139.155.94.250

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	(sshd) Failed SSH login from 139.155.94.250 (CN/China/Guangdong/Shenzhen/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 12 08:00:01 atlas sshd[736]: Invalid user marcy from 139.155.94.250 port 57002 Oct 12 08:00:03 atlas sshd[736]: Failed password for invalid user marcy from 139.155.94.250 port 57002 ssh2 Oct 12 08:13:54 atlas sshd[4419]: Invalid user klara from 139.155.94.250 port 38144 Oct 12 08:13:55 atlas sshd[4419]: Failed password for invalid user klara from 139.155.94.250 port 38144 ssh2 Oct 12 08:17:54 atlas sshd[6169]: Invalid user web1 from 139.155.94.250 port 52232	2020-10-12 21:57:38
attackbots	Oct 12 03:08:40 scw-tender-jepsen sshd[20739]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.94.250 Oct 12 03:08:42 scw-tender-jepsen sshd[20739]: Failed password for invalid user eremei from 139.155.94.250 port 47732 ssh2	2020-10-12 13:25:50
attack	Lines containing failures of 139.155.94.250 Oct 5 06:05:04 newdogma sshd[5943]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.94.250 user=r.r Oct 5 06:05:06 newdogma sshd[5943]: Failed password for r.r from 139.155.94.250 port 49576 ssh2 Oct 5 06:05:07 newdogma sshd[5943]: Received disconnect from 139.155.94.250 port 49576:11: Bye Bye [preauth] Oct 5 06:05:07 newdogma sshd[5943]: Disconnected from authenticating user r.r 139.155.94.250 port 49576 [preauth] Oct 5 06:15:10 newdogma sshd[6663]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.94.250 user=r.r Oct 5 06:15:12 newdogma sshd[6663]: Failed password for r.r from 139.155.94.250 port 46184 ssh2 Oct 5 06:15:14 newdogma sshd[6663]: Received disconnect from 139.155.94.250 port 46184:11: Bye Bye [preauth] Oct 5 06:15:14 newdogma sshd[6663]: Disconnected from authenticating user r.r 139.155.94.250 port 46184 [preaut........ ------------------------------	2020-10-07 05:28:27
attackspambots	Lines containing failures of 139.155.94.250 Oct 5 06:05:04 newdogma sshd[5943]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.94.250 user=r.r Oct 5 06:05:06 newdogma sshd[5943]: Failed password for r.r from 139.155.94.250 port 49576 ssh2 Oct 5 06:05:07 newdogma sshd[5943]: Received disconnect from 139.155.94.250 port 49576:11: Bye Bye [preauth] Oct 5 06:05:07 newdogma sshd[5943]: Disconnected from authenticating user r.r 139.155.94.250 port 49576 [preauth] Oct 5 06:15:10 newdogma sshd[6663]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.94.250 user=r.r Oct 5 06:15:12 newdogma sshd[6663]: Failed password for r.r from 139.155.94.250 port 46184 ssh2 Oct 5 06:15:14 newdogma sshd[6663]: Received disconnect from 139.155.94.250 port 46184:11: Bye Bye [preauth] Oct 5 06:15:14 newdogma sshd[6663]: Disconnected from authenticating user r.r 139.155.94.250 port 46184 [preaut........ ------------------------------	2020-10-06 21:37:55
attackbots	Lines containing failures of 139.155.94.250 Oct 5 06:05:04 newdogma sshd[5943]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.94.250 user=r.r Oct 5 06:05:06 newdogma sshd[5943]: Failed password for r.r from 139.155.94.250 port 49576 ssh2 Oct 5 06:05:07 newdogma sshd[5943]: Received disconnect from 139.155.94.250 port 49576:11: Bye Bye [preauth] Oct 5 06:05:07 newdogma sshd[5943]: Disconnected from authenticating user r.r 139.155.94.250 port 49576 [preauth] Oct 5 06:15:10 newdogma sshd[6663]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.94.250 user=r.r Oct 5 06:15:12 newdogma sshd[6663]: Failed password for r.r from 139.155.94.250 port 46184 ssh2 Oct 5 06:15:14 newdogma sshd[6663]: Received disconnect from 139.155.94.250 port 46184:11: Bye Bye [preauth] Oct 5 06:15:14 newdogma sshd[6663]: Disconnected from authenticating user r.r 139.155.94.250 port 46184 [preaut........ ------------------------------	2020-10-06 13:20:03

相同子网IP讨论:

IP	类型	评论内容	时间
139.155.94.65	attackspam	Aug 2 23:17:37 master sshd[10222]: Failed password for root from 139.155.94.65 port 52152 ssh2 Aug 2 23:24:55 master sshd[10312]: Failed password for root from 139.155.94.65 port 40208 ssh2 Aug 2 23:31:30 master sshd[10788]: Failed password for root from 139.155.94.65 port 50292 ssh2 Aug 2 23:37:56 master sshd[10870]: Failed password for root from 139.155.94.65 port 60380 ssh2 Aug 2 23:44:22 master sshd[11020]: Failed password for root from 139.155.94.65 port 42230 ssh2	2020-08-03 06:38:45
139.155.94.150	attack	Unauthorized connection attempt detected from IP address 139.155.94.150 to port 80 [J]	2020-01-17 08:25:56
139.155.94.150	attackspam	Unauthorized connection attempt detected from IP address 139.155.94.150 to port 80	2020-01-01 19:23:10
139.155.94.190	attackspambots	Invalid user barratt from 139.155.94.190 port 55224	2019-12-23 07:32:19
139.155.94.150	attack	WEB_SERVER 403 Forbidden	2019-11-06 02:27:07
139.155.94.150	attack	REQUESTED PAGE: /TP/public/index.php	2019-10-30 01:24:14

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.155.94.250
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 43476
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.155.94.250.			IN	A

;; AUTHORITY SECTION:
.			598	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020100502 1800 900 604800 86400

;; Query time: 319 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Oct 06 13:19:57 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 250.94.155.139.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 250.94.155.139.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
185.204.3.36	attack	Mar 29 12:59:26 localhost sshd[51076]: Invalid user hy from 185.204.3.36 port 48154 Mar 29 12:59:26 localhost sshd[51076]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=gis.as-kair.ru Mar 29 12:59:26 localhost sshd[51076]: Invalid user hy from 185.204.3.36 port 48154 Mar 29 12:59:28 localhost sshd[51076]: Failed password for invalid user hy from 185.204.3.36 port 48154 ssh2 Mar 29 13:05:32 localhost sshd[51567]: Invalid user dfd from 185.204.3.36 port 55456 ...	2020-03-29 21:15:12
203.135.20.36	attackbotsspam	Mar 29 12:43:28 game-panel sshd[9019]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.135.20.36 Mar 29 12:43:31 game-panel sshd[9019]: Failed password for invalid user anela from 203.135.20.36 port 35459 ssh2 Mar 29 12:48:59 game-panel sshd[9299]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.135.20.36	2020-03-29 21:00:22
217.112.142.184	attackbotsspam	Mar 29 05:34:14 mail.srvfarm.net postfix/smtpd[770786]: NOQUEUE: reject: RCPT from pail.yobaat.com[217.112.142.184]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Mar 29 05:34:14 mail.srvfarm.net postfix/smtpd[770787]: NOQUEUE: reject: RCPT from pail.yobaat.com[217.112.142.184]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Mar 29 05:34:14 mail.srvfarm.net postfix/smtpd[770787]: NOQUEUE: reject: RCPT from pail.yobaat.com[217.112.142.184]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Mar 29 05:34:14 mail.srvfarm.net postfix/smtpd[775116]: NOQUEUE: reject: RCPT from pail.yobaat.com[217.112.142.184]: 450 4.1.8	2020-03-29 20:37:53
65.49.44.91	attackspambots	Port scan detected on ports: 1433[TCP], 6433[TCP], 41433[TCP]	2020-03-29 20:42:38
195.231.3.82	attack	Mar 29 13:02:15 mail.srvfarm.net postfix/smtpd[903744]: warning: unknown[195.231.3.82]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Mar 29 13:02:15 mail.srvfarm.net postfix/smtpd[903744]: lost connection after AUTH from unknown[195.231.3.82] Mar 29 13:02:20 mail.srvfarm.net postfix/smtpd[920055]: warning: unknown[195.231.3.82]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Mar 29 13:02:20 mail.srvfarm.net postfix/smtpd[920047]: warning: unknown[195.231.3.82]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Mar 29 13:02:20 mail.srvfarm.net postfix/smtpd[920054]: warning: unknown[195.231.3.82]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2020-03-29 20:39:41
62.171.173.13	attackspambots	Hits on port : 554	2020-03-29 20:59:11
128.199.150.228	attackbots	Mar 29 09:15:50 firewall sshd[29575]: Invalid user admin from 128.199.150.228 Mar 29 09:15:52 firewall sshd[29575]: Failed password for invalid user admin from 128.199.150.228 port 42990 ssh2 Mar 29 09:20:28 firewall sshd[29911]: Invalid user access from 128.199.150.228 ...	2020-03-29 20:47:41
106.12.79.145	attackspambots	Invalid user hqy from 106.12.79.145 port 37036	2020-03-29 21:13:53
213.133.105.6	attackspambots	[MK-VM2] Blocked by UFW	2020-03-29 21:17:13
212.227.17.4	attackbotsspam	SSH login attempts.	2020-03-29 20:36:29
125.209.110.173	attackbots	(sshd) Failed SSH login from 125.209.110.173 (PK/Pakistan/125-209-110-173.multi.net.pk): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Mar 29 14:48:46 ubnt-55d23 sshd[16123]: Invalid user ku from 125.209.110.173 port 50922 Mar 29 14:48:48 ubnt-55d23 sshd[16123]: Failed password for invalid user ku from 125.209.110.173 port 50922 ssh2	2020-03-29 21:10:41
200.69.250.253	attackspambots	$f2bV_matches	2020-03-29 20:38:38
74.82.47.3	attack	Unauthorized FTP access attempts	2020-03-29 20:54:40
189.157.87.229	attackbotsspam	1585486147 - 03/29/2020 14:49:07 Host: 189.157.87.229/189.157.87.229 Port: 445 TCP Blocked	2020-03-29 20:51:17
49.233.170.158	attackbots	trying to access non-authorized port	2020-03-29 20:32:27

最近上报的IP列表

67.255.18.8	113.59.196.102	108.37.185.217	156.86.75.23
237.151.195.200	7.73.53.211	125.78.160.160	71.94.136.19
60.243.49.223	49.144.105.39	188.114.103.175	167.172.227.82
176.176.177.139	204.93.169.72	106.73.14.144	162.158.62.56
95.213.145.38	182.61.41.171	115.76.163.80	168.195.187.41