139.155.80.151

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	ssh brute force	2020-04-04 15:25:49

相同子网IP讨论:

IP	类型	评论内容	时间
139.155.80.158	attack	Unauthorized connection attempt detected from IP address 139.155.80.158 to port 3389 [T]	2020-01-07 03:32:34
139.155.80.158	attack	Unauthorized connection attempt detected from IP address 139.155.80.158 to port 3389 [T]	2020-01-06 05:08:58
139.155.80.158	attack	Unauthorized connection attempt detected from IP address 139.155.80.158 to port 3389	2020-01-04 07:58:53
139.155.80.158	attackbotsspam	Unauthorized connection attempt detected from IP address 139.155.80.158 to port 3389	2020-01-02 21:54:36
139.155.80.158	attackbotsspam	Unauthorized connection attempt detected from IP address 139.155.80.158 to port 3389	2020-01-01 19:53:39
139.155.80.158	attack	Unauthorized connection attempt detected from IP address 139.155.80.158 to port 3389	2020-01-01 01:56:52

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.155.80.151
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 55576
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.155.80.151.			IN	A

;; AUTHORITY SECTION:
.			303	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020040400 1800 900 604800 86400

;; Query time: 107 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Apr 04 15:25:40 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 151.80.155.139.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 151.80.155.139.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
120.136.167.74	attack	2019-09-03T01:41:52.406215abusebot-5.cloudsearch.cf sshd\[28585\]: Invalid user tmp from 120.136.167.74 port 33297	2019-09-03 09:44:03
178.62.76.138	attackbotsspam	[munged]::443 178.62.76.138 - - [03/Sep/2019:01:07:10 +0200] "POST /[munged]: HTTP/1.1" 200 6318 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 178.62.76.138 - - [03/Sep/2019:01:07:11 +0200] "POST /[munged]: HTTP/1.1" 200 6290 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 178.62.76.138 - - [03/Sep/2019:01:07:11 +0200] "POST /[munged]: HTTP/1.1" 200 6290 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 178.62.76.138 - - [03/Sep/2019:01:07:12 +0200] "POST /[munged]: HTTP/1.1" 200 6288 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 178.62.76.138 - - [03/Sep/2019:01:07:12 +0200] "POST /[munged]: HTTP/1.1" 200 6288 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 178.62.76.138 - - [03/Sep/2019:01:07:12 +0200] "POST /[munged]: HTTP/1.1" 200 6287 "-" "Mozilla/5.0 (X11; Ubun	2019-09-03 09:11:32
218.92.0.146	attack	Sep 3 02:51:05 lnxded63 sshd[13277]: Failed password for root from 218.92.0.146 port 25828 ssh2 Sep 3 02:51:08 lnxded63 sshd[13277]: Failed password for root from 218.92.0.146 port 25828 ssh2 Sep 3 02:51:11 lnxded63 sshd[13277]: Failed password for root from 218.92.0.146 port 25828 ssh2 Sep 3 02:51:14 lnxded63 sshd[13277]: Failed password for root from 218.92.0.146 port 25828 ssh2	2019-09-03 09:08:13
91.121.157.83	attack	Sep 3 03:54:54 server sshd\[912\]: Invalid user light from 91.121.157.83 port 55356 Sep 3 03:54:54 server sshd\[912\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.121.157.83 Sep 3 03:54:56 server sshd\[912\]: Failed password for invalid user light from 91.121.157.83 port 55356 ssh2 Sep 3 03:58:40 server sshd\[6896\]: User root from 91.121.157.83 not allowed because listed in DenyUsers Sep 3 03:58:40 server sshd\[6896\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.121.157.83 user=root	2019-09-03 09:07:52
36.103.242.14	attackspambots	Sep 3 03:28:46 SilenceServices sshd[29054]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.103.242.14 Sep 3 03:28:48 SilenceServices sshd[29054]: Failed password for invalid user invitado from 36.103.242.14 port 52310 ssh2 Sep 3 03:31:01 SilenceServices sshd[30744]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.103.242.14	2019-09-03 09:41:47
92.118.37.82	attackbotsspam	Sep 3 00:50:50 mail kernel: [2553464.728913] [UFW BLOCK] IN=eth0 OUT= MAC=fa:16:3e:d3:64:42:4c:5e:0c:c9:30:5f:08:00 SRC=92.118.37.82 DST=185.101.93.72 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=34405 PROTO=TCP SPT=55326 DPT=24803 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 3 00:51:53 mail kernel: [2553527.533648] [UFW BLOCK] IN=eth0 OUT= MAC=fa:16:3e:d3:64:42:4c:5e:0c:c9:30:5f:08:00 SRC=92.118.37.82 DST=185.101.93.72 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=52052 PROTO=TCP SPT=55326 DPT=27653 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 3 00:55:29 mail kernel: [2553743.751960] [UFW BLOCK] IN=eth0 OUT= MAC=fa:16:3e:d3:64:42:4c:5e:0c:c9:30:5f:08:00 SRC=92.118.37.82 DST=185.101.93.72 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=59589 PROTO=TCP SPT=55326 DPT=20467 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 3 00:59:24 mail kernel: [2553979.221235] [UFW BLOCK] IN=eth0 OUT= MAC=fa:16:3e:d3:64:42:4c:5e:0c:c9:30:5f:08:00 SRC=92.118.37.82 DST=185.101.93.72 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=39640 PROTO=TCP SPT=55326 DPT=24278 WINDOW=1024 RES=0x00 SYN	2019-09-03 09:09:03
178.128.174.202	attackbotsspam	(sshd) Failed SSH login from 178.128.174.202 (-): 5 in the last 3600 secs	2019-09-03 09:55:48
87.226.148.67	attack	Sep 2 15:11:57 php1 sshd\[4450\]: Invalid user secvpn from 87.226.148.67 Sep 2 15:11:57 php1 sshd\[4450\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=87.226.148.67 Sep 2 15:11:59 php1 sshd\[4450\]: Failed password for invalid user secvpn from 87.226.148.67 port 58791 ssh2 Sep 2 15:16:08 php1 sshd\[4789\]: Invalid user default from 87.226.148.67 Sep 2 15:16:08 php1 sshd\[4789\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=87.226.148.67	2019-09-03 09:29:31
182.74.17.80	attack	Sep 3 02:55:37 meumeu sshd[1926]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.74.17.80 Sep 3 02:55:39 meumeu sshd[1926]: Failed password for invalid user hax from 182.74.17.80 port 60992 ssh2 Sep 3 03:00:26 meumeu sshd[2596]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.74.17.80 ...	2019-09-03 09:16:40
106.51.80.198	attackspam	Sep 2 15:05:30 php2 sshd\[26046\]: Invalid user derrick from 106.51.80.198 Sep 2 15:05:30 php2 sshd\[26046\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.51.80.198 Sep 2 15:05:32 php2 sshd\[26046\]: Failed password for invalid user derrick from 106.51.80.198 port 44434 ssh2 Sep 2 15:10:06 php2 sshd\[26620\]: Invalid user salvatore from 106.51.80.198 Sep 2 15:10:06 php2 sshd\[26620\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.51.80.198	2019-09-03 09:10:43
134.175.109.23	attack	Sep 3 03:02:14 nextcloud sshd\[20825\]: Invalid user danb from 134.175.109.23 Sep 3 03:02:14 nextcloud sshd\[20825\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.109.23 Sep 3 03:02:15 nextcloud sshd\[20825\]: Failed password for invalid user danb from 134.175.109.23 port 44318 ssh2 ...	2019-09-03 09:59:17
68.183.122.94	attackbots	Sep 3 01:07:17 rpi sshd[18353]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.122.94 Sep 3 01:07:19 rpi sshd[18353]: Failed password for invalid user pl from 68.183.122.94 port 59036 ssh2	2019-09-03 09:08:40
118.34.12.35	attack	Sep 2 21:10:36 xtremcommunity sshd\[16873\]: Invalid user legal3 from 118.34.12.35 port 53670 Sep 2 21:10:36 xtremcommunity sshd\[16873\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.34.12.35 Sep 2 21:10:37 xtremcommunity sshd\[16873\]: Failed password for invalid user legal3 from 118.34.12.35 port 53670 ssh2 Sep 2 21:15:18 xtremcommunity sshd\[17010\]: Invalid user marketing from 118.34.12.35 port 41400 Sep 2 21:15:18 xtremcommunity sshd\[17010\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.34.12.35 ...	2019-09-03 09:24:20
121.66.224.90	attack	Sep 2 14:53:52 hiderm sshd\[8392\]: Invalid user admins from 121.66.224.90 Sep 2 14:53:52 hiderm sshd\[8392\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.66.224.90 Sep 2 14:53:55 hiderm sshd\[8392\]: Failed password for invalid user admins from 121.66.224.90 port 34502 ssh2 Sep 2 14:58:40 hiderm sshd\[8851\]: Invalid user bobinas from 121.66.224.90 Sep 2 14:58:40 hiderm sshd\[8851\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.66.224.90	2019-09-03 09:17:03
141.98.80.75	attack	Sep 3 02:59:30 mail postfix/smtpd\[18306\]: warning: unknown\[141.98.80.75\]: SASL PLAIN authentication failed: Sep 3 02:59:57 mail postfix/smtpd\[18399\]: warning: unknown\[141.98.80.75\]: SASL PLAIN authentication failed: Sep 3 03:00:11 mail postfix/smtpd\[18362\]: warning: unknown\[141.98.80.75\]: SASL PLAIN authentication failed:	2019-09-03 09:12:13

最近上报的IP列表

36.80.163.52	104.248.239.206	51.15.106.64	150.158.116.14
113.176.149.63	213.221.198.154	113.162.164.236	88.155.205.29
217.112.142.67	188.19.185.220	112.133.236.92	80.26.81.212
2002:b9ea:db51::b9ea:db51	1.165.12.94	178.62.92.244	242.62.239.179
128.199.171.166	166.80.25.51	11.39.245.151	120.15.155.20