139.155.89.153

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Oct 2 20:39:44 web1 sshd\[19575\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.89.153 user=games Oct 2 20:39:46 web1 sshd\[19575\]: Failed password for games from 139.155.89.153 port 52408 ssh2 Oct 2 20:45:18 web1 sshd\[20073\]: Invalid user avanthi from 139.155.89.153 Oct 2 20:45:18 web1 sshd\[20073\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.89.153 Oct 2 20:45:20 web1 sshd\[20073\]: Failed password for invalid user avanthi from 139.155.89.153 port 60038 ssh2	2019-10-03 14:54:54
attack	Sep 25 11:31:01 hanapaa sshd\[10074\]: Invalid user ubuntu from 139.155.89.153 Sep 25 11:31:01 hanapaa sshd\[10074\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.89.153 Sep 25 11:31:03 hanapaa sshd\[10074\]: Failed password for invalid user ubuntu from 139.155.89.153 port 41486 ssh2 Sep 25 11:35:46 hanapaa sshd\[10427\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.89.153 user=root Sep 25 11:35:48 hanapaa sshd\[10427\]: Failed password for root from 139.155.89.153 port 53038 ssh2	2019-09-26 05:45:56
attackspambots	Sep 22 12:06:05 MK-Soft-Root2 sshd\[19800\]: Invalid user lab from 139.155.89.153 port 56394 Sep 22 12:06:05 MK-Soft-Root2 sshd\[19800\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.89.153 Sep 22 12:06:07 MK-Soft-Root2 sshd\[19800\]: Failed password for invalid user lab from 139.155.89.153 port 56394 ssh2 ...	2019-09-22 20:22:29
attackspam	Triggered by Fail2Ban at Vostok web server	2019-09-06 03:56:24
attackbotsspam	Lines containing failures of 139.155.89.153 Aug 27 01:07:03 nextcloud sshd[17613]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.89.153 user=sshd Aug 27 01:07:05 nextcloud sshd[17613]: Failed password for sshd from 139.155.89.153 port 45408 ssh2 Aug 27 01:07:05 nextcloud sshd[17613]: Received disconnect from 139.155.89.153 port 45408:11: Bye Bye [preauth] Aug 27 01:07:05 nextcloud sshd[17613]: Disconnected from authenticating user sshd 139.155.89.153 port 45408 [preauth] Aug 27 01:21:32 nextcloud sshd[19866]: Invalid user admin from 139.155.89.153 port 52874 Aug 27 01:21:32 nextcloud sshd[19866]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.89.153 Aug 27 01:21:34 nextcloud sshd[19866]: Failed password for invalid user admin from 139.155.89.153 port 52874 ssh2 Aug 27 01:21:34 nextcloud sshd[19866]: Received disconnect from 139.155.89.153 port 52874:11: Bye Bye [preauth] A........ ------------------------------	2019-08-27 08:13:22

相同子网IP讨论:

IP	类型	评论内容	时间
139.155.89.27	attackbotsspam	Oct 6 10:41:17 [host] sshd[1471]: pam_unix(sshd:a Oct 6 10:41:19 [host] sshd[1471]: Failed password Oct 6 10:42:56 [host] sshd[1505]: pam_unix(sshd:a	2020-10-07 04:16:13
139.155.89.27	attackspambots	Oct 6 10:41:17 [host] sshd[1471]: pam_unix(sshd:a Oct 6 10:41:19 [host] sshd[1471]: Failed password Oct 6 10:42:56 [host] sshd[1505]: pam_unix(sshd:a	2020-10-06 20:19:51
139.155.89.11	attackbotsspam	Invalid user lwq from 139.155.89.11 port 42462	2020-08-26 01:05:26
139.155.89.11	attack	Aug 20 18:55:01 firewall sshd[2147]: Invalid user deb from 139.155.89.11 Aug 20 18:55:03 firewall sshd[2147]: Failed password for invalid user deb from 139.155.89.11 port 35466 ssh2 Aug 20 18:58:36 firewall sshd[2234]: Invalid user cdm from 139.155.89.11 ...	2020-08-21 06:47:19
139.155.89.13	attack	139.155.89.13 - - \[26/Jun/2020:13:22:00 +0200\] "POST /xmlrpc.php HTTP/1.0" 200 729 "-" "Apache-HttpClient/4.5.2 \(Java/1.8.0_161\)" 139.155.89.13 - - \[26/Jun/2020:13:22:02 +0200\] "POST /xmlrpc.php HTTP/1.0" 200 729 "-" "Apache-HttpClient/4.5.2 \(Java/1.8.0_161\)" 139.155.89.13 - - \[26/Jun/2020:13:22:03 +0200\] "POST /xmlrpc.php HTTP/1.0" 200 729 "-" "Apache-HttpClient/4.5.2 \(Java/1.8.0_161\)"	2020-06-27 03:32:30
139.155.89.172	attackbotsspam	Automatic report - Banned IP Access	2019-10-23 15:00:44
139.155.89.27	attack	Sep 15 09:51:50 ny01 sshd[19395]: Failed password for sshd from 139.155.89.27 port 33660 ssh2 Sep 15 09:59:11 ny01 sshd[21091]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.89.27 Sep 15 09:59:13 ny01 sshd[21091]: Failed password for invalid user jqsong from 139.155.89.27 port 47944 ssh2	2019-09-16 03:33:16
139.155.89.27	attackspambots	Sep 15 07:39:56 ny01 sshd[28412]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.89.27 Sep 15 07:39:57 ny01 sshd[28412]: Failed password for invalid user tempuser from 139.155.89.27 port 41348 ssh2 Sep 15 07:46:20 ny01 sshd[29419]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.89.27	2019-09-15 19:55:22
139.155.89.27	attack	Aug 27 01:34:24 www_kotimaassa_fi sshd[6362]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.89.27 Aug 27 01:34:26 www_kotimaassa_fi sshd[6362]: Failed password for invalid user 123456 from 139.155.89.27 port 39342 ssh2 ...	2019-08-27 09:42:09
139.155.89.27	attackspam	Aug 21 04:15:29 localhost sshd\[40683\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.89.27 user=root Aug 21 04:15:32 localhost sshd\[40683\]: Failed password for root from 139.155.89.27 port 35802 ssh2 Aug 21 04:21:26 localhost sshd\[40947\]: Invalid user test from 139.155.89.27 port 52462 Aug 21 04:21:26 localhost sshd\[40947\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.89.27 Aug 21 04:21:27 localhost sshd\[40947\]: Failed password for invalid user test from 139.155.89.27 port 52462 ssh2 ...	2019-08-21 12:21:35

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.155.89.153
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 23525
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.155.89.153.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019082601 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Aug 27 08:13:17 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 153.89.155.139.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 153.89.155.139.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
107.189.10.44	attackbots	Invalid user fake from 107.189.10.44 port 34684	2020-02-25 04:47:13
80.249.161.42	attackspambots	Feb 24 17:21:25 grey postfix/smtpd\[2274\]: NOQUEUE: reject: RCPT from bb10.bonuszbrigad.hu\[80.249.161.42\]: 554 5.7.1 Service unavailable\; Client host \[80.249.161.42\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[80.249.161.42\]\; from=\ to=\ proto=ESMTP helo=\ ...	2020-02-25 04:50:20
90.6.159.47	attackbotsspam	Feb 24 14:18:24 h1946882 sshd[7123]: Failed password for invalid user p= i from 90.6.159.47 port 44070 ssh2 Feb 24 14:18:24 h1946882 sshd[7124]: Failed password for invalid user p= i from 90.6.159.47 port 44072 ssh2 Feb 24 14:18:24 h1946882 sshd[7123]: Connection closed by 90.6.159.47 [= preauth] Feb 24 14:18:24 h1946882 sshd[7124]: Connection closed by 90.6.159.47 [= preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=90.6.159.47	2020-02-25 04:26:53
94.179.234.63	attackspambots	Feb 24 14:21:06 debian-2gb-nbg1-2 kernel: \[4809667.603196\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=94.179.234.63 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=54 ID=15816 PROTO=TCP SPT=59044 DPT=23 WINDOW=48498 RES=0x00 SYN URGP=0	2020-02-25 04:47:56
112.17.132.242	attackspam	suspicious action Mon, 24 Feb 2020 13:40:55 -0300	2020-02-25 04:18:25
107.158.93.205	attackspambots	(From roderick.thanh@yahoo.com) Hi, Permit us to quickly remind you about the available premium-quality Brace Support Belt Posture Corrector for men and women available at Shoulderposture.com . The Posture Corrector are made to give maximum comfort and adjustable. The belt is very easy to use and soft to allow the flow of breath. Posture Corrector can be undetectable underclothes: No need to feel self-conscious about wearing a posture brace. The latex-free adjustable design is discreet enough to wear under your shirt or blouse. Please note that the product is currently sold at a huge discounted price. It may return to the regular price any time soon. Visit our store to get yours now. Free and fast shipping service available! Visit Our Store Now: Shoulderposture.com Thank you, Shoulderposture.com Team	2020-02-25 04:34:07
61.147.103.168	attackbots	firewall-block, port(s): 60001/tcp	2020-02-25 04:05:07
218.92.0.173	attack	2020-02-24T20:29:58.154784scmdmz1 sshd[18756]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.173 user=root 2020-02-24T20:30:00.048988scmdmz1 sshd[18756]: Failed password for root from 218.92.0.173 port 27501 ssh2 2020-02-24T20:29:58.296488scmdmz1 sshd[18758]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.173 user=root 2020-02-24T20:30:00.190676scmdmz1 sshd[18758]: Failed password for root from 218.92.0.173 port 60473 ssh2 2020-02-24T20:29:58.154784scmdmz1 sshd[18756]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.173 user=root 2020-02-24T20:30:00.048988scmdmz1 sshd[18756]: Failed password for root from 218.92.0.173 port 27501 ssh2 2020-02-24T20:30:03.562319scmdmz1 sshd[18756]: Failed password for root from 218.92.0.173 port 27501 ssh2 ...	2020-02-25 04:03:59
178.124.170.186	attackbots	Trying ports that it shouldn't be.	2020-02-25 04:10:10
24.206.21.180	attack	Port probing on unauthorized port 81	2020-02-25 04:20:49
185.102.239.82	attack	Port 1433 Scan	2020-02-25 04:39:36
178.162.200.204	attack	[2020-02-24 15:07:52] NOTICE[1148] chan_sip.c: Registration from '' failed for '178.162.200.204:57845' - Wrong password [2020-02-24 15:07:52] SECURITY[1163] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-02-24T15:07:52.611-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="565333",SessionID="0x7fd82cf77db8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/178.162.200.204/57845",Challenge="32e32894",ReceivedChallenge="32e32894",ReceivedHash="d88cdb43f1c5a257c6759f2a6a033134" [2020-02-24 15:07:52] NOTICE[1148] chan_sip.c: Registration from '' failed for '178.162.200.204:57841' - Wrong password [2020-02-24 15:07:52] SECURITY[1163] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-02-24T15:07:52.612-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="565333",SessionID="0x7fd82c9bc688",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/178.162.200.204/578 ...	2020-02-25 04:34:38
37.114.143.9	attack	Lines containing failures of 37.114.143.9 Feb 24 14:15:20 shared12 sshd[2329]: Invalid user admin from 37.114.143.9 port 45142 Feb 24 14:15:20 shared12 sshd[2329]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.114.143.9 Feb 24 14:15:22 shared12 sshd[2329]: Failed password for invalid user admin from 37.114.143.9 port 45142 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=37.114.143.9	2020-02-25 04:23:16
139.228.75.106	attack	Email rejected due to spam filtering	2020-02-25 04:45:51
211.254.221.70	attackbots	Invalid user admin from 211.254.221.70 port 46478	2020-02-25 04:24:22

最近上报的IP列表

201.156.42.140	26.87.95.40	208.161.208.201	115.143.143.212
212.200.61.240	128.252.150.171	123.245.24.81	85.188.44.211
225.153.106.125	143.159.113.113	108.150.139.74	187.99.138.236
215.103.176.153	58.20.163.30	113.87.47.154	73.100.51.179
179.117.170.131	242.192.108.203	46.107.92.109	95.203.201.1