139.155.22.165

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	2020-08-28T06:37:16+0200 Failed SSH Authentication/Brute Force Attack. (Server 9)	2020-08-28 13:01:55
attack	Jul 28 03:24:33 gw1 sshd[23170]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.22.165 Jul 28 03:24:35 gw1 sshd[23170]: Failed password for invalid user guozp from 139.155.22.165 port 39606 ssh2 ...	2020-07-28 06:40:40
attackspam	malicious Brute-Force reported by https://www.patrick-binder.de ...	2020-07-19 07:25:49
attackspambots	Invalid user paps from 139.155.22.165 port 57664	2020-07-18 05:27:44
attackspambots	Jul 15 11:20:10 vps687878 sshd\[8068\]: Invalid user psy from 139.155.22.165 port 58388 Jul 15 11:20:10 vps687878 sshd\[8068\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.22.165 Jul 15 11:20:12 vps687878 sshd\[8068\]: Failed password for invalid user psy from 139.155.22.165 port 58388 ssh2 Jul 15 11:24:18 vps687878 sshd\[8568\]: Invalid user jhe from 139.155.22.165 port 35164 Jul 15 11:24:18 vps687878 sshd\[8568\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.22.165 ...	2020-07-15 17:45:26
attackbots	Invalid user yamazaki from 139.155.22.165 port 33660 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.22.165 Failed password for invalid user yamazaki from 139.155.22.165 port 33660 ssh2 Invalid user michael from 139.155.22.165 port 59258 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.22.165	2020-07-04 01:03:11
attackspam	2020-06-24T11:53:27.770945abusebot-2.cloudsearch.cf sshd[20676]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.22.165 user=root 2020-06-24T11:53:29.396125abusebot-2.cloudsearch.cf sshd[20676]: Failed password for root from 139.155.22.165 port 36972 ssh2 2020-06-24T11:59:26.890751abusebot-2.cloudsearch.cf sshd[20729]: Invalid user lewis from 139.155.22.165 port 35634 2020-06-24T11:59:26.897984abusebot-2.cloudsearch.cf sshd[20729]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.22.165 2020-06-24T11:59:26.890751abusebot-2.cloudsearch.cf sshd[20729]: Invalid user lewis from 139.155.22.165 port 35634 2020-06-24T11:59:29.476308abusebot-2.cloudsearch.cf sshd[20729]: Failed password for invalid user lewis from 139.155.22.165 port 35634 ssh2 2020-06-24T12:02:36.732999abusebot-2.cloudsearch.cf sshd[20747]: Invalid user lukas from 139.155.22.165 port 41018 ...	2020-06-25 03:16:02
attackbotsspam	2020-06-08T08:16:19.963945vps773228.ovh.net sshd[3200]: Failed password for root from 139.155.22.165 port 48624 ssh2 2020-06-08T08:18:22.456224vps773228.ovh.net sshd[3220]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.22.165 user=root 2020-06-08T08:18:24.905752vps773228.ovh.net sshd[3220]: Failed password for root from 139.155.22.165 port 57758 ssh2 2020-06-08T08:20:25.881133vps773228.ovh.net sshd[3282]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.22.165 user=root 2020-06-08T08:20:27.883865vps773228.ovh.net sshd[3282]: Failed password for root from 139.155.22.165 port 38110 ssh2 ...	2020-06-08 14:56:22
attackbots	May 27 14:10:39 v2202003116398111542 sshd[8181]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.22.165 user=bin	2020-06-03 01:01:35
attackbots	Invalid user test from 139.155.22.165 port 60186	2020-05-01 12:11:51
attack	Invalid user dasusr from 139.155.22.165 port 55780	2020-04-17 13:32:02
attackspambots	(sshd) Failed SSH login from 139.155.22.165 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Apr 16 15:04:57 srv sshd[9046]: Invalid user admin from 139.155.22.165 port 38722 Apr 16 15:04:59 srv sshd[9046]: Failed password for invalid user admin from 139.155.22.165 port 38722 ssh2 Apr 16 15:11:10 srv sshd[9263]: Invalid user admin from 139.155.22.165 port 39302 Apr 16 15:11:12 srv sshd[9263]: Failed password for invalid user admin from 139.155.22.165 port 39302 ssh2 Apr 16 15:14:42 srv sshd[9345]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.22.165 user=root	2020-04-16 21:45:58
attack	$f2bV_matches	2020-04-05 18:54:09
attack	"SSH brute force auth login attempt."	2020-01-26 22:23:02
attack	Unauthorized connection attempt detected from IP address 139.155.22.165 to port 2220 [J]	2020-01-26 04:34:57
attackspam	Unauthorized connection attempt detected from IP address 139.155.22.165 to port 2220 [J]	2020-01-25 17:30:26
attack	Jan 22 05:57:06 localhost sshd\[31580\]: Invalid user you from 139.155.22.165 port 42974 Jan 22 05:57:06 localhost sshd\[31580\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.22.165 Jan 22 05:57:08 localhost sshd\[31580\]: Failed password for invalid user you from 139.155.22.165 port 42974 ssh2	2020-01-22 13:09:21
attackspam	Invalid user sanath from 139.155.22.165 port 33910	2020-01-19 04:36:03
attackbots	$f2bV_matches	2020-01-12 00:29:38
attackbotsspam	Nov 22 09:31:37 sauna sshd[164380]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.22.165 Nov 22 09:31:40 sauna sshd[164380]: Failed password for invalid user misyogixd from 139.155.22.165 port 48410 ssh2 ...	2019-11-22 15:50:21
attackbotsspam	Nov 19 22:58:02 sd-53420 sshd\[22528\]: Invalid user encarnacion from 139.155.22.165 Nov 19 22:58:02 sd-53420 sshd\[22528\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.22.165 Nov 19 22:58:04 sd-53420 sshd\[22528\]: Failed password for invalid user encarnacion from 139.155.22.165 port 38808 ssh2 Nov 19 23:01:58 sd-53420 sshd\[23628\]: User root from 139.155.22.165 not allowed because none of user's groups are listed in AllowGroups Nov 19 23:01:58 sd-53420 sshd\[23628\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.22.165 user=root ...	2019-11-20 06:14:24
attackspam	Invalid user baudoin from 139.155.22.165 port 46152	2019-11-16 06:59:28
attackbotsspam	Nov 6 21:33:40 sachi sshd\[30793\]: Invalid user very from 139.155.22.165 Nov 6 21:33:40 sachi sshd\[30793\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.22.165 Nov 6 21:33:42 sachi sshd\[30793\]: Failed password for invalid user very from 139.155.22.165 port 37052 ssh2 Nov 6 21:38:00 sachi sshd\[31122\]: Invalid user edongidc0668 from 139.155.22.165 Nov 6 21:38:00 sachi sshd\[31122\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.22.165	2019-11-07 15:49:11
attackbots	Oct 29 06:43:14 markkoudstaal sshd[21635]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.22.165 Oct 29 06:43:16 markkoudstaal sshd[21635]: Failed password for invalid user bmffr from 139.155.22.165 port 43512 ssh2 Oct 29 06:48:53 markkoudstaal sshd[22204]: Failed password for root from 139.155.22.165 port 54918 ssh2	2019-10-29 13:56:38
attackbotsspam	Sep 23 00:10:06 vps01 sshd[15926]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.22.165 Sep 23 00:10:09 vps01 sshd[15926]: Failed password for invalid user ftp from 139.155.22.165 port 33060 ssh2	2019-09-23 06:16:57

相同子网IP讨论:

IP	类型	评论内容	时间
139.155.225.13	attack	SSH auth scanning - multiple failed logins	2020-10-06 05:44:10
139.155.225.13	attack	SSH auth scanning - multiple failed logins	2020-10-05 21:48:50
139.155.225.13	attackbotsspam	SSH auth scanning - multiple failed logins	2020-10-05 13:42:05
139.155.226.188	attackbots	2020-10-01T19:09:20.473230mail.broermann.family sshd[21573]: Invalid user git from 139.155.226.188 port 51440 2020-10-01T19:09:20.478600mail.broermann.family sshd[21573]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.226.188 2020-10-01T19:09:20.473230mail.broermann.family sshd[21573]: Invalid user git from 139.155.226.188 port 51440 2020-10-01T19:09:22.659008mail.broermann.family sshd[21573]: Failed password for invalid user git from 139.155.226.188 port 51440 ssh2 2020-10-01T19:15:45.461831mail.broermann.family sshd[22073]: Invalid user proxy from 139.155.226.188 port 52706 ...	2020-10-02 05:30:38
139.155.226.188	attackbots	Oct 1 15:37:49 server sshd[22762]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.226.188 Oct 1 15:37:51 server sshd[22762]: Failed password for invalid user mmx from 139.155.226.188 port 36540 ssh2 Oct 1 15:51:11 server sshd[23652]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.226.188 user=root Oct 1 15:51:13 server sshd[23652]: Failed password for invalid user root from 139.155.226.188 port 41544 ssh2	2020-10-01 21:51:50
139.155.225.13	attackbots	SSH Bruteforce attack	2020-09-26 07:19:44
139.155.225.13	attack	Invalid user projects from 139.155.225.13 port 35996	2020-09-26 00:30:33
139.155.225.13	attack	Sep 25 08:57:15 ns382633 sshd\[2161\]: Invalid user svn from 139.155.225.13 port 44512 Sep 25 08:57:15 ns382633 sshd\[2161\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.225.13 Sep 25 08:57:17 ns382633 sshd\[2161\]: Failed password for invalid user svn from 139.155.225.13 port 44512 ssh2 Sep 25 09:02:30 ns382633 sshd\[3133\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.225.13 user=root Sep 25 09:02:31 ns382633 sshd\[3133\]: Failed password for root from 139.155.225.13 port 33606 ssh2	2020-09-25 16:06:29
139.155.22.127	attackbots	Jan 27 03:12:24 eddieflores sshd\[12331\]: Invalid user jenkins from 139.155.22.127 Jan 27 03:12:24 eddieflores sshd\[12331\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.22.127 Jan 27 03:12:26 eddieflores sshd\[12331\]: Failed password for invalid user jenkins from 139.155.22.127 port 37220 ssh2 Jan 27 03:16:30 eddieflores sshd\[12920\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.22.127 user=root Jan 27 03:16:32 eddieflores sshd\[12920\]: Failed password for root from 139.155.22.127 port 37358 ssh2	2020-01-27 21:30:54
139.155.22.127	attackspambots	Unauthorized connection attempt detected from IP address 139.155.22.127 to port 2220 [J]	2020-01-24 05:02:53

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.155.22.165
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 38295
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.155.22.165.			IN	A

;; AUTHORITY SECTION:
.			514	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019092201 1800 900 604800 86400

;; Query time: 209 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Sep 23 06:16:54 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 165.22.155.139.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 165.22.155.139.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
184.168.193.204	attack	Automatic report - XMLRPC Attack	2020-06-24 19:20:27
218.4.239.146	attackbotsspam	2020-06-24T17:30:58.075025mx1.h3z.jp postfix/smtpd[8596]: warning: unknown[218.4.239.146]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2020-06-24T17:31:05.263465mx1.h3z.jp postfix/smtpd[8596]: warning: unknown[218.4.239.146]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2020-06-24T17:31:16.123397mx1.h3z.jp postfix/smtpd[8596]: warning: unknown[218.4.239.146]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-06-24 19:23:09
58.153.148.2	attack	2020-06-24T05:49[Censored Hostname] sshd[26387]: Failed password for invalid user admin from 58.153.148.2 port 46174 ssh2 2020-06-24T05:49[Censored Hostname] sshd[26389]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=n058153148002.netvigator.com user=root 2020-06-24T05:49[Censored Hostname] sshd[26389]: Failed password for root from 58.153.148.2 port 46432 ssh2[...]	2020-06-24 19:22:03
182.71.221.78	attackbotsspam	...	2020-06-24 19:53:52
222.186.173.142	attackspambots	Jun 24 07:04:59 NPSTNNYC01T sshd[31127]: Failed password for root from 222.186.173.142 port 47100 ssh2 Jun 24 07:05:15 NPSTNNYC01T sshd[31127]: error: maximum authentication attempts exceeded for root from 222.186.173.142 port 47100 ssh2 [preauth] Jun 24 07:05:21 NPSTNNYC01T sshd[31133]: Failed password for root from 222.186.173.142 port 64850 ssh2 ...	2020-06-24 19:34:31
35.194.178.89	attackbots	Jun 24 11:27:33 fhem-rasp sshd[18597]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.194.178.89 Jun 24 11:27:36 fhem-rasp sshd[18597]: Failed password for invalid user postgres from 35.194.178.89 port 54280 ssh2 ...	2020-06-24 19:23:36
77.82.90.234	attackbots	Jun 24 09:18:35 odroid64 sshd\[11487\]: Invalid user db2fenc2 from 77.82.90.234 Jun 24 09:18:35 odroid64 sshd\[11487\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=77.82.90.234 ...	2020-06-24 19:24:08
118.69.173.199	attackbots	xmlrpc attack	2020-06-24 19:21:24
177.155.36.208	attackbots	Unauthorized connection attempt detected from IP address 177.155.36.208 to port 23	2020-06-24 19:16:53
159.65.217.130	attackspambots	SSH_attack	2020-06-24 19:31:46
171.241.234.40	attack	PHI,WP GET /wp-login.php	2020-06-24 19:38:30
173.232.33.185	spam	Aggressive email spammer on subnet 173.232.33.*	2020-06-24 19:41:05
121.170.121.89	attack	2020-06-24T12:47:32.464564vps773228.ovh.net sshd[5404]: Invalid user titan from 121.170.121.89 port 49464 2020-06-24T12:47:32.482420vps773228.ovh.net sshd[5404]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.170.121.89 2020-06-24T12:47:32.464564vps773228.ovh.net sshd[5404]: Invalid user titan from 121.170.121.89 port 49464 2020-06-24T12:47:34.153510vps773228.ovh.net sshd[5404]: Failed password for invalid user titan from 121.170.121.89 port 49464 ssh2 2020-06-24T12:51:09.178300vps773228.ovh.net sshd[5452]: Invalid user sports from 121.170.121.89 port 49314 ...	2020-06-24 19:45:05
86.181.38.134	attackbotsspam	Automatic report - Port Scan	2020-06-24 19:17:29
183.134.89.199	attack	Jun 24 09:45:43 nextcloud sshd\[13653\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.134.89.199 user=elasticsearch Jun 24 09:45:46 nextcloud sshd\[13653\]: Failed password for elasticsearch from 183.134.89.199 port 50366 ssh2 Jun 24 09:49:28 nextcloud sshd\[18331\]: Invalid user uftp from 183.134.89.199 Jun 24 09:49:28 nextcloud sshd\[18331\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.134.89.199	2020-06-24 19:17:44

最近上报的IP列表

146.91.30.44	177.107.205.186	196.31.98.122	79.56.6.201
134.209.158.77	117.193.122.73	222.188.29.91	113.35.96.245
198.12.86.18	104.248.149.81	104.211.229.225	39.70.32.158
181.236.250.193	52.184.136.218	156.234.192.235	129.146.129.165
119.237.177.121	52.199.163.188	115.90.244.154	51.83.98.104