城市(city): unknown
省份(region): unknown
国家(country): China
运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): Data Center/Web Hosting/Transit
| 类型 | 评论内容 | 时间 |
|---|---|---|
| attack | Mar 17 06:37:35 l03 sshd[32251]: Invalid user xhchen from 139.155.50.40 port 37016 ... |
2020-03-17 15:59:53 |
| attackbots | Invalid user trung from 139.155.50.40 port 40006 |
2020-03-12 08:04:57 |
| attack | Feb 21 05:57:30 localhost sshd\[19932\]: Invalid user daniel from 139.155.50.40 Feb 21 05:57:30 localhost sshd\[19932\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.50.40 Feb 21 05:57:32 localhost sshd\[19932\]: Failed password for invalid user daniel from 139.155.50.40 port 47252 ssh2 Feb 21 05:59:32 localhost sshd\[19963\]: Invalid user git from 139.155.50.40 Feb 21 05:59:32 localhost sshd\[19963\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.50.40 ... |
2020-02-21 13:09:07 |
| attackspam | Feb 3 08:33:28 silence02 sshd[2745]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.50.40 Feb 3 08:33:30 silence02 sshd[2745]: Failed password for invalid user 12qwaszx from 139.155.50.40 port 54248 ssh2 Feb 3 08:36:18 silence02 sshd[2918]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.50.40 |
2020-02-03 15:46:44 |
| attack | Unauthorized connection attempt detected from IP address 139.155.50.40 to port 2220 [J] |
2020-02-02 19:29:29 |
| attack | Jan 1 07:29:46 MK-Soft-VM7 sshd[10618]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.50.40 Jan 1 07:29:48 MK-Soft-VM7 sshd[10618]: Failed password for invalid user vcsa from 139.155.50.40 port 55266 ssh2 ... |
2020-01-01 14:51:31 |
| attackspam | Dec 25 17:12:31 163-172-32-151 sshd[6051]: Invalid user up from 139.155.50.40 port 49408 ... |
2019-12-26 00:30:22 |
| attack | Dec 12 14:57:25 lnxmysql61 sshd[437]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.50.40 |
2019-12-12 21:58:18 |
| attackspam | Lines containing failures of 139.155.50.40 Dec 2 19:52:12 shared10 sshd[19989]: Invalid user larine from 139.155.50.40 port 43908 Dec 2 19:52:12 shared10 sshd[19989]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.50.40 Dec 2 19:52:14 shared10 sshd[19989]: Failed password for invalid user larine from 139.155.50.40 port 43908 ssh2 Dec 2 19:52:14 shared10 sshd[19989]: Received disconnect from 139.155.50.40 port 43908:11: Bye Bye [preauth] Dec 2 19:52:14 shared10 sshd[19989]: Disconnected from invalid user larine 139.155.50.40 port 43908 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=139.155.50.40 |
2019-12-05 03:39:57 |
| attack | Dec 4 12:19:06 herz-der-gamer sshd[16666]: Invalid user loan from 139.155.50.40 port 55398 Dec 4 12:19:06 herz-der-gamer sshd[16666]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.50.40 Dec 4 12:19:06 herz-der-gamer sshd[16666]: Invalid user loan from 139.155.50.40 port 55398 Dec 4 12:19:08 herz-der-gamer sshd[16666]: Failed password for invalid user loan from 139.155.50.40 port 55398 ssh2 ... |
2019-12-04 21:29:48 |
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.155.50.40
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 13928
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.155.50.40. IN A
;; AUTHORITY SECTION:
. 446 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2019120401 1800 900 604800 86400
;; Query time: 110 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Dec 04 21:29:42 CST 2019
;; MSG SIZE rcvd: 117
Host 40.50.155.139.in-addr.arpa. not found: 3(NXDOMAIN)
** server can't find 40.50.155.139.in-addr.arpa: NXDOMAIN
| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 80.91.176.139 | attack | Invalid user temp from 80.91.176.139 port 50352 |
2019-09-25 07:00:20 |
| 35.187.121.255 | attackspambots | 5902/tcp [2019-09-24]1pkt |
2019-09-25 06:58:21 |
| 61.223.50.196 | attack | Port Scan: TCP/23 |
2019-09-25 07:21:39 |
| 176.36.33.113 | attack | [portscan] Port scan |
2019-09-25 06:44:47 |
| 119.27.175.48 | attackbots | Sep 24 23:13:55 xeon sshd[25670]: Failed password for invalid user redis from 119.27.175.48 port 32260 ssh2 |
2019-09-25 06:52:33 |
| 222.186.173.238 | attackspam | $f2bV_matches |
2019-09-25 07:00:52 |
| 35.196.210.169 | attack | Wordpress attack |
2019-09-25 06:48:10 |
| 104.248.68.88 | attackspam | miraniessen.de 104.248.68.88 \[24/Sep/2019:23:15:48 +0200\] "POST /wp-login.php HTTP/1.1" 200 5972 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" miraniessen.de 104.248.68.88 \[24/Sep/2019:23:15:50 +0200\] "POST /wp-login.php HTTP/1.1" 200 5976 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" |
2019-09-25 07:02:40 |
| 34.69.26.252 | attack | [TueSep2423:15:42.1600202019][:error][pid28361:tid46955281540864][client34.69.26.252:58866][client34.69.26.252]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch"python-requests/"atREQUEST_HEADERS:User-Agent.[file"/usr/local/apache.ea3/conf/modsec_rules/20_asl_useragents.conf"][line"211"][id"332039"][rev"4"][msg"Atomicorp.comWAFRules:SuspiciousUnusualUserAgent\(python-requests\).Disablethisruleifyouusepython-requests/."][severity"CRITICAL"][hostname"panfm.ch"][uri"/robots.txt"][unique_id"XYqHfnmIGgl4hX@gT7bLEQAAAM0"][TueSep2423:15:42.6518342019][:error][pid21277:tid46955302553344][client34.69.26.252:45126][client34.69.26.252]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch"python-requests/"atREQUEST_HEADERS:User-Agent.[file"/usr/local/apache.ea3/conf/modsec_rules/20_asl_useragents.conf"][line"211"][id"332039"][rev"4"][msg"Atomicorp.comWAFRules:SuspiciousUnusualUserAgent\(python-requests\).Disablethisruleifyouusepython-requests/."][severity"CRITICAL"][hostnam |
2019-09-25 07:10:12 |
| 86.30.243.212 | attackspambots | Sep 25 00:06:23 MK-Soft-Root1 sshd[13467]: Failed password for root from 86.30.243.212 port 50486 ssh2 Sep 25 00:10:17 MK-Soft-Root1 sshd[14186]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=86.30.243.212 ... |
2019-09-25 07:04:09 |
| 190.98.228.54 | attack | Sep 24 11:42:30 tdfoods sshd\[23544\]: Invalid user bhadrang from 190.98.228.54 Sep 24 11:42:30 tdfoods sshd\[23544\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.98.228.54 Sep 24 11:42:32 tdfoods sshd\[23544\]: Failed password for invalid user bhadrang from 190.98.228.54 port 44424 ssh2 Sep 24 11:48:00 tdfoods sshd\[23990\]: Invalid user wipro from 190.98.228.54 Sep 24 11:48:00 tdfoods sshd\[23990\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.98.228.54 |
2019-09-25 06:53:50 |
| 222.186.175.169 | attackspam | Sep 25 01:18:18 SilenceServices sshd[28333]: Failed password for root from 222.186.175.169 port 40202 ssh2 Sep 25 01:18:34 SilenceServices sshd[28333]: error: maximum authentication attempts exceeded for root from 222.186.175.169 port 40202 ssh2 [preauth] Sep 25 01:18:45 SilenceServices sshd[28621]: Failed password for root from 222.186.175.169 port 5272 ssh2 |
2019-09-25 07:22:54 |
| 166.62.127.65 | attack | Port Scan: TCP/445 |
2019-09-25 07:15:49 |
| 162.241.193.116 | attackbots | Sep 25 00:16:02 tux-35-217 sshd\[16861\]: Invalid user admin from 162.241.193.116 port 41286 Sep 25 00:16:02 tux-35-217 sshd\[16861\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.241.193.116 Sep 25 00:16:04 tux-35-217 sshd\[16861\]: Failed password for invalid user admin from 162.241.193.116 port 41286 ssh2 Sep 25 00:19:47 tux-35-217 sshd\[16895\]: Invalid user zimbra from 162.241.193.116 port 54150 Sep 25 00:19:47 tux-35-217 sshd\[16895\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.241.193.116 ... |
2019-09-25 07:08:14 |
| 94.250.252.160 | attack | SSH Brute-Force reported by Fail2Ban |
2019-09-25 06:45:08 |