139.155.21.34 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	SSH login attempts.	2020-09-09 00:18:04
attackspambots	SSH login attempts.	2020-09-08 15:49:56
attack	Lines containing failures of 139.155.21.34 Sep 7 02:16:25 v2hgb sshd[5602]: Invalid user ubnt from 139.155.21.34 port 38778 Sep 7 02:16:25 v2hgb sshd[5602]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.21.34 Sep 7 02:16:27 v2hgb sshd[5602]: Failed password for invalid user ubnt from 139.155.21.34 port 38778 ssh2 Sep 7 02:16:27 v2hgb sshd[5602]: Received disconnect from 139.155.21.34 port 38778:11: Bye Bye [preauth] Sep 7 02:16:27 v2hgb sshd[5602]: Disconnected from invalid user ubnt 139.155.21.34 port 38778 [preauth] Sep 7 02:37:10 v2hgb sshd[7634]: Connection closed by 139.155.21.34 port 39446 [preauth] Sep 7 02:41:12 v2hgb sshd[8175]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.21.34 user=r.r Sep 7 02:41:14 v2hgb sshd[8175]: Failed password for r.r from 139.155.21.34 port 58590 ssh2 Sep 7 02:41:15 v2hgb sshd[8175]: Received disconnect from 139.155.21.34 por........ ------------------------------	2020-09-08 08:24:38
attack	Invalid user git from 139.155.21.34 port 43078	2020-09-02 20:36:28
attackbotsspam	Jul 24 10:30:38 server sshd[8988]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.21.34 Jul 24 10:30:39 server sshd[8988]: Failed password for invalid user admin from 139.155.21.34 port 53580 ssh2 Jul 24 10:38:03 server sshd[10333]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.21.34	2020-09-02 12:30:53
attackbots	Input Traffic from this IP, but critial abuseconfidencescore	2020-09-02 05:39:51
attackbotsspam	Fail2Ban Ban Triggered (2)	2020-08-28 03:54:16
attackspam	fail2ban -- 139.155.21.34 ...	2020-08-21 17:07:27
attackspambots	Aug 18 15:36:13 vps639187 sshd\[15240\]: Invalid user le from 139.155.21.34 port 48616 Aug 18 15:36:13 vps639187 sshd\[15240\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.21.34 Aug 18 15:36:15 vps639187 sshd\[15240\]: Failed password for invalid user le from 139.155.21.34 port 48616 ssh2 ...	2020-08-18 22:01:22
attackspam	Aug 11 15:07:58 cosmoit sshd[21906]: Failed password for root from 139.155.21.34 port 46194 ssh2	2020-08-11 21:46:31
attack	Aug 8 07:07:49 journals sshd\[123764\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.21.34 user=root Aug 8 07:07:51 journals sshd\[123764\]: Failed password for root from 139.155.21.34 port 58630 ssh2 Aug 8 07:12:28 journals sshd\[124225\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.21.34 user=root Aug 8 07:12:29 journals sshd\[124225\]: Failed password for root from 139.155.21.34 port 53102 ssh2 Aug 8 07:17:08 journals sshd\[124585\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.21.34 user=root ...	2020-08-08 15:41:50
attack	Jul 11 18:52:00 sachi sshd\[15065\]: Invalid user ilie from 139.155.21.34 Jul 11 18:52:00 sachi sshd\[15065\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.21.34 Jul 11 18:52:02 sachi sshd\[15065\]: Failed password for invalid user ilie from 139.155.21.34 port 59428 ssh2 Jul 11 18:54:53 sachi sshd\[15318\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.21.34 user=root Jul 11 18:54:54 sachi sshd\[15318\]: Failed password for root from 139.155.21.34 port 34656 ssh2	2020-07-12 12:57:45

相同子网IP讨论:

IP	类型	评论内容	时间
139.155.21.186	attack	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-08-09T16:44:02Z and 2020-08-09T16:54:14Z	2020-08-10 03:46:07
139.155.21.186	attack	Aug 9 06:35:30 marvibiene sshd[6560]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.21.186 user=root Aug 9 06:35:32 marvibiene sshd[6560]: Failed password for root from 139.155.21.186 port 38006 ssh2 Aug 9 06:50:11 marvibiene sshd[6820]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.21.186 user=root Aug 9 06:50:12 marvibiene sshd[6820]: Failed password for root from 139.155.21.186 port 46438 ssh2	2020-08-09 15:03:59
139.155.21.186	attackbotsspam	Jul 29 11:04:16 journals sshd\[12620\]: Invalid user yzhu from 139.155.21.186 Jul 29 11:04:16 journals sshd\[12620\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.21.186 Jul 29 11:04:18 journals sshd\[12620\]: Failed password for invalid user yzhu from 139.155.21.186 port 41158 ssh2 Jul 29 11:07:56 journals sshd\[13104\]: Invalid user tomcat from 139.155.21.186 Jul 29 11:07:56 journals sshd\[13104\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.21.186 ...	2020-07-29 16:17:53
139.155.21.186	attack	Jul 28 12:04:50 onepixel sshd[3644051]: Invalid user wangwq from 139.155.21.186 port 54182 Jul 28 12:04:50 onepixel sshd[3644051]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.21.186 Jul 28 12:04:50 onepixel sshd[3644051]: Invalid user wangwq from 139.155.21.186 port 54182 Jul 28 12:04:52 onepixel sshd[3644051]: Failed password for invalid user wangwq from 139.155.21.186 port 54182 ssh2 Jul 28 12:08:21 onepixel sshd[3646075]: Invalid user pengteng from 139.155.21.186 port 34680	2020-07-28 20:13:58
139.155.21.186	attack	Jul 12 06:16:00 PorscheCustomer sshd[15893]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.21.186 Jul 12 06:16:02 PorscheCustomer sshd[15893]: Failed password for invalid user grj from 139.155.21.186 port 60786 ssh2 Jul 12 06:16:48 PorscheCustomer sshd[15942]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.21.186 ...	2020-07-12 13:41:20
139.155.21.186	attackbots	Jun 28 15:14:03 Invalid user multicraft from 139.155.21.186 port 43430	2020-06-28 23:01:14
139.155.21.186	attack	$f2bV_matches	2020-06-26 22:47:59
139.155.21.186	attack	SSH Brute-Force attacks	2020-06-08 15:33:29
139.155.21.186	attackbotsspam	Jun 5 13:58:33 cloud sshd[18333]: Failed password for root from 139.155.21.186 port 40924 ssh2	2020-06-05 21:15:05
139.155.21.186	attackspambots	May 25 14:03:37 ns3164893 sshd[9358]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.21.186 user=root May 25 14:03:39 ns3164893 sshd[9358]: Failed password for root from 139.155.21.186 port 55062 ssh2 ...	2020-05-25 20:51:09
139.155.21.186	attack	2020-05-23T04:35:10.697143server.espacesoutien.com sshd[13504]: Invalid user lkj from 139.155.21.186 port 34074 2020-05-23T04:35:10.713013server.espacesoutien.com sshd[13504]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.21.186 2020-05-23T04:35:10.697143server.espacesoutien.com sshd[13504]: Invalid user lkj from 139.155.21.186 port 34074 2020-05-23T04:35:12.665872server.espacesoutien.com sshd[13504]: Failed password for invalid user lkj from 139.155.21.186 port 34074 ssh2 ...	2020-05-23 13:01:03
139.155.21.186	attackbots	May 10 22:27:19 ns382633 sshd\[24505\]: Invalid user postgres from 139.155.21.186 port 42884 May 10 22:27:19 ns382633 sshd\[24505\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.21.186 May 10 22:27:20 ns382633 sshd\[24505\]: Failed password for invalid user postgres from 139.155.21.186 port 42884 ssh2 May 10 22:36:37 ns382633 sshd\[26288\]: Invalid user smbuser from 139.155.21.186 port 40350 May 10 22:36:37 ns382633 sshd\[26288\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.21.186	2020-05-11 05:02:38
139.155.21.186	attack	5x Failed Password	2020-05-07 01:11:34
139.155.21.186	attackspambots	Invalid user zw from 139.155.21.186 port 44238	2020-04-25 15:58:55
139.155.21.186	attackbots	SSH invalid-user multiple login try	2020-04-12 17:14:06

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.155.21.34
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 4271
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.155.21.34.			IN	A

;; AUTHORITY SECTION:
.			156	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020061801 1800 900 604800 86400

;; Query time: 51 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jun 19 06:47:52 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 34.21.155.139.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 34.21.155.139.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
125.91.32.65	attackspam	May 7 07:05:26 PorscheCustomer sshd[29122]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.91.32.65 May 7 07:05:29 PorscheCustomer sshd[29122]: Failed password for invalid user lg from 125.91.32.65 port 10315 ssh2 May 7 07:07:38 PorscheCustomer sshd[29171]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.91.32.65 ...	2020-05-07 13:23:41
189.111.78.54	attackbotsspam	Honeypot attack, port: 81, PTR: 189-111-78-54.dsl.telesp.net.br.	2020-05-07 12:51:36
185.79.112.92	attack	Wordpress malicious attack:[sshd]	2020-05-07 12:52:39
162.243.138.83	attackspam	" "	2020-05-07 13:06:23
129.204.119.178	attackspambots	Unauthorized access or intrusion attempt detected from Thor banned IP	2020-05-07 13:23:22
195.154.133.163	attackspambots	195.154.133.163 - - [07/May/2020:09:08:36 +0400] "POST /GponForm/diag_Form?style/ HTTP/1.1" 502 157 "-" "curl/7.3.2" ...	2020-05-07 13:11:04
51.75.31.33	attackbots	(sshd) Failed SSH login from 51.75.31.33 (FR/France/33.ip-51-75-31.eu): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: May 7 06:44:55 srv sshd[19473]: Invalid user mp3 from 51.75.31.33 port 54988 May 7 06:44:57 srv sshd[19473]: Failed password for invalid user mp3 from 51.75.31.33 port 54988 ssh2 May 7 06:53:02 srv sshd[19585]: Invalid user test from 51.75.31.33 port 59594 May 7 06:53:04 srv sshd[19585]: Failed password for invalid user test from 51.75.31.33 port 59594 ssh2 May 7 06:56:50 srv sshd[19629]: Invalid user charlie from 51.75.31.33 port 40466	2020-05-07 13:01:20
51.161.12.231	attackspambots	Fail2Ban Ban Triggered	2020-05-07 12:47:35
103.17.213.98	attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-05-07 13:01:38
87.251.74.166	attackspam	Port scan on 1 port(s): 3686	2020-05-07 13:01:56
47.17.177.110	attackbots	$f2bV_matches	2020-05-07 12:48:24
113.176.89.116	attackbots	$f2bV_matches	2020-05-07 13:20:16
27.34.251.60	attack	$f2bV_matches	2020-05-07 13:02:13
185.50.149.10	attack	May 7 06:40:44 mail.srvfarm.net postfix/smtpd[730323]: warning: unknown[185.50.149.10]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 7 06:40:44 mail.srvfarm.net postfix/smtpd[730323]: lost connection after AUTH from unknown[185.50.149.10] May 7 06:40:48 mail.srvfarm.net postfix/smtpd[733497]: lost connection after AUTH from unknown[185.50.149.10] May 7 06:40:50 mail.srvfarm.net postfix/smtps/smtpd[737312]: lost connection after AUTH from unknown[185.50.149.10] May 7 06:40:52 mail.srvfarm.net postfix/smtpd[737313]: warning: unknown[185.50.149.10]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2020-05-07 13:21:34
212.92.116.116	botsattack	Scan of non-existent folders: dev/ cms/ temp/ web/ and many others	2020-05-07 12:59:05

最近上报的IP列表

168.243.231.82	193.14.214.151	85.105.16.144	187.14.149.154
171.78.202.231	72.128.211.70	45.55.156.19	101.31.93.147
247.190.15.57	110.136.8.10	45.92.73.62	63.174.89.97
147.167.63.45	155.236.220.70	112.66.10.153	202.204.239.208
61.214.117.102	233.74.159.59	138.88.117.95	15.105.119.109