139.155.92.126

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Jun 5 15:20:33 web9 sshd\[25037\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.92.126 user=root Jun 5 15:20:34 web9 sshd\[25037\]: Failed password for root from 139.155.92.126 port 38834 ssh2 Jun 5 15:22:21 web9 sshd\[25269\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.92.126 user=root Jun 5 15:22:22 web9 sshd\[25269\]: Failed password for root from 139.155.92.126 port 59594 ssh2 Jun 5 15:26:01 web9 sshd\[25761\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.92.126 user=root	2020-06-06 09:26:57

类型

评论内容

时间

attackbots

Jun  5 15:20:33 web9 sshd\[25037\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.92.126  user=root
Jun  5 15:20:34 web9 sshd\[25037\]: Failed password for root from 139.155.92.126 port 38834 ssh2
Jun  5 15:22:21 web9 sshd\[25269\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.92.126  user=root
Jun  5 15:22:22 web9 sshd\[25269\]: Failed password for root from 139.155.92.126 port 59594 ssh2
Jun  5 15:26:01 web9 sshd\[25761\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.92.126  user=root

2020-06-06 09:26:57

相同子网IP讨论:

IP	类型	评论内容	时间
139.155.92.60	attack	Mar 12 22:06:57 MainVPS sshd[15040]: Invalid user Michelle from 139.155.92.60 port 52384 Mar 12 22:06:57 MainVPS sshd[15040]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.92.60 Mar 12 22:06:57 MainVPS sshd[15040]: Invalid user Michelle from 139.155.92.60 port 52384 Mar 12 22:06:59 MainVPS sshd[15040]: Failed password for invalid user Michelle from 139.155.92.60 port 52384 ssh2 Mar 12 22:09:09 MainVPS sshd[19343]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.92.60 user=root Mar 12 22:09:12 MainVPS sshd[19343]: Failed password for root from 139.155.92.60 port 54352 ssh2 ...	2020-03-13 07:35:42
139.155.92.60	attackspambots	Feb 28 05:19:58 ns382633 sshd\[26762\]: Invalid user nagios from 139.155.92.60 port 41850 Feb 28 05:19:58 ns382633 sshd\[26762\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.92.60 Feb 28 05:20:00 ns382633 sshd\[26762\]: Failed password for invalid user nagios from 139.155.92.60 port 41850 ssh2 Feb 28 05:53:13 ns382633 sshd\[32184\]: Invalid user wp-admin from 139.155.92.60 port 56128 Feb 28 05:53:13 ns382633 sshd\[32184\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.92.60	2020-02-28 16:52:07
139.155.92.60	attackbotsspam	Unauthorized connection attempt detected from IP address 139.155.92.60 to port 2220 [J]	2020-01-18 17:16:18
139.155.92.175	attackbotsspam	SSH/22 MH Probe, BF, Hack -	2019-08-28 15:04:47

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.155.92.126
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 26948
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.155.92.126.			IN	A

;; AUTHORITY SECTION:
.			294	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020060501 1800 900 604800 86400

;; Query time: 55 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Jun 06 09:26:54 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 126.92.155.139.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 126.92.155.139.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
58.248.254.124	attack	Aug 15 19:06:33 vps200512 sshd\[26086\]: Invalid user cgi from 58.248.254.124 Aug 15 19:06:33 vps200512 sshd\[26086\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.248.254.124 Aug 15 19:06:36 vps200512 sshd\[26086\]: Failed password for invalid user cgi from 58.248.254.124 port 39601 ssh2 Aug 15 19:10:38 vps200512 sshd\[26258\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.248.254.124 user=root Aug 15 19:10:40 vps200512 sshd\[26258\]: Failed password for root from 58.248.254.124 port 57950 ssh2	2019-08-16 11:58:50
148.240.182.77	attack	Aug 15 22:00:18 mxgate1 postfix/postscreen[15637]: CONNECT from [148.240.182.77]:28313 to [176.31.12.44]:25 Aug 15 22:00:18 mxgate1 postfix/dnsblog[16114]: addr 148.240.182.77 listed by domain cbl.abuseat.org as 127.0.0.2 Aug 15 22:00:18 mxgate1 postfix/dnsblog[16107]: addr 148.240.182.77 listed by domain zen.spamhaus.org as 127.0.0.11 Aug 15 22:00:18 mxgate1 postfix/dnsblog[16107]: addr 148.240.182.77 listed by domain zen.spamhaus.org as 127.0.0.4 Aug 15 22:00:24 mxgate1 postfix/postscreen[15637]: DNSBL rank 3 for [148.240.182.77]:28313 Aug x@x Aug 15 22:00:25 mxgate1 postfix/postscreen[15637]: HANGUP after 1.2 from [148.240.182.77]:28313 in tests after SMTP handshake Aug 15 22:00:25 mxgate1 postfix/postscreen[15637]: DISCONNECT [148.240.182.77]:28313 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=148.240.182.77	2019-08-16 11:47:21
118.24.33.38	attack	Aug 15 20:14:47 MK-Soft-VM4 sshd\[29255\]: Invalid user fi from 118.24.33.38 port 48844 Aug 15 20:14:47 MK-Soft-VM4 sshd\[29255\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.33.38 Aug 15 20:14:49 MK-Soft-VM4 sshd\[29255\]: Failed password for invalid user fi from 118.24.33.38 port 48844 ssh2 ...	2019-08-16 11:21:04
115.124.64.126	attackspambots	Aug 16 04:07:47 OPSO sshd\[13916\]: Invalid user om from 115.124.64.126 port 51270 Aug 16 04:07:47 OPSO sshd\[13916\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.124.64.126 Aug 16 04:07:49 OPSO sshd\[13916\]: Failed password for invalid user om from 115.124.64.126 port 51270 ssh2 Aug 16 04:13:14 OPSO sshd\[14936\]: Invalid user taiga from 115.124.64.126 port 47972 Aug 16 04:13:14 OPSO sshd\[14936\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.124.64.126	2019-08-16 11:24:20
77.30.236.214	attack	60001/tcp [2019-08-15]1pkt	2019-08-16 11:56:49
132.148.154.149	attack	WordPress wp-login brute force :: 132.148.154.149 0.224 BYPASS [16/Aug/2019:10:11:24 1000] [censored_1] "POST /wp-login.php HTTP/1.1" 200 4039 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:61.0.1) Gecko/20120101 Firefox/61.0.1"	2019-08-16 11:39:22
139.28.217.222	attackbots	Automatic report - Banned IP Access	2019-08-16 11:38:57
212.124.188.174	attackspambots	port scan and connect, tcp 23 (telnet)	2019-08-16 11:11:04
62.234.95.148	attackbots	Aug 15 21:59:35 raspberrypi sshd\[25029\]: Invalid user hadoop from 62.234.95.148Aug 15 21:59:37 raspberrypi sshd\[25029\]: Failed password for invalid user hadoop from 62.234.95.148 port 42784 ssh2Aug 15 22:20:01 raspberrypi sshd\[25582\]: Invalid user cacti from 62.234.95.148 ...	2019-08-16 11:58:04
218.246.5.111	attackspambots	Aug 16 00:25:18 debian sshd\[1284\]: Invalid user atscale from 218.246.5.111 port 38140 Aug 16 00:25:18 debian sshd\[1284\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.246.5.111 ...	2019-08-16 11:09:31
83.48.101.184	attackbotsspam	Aug 15 23:11:46 v22018076622670303 sshd\[28095\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=83.48.101.184 user=root Aug 15 23:11:48 v22018076622670303 sshd\[28095\]: Failed password for root from 83.48.101.184 port 20659 ssh2 Aug 15 23:20:01 v22018076622670303 sshd\[28125\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=83.48.101.184 user=root ...	2019-08-16 11:39:45
80.52.199.93	attack	Aug 16 03:02:21 web8 sshd\[27302\]: Invalid user narendra from 80.52.199.93 Aug 16 03:02:21 web8 sshd\[27302\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.52.199.93 Aug 16 03:02:24 web8 sshd\[27302\]: Failed password for invalid user narendra from 80.52.199.93 port 42662 ssh2 Aug 16 03:07:51 web8 sshd\[30156\]: Invalid user vinay from 80.52.199.93 Aug 16 03:07:51 web8 sshd\[30156\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.52.199.93	2019-08-16 11:09:57
34.237.153.232	attack	Chat Spam	2019-08-16 11:32:49
94.191.62.170	attack	Aug 16 10:09:18 webhost01 sshd[17709]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.191.62.170 Aug 16 10:09:20 webhost01 sshd[17709]: Failed password for invalid user khwanjung from 94.191.62.170 port 40096 ssh2 ...	2019-08-16 11:27:08
134.209.170.193	attackbots	Invalid user simona from 134.209.170.193 port 33716	2019-08-16 11:36:38

最近上报的IP列表

121.42.142.188	194.26.25.113	200.58.179.160	134.122.90.113
110.78.146.176	200.32.59.112	172.81.224.187	36.78.155.45
201.182.212.115	106.13.63.114	211.25.201.153	119.45.0.9
185.213.21.15	92.253.234.17	197.219.83.75	186.92.31.215
185.50.10.107	31.41.187.166	162.241.29.139	145.239.86.227