139.155.17.13 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	2020-09-28 UTC: (32x) - albert,ali,caixa,dev,ips,manager,mysql,nproc(2x),oracle,root(12x),steve,sun,sysadmin,teamspeak,test,testuser,user2,usuario1,yang,zope	2020-09-29 19:34:05
attackspambots	Aug 28 02:57:03 gw1 sshd[32707]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.17.13 Aug 28 02:57:05 gw1 sshd[32707]: Failed password for invalid user map from 139.155.17.13 port 38256 ssh2 ...	2020-08-28 06:19:51
attackbots	2020-08-23T16:11:58.4657311495-001 sshd[9465]: Invalid user ubuntu from 139.155.17.13 port 40676 2020-08-23T16:12:00.2619481495-001 sshd[9465]: Failed password for invalid user ubuntu from 139.155.17.13 port 40676 ssh2 2020-08-23T16:13:41.8235541495-001 sshd[9573]: Invalid user customer from 139.155.17.13 port 36722 2020-08-23T16:13:41.8267241495-001 sshd[9573]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.17.13 2020-08-23T16:13:41.8235541495-001 sshd[9573]: Invalid user customer from 139.155.17.13 port 36722 2020-08-23T16:13:43.4300711495-001 sshd[9573]: Failed password for invalid user customer from 139.155.17.13 port 36722 ssh2 ...	2020-08-24 04:55:00
attackbots	Invalid user xy from 139.155.17.13 port 47326	2020-08-23 15:51:19
attackbots	Aug 7 13:52:28 ovpn sshd\[15233\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.17.13 user=root Aug 7 13:52:30 ovpn sshd\[15233\]: Failed password for root from 139.155.17.13 port 46064 ssh2 Aug 7 14:05:31 ovpn sshd\[20625\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.17.13 user=root Aug 7 14:05:33 ovpn sshd\[20625\]: Failed password for root from 139.155.17.13 port 34348 ssh2 Aug 7 14:08:06 ovpn sshd\[21492\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.17.13 user=root	2020-08-07 20:57:33
attack	Aug 5 02:58:10 firewall sshd[30102]: Failed password for root from 139.155.17.13 port 45364 ssh2 Aug 5 03:02:22 firewall sshd[30373]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.17.13 user=root Aug 5 03:02:24 firewall sshd[30373]: Failed password for root from 139.155.17.13 port 35118 ssh2 ...	2020-08-05 19:59:05
attackspam	Invalid user calin from 139.155.17.13 port 57342	2020-07-12 01:17:52
attackbotsspam	SSH Brute-Forcing (server1)	2020-06-27 22:36:19
attack	(sshd) Failed SSH login from 139.155.17.13 (CN/China/-): 10 in the last 3600 secs	2020-06-25 17:35:09
attack	Jun 8 06:48:52 vpn01 sshd[30804]: Failed password for root from 139.155.17.13 port 58498 ssh2 ...	2020-06-08 15:54:10
attackbotsspam	Jun 7 19:58:11 roki sshd[19612]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.17.13 user=root Jun 7 19:58:14 roki sshd[19612]: Failed password for root from 139.155.17.13 port 55056 ssh2 Jun 7 20:16:02 roki sshd[20893]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.17.13 user=root Jun 7 20:16:04 roki sshd[20893]: Failed password for root from 139.155.17.13 port 46040 ssh2 Jun 7 20:19:05 roki sshd[21096]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.17.13 user=root ...	2020-06-08 02:49:53
attack	SSH Brute-Force attacks	2020-06-07 16:14:37
attack	Invalid user jca from 139.155.17.13 port 40368	2020-05-16 12:04:50

相同子网IP讨论:

IP	类型	评论内容	时间
139.155.17.76	attackbotsspam	Sep 16 08:56:25 itv-usvr-01 sshd[28095]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.17.76 user=root Sep 16 08:56:26 itv-usvr-01 sshd[28095]: Failed password for root from 139.155.17.76 port 53894 ssh2 Sep 16 08:58:10 itv-usvr-01 sshd[28179]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.17.76 user=root Sep 16 08:58:12 itv-usvr-01 sshd[28179]: Failed password for root from 139.155.17.76 port 43986 ssh2 Sep 16 08:59:25 itv-usvr-01 sshd[28212]: Invalid user medical from 139.155.17.76	2020-09-16 12:13:07
139.155.17.76	attackspambots	Sep 15 19:15:20 master sshd[23060]: Failed password for root from 139.155.17.76 port 41072 ssh2 Sep 15 19:20:16 master sshd[23099]: Failed password for invalid user tortoisesvn from 139.155.17.76 port 56516 ssh2 Sep 15 19:23:05 master sshd[23112]: Failed password for root from 139.155.17.76 port 55714 ssh2 Sep 15 19:25:36 master sshd[23126]: Failed password for root from 139.155.17.76 port 54902 ssh2 Sep 15 19:28:12 master sshd[23140]: Failed password for root from 139.155.17.76 port 54090 ssh2 Sep 15 19:36:13 master sshd[23212]: Failed password for root from 139.155.17.76 port 51656 ssh2 Sep 15 19:38:48 master sshd[23236]: Failed password for invalid user greta from 139.155.17.76 port 50852 ssh2 Sep 15 19:43:57 master sshd[23269]: Failed password for invalid user macallister from 139.155.17.76 port 49246 ssh2 Sep 15 19:46:30 master sshd[23302]: Failed password for root from 139.155.17.76 port 48440 ssh2 Sep 15 19:49:03 master sshd[23325]: Failed password for root from 139.155.17.76 port 47634 ssh2	2020-09-16 04:02:12
139.155.17.74	attack	" "	2020-08-24 23:14:42
139.155.17.74	attackbots	Aug 21 00:35:12 vps639187 sshd\[4672\]: Invalid user ebs from 139.155.17.74 port 53114 Aug 21 00:35:12 vps639187 sshd\[4672\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.17.74 Aug 21 00:35:14 vps639187 sshd\[4672\]: Failed password for invalid user ebs from 139.155.17.74 port 53114 ssh2 ...	2020-08-21 06:52:03
139.155.17.125	attack	Aug 2 19:55:48 lnxweb61 sshd[3600]: Failed password for root from 139.155.17.125 port 36230 ssh2 Aug 2 19:55:48 lnxweb61 sshd[3600]: Failed password for root from 139.155.17.125 port 36230 ssh2	2020-08-03 02:04:31
139.155.17.85	attackspam	Jul 29 22:17:42 h2646465 sshd[25917]: Invalid user hongge from 139.155.17.85 Jul 29 22:17:42 h2646465 sshd[25917]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.17.85 Jul 29 22:17:42 h2646465 sshd[25917]: Invalid user hongge from 139.155.17.85 Jul 29 22:17:44 h2646465 sshd[25917]: Failed password for invalid user hongge from 139.155.17.85 port 50062 ssh2 Jul 29 22:22:35 h2646465 sshd[26557]: Invalid user wyx from 139.155.17.85 Jul 29 22:22:35 h2646465 sshd[26557]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.17.85 Jul 29 22:22:35 h2646465 sshd[26557]: Invalid user wyx from 139.155.17.85 Jul 29 22:22:37 h2646465 sshd[26557]: Failed password for invalid user wyx from 139.155.17.85 port 56030 ssh2 Jul 29 22:26:20 h2646465 sshd[27169]: Invalid user tyc from 139.155.17.85 ...	2020-07-30 07:00:14
139.155.17.74	attackbotsspam	Jul 12 00:01:36 main sshd[16938]: Failed password for invalid user jenkins from 139.155.17.74 port 38048 ssh2 Jul 12 00:03:55 main sshd[16967]: Failed password for invalid user lianqing from 139.155.17.74 port 42422 ssh2 Jul 12 00:06:25 main sshd[17004]: Failed password for invalid user gengxin from 139.155.17.74 port 46816 ssh2	2020-07-13 07:27:11
139.155.17.74	attack	Jul 10 05:35:39 saturn sshd[185831]: Invalid user sys-a from 139.155.17.74 port 40014 Jul 10 05:35:40 saturn sshd[185831]: Failed password for invalid user sys-a from 139.155.17.74 port 40014 ssh2 Jul 10 05:57:14 saturn sshd[186605]: Invalid user gitlab-prometheus from 139.155.17.74 port 59554 ...	2020-07-10 12:42:54
139.155.17.74	attackbotsspam	Jul 8 07:06:57 h2427292 sshd\[17239\]: Invalid user zyxq from 139.155.17.74 Jul 8 07:06:57 h2427292 sshd\[17239\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.17.74 Jul 8 07:06:59 h2427292 sshd\[17239\]: Failed password for invalid user zyxq from 139.155.17.74 port 59954 ssh2 ...	2020-07-08 14:38:51
139.155.17.85	attackbots	Jul 7 14:00:37 sip sshd[858051]: Invalid user ppl from 139.155.17.85 port 43564 Jul 7 14:00:39 sip sshd[858051]: Failed password for invalid user ppl from 139.155.17.85 port 43564 ssh2 Jul 7 14:08:24 sip sshd[858143]: Invalid user app from 139.155.17.85 port 41030 ...	2020-07-07 20:31:35
139.155.17.74	attack	Automatic report BANNED IP	2020-06-30 05:15:20
139.155.17.76	attackbotsspam	Jun 25 12:22:22 ns3033917 sshd[20998]: Invalid user mauricio from 139.155.17.76 port 46894 Jun 25 12:22:24 ns3033917 sshd[20998]: Failed password for invalid user mauricio from 139.155.17.76 port 46894 ssh2 Jun 25 12:33:12 ns3033917 sshd[21108]: Invalid user bssh from 139.155.17.76 port 44072 ...	2020-06-25 21:08:51
139.155.17.76	attack	Jun 21 07:42:00 vps687878 sshd\[11794\]: Failed password for invalid user ts from 139.155.17.76 port 35180 ssh2 Jun 21 07:42:59 vps687878 sshd\[11894\]: Invalid user javier from 139.155.17.76 port 45592 Jun 21 07:42:59 vps687878 sshd\[11894\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.17.76 Jun 21 07:43:01 vps687878 sshd\[11894\]: Failed password for invalid user javier from 139.155.17.76 port 45592 ssh2 Jun 21 07:44:04 vps687878 sshd\[11986\]: Invalid user oracle from 139.155.17.76 port 56006 Jun 21 07:44:04 vps687878 sshd\[11986\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.17.76 ...	2020-06-21 17:33:17
139.155.17.74	attackspam	Jun 18 16:18:58 buvik sshd[19083]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.17.74 Jun 18 16:19:01 buvik sshd[19083]: Failed password for invalid user ww from 139.155.17.74 port 32784 ssh2 Jun 18 16:22:36 buvik sshd[19624]: Invalid user vitor from 139.155.17.74 ...	2020-06-19 00:42:13
139.155.17.74	attackspam	2020-06-10 05:51:03,895 fail2ban.actions: WARNING [ssh] Ban 139.155.17.74	2020-06-10 15:45:31

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.155.17.13
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 31450
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.155.17.13.			IN	A

;; AUTHORITY SECTION:
.			287	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020051502 1800 900 604800 86400

;; Query time: 111 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat May 16 12:04:43 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 13.17.155.139.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 13.17.155.139.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
2.56.207.81	attackbotsspam	Automatic Fail2ban report - Trying login SSH	2020-07-08 20:10:35
170.106.38.23	attackbotsspam	Unauthorized connection attempt detected from IP address 170.106.38.23 to port 37	2020-07-08 20:16:20
124.195.169.159	attackspam	Port probing on unauthorized port 23	2020-07-08 19:58:25
45.227.255.59	attackbotsspam	[Sat May 23 12:03:55 2020] - Syn Flood From IP: 45.227.255.59 Port: 65531	2020-07-08 19:50:15
183.89.212.94	attackspambots	Attempts against Pop3/IMAP	2020-07-08 20:16:49
37.187.3.53	attack	Jul 8 13:26:22 server sshd[31501]: Failed password for invalid user yumy from 37.187.3.53 port 53445 ssh2 Jul 8 13:38:52 server sshd[11737]: Failed password for invalid user jking from 37.187.3.53 port 41288 ssh2 Jul 8 13:48:49 server sshd[22335]: Failed password for invalid user china from 37.187.3.53 port 40197 ssh2	2020-07-08 20:03:16
112.85.42.178	attack	Jul 8 14:05:26 server sshd[7531]: Failed none for root from 112.85.42.178 port 55342 ssh2 Jul 8 14:05:28 server sshd[7531]: Failed password for root from 112.85.42.178 port 55342 ssh2 Jul 8 14:05:33 server sshd[7531]: Failed password for root from 112.85.42.178 port 55342 ssh2	2020-07-08 20:17:15
122.155.212.244	attackspam	16018/tcp 7442/tcp 16939/tcp... [2020-06-21/07-08]54pkt,19pt.(tcp)	2020-07-08 20:18:46
222.186.15.115	attack	Unauthorized connection attempt detected from IP address 222.186.15.115 to port 22	2020-07-08 20:00:45
103.89.176.74	attack	24245/tcp 5495/tcp 30007/tcp... [2020-06-21/07-08]54pkt,19pt.(tcp)	2020-07-08 20:17:47
20.48.145.249	attack	[Sat Jul 04 00:59:29 2020] - DDoS Attack From IP: 20.48.145.249 Port: 5062	2020-07-08 20:09:57
61.177.172.41	attackbots	Jul 8 13:59:48 server sshd[1686]: Failed none for root from 61.177.172.41 port 36356 ssh2 Jul 8 13:59:50 server sshd[1686]: Failed password for root from 61.177.172.41 port 36356 ssh2 Jul 8 13:59:55 server sshd[1686]: Failed password for root from 61.177.172.41 port 36356 ssh2	2020-07-08 20:11:18
41.13.22.117	attackspam	TCP Port Scanning	2020-07-08 20:15:25
117.135.32.166	attackspam	Jul 8 14:06:54 meumeu sshd[141440]: Invalid user claudiu from 117.135.32.166 port 32866 Jul 8 14:06:54 meumeu sshd[141440]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.135.32.166 Jul 8 14:06:54 meumeu sshd[141440]: Invalid user claudiu from 117.135.32.166 port 32866 Jul 8 14:06:56 meumeu sshd[141440]: Failed password for invalid user claudiu from 117.135.32.166 port 32866 ssh2 Jul 8 14:09:42 meumeu sshd[141654]: Invalid user zhuhong from 117.135.32.166 port 35642 Jul 8 14:09:42 meumeu sshd[141654]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.135.32.166 Jul 8 14:09:42 meumeu sshd[141654]: Invalid user zhuhong from 117.135.32.166 port 35642 Jul 8 14:09:44 meumeu sshd[141654]: Failed password for invalid user zhuhong from 117.135.32.166 port 35642 ssh2 Jul 8 14:12:28 meumeu sshd[141748]: Invalid user admin from 117.135.32.166 port 38412 ...	2020-07-08 20:13:21
68.183.203.30	attack	25788/tcp 26969/tcp 7141/tcp... [2020-06-22/07-08]53pkt,19pt.(tcp)	2020-07-08 20:05:00

最近上报的IP列表

51.38.140.11	96.231.65.122	156.96.118.60	217.91.144.95
123.241.186.245	51.77.124.86	144.76.67.250	139.186.71.62
183.56.203.81	123.21.68.72	187.195.3.195	188.186.180.36
102.45.9.25	79.40.141.39	73.74.1.144	27.185.12.20
232.171.36.199	118.25.177.225	171.224.177.134	165.22.16.193