22.218.93	143.245.157.132	1.9.126.57	178.216.24.49
226.51.8.123	60.19.168.206	182.75.61.238	202.11.83.107
68.104.199.63	185.153.196.47	53.41.196.220	210.215.111.168