139.155.39.5 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Jan 31 09:38:32 vps691689 sshd[6398]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.39.5 Jan 31 09:38:35 vps691689 sshd[6398]: Failed password for invalid user mitra from 139.155.39.5 port 37226 ssh2 ...	2020-01-31 22:35:52
attackspam	Unauthorized connection attempt detected from IP address 139.155.39.5 to port 2220 [J]	2020-01-28 00:09:36

类型

评论内容

时间

attackbotsspam

Jan 31 09:38:32 vps691689 sshd[6398]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.39.5
Jan 31 09:38:35 vps691689 sshd[6398]: Failed password for invalid user mitra from 139.155.39.5 port 37226 ssh2
...

2020-01-31 22:35:52

attackspam

Unauthorized connection attempt detected from IP address 139.155.39.5 to port 2220 [J]

2020-01-28 00:09:36

相同子网IP讨论:

IP	类型	评论内容	时间
139.155.39.22	attack	Brute%20Force%20SSH	2020-10-02 04:23:21
139.155.39.22	attackbotsspam	SSH login attempts.	2020-10-01 20:37:49
139.155.39.22	attackbots	2020-10-01 02:45:36,042 fail2ban.actions: WARNING [ssh] Ban 139.155.39.22	2020-10-01 12:49:09
139.155.39.22	attackspam	Aug 26 00:56:17 melroy-server sshd[9468]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.39.22 Aug 26 00:56:19 melroy-server sshd[9468]: Failed password for invalid user bhaskar from 139.155.39.22 port 49026 ssh2 ...	2020-08-26 07:49:16
139.155.39.62	attackbotsspam	Aug 9 05:01:28 scw-6657dc sshd[23415]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.39.62 user=root Aug 9 05:01:28 scw-6657dc sshd[23415]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.39.62 user=root Aug 9 05:01:30 scw-6657dc sshd[23415]: Failed password for root from 139.155.39.62 port 38330 ssh2 ...	2020-08-09 13:30:51
139.155.39.22	attack	Aug 8 20:21:05 localhost sshd[104329]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.39.22 user=root Aug 8 20:21:07 localhost sshd[104329]: Failed password for root from 139.155.39.22 port 52804 ssh2 Aug 8 20:25:12 localhost sshd[104832]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.39.22 user=root Aug 8 20:25:14 localhost sshd[104832]: Failed password for root from 139.155.39.22 port 57400 ssh2 Aug 8 20:29:14 localhost sshd[105254]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.39.22 user=root Aug 8 20:29:16 localhost sshd[105254]: Failed password for root from 139.155.39.22 port 33764 ssh2 ...	2020-08-09 04:40:33
139.155.39.62	attack	Jul 29 07:25:05 host sshd[16207]: Invalid user zcx from 139.155.39.62 port 50696 ...	2020-07-29 14:40:02
139.155.39.22	attackspambots	Jul 28 06:04:54 ny01 sshd[3049]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.39.22 Jul 28 06:04:56 ny01 sshd[3049]: Failed password for invalid user seongmin from 139.155.39.22 port 58734 ssh2 Jul 28 06:09:11 ny01 sshd[3489]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.39.22	2020-07-28 18:18:17
139.155.39.62	attack	2020-07-25T06:58:02.214638vps751288.ovh.net sshd\[16395\]: Invalid user aly from 139.155.39.62 port 44860 2020-07-25T06:58:02.223236vps751288.ovh.net sshd\[16395\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.39.62 2020-07-25T06:58:04.416714vps751288.ovh.net sshd\[16395\]: Failed password for invalid user aly from 139.155.39.62 port 44860 ssh2 2020-07-25T07:02:24.237434vps751288.ovh.net sshd\[16425\]: Invalid user harish from 139.155.39.62 port 40462 2020-07-25T07:02:24.246172vps751288.ovh.net sshd\[16425\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.39.62	2020-07-25 13:42:50
139.155.39.111	attackbots	2020-07-17T20:28:36.590124shield sshd\[8022\]: Invalid user cloud from 139.155.39.111 port 44468 2020-07-17T20:28:36.600382shield sshd\[8022\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.39.111 2020-07-17T20:28:38.776266shield sshd\[8022\]: Failed password for invalid user cloud from 139.155.39.111 port 44468 ssh2 2020-07-17T20:34:10.044398shield sshd\[8563\]: Invalid user ftpweb from 139.155.39.111 port 57772 2020-07-17T20:34:10.060377shield sshd\[8563\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.39.111	2020-07-18 04:42:47
139.155.39.22	attackbots	Automatic report BANNED IP	2020-07-13 03:44:55
139.155.39.22	attack	(sshd) Failed SSH login from 139.155.39.22 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jul 11 05:39:23 amsweb01 sshd[19777]: Invalid user kirk from 139.155.39.22 port 36300 Jul 11 05:39:25 amsweb01 sshd[19777]: Failed password for invalid user kirk from 139.155.39.22 port 36300 ssh2 Jul 11 05:55:02 amsweb01 sshd[21996]: Invalid user openvpn from 139.155.39.22 port 47636 Jul 11 05:55:04 amsweb01 sshd[21996]: Failed password for invalid user openvpn from 139.155.39.22 port 47636 ssh2 Jul 11 05:57:32 amsweb01 sshd[22418]: Invalid user git from 139.155.39.22 port 45644	2020-07-11 12:23:44
139.155.39.111	attackbotsspam	2020-07-11T02:05:28.877988vps751288.ovh.net sshd\[24311\]: Invalid user wang from 139.155.39.111 port 36632 2020-07-11T02:05:28.889866vps751288.ovh.net sshd\[24311\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.39.111 2020-07-11T02:05:30.546082vps751288.ovh.net sshd\[24311\]: Failed password for invalid user wang from 139.155.39.111 port 36632 ssh2 2020-07-11T02:08:08.783383vps751288.ovh.net sshd\[24313\]: Invalid user heming from 139.155.39.111 port 48030 2020-07-11T02:08:08.790299vps751288.ovh.net sshd\[24313\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.39.111	2020-07-11 08:23:16
139.155.39.62	attackbotsspam	2020-07-10T03:44:44.184934abusebot-6.cloudsearch.cf sshd[24444]: Invalid user chenoa from 139.155.39.62 port 34158 2020-07-10T03:44:44.190897abusebot-6.cloudsearch.cf sshd[24444]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.39.62 2020-07-10T03:44:44.184934abusebot-6.cloudsearch.cf sshd[24444]: Invalid user chenoa from 139.155.39.62 port 34158 2020-07-10T03:44:46.388046abusebot-6.cloudsearch.cf sshd[24444]: Failed password for invalid user chenoa from 139.155.39.62 port 34158 ssh2 2020-07-10T03:54:37.919476abusebot-6.cloudsearch.cf sshd[24523]: Invalid user ismail from 139.155.39.62 port 35428 2020-07-10T03:54:37.925814abusebot-6.cloudsearch.cf sshd[24523]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.39.62 2020-07-10T03:54:37.919476abusebot-6.cloudsearch.cf sshd[24523]: Invalid user ismail from 139.155.39.62 port 35428 2020-07-10T03:54:40.198129abusebot-6.cloudsearch.cf sshd[24523]: F ...	2020-07-10 14:43:30
139.155.39.22	attack	Jun 27 00:53:39 firewall sshd[30023]: Failed password for invalid user ngs from 139.155.39.22 port 59384 ssh2 Jun 27 00:56:30 firewall sshd[30187]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.39.22 user=root Jun 27 00:56:33 firewall sshd[30187]: Failed password for root from 139.155.39.22 port 33126 ssh2 ...	2020-06-27 12:21:37

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.155.39.5
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 17754
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.155.39.5.			IN	A

;; AUTHORITY SECTION:
.			586	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020012700 1800 900 604800 86400

;; Query time: 117 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Jan 28 00:09:32 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 5.39.155.139.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 5.39.155.139.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
68.183.19.26	attackspambots	Invalid user roosevelt1 from 68.183.19.26 port 50360	2020-04-12 03:36:10
106.52.51.73	attackspambots	5x Failed Password	2020-04-12 03:22:50
219.233.49.241	attack	DATE:2020-04-11 14:13:26, IP:219.233.49.241, PORT:1433 MSSQL brute force auth on honeypot server (epe-honey1-hq)	2020-04-12 03:23:53
222.186.31.204	attack	Apr 11 21:20:22 plex sshd[16834]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.31.204 user=root Apr 11 21:20:24 plex sshd[16834]: Failed password for root from 222.186.31.204 port 32505 ssh2	2020-04-12 03:37:38
179.100.110.224	attackspambots	$f2bV_matches	2020-04-12 03:04:47
219.233.49.228	attack	DATE:2020-04-11 14:13:14, IP:219.233.49.228, PORT:1433 MSSQL brute force auth on honeypot server (epe-honey1-hq)	2020-04-12 03:34:14
41.231.54.59	attack	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-04-12 03:33:50
148.235.82.68	attackbotsspam	Invalid user postgres from 148.235.82.68 port 47162	2020-04-12 03:34:43
1.47.97.73	attackspam	1586607199 - 04/11/2020 14:13:19 Host: 1.47.97.73/1.47.97.73 Port: 445 TCP Blocked	2020-04-12 03:30:46
178.186.121.182	attack	Apr 11 14:13:31 icecube postfix/smtpd[35156]: NOQUEUE: reject: RCPT from unknown[178.186.121.182]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=ESMTP helo=	2020-04-12 03:20:28
189.182.97.133	attackbots	Telnet/23 MH Probe, Scan, BF, Hack -	2020-04-12 03:08:51
95.87.249.6	attackspambots	slow and persistent scanner	2020-04-12 03:28:54
218.92.0.191	attack	Apr 11 20:57:44 dcd-gentoo sshd[26661]: User root from 218.92.0.191 not allowed because none of user's groups are listed in AllowGroups Apr 11 20:57:46 dcd-gentoo sshd[26661]: error: PAM: Authentication failure for illegal user root from 218.92.0.191 Apr 11 20:57:44 dcd-gentoo sshd[26661]: User root from 218.92.0.191 not allowed because none of user's groups are listed in AllowGroups Apr 11 20:57:46 dcd-gentoo sshd[26661]: error: PAM: Authentication failure for illegal user root from 218.92.0.191 Apr 11 20:57:44 dcd-gentoo sshd[26661]: User root from 218.92.0.191 not allowed because none of user's groups are listed in AllowGroups Apr 11 20:57:46 dcd-gentoo sshd[26661]: error: PAM: Authentication failure for illegal user root from 218.92.0.191 Apr 11 20:57:46 dcd-gentoo sshd[26661]: Failed keyboard-interactive/pam for invalid user root from 218.92.0.191 port 63416 ssh2 ...	2020-04-12 03:03:58
77.88.239.155	attackspambots	Apr 11 19:44:27 haigwepa sshd[21856]: Failed password for root from 77.88.239.155 port 60294 ssh2 Apr 11 19:48:09 haigwepa sshd[22052]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=77.88.239.155 ...	2020-04-12 03:31:13
139.162.106.181	attackspambots	port scan and connect, tcp 80 (http)	2020-04-12 03:37:07

最近上报的IP列表

173.186.165.134	251.199.159.220	251.60.72.59	6.25.224.239
177.16.145.173	147.90.246.22	132.241.45.91	53.127.1.29
50.113.69.47	161.129.66.236	175.132.90.248	159.114.117.121
15.4.226.126	254.184.129.224	65.179.88.143	198.23.197.57
244.102.113.129	49.235.175.160	93.179.102.75	45.143.223.81