139.155.42.212

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Aug 25 23:36:58 buvik sshd[16329]: Invalid user maven from 139.155.42.212 Aug 25 23:36:58 buvik sshd[16329]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.42.212 Aug 25 23:37:00 buvik sshd[16329]: Failed password for invalid user maven from 139.155.42.212 port 40970 ssh2 ...	2020-08-26 07:40:32
attackspambots	leo_www	2020-08-16 20:36:08
attackbots	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-08-11T04:54:11Z and 2020-08-11T05:06:10Z	2020-08-11 19:22:51
attackspam	Lines containing failures of 139.155.42.212 Aug 3 06:01:53 shared05 sshd[19650]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.42.212 user=r.r Aug 3 06:01:55 shared05 sshd[19650]: Failed password for r.r from 139.155.42.212 port 54814 ssh2 Aug 3 06:01:56 shared05 sshd[19650]: Received disconnect from 139.155.42.212 port 54814:11: Bye Bye [preauth] Aug 3 06:01:56 shared05 sshd[19650]: Disconnected from authenticating user r.r 139.155.42.212 port 54814 [preauth] Aug 3 06:16:35 shared05 sshd[24946]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.42.212 user=r.r Aug 3 06:16:37 shared05 sshd[24946]: Failed password for r.r from 139.155.42.212 port 57072 ssh2 Aug 3 06:16:41 shared05 sshd[24946]: Received disconnect from 139.155.42.212 port 57072:11: Bye Bye [preauth] Aug 3 06:16:41 shared05 sshd[24946]: Disconnected from authenticating user r.r 139.155.42.212 port 57072........ ------------------------------	2020-08-08 23:11:27
attackbotsspam	Lines containing failures of 139.155.42.212 Aug 3 06:01:53 shared05 sshd[19650]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.42.212 user=r.r Aug 3 06:01:55 shared05 sshd[19650]: Failed password for r.r from 139.155.42.212 port 54814 ssh2 Aug 3 06:01:56 shared05 sshd[19650]: Received disconnect from 139.155.42.212 port 54814:11: Bye Bye [preauth] Aug 3 06:01:56 shared05 sshd[19650]: Disconnected from authenticating user r.r 139.155.42.212 port 54814 [preauth] Aug 3 06:16:35 shared05 sshd[24946]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.42.212 user=r.r Aug 3 06:16:37 shared05 sshd[24946]: Failed password for r.r from 139.155.42.212 port 57072 ssh2 Aug 3 06:16:41 shared05 sshd[24946]: Received disconnect from 139.155.42.212 port 57072:11: Bye Bye [preauth] Aug 3 06:16:41 shared05 sshd[24946]: Disconnected from authenticating user r.r 139.155.42.212 port 57072........ ------------------------------	2020-08-08 07:03:15

相同子网IP讨论:

IP	类型	评论内容	时间
139.155.42.189	attack	Brute-force attempt banned	2020-10-10 01:20:42
139.155.42.189	attackspam	Invalid user team from 139.155.42.189 port 29371	2020-09-28 01:07:00
139.155.42.189	attackspambots	SSH Brute-Forcing (server1)	2020-09-27 17:10:11
139.155.42.189	attack	Coordinated SSH brute-force attack from different IPs. pam_unix(sshd:auth):	2020-09-25 04:37:02

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.155.42.212
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 61115
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.155.42.212.			IN	A

;; AUTHORITY SECTION:
.			502	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020080701 1800 900 604800 86400

;; Query time: 73 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Aug 08 07:03:12 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 212.42.155.139.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 212.42.155.139.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
111.229.128.116	attackbotsspam	Jun 7 00:11:31 vmi345603 sshd[7066]: Failed password for root from 111.229.128.116 port 47374 ssh2 ...	2020-06-07 07:21:18
175.98.112.29	attack	...	2020-06-07 07:20:19
181.41.87.197	attack	Automatic report - Port Scan Attack	2020-06-07 07:13:54
106.75.214.72	attackspam	2020-06-06T22:31:40+0000 Failed SSH Authentication/Brute Force Attack. (Server 6)	2020-06-07 07:04:53
37.187.16.30	attackbotsspam	Jun 7 00:24:24 vps647732 sshd[8389]: Failed password for root from 37.187.16.30 port 47614 ssh2 ...	2020-06-07 07:11:15
3.18.50.165	attackspambots	Jun 5 11:08:34 fwservlet sshd[17975]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=3.18.50.165 user=r.r Jun 5 11:08:36 fwservlet sshd[17975]: Failed password for r.r from 3.18.50.165 port 63482 ssh2 Jun 5 11:08:36 fwservlet sshd[17975]: Received disconnect from 3.18.50.165 port 63482:11: Bye Bye [preauth] Jun 5 11:08:36 fwservlet sshd[17975]: Disconnected from 3.18.50.165 port 63482 [preauth] Jun 5 11:13:15 fwservlet sshd[18090]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=3.18.50.165 user=r.r Jun 5 11:13:17 fwservlet sshd[18090]: Failed password for r.r from 3.18.50.165 port 62460 ssh2 Jun 5 11:13:17 fwservlet sshd[18090]: Received disconnect from 3.18.50.165 port 62460:11: Bye Bye [preauth] Jun 5 11:13:17 fwservlet sshd[18090]: Disconnected from 3.18.50.165 port 62460 [preauth] Jun 5 11:16:48 fwservlet sshd[18133]: pam_unix(sshd:auth): authentication failure; logname= uid........ -------------------------------	2020-06-07 07:16:11
103.105.128.194	attack	Jun 7 00:21:48 vps sshd[397815]: Failed password for root from 103.105.128.194 port 62059 ssh2 Jun 7 00:23:08 vps sshd[402656]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.105.128.194 user=root Jun 7 00:23:10 vps sshd[402656]: Failed password for root from 103.105.128.194 port 23722 ssh2 Jun 7 00:24:33 vps sshd[407748]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.105.128.194 user=root Jun 7 00:24:35 vps sshd[407748]: Failed password for root from 103.105.128.194 port 34535 ssh2 ...	2020-06-07 07:19:01
164.132.41.67	attackbotsspam	Jun 6 23:44:41 vpn01 sshd[28248]: Failed password for root from 164.132.41.67 port 42819 ssh2 ...	2020-06-07 07:32:42
118.70.175.209	attackspam	Jun 6 22:14:43 h2646465 sshd[16077]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.70.175.209 user=root Jun 6 22:14:45 h2646465 sshd[16077]: Failed password for root from 118.70.175.209 port 46622 ssh2 Jun 6 22:33:41 h2646465 sshd[17103]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.70.175.209 user=root Jun 6 22:33:42 h2646465 sshd[17103]: Failed password for root from 118.70.175.209 port 34902 ssh2 Jun 6 22:36:07 h2646465 sshd[17299]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.70.175.209 user=root Jun 6 22:36:09 h2646465 sshd[17299]: Failed password for root from 118.70.175.209 port 42054 ssh2 Jun 6 22:40:58 h2646465 sshd[17653]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.70.175.209 user=root Jun 6 22:40:59 h2646465 sshd[17653]: Failed password for root from 118.70.175.209 port 56354 ssh2 Jun 6 22:43:32 h264	2020-06-07 07:25:05
140.143.199.169	attackbotsspam	Jun 7 00:33:22 prox sshd[9245]: Failed password for root from 140.143.199.169 port 59264 ssh2	2020-06-07 07:38:35
182.61.39.49	attackspambots	2020-06-06T22:43:27+0200 Failed SSH Authentication/Brute Force Attack. (Server 5)	2020-06-07 07:30:38
106.13.215.17	attackbotsspam	Jun 6 23:45:44 santamaria sshd\[27733\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.215.17 user=root Jun 6 23:45:47 santamaria sshd\[27733\]: Failed password for root from 106.13.215.17 port 46810 ssh2 Jun 6 23:48:52 santamaria sshd\[27812\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.215.17 user=root ...	2020-06-07 07:10:51
192.144.230.158	attack	Jun 6 22:50:08 marvibiene sshd[14069]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.144.230.158 user=root Jun 6 22:50:10 marvibiene sshd[14069]: Failed password for root from 192.144.230.158 port 35820 ssh2 Jun 6 22:58:47 marvibiene sshd[14122]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.144.230.158 user=root Jun 6 22:58:49 marvibiene sshd[14122]: Failed password for root from 192.144.230.158 port 36536 ssh2 ...	2020-06-07 07:30:21
107.150.58.99	attackbotsspam	michaelklotzbier.de 107.150.58.99 [06/Jun/2020:22:43:18 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4272 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36" MICHAELKLOTZBIER.DE 107.150.58.99 [06/Jun/2020:22:43:18 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4272 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36"	2020-06-07 07:36:23
112.85.42.195	attackspam	Jun 6 23:33:05 game-panel sshd[9774]: Failed password for root from 112.85.42.195 port 33192 ssh2 Jun 6 23:33:07 game-panel sshd[9774]: Failed password for root from 112.85.42.195 port 33192 ssh2 Jun 6 23:33:09 game-panel sshd[9774]: Failed password for root from 112.85.42.195 port 33192 ssh2	2020-06-07 07:40:08

最近上报的IP列表

33.121.239.177	84.135.110.41	20.6.83.118	23.100.108.30
1.34.82.86	149.56.70.9	195.157.202.171	12.181.105.49
112.205.89.138	72.59.185.32	154.89.178.243	107.92.250.2
198.191.235.77	195.72.193.209	35.154.34.204	182.10.64.206
79.19.86.122	129.81.155.102	151.61.91.94	79.7.83.63