139.155.25.68 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Aug 2 23:28:05 minden010 sshd[11419]: Failed password for root from 139.155.25.68 port 42880 ssh2 Aug 2 23:32:20 minden010 sshd[12843]: Failed password for root from 139.155.25.68 port 52064 ssh2 ...	2020-08-03 06:05:39

相同子网IP讨论:

IP	类型	评论内容	时间
139.155.25.26	attackbotsspam	Jan 02 23:32:58 askasleikir sshd[6794]: Failed password for invalid user ruben from 139.155.25.26 port 36026 ssh2	2020-01-03 20:53:46
139.155.25.26	attack	Oct 28 23:50:30 ACSRAD auth.info sshd[32061]: Failed password for r.r from 139.155.25.26 port 35826 ssh2 Oct 28 23:50:31 ACSRAD auth.info sshd[32061]: Received disconnect from 139.155.25.26 port 35826:11: Bye Bye [preauth] Oct 28 23:50:31 ACSRAD auth.info sshd[32061]: Disconnected from 139.155.25.26 port 35826 [preauth] Oct 28 23:50:31 ACSRAD auth.notice sshguard[5179]: Attack from "139.155.25.26" on service 100 whostnameh danger 10. Oct 28 23:50:31 ACSRAD auth.notice sshguard[5179]: Attack from "139.155.25.26" on service 100 whostnameh danger 10. Oct 28 23:55:18 ACSRAD auth.info sshd[2292]: Invalid user user3 from 139.155.25.26 port 46206 Oct 28 23:55:18 ACSRAD auth.info sshd[2292]: Failed password for invalid user user3 from 139.155.25.26 port 46206 ssh2 Oct 28 23:55:19 ACSRAD auth.info sshd[2292]: Received disconnect from 139.155.25.26 port 46206:11: Bye Bye [preauth] Oct 28 23:55:19 ACSRAD auth.info sshd[2292]: Disconnected from 139.155.25.26 port 46206 [preauth] Oct........ ------------------------------	2019-10-29 18:28:07
139.155.25.211	attack	Sep 4 03:39:39 php1 sshd\[30842\]: Invalid user alberto from 139.155.25.211 Sep 4 03:39:39 php1 sshd\[30842\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.25.211 Sep 4 03:39:41 php1 sshd\[30842\]: Failed password for invalid user alberto from 139.155.25.211 port 55998 ssh2 Sep 4 03:45:24 php1 sshd\[31380\]: Invalid user test from 139.155.25.211 Sep 4 03:45:24 php1 sshd\[31380\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.25.211	2019-09-04 21:52:12
139.155.25.211	attack	Sep 2 10:40:49 yabzik sshd[23153]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.25.211 Sep 2 10:40:51 yabzik sshd[23153]: Failed password for invalid user testuser5 from 139.155.25.211 port 56276 ssh2 Sep 2 10:46:15 yabzik sshd[25089]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.25.211	2019-09-02 15:51:36
139.155.25.211	attack	Aug 29 11:07:27 vps200512 sshd\[23764\]: Invalid user maja from 139.155.25.211 Aug 29 11:07:27 vps200512 sshd\[23764\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.25.211 Aug 29 11:07:28 vps200512 sshd\[23764\]: Failed password for invalid user maja from 139.155.25.211 port 42966 ssh2 Aug 29 11:14:16 vps200512 sshd\[23988\]: Invalid user gerrit from 139.155.25.211 Aug 29 11:14:16 vps200512 sshd\[23988\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.25.211	2019-08-30 00:16:08

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.155.25.68
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 62347
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.155.25.68.			IN	A

;; AUTHORITY SECTION:
.			503	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020080201 1800 900 604800 86400

;; Query time: 81 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Aug 03 06:05:37 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 68.25.155.139.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 68.25.155.139.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
91.121.110.50	attack	Oct 25 16:03:00 itv-usvr-01 sshd[2637]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.121.110.50 user=root Oct 25 16:03:02 itv-usvr-01 sshd[2637]: Failed password for root from 91.121.110.50 port 55536 ssh2 Oct 25 16:06:26 itv-usvr-01 sshd[2792]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.121.110.50 user=root Oct 25 16:06:27 itv-usvr-01 sshd[2792]: Failed password for root from 91.121.110.50 port 46443 ssh2 Oct 25 16:10:40 itv-usvr-01 sshd[3070]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.121.110.50 user=root Oct 25 16:10:42 itv-usvr-01 sshd[3070]: Failed password for root from 91.121.110.50 port 37353 ssh2	2019-10-25 20:02:44
179.111.206.154	attackbotsspam	2019-10-25T03:44:58.133893homeassistant sshd[9080]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.111.206.154 user=root 2019-10-25T03:44:59.856266homeassistant sshd[9080]: Failed password for root from 179.111.206.154 port 63499 ssh2 ...	2019-10-25 20:05:58
5.196.75.47	attackbotsspam	Invalid user dave from 5.196.75.47 port 55810	2019-10-25 19:50:32
92.222.81.62	attack	Oct 24 12:28:13 wildwolf ssh-honeypotd[26164]: Failed password for r.r from 92.222.81.62 port 43120 ssh2 (target: 158.69.100.132:22, password: r.r) Oct 24 12:28:13 wildwolf ssh-honeypotd[26164]: Failed password for r.r from 92.222.81.62 port 57566 ssh2 (target: 158.69.100.136:22, password: r.r) Oct 24 12:28:13 wildwolf ssh-honeypotd[26164]: Failed password for r.r from 92.222.81.62 port 42998 ssh2 (target: 158.69.100.135:22, password: r.r) Oct 24 12:28:13 wildwolf ssh-honeypotd[26164]: Failed password for r.r from 92.222.81.62 port 37890 ssh2 (target: 158.69.100.137:22, password: r.r) Oct 24 12:28:13 wildwolf ssh-honeypotd[26164]: Failed password for r.r from 92.222.81.62 port 59488 ssh2 (target: 158.69.100.133:22, password: r.r) Oct 24 12:28:13 wildwolf ssh-honeypotd[26164]: Failed password for r.r from 92.222.81.62 port 34876 ssh2 (target: 158.69.100.134:22, password: r.r) Oct 24 12:28:13 wildwolf ssh-honeypotd[26164]: Failed password for r.r from 92.222.81.62 port 458........ ------------------------------	2019-10-25 20:07:38
106.12.183.6	attackspam	Oct 24 18:31:37 hpm sshd\[30033\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.183.6 user=root Oct 24 18:31:39 hpm sshd\[30033\]: Failed password for root from 106.12.183.6 port 45114 ssh2 Oct 24 18:36:39 hpm sshd\[30461\]: Invalid user temp from 106.12.183.6 Oct 24 18:36:39 hpm sshd\[30461\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.183.6 Oct 24 18:36:41 hpm sshd\[30461\]: Failed password for invalid user temp from 106.12.183.6 port 51060 ssh2	2019-10-25 20:06:30
198.108.66.127	attackspam	3389BruteforceFW23	2019-10-25 19:58:04
93.174.93.5	attackspam	Oct 23 17:32:27 nirvana postfix/smtpd[15274]: warning: hostname no-reveeclipse-dns-configured.com does not resolve to address 93.174.93.5 Oct 23 17:32:27 nirvana postfix/smtpd[15274]: connect from unknown[93.174.93.5] Oct 23 17:32:27 nirvana postfix/smtpd[15274]: warning: unknown[93.174.93.5]: SASL LOGIN authentication failed: authentication failure Oct 23 17:32:27 nirvana postfix/smtpd[15274]: disconnect from unknown[93.174.93.5] Oct 23 17:33:22 nirvana postfix/smtpd[15274]: warning: hostname no-reveeclipse-dns-configured.com does not resolve to address 93.174.93.5 Oct 23 17:33:22 nirvana postfix/smtpd[15274]: connect from unknown[93.174.93.5] Oct 23 17:33:22 nirvana postfix/smtpd[15274]: warning: unknown[93.174.93.5]: SASL LOGIN authentication failed: authentication failure Oct 23 17:33:22 nirvana postfix/smtpd[15274]: disconnect from unknown[93.174.93.5] Oct 23 17:40:27 nirvana postfix/smtpd[15903]: warning: hostname no-reveeclipse-dns-configured.com does not resolve........ -------------------------------	2019-10-25 19:39:15
51.75.202.120	attack	Oct 25 07:36:10 xeon sshd[42770]: Failed password for invalid user wk from 51.75.202.120 port 39052 ssh2	2019-10-25 19:51:06
128.199.107.252	attack	Oct 25 12:49:32 OPSO sshd\[30687\]: Invalid user Apple1 from 128.199.107.252 port 54792 Oct 25 12:49:32 OPSO sshd\[30687\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.107.252 Oct 25 12:49:34 OPSO sshd\[30687\]: Failed password for invalid user Apple1 from 128.199.107.252 port 54792 ssh2 Oct 25 12:54:40 OPSO sshd\[31483\]: Invalid user !QAZ2wsx3edc from 128.199.107.252 port 44362 Oct 25 12:54:40 OPSO sshd\[31483\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.107.252	2019-10-25 19:47:47
117.54.141.122	attack	Automatic report - Banned IP Access	2019-10-25 19:55:42
165.227.94.166	attackbotsspam	Automatic report - Banned IP Access	2019-10-25 19:57:42
218.205.57.2	attackspam	Automatic report - Port Scan	2019-10-25 20:03:46
111.10.43.210	attackbotsspam	port scan and connect, tcp 80 (http)	2019-10-25 19:54:31
51.91.36.28	attackspambots	Invalid user abbi from 51.91.36.28 port 35380	2019-10-25 20:02:01
198.211.117.194	attackspam	198.211.117.194 - - [25/Oct/2019:16:11:56 +0400] "POST /GponForm/diag_Form?style/ HTTP/1.1" 502 157 "-" "curl/7.3.2" ...	2019-10-25 20:14:37

最近上报的IP列表

3.221.182.104	174.230.51.1	223.148.156.19	173.17.61.194
133.68.204.188	39.192.179.166	79.143.200.152	116.23.94.110
190.180.53.99	74.64.19.226	43.225.157.129	165.73.110.170
92.239.41.141	189.80.37.70	196.121.7.191	84.121.53.22
6.83.223.165	95.118.7.106	72.109.51.125	156.53.44.88