139.155.21.129

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Sep 26 05:48:10 [snip] sshd[16972]: Invalid user track from 139.155.21.129 port 53376 Sep 26 05:48:10 [snip] sshd[16972]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.21.129 Sep 26 05:48:12 [snip] sshd[16972]: Failed password for invalid user track from 139.155.21.129 port 53376 ssh2[...]	2019-09-26 16:34:44

类型

评论内容

时间

attack

Sep 26 05:48:10 [snip] sshd[16972]: Invalid user track from 139.155.21.129 port 53376
Sep 26 05:48:10 [snip] sshd[16972]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.21.129
Sep 26 05:48:12 [snip] sshd[16972]: Failed password for invalid user track from 139.155.21.129 port 53376 ssh2[...]

2019-09-26 16:34:44

相同子网IP讨论:

IP	类型	评论内容	时间
139.155.21.34	attack	SSH login attempts.	2020-09-09 00:18:04
139.155.21.34	attackspambots	SSH login attempts.	2020-09-08 15:49:56
139.155.21.34	attack	Lines containing failures of 139.155.21.34 Sep 7 02:16:25 v2hgb sshd[5602]: Invalid user ubnt from 139.155.21.34 port 38778 Sep 7 02:16:25 v2hgb sshd[5602]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.21.34 Sep 7 02:16:27 v2hgb sshd[5602]: Failed password for invalid user ubnt from 139.155.21.34 port 38778 ssh2 Sep 7 02:16:27 v2hgb sshd[5602]: Received disconnect from 139.155.21.34 port 38778:11: Bye Bye [preauth] Sep 7 02:16:27 v2hgb sshd[5602]: Disconnected from invalid user ubnt 139.155.21.34 port 38778 [preauth] Sep 7 02:37:10 v2hgb sshd[7634]: Connection closed by 139.155.21.34 port 39446 [preauth] Sep 7 02:41:12 v2hgb sshd[8175]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.21.34 user=r.r Sep 7 02:41:14 v2hgb sshd[8175]: Failed password for r.r from 139.155.21.34 port 58590 ssh2 Sep 7 02:41:15 v2hgb sshd[8175]: Received disconnect from 139.155.21.34 por........ ------------------------------	2020-09-08 08:24:38
139.155.21.34	attack	Invalid user git from 139.155.21.34 port 43078	2020-09-02 20:36:28
139.155.21.34	attackbotsspam	Jul 24 10:30:38 server sshd[8988]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.21.34 Jul 24 10:30:39 server sshd[8988]: Failed password for invalid user admin from 139.155.21.34 port 53580 ssh2 Jul 24 10:38:03 server sshd[10333]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.21.34	2020-09-02 12:30:53
139.155.21.34	attackbots	Input Traffic from this IP, but critial abuseconfidencescore	2020-09-02 05:39:51
139.155.21.34	attackbotsspam	Fail2Ban Ban Triggered (2)	2020-08-28 03:54:16
139.155.21.34	attackspam	fail2ban -- 139.155.21.34 ...	2020-08-21 17:07:27
139.155.21.34	attackspambots	Aug 18 15:36:13 vps639187 sshd\[15240\]: Invalid user le from 139.155.21.34 port 48616 Aug 18 15:36:13 vps639187 sshd\[15240\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.21.34 Aug 18 15:36:15 vps639187 sshd\[15240\]: Failed password for invalid user le from 139.155.21.34 port 48616 ssh2 ...	2020-08-18 22:01:22
139.155.21.34	attackspam	Aug 11 15:07:58 cosmoit sshd[21906]: Failed password for root from 139.155.21.34 port 46194 ssh2	2020-08-11 21:46:31
139.155.21.186	attack	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-08-09T16:44:02Z and 2020-08-09T16:54:14Z	2020-08-10 03:46:07
139.155.21.186	attack	Aug 9 06:35:30 marvibiene sshd[6560]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.21.186 user=root Aug 9 06:35:32 marvibiene sshd[6560]: Failed password for root from 139.155.21.186 port 38006 ssh2 Aug 9 06:50:11 marvibiene sshd[6820]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.21.186 user=root Aug 9 06:50:12 marvibiene sshd[6820]: Failed password for root from 139.155.21.186 port 46438 ssh2	2020-08-09 15:03:59
139.155.21.34	attack	Aug 8 07:07:49 journals sshd\[123764\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.21.34 user=root Aug 8 07:07:51 journals sshd\[123764\]: Failed password for root from 139.155.21.34 port 58630 ssh2 Aug 8 07:12:28 journals sshd\[124225\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.21.34 user=root Aug 8 07:12:29 journals sshd\[124225\]: Failed password for root from 139.155.21.34 port 53102 ssh2 Aug 8 07:17:08 journals sshd\[124585\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.21.34 user=root ...	2020-08-08 15:41:50
139.155.21.186	attackbotsspam	Jul 29 11:04:16 journals sshd\[12620\]: Invalid user yzhu from 139.155.21.186 Jul 29 11:04:16 journals sshd\[12620\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.21.186 Jul 29 11:04:18 journals sshd\[12620\]: Failed password for invalid user yzhu from 139.155.21.186 port 41158 ssh2 Jul 29 11:07:56 journals sshd\[13104\]: Invalid user tomcat from 139.155.21.186 Jul 29 11:07:56 journals sshd\[13104\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.21.186 ...	2020-07-29 16:17:53
139.155.21.186	attack	Jul 28 12:04:50 onepixel sshd[3644051]: Invalid user wangwq from 139.155.21.186 port 54182 Jul 28 12:04:50 onepixel sshd[3644051]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.21.186 Jul 28 12:04:50 onepixel sshd[3644051]: Invalid user wangwq from 139.155.21.186 port 54182 Jul 28 12:04:52 onepixel sshd[3644051]: Failed password for invalid user wangwq from 139.155.21.186 port 54182 ssh2 Jul 28 12:08:21 onepixel sshd[3646075]: Invalid user pengteng from 139.155.21.186 port 34680	2020-07-28 20:13:58

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.155.21.129
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 28096
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.155.21.129.			IN	A

;; AUTHORITY SECTION:
.			521	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019092600 1800 900 604800 86400

;; Query time: 558 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Sep 26 16:34:41 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 129.21.155.139.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 129.21.155.139.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
51.36.222.106	attackspam	Automatic report - XMLRPC Attack	2020-06-15 06:34:03
212.64.29.78	attackspambots	2020-06-14T22:38:51.438723shield sshd\[9868\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.29.78 user=root 2020-06-14T22:38:53.375810shield sshd\[9868\]: Failed password for root from 212.64.29.78 port 36832 ssh2 2020-06-14T22:39:54.938549shield sshd\[10165\]: Invalid user mx from 212.64.29.78 port 50970 2020-06-14T22:39:54.942230shield sshd\[10165\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.29.78 2020-06-14T22:39:56.527957shield sshd\[10165\]: Failed password for invalid user mx from 212.64.29.78 port 50970 ssh2	2020-06-15 06:44:48
187.177.63.8	attackbotsspam	Automatic report - Port Scan Attack	2020-06-15 06:31:31
51.77.150.118	attackbots	Jun 14 21:27:42 marvibiene sshd[62761]: Invalid user ts3 from 51.77.150.118 port 54368 Jun 14 21:27:42 marvibiene sshd[62761]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.150.118 Jun 14 21:27:42 marvibiene sshd[62761]: Invalid user ts3 from 51.77.150.118 port 54368 Jun 14 21:27:43 marvibiene sshd[62761]: Failed password for invalid user ts3 from 51.77.150.118 port 54368 ssh2 ...	2020-06-15 06:31:01
45.66.156.176	attackspambots	Jun 14 18:27:30 ws22vmsma01 sshd[91431]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.66.156.176 Jun 14 18:27:32 ws22vmsma01 sshd[91431]: Failed password for invalid user 2 from 45.66.156.176 port 45812 ssh2 ...	2020-06-15 06:38:04
123.124.71.106	attack	IP 123.124.71.106 attacked honeypot on port: 1433 at 6/14/2020 10:27:26 PM	2020-06-15 06:30:01
189.90.97.38	attackspam	Honeypot hit.	2020-06-15 06:50:17
114.67.64.28	attack	Jun 15 03:07:29 gw1 sshd[2928]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.67.64.28 Jun 15 03:07:31 gw1 sshd[2928]: Failed password for invalid user jin from 114.67.64.28 port 48630 ssh2 ...	2020-06-15 06:56:32
5.188.62.147	attack	Automatic report - Banned IP Access	2020-06-15 07:01:38
147.135.253.94	attack	[2020-06-14 18:38:22] NOTICE[1273] chan_sip.c: Registration from '' failed for '147.135.253.94:51639' - Wrong password [2020-06-14 18:38:22] SECURITY[1288] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-06-14T18:38:22.674-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="12345678",SessionID="0x7f31c02f97a8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/147.135.253.94/51639",Challenge="475ff9b5",ReceivedChallenge="475ff9b5",ReceivedHash="7e9ecdcd82405f71253e345a704d6ca2" [2020-06-14 18:40:23] NOTICE[1273] chan_sip.c: Registration from '' failed for '147.135.253.94:53533' - Wrong password [2020-06-14 18:40:23] SECURITY[1288] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-06-14T18:40:23.241-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="4330",SessionID="0x7f31c02f97a8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/14 ...	2020-06-15 06:54:29
222.186.175.202	attack	Jun 14 22:51:40 localhost sshd[8688]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.202 user=root Jun 14 22:51:42 localhost sshd[8688]: Failed password for root from 222.186.175.202 port 3628 ssh2 Jun 14 22:51:44 localhost sshd[8688]: Failed password for root from 222.186.175.202 port 3628 ssh2 Jun 14 22:51:40 localhost sshd[8688]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.202 user=root Jun 14 22:51:42 localhost sshd[8688]: Failed password for root from 222.186.175.202 port 3628 ssh2 Jun 14 22:51:44 localhost sshd[8688]: Failed password for root from 222.186.175.202 port 3628 ssh2 Jun 14 22:51:40 localhost sshd[8688]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.202 user=root Jun 14 22:51:42 localhost sshd[8688]: Failed password for root from 222.186.175.202 port 3628 ssh2 Jun 14 22:51:44 localhost sshd[8688]: Failed p ...	2020-06-15 06:52:39
46.38.150.188	attackspambots	Jun 15 01:01:50 v22019058497090703 postfix/smtpd[646]: warning: unknown[46.38.150.188]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 15 01:03:21 v22019058497090703 postfix/smtpd[646]: warning: unknown[46.38.150.188]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 15 01:04:54 v22019058497090703 postfix/smtpd[646]: warning: unknown[46.38.150.188]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-06-15 07:07:14
41.202.207.8	attack	Automatic report - Banned IP Access	2020-06-15 06:48:06
45.144.2.66	attack	TCP (SYN) 45.144.2.66:37990 -> port 8080, len 60	2020-06-15 07:02:49
5.206.238.18	attackspam	pinterest spam	2020-06-15 06:45:45

最近上报的IP列表

85.105.120.94	100.251.219.121	64.119.200.102	203.253.72.90
81.171.58.182	115.216.203.31	113.224.219.143	121.234.105.113
193.56.28.178	52.41.193.16	106.111.166.26	116.203.40.95
101.206.155.4	148.70.101.245	205.209.167.167	89.238.150.15
52.41.20.47	113.238.116.166	85.140.38.90	118.175.93.94