139.155.92.126

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Jun 5 15:20:33 web9 sshd\[25037\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.92.126 user=root Jun 5 15:20:34 web9 sshd\[25037\]: Failed password for root from 139.155.92.126 port 38834 ssh2 Jun 5 15:22:21 web9 sshd\[25269\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.92.126 user=root Jun 5 15:22:22 web9 sshd\[25269\]: Failed password for root from 139.155.92.126 port 59594 ssh2 Jun 5 15:26:01 web9 sshd\[25761\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.92.126 user=root	2020-06-06 09:26:57

类型

评论内容

时间

attackbots

Jun  5 15:20:33 web9 sshd\[25037\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.92.126  user=root
Jun  5 15:20:34 web9 sshd\[25037\]: Failed password for root from 139.155.92.126 port 38834 ssh2
Jun  5 15:22:21 web9 sshd\[25269\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.92.126  user=root
Jun  5 15:22:22 web9 sshd\[25269\]: Failed password for root from 139.155.92.126 port 59594 ssh2
Jun  5 15:26:01 web9 sshd\[25761\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.92.126  user=root

2020-06-06 09:26:57

相同子网IP讨论:

IP	类型	评论内容	时间
139.155.92.60	attack	Mar 12 22:06:57 MainVPS sshd[15040]: Invalid user Michelle from 139.155.92.60 port 52384 Mar 12 22:06:57 MainVPS sshd[15040]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.92.60 Mar 12 22:06:57 MainVPS sshd[15040]: Invalid user Michelle from 139.155.92.60 port 52384 Mar 12 22:06:59 MainVPS sshd[15040]: Failed password for invalid user Michelle from 139.155.92.60 port 52384 ssh2 Mar 12 22:09:09 MainVPS sshd[19343]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.92.60 user=root Mar 12 22:09:12 MainVPS sshd[19343]: Failed password for root from 139.155.92.60 port 54352 ssh2 ...	2020-03-13 07:35:42
139.155.92.60	attackspambots	Feb 28 05:19:58 ns382633 sshd\[26762\]: Invalid user nagios from 139.155.92.60 port 41850 Feb 28 05:19:58 ns382633 sshd\[26762\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.92.60 Feb 28 05:20:00 ns382633 sshd\[26762\]: Failed password for invalid user nagios from 139.155.92.60 port 41850 ssh2 Feb 28 05:53:13 ns382633 sshd\[32184\]: Invalid user wp-admin from 139.155.92.60 port 56128 Feb 28 05:53:13 ns382633 sshd\[32184\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.92.60	2020-02-28 16:52:07
139.155.92.60	attackbotsspam	Unauthorized connection attempt detected from IP address 139.155.92.60 to port 2220 [J]	2020-01-18 17:16:18
139.155.92.175	attackbotsspam	SSH/22 MH Probe, BF, Hack -	2019-08-28 15:04:47

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.155.92.126
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 26948
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.155.92.126.			IN	A

;; AUTHORITY SECTION:
.			294	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020060501 1800 900 604800 86400

;; Query time: 55 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Jun 06 09:26:54 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 126.92.155.139.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 126.92.155.139.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
54.37.159.12	attack	Aug 24 11:41:20 web9 sshd\[10810\]: Invalid user esbee from 54.37.159.12 Aug 24 11:41:20 web9 sshd\[10810\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.159.12 Aug 24 11:41:22 web9 sshd\[10810\]: Failed password for invalid user esbee from 54.37.159.12 port 34164 ssh2 Aug 24 11:45:10 web9 sshd\[11524\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.159.12 user=root Aug 24 11:45:12 web9 sshd\[11524\]: Failed password for root from 54.37.159.12 port 48992 ssh2	2019-08-25 08:02:31
157.230.55.177	attackbotsspam	WordPress wp-login brute force :: 157.230.55.177 0.052 BYPASS [25/Aug/2019:07:45:04 1000] [censored_4] "POST /wp-login.php HTTP/1.1" 200 3989 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-08-25 08:05:04
177.139.153.186	attackbotsspam	2019-08-24T23:21:59.887187abusebot-7.cloudsearch.cf sshd\[27720\]: Invalid user mongodb from 177.139.153.186 port 37883	2019-08-25 07:29:28
207.154.215.236	attackspam	Aug 24 13:31:12 wbs sshd\[14582\]: Invalid user jocelyn from 207.154.215.236 Aug 24 13:31:12 wbs sshd\[14582\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.154.215.236 Aug 24 13:31:13 wbs sshd\[14582\]: Failed password for invalid user jocelyn from 207.154.215.236 port 34588 ssh2 Aug 24 13:35:05 wbs sshd\[14972\]: Invalid user vhost from 207.154.215.236 Aug 24 13:35:05 wbs sshd\[14972\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.154.215.236	2019-08-25 07:38:19
49.88.112.85	attackbotsspam	2019-08-25T01:35:39.783063centos sshd\[9088\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.85 user=root 2019-08-25T01:35:42.429857centos sshd\[9088\]: Failed password for root from 49.88.112.85 port 20843 ssh2 2019-08-25T01:35:44.535237centos sshd\[9088\]: Failed password for root from 49.88.112.85 port 20843 ssh2	2019-08-25 07:36:37
185.172.110.216	attack	Splunk® : port scan detected: Aug 24 17:45:34 testbed kernel: Firewall: TCP_IN Blocked IN=eth0 OUT= MAC=82:c6:52:d1:6e:53:c0:42:d0:39:2c:30:08:00 SRC=185.172.110.216 DST=104.248.11.191 LEN=40 TOS=0x10 PREC=0x40 TTL=243 ID=54321 PROTO=TCP SPT=45439 DPT=60001 WINDOW=65535 RES=0x00 SYN URGP=0	2019-08-25 07:41:16
51.77.140.36	attackbotsspam	Aug 24 23:45:16 localhost sshd\[9355\]: Invalid user devs from 51.77.140.36 port 41220 Aug 24 23:45:16 localhost sshd\[9355\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.140.36 Aug 24 23:45:17 localhost sshd\[9355\]: Failed password for invalid user devs from 51.77.140.36 port 41220 ssh2	2019-08-25 07:57:00
139.59.10.115	attackbotsspam	Aug 25 01:16:11 OPSO sshd\[19594\]: Invalid user freund from 139.59.10.115 port 59208 Aug 25 01:16:11 OPSO sshd\[19594\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.10.115 Aug 25 01:16:13 OPSO sshd\[19594\]: Failed password for invalid user freund from 139.59.10.115 port 59208 ssh2 Aug 25 01:21:04 OPSO sshd\[20197\]: Invalid user adam from 139.59.10.115 port 54182 Aug 25 01:21:04 OPSO sshd\[20197\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.10.115	2019-08-25 07:25:07
128.106.195.126	attack	Aug 24 23:10:42 smtp sshd[5535]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.106.195.126 user=root Aug 24 23:10:44 smtp sshd[5535]: Failed password for root from 128.106.195.126 port 38095 ssh2 Aug 24 23:16:59 smtp sshd[5580]: Invalid user garys from 128.106.195.126 port 35076 Aug 24 23:16:59 smtp sshd[5580]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.106.195.126 Aug 24 23:16:59 smtp sshd[5580]: Invalid user garys from 128.106.195.126 port 35076 Aug 24 23:17:01 smtp sshd[5580]: Failed password for invalid user garys from 128.106.195.126 port 35076 ssh2 ...	2019-08-25 07:25:51
77.247.110.24	attack	CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2019-08-25 07:42:19
45.55.42.17	attack	Aug 25 00:56:19 eventyay sshd[17856]: Failed password for root from 45.55.42.17 port 34190 ssh2 Aug 25 01:01:00 eventyay sshd[18002]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.42.17 Aug 25 01:01:02 eventyay sshd[18002]: Failed password for invalid user edu from 45.55.42.17 port 55989 ssh2 ...	2019-08-25 07:59:32
128.199.59.42	attackbots	Aug 24 19:19:49 plusreed sshd[29413]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.59.42 user=root Aug 24 19:19:51 plusreed sshd[29413]: Failed password for root from 128.199.59.42 port 50006 ssh2 ...	2019-08-25 07:25:22
139.199.163.136	attackbotsspam	Invalid user avis from 139.199.163.136 port 53360	2019-08-25 08:03:49
118.48.211.197	attack	Aug 24 23:12:29 raspberrypi sshd\[11506\]: Invalid user ev from 118.48.211.197Aug 24 23:12:32 raspberrypi sshd\[11506\]: Failed password for invalid user ev from 118.48.211.197 port 12660 ssh2Aug 24 23:29:40 raspberrypi sshd\[11837\]: Invalid user tsukamoto from 118.48.211.197Aug 24 23:29:42 raspberrypi sshd\[11837\]: Failed password for invalid user tsukamoto from 118.48.211.197 port 34209 ssh2 ...	2019-08-25 07:34:37
103.74.121.142	attackbotsspam	WordPress wp-login brute force :: 103.74.121.142 0.052 BYPASS [25/Aug/2019:08:57:13 1000] [censored_4] "POST /wp-login.php HTTP/1.1" 200 3989 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-08-25 07:47:18

最近上报的IP列表

121.42.142.188	194.26.25.113	200.58.179.160	134.122.90.113
110.78.146.176	200.32.59.112	172.81.224.187	36.78.155.45
201.182.212.115	106.13.63.114	211.25.201.153	119.45.0.9
185.213.21.15	92.253.234.17	197.219.83.75	186.92.31.215
185.50.10.107	31.41.187.166	162.241.29.139	145.239.86.227