139.155.90.80 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Aug 28 23:56:51 kapalua sshd\[26229\]: Invalid user httpfs from 139.155.90.80 Aug 28 23:56:51 kapalua sshd\[26229\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.90.80 Aug 28 23:56:53 kapalua sshd\[26229\]: Failed password for invalid user httpfs from 139.155.90.80 port 39818 ssh2 Aug 29 00:02:32 kapalua sshd\[26719\]: Invalid user zabbix from 139.155.90.80 Aug 29 00:02:32 kapalua sshd\[26719\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.90.80	2019-08-29 18:14:17

类型

评论内容

时间

attackbots

Aug 28 23:56:51 kapalua sshd\[26229\]: Invalid user httpfs from 139.155.90.80
Aug 28 23:56:51 kapalua sshd\[26229\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.90.80
Aug 28 23:56:53 kapalua sshd\[26229\]: Failed password for invalid user httpfs from 139.155.90.80 port 39818 ssh2
Aug 29 00:02:32 kapalua sshd\[26719\]: Invalid user zabbix from 139.155.90.80
Aug 29 00:02:32 kapalua sshd\[26719\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.90.80

2019-08-29 18:14:17

相同子网IP讨论:

IP	类型	评论内容	时间
139.155.90.88	attackspambots	Invalid user testtest from 139.155.90.88 port 49538	2020-07-26 13:27:38
139.155.90.88	attack	Jul 24 14:44:33 firewall sshd[8855]: Invalid user sheldon from 139.155.90.88 Jul 24 14:44:35 firewall sshd[8855]: Failed password for invalid user sheldon from 139.155.90.88 port 40294 ssh2 Jul 24 14:49:45 firewall sshd[9014]: Invalid user joni from 139.155.90.88 ...	2020-07-25 02:22:39
139.155.90.88	attack	2020-07-24T04:30:40.036605shield sshd\[26803\]: Invalid user master from 139.155.90.88 port 56780 2020-07-24T04:30:40.044024shield sshd\[26803\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.90.88 2020-07-24T04:30:41.937401shield sshd\[26803\]: Failed password for invalid user master from 139.155.90.88 port 56780 ssh2 2020-07-24T04:32:27.368417shield sshd\[27175\]: Invalid user user from 139.155.90.88 port 48854 2020-07-24T04:32:27.378124shield sshd\[27175\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.90.88	2020-07-24 12:36:01
139.155.90.88	attackbotsspam	Jul 18 11:38:37 hidden sshd[28486]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.90.88 Jul 18 11:38:39 hidden sshd[28486]: Failed password for invalid user kevin from 139.155.90.88 port 49536 ssh2 Jul 18 12:05:47 hidden sshd[32752]: Invalid user tomy from 139.155.90.88 port 40760	2020-07-19 21:49:07
139.155.90.88	attack	Invalid user lea from 139.155.90.88 port 54628	2020-06-30 15:37:25
139.155.90.141	attackbots	$f2bV_matches	2020-06-25 15:27:33
139.155.90.88	attackbotsspam	Unauthorized connection attempt detected from IP address 139.155.90.88 to port 1510	2020-06-22 13:08:12
139.155.90.141	attack	Invalid user lara from 139.155.90.141 port 59676	2020-06-20 16:52:48
139.155.90.88	attack	2020-06-10T19:49:39.034210shield sshd\[3196\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.90.88 user=root 2020-06-10T19:49:40.752296shield sshd\[3196\]: Failed password for root from 139.155.90.88 port 45654 ssh2 2020-06-10T19:51:29.158893shield sshd\[3555\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.90.88 user=root 2020-06-10T19:51:31.309880shield sshd\[3555\]: Failed password for root from 139.155.90.88 port 44732 ssh2 2020-06-10T19:53:15.856436shield sshd\[3956\]: Invalid user oraprod from 139.155.90.88 port 43820	2020-06-11 06:15:29
139.155.90.141	attackspambots	Jun 8 02:07:42 dns-3 sshd[19917]: User r.r from 139.155.90.141 not allowed because not listed in AllowUsers Jun 8 02:07:42 dns-3 sshd[19917]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.90.141 user=r.r Jun 8 02:07:44 dns-3 sshd[19917]: Failed password for invalid user r.r from 139.155.90.141 port 37214 ssh2 Jun 8 02:07:45 dns-3 sshd[19917]: Received disconnect from 139.155.90.141 port 37214:11: Bye Bye [preauth] Jun 8 02:07:45 dns-3 sshd[19917]: Disconnected from invalid user r.r 139.155.90.141 port 37214 [preauth] Jun 8 02:09:23 dns-3 sshd[20020]: User r.r from 139.155.90.141 not allowed because not listed in AllowUsers Jun 8 02:09:23 dns-3 sshd[20020]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.90.141 user=r.r Jun 8 02:09:25 dns-3 sshd[20020]: Failed password for invalid user r.r from 139.155.90.141 port 54128 ssh2 Jun 8 02:09:26 dns-3 sshd[20020]: Recei........ -------------------------------	2020-06-08 20:48:14
139.155.90.141	attackbots	Lines containing failures of 139.155.90.141 Jun 1 04:25:23 kmh-vmh-001-fsn03 sshd[23898]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.90.141 user=r.r Jun 1 04:25:26 kmh-vmh-001-fsn03 sshd[23898]: Failed password for r.r from 139.155.90.141 port 50852 ssh2 Jun 1 04:25:27 kmh-vmh-001-fsn03 sshd[23898]: Received disconnect from 139.155.90.141 port 50852:11: Bye Bye [preauth] Jun 1 04:25:27 kmh-vmh-001-fsn03 sshd[23898]: Disconnected from authenticating user r.r 139.155.90.141 port 50852 [preauth] Jun 1 04:39:30 kmh-vmh-001-fsn03 sshd[4574]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.90.141 user=r.r Jun 1 04:39:32 kmh-vmh-001-fsn03 sshd[4574]: Failed password for r.r from 139.155.90.141 port 44014 ssh2 Jun 1 04:39:34 kmh-vmh-001-fsn03 sshd[4574]: Received disconnect from 139.155.90.141 port 44014:11: Bye Bye [preauth] Jun 1 04:39:34 kmh-vmh-001-fsn03 sshd[4574]:........ ------------------------------	2020-06-06 14:57:01
139.155.90.108	attackspam	May 25 10:00:27 : SSH login attempts with invalid user	2020-05-26 06:12:18
139.155.90.88	attackspambots	2020-05-25T05:47:00.084775vps751288.ovh.net sshd\[2894\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.90.88 user=root 2020-05-25T05:47:02.723301vps751288.ovh.net sshd\[2894\]: Failed password for root from 139.155.90.88 port 54388 ssh2 2020-05-25T05:50:36.831269vps751288.ovh.net sshd\[2922\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.90.88 user=root 2020-05-25T05:50:38.787702vps751288.ovh.net sshd\[2922\]: Failed password for root from 139.155.90.88 port 41708 ssh2 2020-05-25T05:54:08.803758vps751288.ovh.net sshd\[2934\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.90.88 user=root	2020-05-25 13:47:46
139.155.90.108	attackbotsspam	Invalid user pyqt from 139.155.90.108 port 59976	2020-05-24 15:44:42
139.155.90.88	attackbotsspam	(sshd) Failed SSH login from 139.155.90.88 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: May 14 14:07:14 elude sshd[3023]: Invalid user comercial from 139.155.90.88 port 46716 May 14 14:07:15 elude sshd[3023]: Failed password for invalid user comercial from 139.155.90.88 port 46716 ssh2 May 14 14:16:11 elude sshd[4512]: Did not receive identification string from 139.155.90.88 port 43662 May 14 14:21:43 elude sshd[5346]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.90.88 user=root May 14 14:21:44 elude sshd[5346]: Failed password for root from 139.155.90.88 port 43634 ssh2	2020-05-15 03:04:49

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.155.90.80
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 55232
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.155.90.80.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019082900 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Aug 29 18:14:09 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 80.90.155.139.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 80.90.155.139.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
36.251.148.228	attackspambots	Automated report - ssh fail2ban: Jun 26 06:04:39 wrong password, user=root, port=55492, ssh2 Jun 26 06:04:43 wrong password, user=root, port=55492, ssh2 Jun 26 06:04:47 wrong password, user=root, port=55492, ssh2	2019-06-26 16:48:42
77.83.174.234	attackbotsspam	Port scan on 6 port(s): 1269 1916 4147 6882 7182 9195	2019-06-26 17:05:18
149.56.20.65	attack	WordPress login Brute force / Web App Attack on client site.	2019-06-26 17:13:17
182.253.246.194	attack	Unauthorized connection attempt from IP address 182.253.246.194 on Port 445(SMB)	2019-06-26 16:51:29
154.81.81.54	attackbots	Scanning and Vuln Attempts	2019-06-26 16:37:30
58.211.169.50	attackspam	failed_logins	2019-06-26 17:19:36
123.252.235.130	attack	445/tcp 445/tcp 445/tcp... [2019-05-08/06-26]5pkt,1pt.(tcp)	2019-06-26 16:50:39
181.171.96.145	attack	Jun 24 21:53:51 toyboy sshd[18872]: reveeclipse mapping checking getaddrinfo for 145-96-171-181.fibertel.com.ar [181.171.96.145] failed - POSSIBLE BREAK-IN ATTEMPT! Jun 24 21:53:51 toyboy sshd[18872]: Invalid user vweru from 181.171.96.145 Jun 24 21:53:51 toyboy sshd[18872]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.171.96.145 Jun 24 21:53:53 toyboy sshd[18872]: Failed password for invalid user vweru from 181.171.96.145 port 15833 ssh2 Jun 24 21:53:54 toyboy sshd[18872]: Received disconnect from 181.171.96.145: 11: Bye Bye [preauth] Jun 24 21:56:00 toyboy sshd[18947]: reveeclipse mapping checking getaddrinfo for 145-96-171-181.fibertel.com.ar [181.171.96.145] failed - POSSIBLE BREAK-IN ATTEMPT! Jun 24 21:56:00 toyboy sshd[18947]: Invalid user nathan from 181.171.96.145 Jun 24 21:56:00 toyboy sshd[18947]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.171.96.145 Jun 24 21:56:01........ -------------------------------	2019-06-26 16:55:55
37.1.217.94	attackbotsspam	445/tcp 445/tcp [2019-06-21/26]2pkt	2019-06-26 16:56:37
220.177.175.236	attackbotsspam	[SMB remote code execution attempt: port tcp/445] *(RWIN=1024)(06261032)	2019-06-26 16:33:11
45.70.3.30	attackspambots	Jun 26 06:59:57 OPSO sshd\[14837\]: Invalid user haproxy from 45.70.3.30 port 51515 Jun 26 06:59:57 OPSO sshd\[14837\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.70.3.30 Jun 26 06:59:59 OPSO sshd\[14837\]: Failed password for invalid user haproxy from 45.70.3.30 port 51515 ssh2 Jun 26 07:04:50 OPSO sshd\[15307\]: Invalid user pentecote from 45.70.3.30 port 59998 Jun 26 07:04:50 OPSO sshd\[15307\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.70.3.30	2019-06-26 16:56:59
150.138.117.223	attackspambots	Scanning and Vuln Attempts	2019-06-26 17:09:40
150.95.108.33	attackbotsspam	Scanning and Vuln Attempts	2019-06-26 17:07:50
1.25.82.14	attackbots	DATE:2019-06-26 05:48:59, IP:1.25.82.14, PORT:1433 - MSSQL brute force auth on a honeypot server (epe-dc)	2019-06-26 16:34:06
107.172.145.135	attackbots	$f2bV_matches	2019-06-26 16:51:11

最近上报的IP列表

112.119.69.3	182.61.26.50	112.220.89.114	112.234.114.185
112.234.28.208	220.168.209.70	2607:5300:203:3e14::	91.219.238.84
113.116.246.0	101.23.115.87	186.122.105.226	113.77.37.97
45.11.98.5	91.233.172.66	122.116.216.17	109.123.112.4
114.149.71.174	114.24.110.192	43.225.108.51	182.50.130.28