139.155.1.18 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Aug 3 05:55:18 jumpserver sshd[368922]: Invalid user suselinux from 139.155.1.18 port 58428 Aug 3 05:55:20 jumpserver sshd[368922]: Failed password for invalid user suselinux from 139.155.1.18 port 58428 ssh2 Aug 3 05:58:10 jumpserver sshd[368991]: Invalid user Dd123456 from 139.155.1.18 port 59140 ...	2020-08-03 19:03:49
attackspam	Jul 3 23:17:55 scw-tender-jepsen sshd[17294]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.1.18 Jul 3 23:17:57 scw-tender-jepsen sshd[17294]: Failed password for invalid user abc from 139.155.1.18 port 57588 ssh2	2020-07-04 07:44:31
attack	Jun 19 16:16:10 vps639187 sshd\[31364\]: Invalid user open from 139.155.1.18 port 60438 Jun 19 16:16:10 vps639187 sshd\[31364\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.1.18 Jun 19 16:16:12 vps639187 sshd\[31364\]: Failed password for invalid user open from 139.155.1.18 port 60438 ssh2 ...	2020-06-20 00:55:19
attackbots	Jun 7 13:27:05 web1 sshd[25814]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.1.18 user=root Jun 7 13:27:06 web1 sshd[25814]: Failed password for root from 139.155.1.18 port 36240 ssh2 Jun 7 13:36:08 web1 sshd[28047]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.1.18 user=root Jun 7 13:36:10 web1 sshd[28047]: Failed password for root from 139.155.1.18 port 37120 ssh2 Jun 7 13:41:15 web1 sshd[29283]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.1.18 user=root Jun 7 13:41:17 web1 sshd[29283]: Failed password for root from 139.155.1.18 port 60494 ssh2 Jun 7 13:51:19 web1 sshd[31730]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.1.18 user=root Jun 7 13:51:20 web1 sshd[31730]: Failed password for root from 139.155.1.18 port 50766 ssh2 Jun 7 13:56:13 web1 sshd[571]: pam_unix(ssh ...	2020-06-07 14:09:07
attackspambots	Invalid user ghost from 139.155.1.18 port 48936	2020-04-29 19:59:44
attackspam	(sshd) Failed SSH login from 139.155.1.18 (JP/Japan/-): 5 in the last 3600 secs	2020-04-15 21:47:30
attackspambots	Mar 25 22:44:04 hosting180 sshd[28057]: Invalid user dl from 139.155.1.18 port 42324 ...	2020-03-26 06:24:18
attack	$f2bV_matches	2020-03-24 15:33:27
attack	$f2bV_matches \| Triggered by Fail2Ban at Vostok web server	2020-03-18 15:51:36
attackspambots	Feb 12 10:48:37 plusreed sshd[19355]: Invalid user usuario from 139.155.1.18 ...	2020-02-13 01:37:36
attackspam	Jan 11 19:06:10 master sshd[25189]: Failed password for invalid user jqc from 139.155.1.18 port 55034 ssh2 Jan 11 19:24:57 master sshd[25391]: Failed password for invalid user vsftpd from 139.155.1.18 port 59558 ssh2 Jan 11 19:29:57 master sshd[25430]: Failed password for root from 139.155.1.18 port 55180 ssh2	2020-01-12 01:59:23
attackspambots	Jan 11 16:26:26 webhost01 sshd[23956]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.1.18 Jan 11 16:26:28 webhost01 sshd[23956]: Failed password for invalid user hate from 139.155.1.18 port 33898 ssh2 ...	2020-01-11 19:20:23
attackbotsspam	Unauthorized connection attempt detected from IP address 139.155.1.18 to port 22	2020-01-01 07:13:15
attack	Dec 24 11:01:27 localhost sshd\[22829\]: Invalid user shekwan from 139.155.1.18 port 52092 Dec 24 11:01:27 localhost sshd\[22829\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.1.18 Dec 24 11:01:29 localhost sshd\[22829\]: Failed password for invalid user shekwan from 139.155.1.18 port 52092 ssh2	2019-12-24 18:59:07
attack	$f2bV_matches	2019-12-11 23:57:10
attackspam	$f2bV_matches	2019-12-06 06:54:18
attackspambots	Dec 1 07:39:04 php1 sshd\[13265\]: Invalid user ramroop from 139.155.1.18 Dec 1 07:39:04 php1 sshd\[13265\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.1.18 Dec 1 07:39:06 php1 sshd\[13265\]: Failed password for invalid user ramroop from 139.155.1.18 port 57380 ssh2 Dec 1 07:42:43 php1 sshd\[13610\]: Invalid user host from 139.155.1.18 Dec 1 07:42:43 php1 sshd\[13610\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.1.18	2019-12-02 01:45:03
attackspam	Nov 23 22:58:58 meumeu sshd[2420]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.1.18 Nov 23 22:59:00 meumeu sshd[2420]: Failed password for invalid user doblas from 139.155.1.18 port 58658 ssh2 Nov 23 23:03:21 meumeu sshd[3124]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.1.18 ...	2019-11-30 17:37:16
attackbotsspam	Nov 29 16:10:03 dedicated sshd[15255]: Invalid user jszpila from 139.155.1.18 port 48810	2019-11-30 02:48:15
attack	Fail2Ban - SSH Bruteforce Attempt	2019-10-29 15:32:59
attackbotsspam	Oct 23 22:12:06 vmd17057 sshd\[15152\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.1.18 user=root Oct 23 22:12:08 vmd17057 sshd\[15152\]: Failed password for root from 139.155.1.18 port 55128 ssh2 Oct 23 22:17:12 vmd17057 sshd\[15502\]: Invalid user pa from 139.155.1.18 port 33814 Oct 23 22:17:12 vmd17057 sshd\[15502\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.1.18 ...	2019-10-24 04:47:27
attackspam	Oct 22 06:54:00 www sshd\[47170\]: Invalid user 123456 from 139.155.1.18Oct 22 06:54:02 www sshd\[47170\]: Failed password for invalid user 123456 from 139.155.1.18 port 42108 ssh2Oct 22 06:58:23 www sshd\[47471\]: Invalid user Hamster from 139.155.1.18 ...	2019-10-22 12:08:19
attackbots	SSH Brute Force	2019-10-17 23:06:36
attackspambots	Oct 16 08:29:57 home sshd[30825]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.1.18 user=root Oct 16 08:30:00 home sshd[30825]: Failed password for root from 139.155.1.18 port 42250 ssh2 Oct 16 08:45:13 home sshd[30925]: Invalid user ts3srv from 139.155.1.18 port 33480 Oct 16 08:45:13 home sshd[30925]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.1.18 Oct 16 08:45:13 home sshd[30925]: Invalid user ts3srv from 139.155.1.18 port 33480 Oct 16 08:45:15 home sshd[30925]: Failed password for invalid user ts3srv from 139.155.1.18 port 33480 ssh2 Oct 16 08:50:59 home sshd[30976]: Invalid user zhouh from 139.155.1.18 port 40004 Oct 16 08:50:59 home sshd[30976]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.1.18 Oct 16 08:50:59 home sshd[30976]: Invalid user zhouh from 139.155.1.18 port 40004 Oct 16 08:51:01 home sshd[30976]: Failed password for invalid user zhouh from	2019-10-17 02:21:54
attackbotsspam	Oct 5 14:41:14 jane sshd[7987]: Failed password for root from 139.155.1.18 port 40266 ssh2 ...	2019-10-05 21:27:13
attackspam	Oct 3 07:23:06 mail sshd\[17678\]: Invalid user server from 139.155.1.18 port 49590 Oct 3 07:23:06 mail sshd\[17678\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.1.18 Oct 3 07:23:08 mail sshd\[17678\]: Failed password for invalid user server from 139.155.1.18 port 49590 ssh2 Oct 3 07:28:34 mail sshd\[18153\]: Invalid user eggy from 139.155.1.18 port 53618 Oct 3 07:28:34 mail sshd\[18153\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.1.18	2019-10-03 14:02:17
attack	Sep 28 12:26:42 hpm sshd\[30556\]: Invalid user sangka from 139.155.1.18 Sep 28 12:26:42 hpm sshd\[30556\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.1.18 Sep 28 12:26:44 hpm sshd\[30556\]: Failed password for invalid user sangka from 139.155.1.18 port 58610 ssh2 Sep 28 12:30:04 hpm sshd\[30850\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.1.18 user=mysql Sep 28 12:30:06 hpm sshd\[30850\]: Failed password for mysql from 139.155.1.18 port 58018 ssh2	2019-09-29 06:30:54
attackspambots	'Fail2Ban'	2019-09-27 18:54:20
attackspam	Aug 19 20:23:40 xb3 sshd[4433]: Failed password for invalid user admin from 139.155.1.18 port 36248 ssh2 Aug 19 20:23:40 xb3 sshd[4433]: Received disconnect from 139.155.1.18: 11: Bye Bye [preauth] Aug 19 20:30:44 xb3 sshd[31348]: Failed password for invalid user dylan from 139.155.1.18 port 55420 ssh2 Aug 19 20:30:45 xb3 sshd[31348]: Received disconnect from 139.155.1.18: 11: Bye Bye [preauth] Aug 19 20:33:34 xb3 sshd[5061]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.1.18 user=r.r Aug 19 20:33:36 xb3 sshd[5061]: Failed password for r.r from 139.155.1.18 port 49318 ssh2 Aug 19 20:33:37 xb3 sshd[5061]: Received disconnect from 139.155.1.18: 11: Bye Bye [preauth] Aug 19 20:38:56 xb3 sshd[7144]: Failed password for invalid user teste from 139.155.1.18 port 37084 ssh2 Aug 19 20:38:56 xb3 sshd[7144]: Received disconnect from 139.155.1.18: 11: Bye Bye [preauth] Aug 19 20:41:34 xb3 sshd[1023]: Failed password for invalid us........ -------------------------------	2019-08-20 06:48:59

相同子网IP讨论:

IP	类型	评论内容	时间
139.155.13.59	attack	sshd: Failed password for invalid user .... from 139.155.13.59 port 60208 ssh2 (8 attempts)	2020-10-13 17:34:17
139.155.13.21	attackspambots	Connection to SSH Honeypot - Detected by HoneypotDB	2020-10-06 07:33:29
139.155.1.62	attack	Tried sshing with brute force.	2020-10-06 06:47:19
139.155.13.21	attack	Connection to SSH Honeypot - Detected by HoneypotDB	2020-10-05 23:49:56
139.155.1.62	attackbots	Oct 5 09:36:25 ws26vmsma01 sshd[85964]: Failed password for root from 139.155.1.62 port 51434 ssh2 ...	2020-10-05 22:56:42
139.155.13.21	attackspambots	Oct 5 09:18:04 ip106 sshd[15735]: Failed password for root from 139.155.13.21 port 43686 ssh2 ...	2020-10-05 15:50:01
139.155.1.62	attackbots	fail2ban detected bruce force on ssh iptables	2020-10-05 14:55:39
139.155.1.137	attackspam	Sep 27 22:58:36 roki-contabo sshd\[2611\]: Invalid user test from 139.155.1.137 Sep 27 22:58:37 roki-contabo sshd\[2611\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.1.137 Sep 27 22:58:39 roki-contabo sshd\[2611\]: Failed password for invalid user test from 139.155.1.137 port 52740 ssh2 Sep 27 23:10:15 roki-contabo sshd\[2765\]: Invalid user tom from 139.155.1.137 Sep 27 23:10:15 roki-contabo sshd\[2765\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.1.137 ...	2020-10-05 06:07:50
139.155.1.137	attack	Brute-force attempt banned	2020-10-04 22:06:28
139.155.1.137	attackbotsspam	5x Failed Password	2020-10-04 13:53:08
139.155.17.13	attackspambots	2020-09-28 UTC: (32x) - albert,ali,caixa,dev,ips,manager,mysql,nproc(2x),oracle,root(12x),steve,sun,sysadmin,teamspeak,test,testuser,user2,usuario1,yang,zope	2020-09-29 19:34:05
139.155.13.81	attack	Invalid user administrator from 139.155.13.81 port 43454	2020-09-27 07:18:28
139.155.13.81	attack	Sep 26 17:09:11 ns382633 sshd\[29250\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.13.81 user=root Sep 26 17:09:13 ns382633 sshd\[29250\]: Failed password for root from 139.155.13.81 port 53970 ssh2 Sep 26 17:14:30 ns382633 sshd\[30199\]: Invalid user cisco from 139.155.13.81 port 51202 Sep 26 17:14:30 ns382633 sshd\[30199\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.13.81 Sep 26 17:14:32 ns382633 sshd\[30199\]: Failed password for invalid user cisco from 139.155.13.81 port 51202 ssh2	2020-09-26 23:47:41
139.155.17.76	attackbotsspam	Sep 16 08:56:25 itv-usvr-01 sshd[28095]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.17.76 user=root Sep 16 08:56:26 itv-usvr-01 sshd[28095]: Failed password for root from 139.155.17.76 port 53894 ssh2 Sep 16 08:58:10 itv-usvr-01 sshd[28179]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.17.76 user=root Sep 16 08:58:12 itv-usvr-01 sshd[28179]: Failed password for root from 139.155.17.76 port 43986 ssh2 Sep 16 08:59:25 itv-usvr-01 sshd[28212]: Invalid user medical from 139.155.17.76	2020-09-16 12:13:07
139.155.17.76	attackspambots	Sep 15 19:15:20 master sshd[23060]: Failed password for root from 139.155.17.76 port 41072 ssh2 Sep 15 19:20:16 master sshd[23099]: Failed password for invalid user tortoisesvn from 139.155.17.76 port 56516 ssh2 Sep 15 19:23:05 master sshd[23112]: Failed password for root from 139.155.17.76 port 55714 ssh2 Sep 15 19:25:36 master sshd[23126]: Failed password for root from 139.155.17.76 port 54902 ssh2 Sep 15 19:28:12 master sshd[23140]: Failed password for root from 139.155.17.76 port 54090 ssh2 Sep 15 19:36:13 master sshd[23212]: Failed password for root from 139.155.17.76 port 51656 ssh2 Sep 15 19:38:48 master sshd[23236]: Failed password for invalid user greta from 139.155.17.76 port 50852 ssh2 Sep 15 19:43:57 master sshd[23269]: Failed password for invalid user macallister from 139.155.17.76 port 49246 ssh2 Sep 15 19:46:30 master sshd[23302]: Failed password for root from 139.155.17.76 port 48440 ssh2 Sep 15 19:49:03 master sshd[23325]: Failed password for root from 139.155.17.76 port 47634 ssh2	2020-09-16 04:02:12

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.155.1.18
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 18612
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.155.1.18.			IN	A

;; AUTHORITY SECTION:
.			3411	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019081902 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Aug 20 06:48:53 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 18.1.155.139.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 18.1.155.139.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
85.43.248.122	attackspambots	Unauthorized connection attempt from IP address 85.43.248.122 on Port 445(SMB)	2020-01-17 23:22:16
103.73.102.106	attackspambots	Portscan or hack attempt detected by psad/fwsnort	2020-01-17 23:24:54
95.132.38.175	attack	Unauthorized connection attempt from IP address 95.132.38.175 on Port 445(SMB)	2020-01-17 23:18:53
93.170.52.65	attack	Unauthorized connection attempt from IP address 93.170.52.65 on Port 445(SMB)	2020-01-17 23:10:57
49.144.76.229	attackspambots	Unauthorized connection attempt from IP address 49.144.76.229 on Port 445(SMB)	2020-01-17 23:13:21
106.13.183.92	attackbots	Unauthorized connection attempt detected from IP address 106.13.183.92 to port 2220 [J]	2020-01-17 23:39:41
151.29.15.41	attack	Unauthorized connection attempt detected from IP address 151.29.15.41 to port 22 [J]	2020-01-17 23:27:49
222.186.180.17	attackspam	Jan 17 15:25:11 game-panel sshd[16202]: Failed password for root from 222.186.180.17 port 7648 ssh2 Jan 17 15:25:15 game-panel sshd[16202]: Failed password for root from 222.186.180.17 port 7648 ssh2 Jan 17 15:25:30 game-panel sshd[16204]: Failed password for root from 222.186.180.17 port 39974 ssh2	2020-01-17 23:34:09
106.6.175.230	attackbotsspam	Jan 17 13:20:55 kmh-sql-001-nbg01 sshd[2221]: Invalid user edu from 106.6.175.230 port 7735 Jan 17 13:20:55 kmh-sql-001-nbg01 sshd[2221]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.6.175.230 Jan 17 13:20:57 kmh-sql-001-nbg01 sshd[2221]: Failed password for invalid user edu from 106.6.175.230 port 7735 ssh2 Jan 17 13:20:57 kmh-sql-001-nbg01 sshd[2221]: Received disconnect from 106.6.175.230 port 7735:11: Bye Bye [preauth] Jan 17 13:20:57 kmh-sql-001-nbg01 sshd[2221]: Disconnected from 106.6.175.230 port 7735 [preauth] Jan 17 13:42:34 kmh-sql-001-nbg01 sshd[4962]: Invalid user ftptest from 106.6.175.230 port 7909 Jan 17 13:42:34 kmh-sql-001-nbg01 sshd[4962]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.6.175.230 Jan 17 13:42:35 kmh-sql-001-nbg01 sshd[4962]: Failed password for invalid user ftptest from 106.6.175.230 port 7909 ssh2 Jan 17 13:42:36 kmh-sql-001-nbg01 sshd[4962]: R........ -------------------------------	2020-01-17 23:34:38
80.66.81.143	attackspam	Jan 17 16:14:11 relay postfix/smtpd\[18916\]: warning: unknown\[80.66.81.143\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jan 17 16:14:12 relay postfix/smtpd\[18918\]: warning: unknown\[80.66.81.143\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jan 17 16:14:34 relay postfix/smtpd\[23063\]: warning: unknown\[80.66.81.143\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jan 17 16:15:31 relay postfix/smtpd\[18858\]: warning: unknown\[80.66.81.143\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jan 17 16:15:49 relay postfix/smtpd\[18913\]: warning: unknown\[80.66.81.143\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-01-17 23:26:19
179.97.123.62	attackbotsspam	Unauthorized connection attempt from IP address 179.97.123.62 on Port 445(SMB)	2020-01-17 23:44:28
49.149.64.200	attackbots	Unauthorized connection attempt from IP address 49.149.64.200 on Port 445(SMB)	2020-01-17 23:35:37
41.227.32.119	attackbots	Mail/25/465/587-993/995 Probe, Reject, BadAuth, Hack, SPAM -	2020-01-17 23:34:59
192.241.99.218	attackbotsspam	Unauthorized connection attempt detected from IP address 192.241.99.218 to port 8122 [J]	2020-01-17 23:48:06
140.143.249.246	attackbotsspam	Unauthorized connection attempt detected from IP address 140.143.249.246 to port 2220 [J]	2020-01-17 23:29:09

最近上报的IP列表

156.251.44.133	236.69.208.227	199.246.174.232	228.25.146.82
227.164.186.191	151.80.250.18	57.248.200.147	226.253.170.244
165.59.214.213	89.5.1.21	183.189.151.139	91.63.125.52
153.175.232.142	91.128.246.146	149.228.215.75	177.226.163.108
165.12.202.97	180.130.170.198	148.213.4.70	54.39.138.251