139.155.92.126

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Jun 5 15:20:33 web9 sshd\[25037\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.92.126 user=root Jun 5 15:20:34 web9 sshd\[25037\]: Failed password for root from 139.155.92.126 port 38834 ssh2 Jun 5 15:22:21 web9 sshd\[25269\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.92.126 user=root Jun 5 15:22:22 web9 sshd\[25269\]: Failed password for root from 139.155.92.126 port 59594 ssh2 Jun 5 15:26:01 web9 sshd\[25761\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.92.126 user=root	2020-06-06 09:26:57

类型

评论内容

时间

attackbots

Jun  5 15:20:33 web9 sshd\[25037\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.92.126  user=root
Jun  5 15:20:34 web9 sshd\[25037\]: Failed password for root from 139.155.92.126 port 38834 ssh2
Jun  5 15:22:21 web9 sshd\[25269\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.92.126  user=root
Jun  5 15:22:22 web9 sshd\[25269\]: Failed password for root from 139.155.92.126 port 59594 ssh2
Jun  5 15:26:01 web9 sshd\[25761\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.92.126  user=root

2020-06-06 09:26:57

相同子网IP讨论:

IP	类型	评论内容	时间
139.155.92.60	attack	Mar 12 22:06:57 MainVPS sshd[15040]: Invalid user Michelle from 139.155.92.60 port 52384 Mar 12 22:06:57 MainVPS sshd[15040]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.92.60 Mar 12 22:06:57 MainVPS sshd[15040]: Invalid user Michelle from 139.155.92.60 port 52384 Mar 12 22:06:59 MainVPS sshd[15040]: Failed password for invalid user Michelle from 139.155.92.60 port 52384 ssh2 Mar 12 22:09:09 MainVPS sshd[19343]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.92.60 user=root Mar 12 22:09:12 MainVPS sshd[19343]: Failed password for root from 139.155.92.60 port 54352 ssh2 ...	2020-03-13 07:35:42
139.155.92.60	attackspambots	Feb 28 05:19:58 ns382633 sshd\[26762\]: Invalid user nagios from 139.155.92.60 port 41850 Feb 28 05:19:58 ns382633 sshd\[26762\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.92.60 Feb 28 05:20:00 ns382633 sshd\[26762\]: Failed password for invalid user nagios from 139.155.92.60 port 41850 ssh2 Feb 28 05:53:13 ns382633 sshd\[32184\]: Invalid user wp-admin from 139.155.92.60 port 56128 Feb 28 05:53:13 ns382633 sshd\[32184\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.92.60	2020-02-28 16:52:07
139.155.92.60	attackbotsspam	Unauthorized connection attempt detected from IP address 139.155.92.60 to port 2220 [J]	2020-01-18 17:16:18
139.155.92.175	attackbotsspam	SSH/22 MH Probe, BF, Hack -	2019-08-28 15:04:47

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.155.92.126
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 26948
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.155.92.126.			IN	A

;; AUTHORITY SECTION:
.			294	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020060501 1800 900 604800 86400

;; Query time: 55 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Jun 06 09:26:54 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 126.92.155.139.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 126.92.155.139.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
51.77.220.127	attack	51.77.220.127 - - [02/Jun/2020:10:09:09 +0400] "POST /GponForm/diag_Form?style/ HTTP/1.1" 502 157 "-" "curl/7.3.2" ...	2020-06-02 14:15:29
1.124.106.32	attack	Automatic report - XMLRPC Attack	2020-06-02 14:08:46
186.250.131.7	attackbotsspam	20/6/1@23:53:00: FAIL: Alarm-Network address from=186.250.131.7 ...	2020-06-02 14:27:33
176.31.217.184	attackbotsspam	2020-06-02T05:50:12.463285galaxy.wi.uni-potsdam.de sshd[20326]: Invalid user a1s9c9o3\r from 176.31.217.184 port 40030 2020-06-02T05:50:12.465222galaxy.wi.uni-potsdam.de sshd[20326]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip184.ip-176-31-217.eu 2020-06-02T05:50:12.463285galaxy.wi.uni-potsdam.de sshd[20326]: Invalid user a1s9c9o3\r from 176.31.217.184 port 40030 2020-06-02T05:50:14.540483galaxy.wi.uni-potsdam.de sshd[20326]: Failed password for invalid user a1s9c9o3\r from 176.31.217.184 port 40030 ssh2 2020-06-02T05:53:23.260975galaxy.wi.uni-potsdam.de sshd[20653]: Invalid user 1qaSW@3ed\r from 176.31.217.184 port 44256 2020-06-02T05:53:23.263038galaxy.wi.uni-potsdam.de sshd[20653]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip184.ip-176-31-217.eu 2020-06-02T05:53:23.260975galaxy.wi.uni-potsdam.de sshd[20653]: Invalid user 1qaSW@3ed\r from 176.31.217.184 port 44256 2020-06-02T05:53:24.533191ga ...	2020-06-02 14:10:37
116.107.21.154	attackbotsspam	2020-06-0205:48:431jfxut-00014j-9N\<=info@whatsup2013.chH=\(localhost\)[186.179.178.167]:51112P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=2971id=2cdb831f143fea193ac432616abe872b08e213ce4c@whatsup2013.chT="toerfanashkhane"forerfanashkhane@gmail.comsuperhip1765@gmail.comalecsegovia2@gmail.com2020-06-0205:47:531jfxu3-0000yq-Uw\<=info@whatsup2013.chH=\(localhost\)[114.237.136.189]:53512P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=2966id=2d8396c5cee5303c1b5ee8bb4f88020e3d62513a@whatsup2013.chT="tojamesgray58321"forjamesgray58321@gmail.comzebs850@gmail.comeddie3some@yahoo.com2020-06-0205:51:571jfxxv-0001Fl-L9\<=info@whatsup2013.chH=\(localhost\)[14.164.136.95]:49706P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=3002id=878c99cac1ea3f331451e7b440870d0132de9dcd@whatsup2013.chT="tojnm4185"forjnm4185@gmail.comfernandocabrales@gamail.comwaynef029@gmail.com2020-06-0205:52:341jfxyZ-	2020-06-02 14:38:09
186.225.80.194	attack	5x Failed Password	2020-06-02 14:16:03
222.186.173.201	attackspam	2020-06-02T09:15:43.909739afi-git.jinr.ru sshd[24863]: Failed password for root from 222.186.173.201 port 40126 ssh2 2020-06-02T09:15:47.079432afi-git.jinr.ru sshd[24863]: Failed password for root from 222.186.173.201 port 40126 ssh2 2020-06-02T09:15:49.666122afi-git.jinr.ru sshd[24863]: Failed password for root from 222.186.173.201 port 40126 ssh2 2020-06-02T09:15:49.666260afi-git.jinr.ru sshd[24863]: error: maximum authentication attempts exceeded for root from 222.186.173.201 port 40126 ssh2 [preauth] 2020-06-02T09:15:49.666274afi-git.jinr.ru sshd[24863]: Disconnecting: Too many authentication failures [preauth] ...	2020-06-02 14:27:15
103.120.224.222	attackspam	Brute force attempt	2020-06-02 14:28:32
177.191.163.184	attackspambots	Lines containing failures of 177.191.163.184 (max 1000) Jun 1 11:37:39 UTC__SANYALnet-Labs__cac1 sshd[30346]: Connection from 177.191.163.184 port 48911 on 64.137.179.160 port 22 Jun 1 11:37:41 UTC__SANYALnet-Labs__cac1 sshd[30346]: reveeclipse mapping checking getaddrinfo for 177-191-163-184.xd-dynamic.algarnetsuper.com.br [177.191.163.184] failed - POSSIBLE BREAK-IN ATTEMPT! Jun 1 11:37:41 UTC__SANYALnet-Labs__cac1 sshd[30346]: User r.r from 177.191.163.184 not allowed because not listed in AllowUsers Jun 1 11:37:46 UTC__SANYALnet-Labs__cac1 sshd[30346]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.191.163.184 user=r.r Jun 1 11:37:48 UTC__SANYALnet-Labs__cac1 sshd[30346]: Failed password for invalid user r.r from 177.191.163.184 port 48911 ssh2 Jun 1 11:37:48 UTC__SANYALnet-Labs__cac1 sshd[30346]: Received disconnect from 177.191.163.184 port 48911:11: Bye Bye [preauth] Jun 1 11:37:48 UTC__SANYALnet-Labs__cac1 sshd........ ------------------------------	2020-06-02 14:29:46
64.202.184.71	attackbotsspam	::ffff:64.202.184.71 - - [02/Jun/2020:03:48:51 +0200] "www.ruhnke.cloud" "POST /wp-login.php HTTP/1.1" 200 4986 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" ::ffff:64.202.184.71 - - [02/Jun/2020:03:48:54 +0200] "www.ruhnke.cloud" "POST /xmlrpc.php HTTP/1.1" 200 291 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" ::ffff:64.202.184.71 - - [02/Jun/2020:03:48:54 +0200] "www.ruhnke.cloud" "POST /xmlrpc.php HTTP/1.1" 200 291 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" ::ffff:64.202.184.71 - - [02/Jun/2020:07:28:19 +0200] "www.ruhnke.cloud" "POST /wp-login.php HTTP/1.1" 200 4986 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" ...	2020-06-02 14:19:11
195.154.29.107	attackspam	195.154.29.107 - - [02/Jun/2020:05:51:46 +0200] "POST /xmlrpc.php HTTP/1.1" 403 146 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 195.154.29.107 - - [02/Jun/2020:06:00:04 +0200] "POST /xmlrpc.php HTTP/1.1" 403 146 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-06-02 14:36:19
45.76.159.148	attackbots	Unauthorized connection attempt from IP address 45.76.159.148 on port 3389	2020-06-02 14:39:29
198.108.66.193	attackbots	Unauthorized connection attempt detected from IP address 198.108.66.193 to port 8243	2020-06-02 14:44:34
1.71.140.71	attackspambots	2020-06-02T06:24:39.534140abusebot-5.cloudsearch.cf sshd[18382]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.71.140.71 user=root 2020-06-02T06:24:41.781169abusebot-5.cloudsearch.cf sshd[18382]: Failed password for root from 1.71.140.71 port 38850 ssh2 2020-06-02T06:30:06.504967abusebot-5.cloudsearch.cf sshd[18408]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.71.140.71 user=root 2020-06-02T06:30:08.977593abusebot-5.cloudsearch.cf sshd[18408]: Failed password for root from 1.71.140.71 port 58356 ssh2 2020-06-02T06:31:16.030993abusebot-5.cloudsearch.cf sshd[18424]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.71.140.71 user=root 2020-06-02T06:31:18.307413abusebot-5.cloudsearch.cf sshd[18424]: Failed password for root from 1.71.140.71 port 43374 ssh2 2020-06-02T06:32:37.072408abusebot-5.cloudsearch.cf sshd[18432]: pam_unix(sshd:auth): authentication fa ...	2020-06-02 14:42:08
195.54.166.45	attackspambots	TCP (SYN) 195.54.166.45:55191 -> port 3397, len 44	2020-06-02 14:46:22

最近上报的IP列表

121.42.142.188	194.26.25.113	200.58.179.160	134.122.90.113
110.78.146.176	200.32.59.112	172.81.224.187	36.78.155.45
201.182.212.115	106.13.63.114	211.25.201.153	119.45.0.9
185.213.21.15	92.253.234.17	197.219.83.75	186.92.31.215
185.50.10.107	31.41.187.166	162.241.29.139	145.239.86.227