139.155.22.165

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	2020-08-28T06:37:16+0200 Failed SSH Authentication/Brute Force Attack. (Server 9)	2020-08-28 13:01:55
attack	Jul 28 03:24:33 gw1 sshd[23170]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.22.165 Jul 28 03:24:35 gw1 sshd[23170]: Failed password for invalid user guozp from 139.155.22.165 port 39606 ssh2 ...	2020-07-28 06:40:40
attackspam	malicious Brute-Force reported by https://www.patrick-binder.de ...	2020-07-19 07:25:49
attackspambots	Invalid user paps from 139.155.22.165 port 57664	2020-07-18 05:27:44
attackspambots	Jul 15 11:20:10 vps687878 sshd\[8068\]: Invalid user psy from 139.155.22.165 port 58388 Jul 15 11:20:10 vps687878 sshd\[8068\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.22.165 Jul 15 11:20:12 vps687878 sshd\[8068\]: Failed password for invalid user psy from 139.155.22.165 port 58388 ssh2 Jul 15 11:24:18 vps687878 sshd\[8568\]: Invalid user jhe from 139.155.22.165 port 35164 Jul 15 11:24:18 vps687878 sshd\[8568\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.22.165 ...	2020-07-15 17:45:26
attackbots	Invalid user yamazaki from 139.155.22.165 port 33660 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.22.165 Failed password for invalid user yamazaki from 139.155.22.165 port 33660 ssh2 Invalid user michael from 139.155.22.165 port 59258 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.22.165	2020-07-04 01:03:11
attackspam	2020-06-24T11:53:27.770945abusebot-2.cloudsearch.cf sshd[20676]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.22.165 user=root 2020-06-24T11:53:29.396125abusebot-2.cloudsearch.cf sshd[20676]: Failed password for root from 139.155.22.165 port 36972 ssh2 2020-06-24T11:59:26.890751abusebot-2.cloudsearch.cf sshd[20729]: Invalid user lewis from 139.155.22.165 port 35634 2020-06-24T11:59:26.897984abusebot-2.cloudsearch.cf sshd[20729]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.22.165 2020-06-24T11:59:26.890751abusebot-2.cloudsearch.cf sshd[20729]: Invalid user lewis from 139.155.22.165 port 35634 2020-06-24T11:59:29.476308abusebot-2.cloudsearch.cf sshd[20729]: Failed password for invalid user lewis from 139.155.22.165 port 35634 ssh2 2020-06-24T12:02:36.732999abusebot-2.cloudsearch.cf sshd[20747]: Invalid user lukas from 139.155.22.165 port 41018 ...	2020-06-25 03:16:02
attackbotsspam	2020-06-08T08:16:19.963945vps773228.ovh.net sshd[3200]: Failed password for root from 139.155.22.165 port 48624 ssh2 2020-06-08T08:18:22.456224vps773228.ovh.net sshd[3220]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.22.165 user=root 2020-06-08T08:18:24.905752vps773228.ovh.net sshd[3220]: Failed password for root from 139.155.22.165 port 57758 ssh2 2020-06-08T08:20:25.881133vps773228.ovh.net sshd[3282]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.22.165 user=root 2020-06-08T08:20:27.883865vps773228.ovh.net sshd[3282]: Failed password for root from 139.155.22.165 port 38110 ssh2 ...	2020-06-08 14:56:22
attackbots	May 27 14:10:39 v2202003116398111542 sshd[8181]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.22.165 user=bin	2020-06-03 01:01:35
attackbots	Invalid user test from 139.155.22.165 port 60186	2020-05-01 12:11:51
attack	Invalid user dasusr from 139.155.22.165 port 55780	2020-04-17 13:32:02
attackspambots	(sshd) Failed SSH login from 139.155.22.165 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Apr 16 15:04:57 srv sshd[9046]: Invalid user admin from 139.155.22.165 port 38722 Apr 16 15:04:59 srv sshd[9046]: Failed password for invalid user admin from 139.155.22.165 port 38722 ssh2 Apr 16 15:11:10 srv sshd[9263]: Invalid user admin from 139.155.22.165 port 39302 Apr 16 15:11:12 srv sshd[9263]: Failed password for invalid user admin from 139.155.22.165 port 39302 ssh2 Apr 16 15:14:42 srv sshd[9345]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.22.165 user=root	2020-04-16 21:45:58
attack	$f2bV_matches	2020-04-05 18:54:09
attack	"SSH brute force auth login attempt."	2020-01-26 22:23:02
attack	Unauthorized connection attempt detected from IP address 139.155.22.165 to port 2220 [J]	2020-01-26 04:34:57
attackspam	Unauthorized connection attempt detected from IP address 139.155.22.165 to port 2220 [J]	2020-01-25 17:30:26
attack	Jan 22 05:57:06 localhost sshd\[31580\]: Invalid user you from 139.155.22.165 port 42974 Jan 22 05:57:06 localhost sshd\[31580\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.22.165 Jan 22 05:57:08 localhost sshd\[31580\]: Failed password for invalid user you from 139.155.22.165 port 42974 ssh2	2020-01-22 13:09:21
attackspam	Invalid user sanath from 139.155.22.165 port 33910	2020-01-19 04:36:03
attackbots	$f2bV_matches	2020-01-12 00:29:38
attackbotsspam	Nov 22 09:31:37 sauna sshd[164380]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.22.165 Nov 22 09:31:40 sauna sshd[164380]: Failed password for invalid user misyogixd from 139.155.22.165 port 48410 ssh2 ...	2019-11-22 15:50:21
attackbotsspam	Nov 19 22:58:02 sd-53420 sshd\[22528\]: Invalid user encarnacion from 139.155.22.165 Nov 19 22:58:02 sd-53420 sshd\[22528\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.22.165 Nov 19 22:58:04 sd-53420 sshd\[22528\]: Failed password for invalid user encarnacion from 139.155.22.165 port 38808 ssh2 Nov 19 23:01:58 sd-53420 sshd\[23628\]: User root from 139.155.22.165 not allowed because none of user's groups are listed in AllowGroups Nov 19 23:01:58 sd-53420 sshd\[23628\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.22.165 user=root ...	2019-11-20 06:14:24
attackspam	Invalid user baudoin from 139.155.22.165 port 46152	2019-11-16 06:59:28
attackbotsspam	Nov 6 21:33:40 sachi sshd\[30793\]: Invalid user very from 139.155.22.165 Nov 6 21:33:40 sachi sshd\[30793\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.22.165 Nov 6 21:33:42 sachi sshd\[30793\]: Failed password for invalid user very from 139.155.22.165 port 37052 ssh2 Nov 6 21:38:00 sachi sshd\[31122\]: Invalid user edongidc0668 from 139.155.22.165 Nov 6 21:38:00 sachi sshd\[31122\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.22.165	2019-11-07 15:49:11
attackbots	Oct 29 06:43:14 markkoudstaal sshd[21635]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.22.165 Oct 29 06:43:16 markkoudstaal sshd[21635]: Failed password for invalid user bmffr from 139.155.22.165 port 43512 ssh2 Oct 29 06:48:53 markkoudstaal sshd[22204]: Failed password for root from 139.155.22.165 port 54918 ssh2	2019-10-29 13:56:38
attackbotsspam	Sep 23 00:10:06 vps01 sshd[15926]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.22.165 Sep 23 00:10:09 vps01 sshd[15926]: Failed password for invalid user ftp from 139.155.22.165 port 33060 ssh2	2019-09-23 06:16:57

相同子网IP讨论:

IP	类型	评论内容	时间
139.155.225.13	attack	SSH auth scanning - multiple failed logins	2020-10-06 05:44:10
139.155.225.13	attack	SSH auth scanning - multiple failed logins	2020-10-05 21:48:50
139.155.225.13	attackbotsspam	SSH auth scanning - multiple failed logins	2020-10-05 13:42:05
139.155.226.188	attackbots	2020-10-01T19:09:20.473230mail.broermann.family sshd[21573]: Invalid user git from 139.155.226.188 port 51440 2020-10-01T19:09:20.478600mail.broermann.family sshd[21573]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.226.188 2020-10-01T19:09:20.473230mail.broermann.family sshd[21573]: Invalid user git from 139.155.226.188 port 51440 2020-10-01T19:09:22.659008mail.broermann.family sshd[21573]: Failed password for invalid user git from 139.155.226.188 port 51440 ssh2 2020-10-01T19:15:45.461831mail.broermann.family sshd[22073]: Invalid user proxy from 139.155.226.188 port 52706 ...	2020-10-02 05:30:38
139.155.226.188	attackbots	Oct 1 15:37:49 server sshd[22762]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.226.188 Oct 1 15:37:51 server sshd[22762]: Failed password for invalid user mmx from 139.155.226.188 port 36540 ssh2 Oct 1 15:51:11 server sshd[23652]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.226.188 user=root Oct 1 15:51:13 server sshd[23652]: Failed password for invalid user root from 139.155.226.188 port 41544 ssh2	2020-10-01 21:51:50
139.155.225.13	attackbots	SSH Bruteforce attack	2020-09-26 07:19:44
139.155.225.13	attack	Invalid user projects from 139.155.225.13 port 35996	2020-09-26 00:30:33
139.155.225.13	attack	Sep 25 08:57:15 ns382633 sshd\[2161\]: Invalid user svn from 139.155.225.13 port 44512 Sep 25 08:57:15 ns382633 sshd\[2161\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.225.13 Sep 25 08:57:17 ns382633 sshd\[2161\]: Failed password for invalid user svn from 139.155.225.13 port 44512 ssh2 Sep 25 09:02:30 ns382633 sshd\[3133\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.225.13 user=root Sep 25 09:02:31 ns382633 sshd\[3133\]: Failed password for root from 139.155.225.13 port 33606 ssh2	2020-09-25 16:06:29
139.155.22.127	attackbots	Jan 27 03:12:24 eddieflores sshd\[12331\]: Invalid user jenkins from 139.155.22.127 Jan 27 03:12:24 eddieflores sshd\[12331\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.22.127 Jan 27 03:12:26 eddieflores sshd\[12331\]: Failed password for invalid user jenkins from 139.155.22.127 port 37220 ssh2 Jan 27 03:16:30 eddieflores sshd\[12920\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.22.127 user=root Jan 27 03:16:32 eddieflores sshd\[12920\]: Failed password for root from 139.155.22.127 port 37358 ssh2	2020-01-27 21:30:54
139.155.22.127	attackspambots	Unauthorized connection attempt detected from IP address 139.155.22.127 to port 2220 [J]	2020-01-24 05:02:53

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.155.22.165
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 38295
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.155.22.165.			IN	A

;; AUTHORITY SECTION:
.			514	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019092201 1800 900 604800 86400

;; Query time: 209 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Sep 23 06:16:54 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 165.22.155.139.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 165.22.155.139.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
207.166.186.217	attackspam	207.166.186.217 - - [29/Jul/2020:13:12:50 +0100] "POST /wp-login.php HTTP/1.1" 200 2006 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 207.166.186.217 - - [29/Jul/2020:13:12:52 +0100] "POST /wp-login.php HTTP/1.1" 200 1937 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 207.166.186.217 - - [29/Jul/2020:13:12:52 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-07-29 21:54:57
128.199.248.200	attackbotsspam	Automatic report - Banned IP Access	2020-07-29 21:33:30
93.113.111.100	attack	Automatic report - XMLRPC Attack	2020-07-29 22:00:37
212.64.88.97	attackbotsspam	Jul 29 13:43:33 vps-51d81928 sshd[277716]: Invalid user nomads from 212.64.88.97 port 57272 Jul 29 13:43:33 vps-51d81928 sshd[277716]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.88.97 Jul 29 13:43:33 vps-51d81928 sshd[277716]: Invalid user nomads from 212.64.88.97 port 57272 Jul 29 13:43:35 vps-51d81928 sshd[277716]: Failed password for invalid user nomads from 212.64.88.97 port 57272 ssh2 Jul 29 13:45:48 vps-51d81928 sshd[277764]: Invalid user lanyuting from 212.64.88.97 port 51902 ...	2020-07-29 22:02:13
155.94.174.24	attackspambots	E-Mail Spam (RBL) [REJECTED]	2020-07-29 21:42:36
51.77.213.136	attackspam	SSH Brute Force	2020-07-29 21:56:54
64.20.52.114	attackbotsspam	2020-07-29T07:19:31.330102linuxbox-skyline auth[85415]: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=test rhost=64.20.52.114 ...	2020-07-29 21:45:57
194.87.138.181	attackspambots	Jul 29 16:25:23 hosting sshd[31380]: Invalid user ubnt from 194.87.138.181 port 59694 Jul 29 16:25:23 hosting sshd[31380]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.87.138.181 Jul 29 16:25:23 hosting sshd[31380]: Invalid user ubnt from 194.87.138.181 port 59694 Jul 29 16:25:24 hosting sshd[31380]: Failed password for invalid user ubnt from 194.87.138.181 port 59694 ssh2 Jul 29 16:25:25 hosting sshd[31382]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.87.138.181 user=admin Jul 29 16:25:27 hosting sshd[31382]: Failed password for admin from 194.87.138.181 port 35356 ssh2 ...	2020-07-29 21:30:47
192.3.177.219	attackbotsspam	SSH Brute Force	2020-07-29 21:47:12
210.113.7.61	attackbotsspam	[ssh] SSH attack	2020-07-29 21:26:43
112.85.42.195	attack	Jul 29 13:12:18 onepixel sshd[321867]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.195 user=root Jul 29 13:12:20 onepixel sshd[321867]: Failed password for root from 112.85.42.195 port 15494 ssh2 Jul 29 13:12:18 onepixel sshd[321867]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.195 user=root Jul 29 13:12:20 onepixel sshd[321867]: Failed password for root from 112.85.42.195 port 15494 ssh2 Jul 29 13:12:24 onepixel sshd[321867]: Failed password for root from 112.85.42.195 port 15494 ssh2	2020-07-29 21:29:25
50.2.214.58	attackbots	2020-07-29 07:35:15.759315-0500 localhost smtpd[34816]: NOQUEUE: reject: RCPT from unknown[50.2.214.58]: 554 5.7.1 Service unavailable; Client host [50.2.214.58] blocked using zen.spamhaus.org; https://www.spamhaus.org/sbl/query/SBLCSS / https://www.spamhaus.org/sbl/query/SBL491105; from=<16708-958-238987-4384-rls=customvisuals.com@mail.clarisilpro.buzz> to= proto=ESMTP helo=	2020-07-29 21:35:07
52.24.47.212	attackspambots	Automatic report generated by Wazuh	2020-07-29 21:27:34
79.247.208.194	attackbots	Jul 29 13:34:30 l02a sshd[23799]: Invalid user misp from 79.247.208.194 Jul 29 13:34:30 l02a sshd[23799]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=p4ff7d0c2.dip0.t-ipconnect.de Jul 29 13:34:30 l02a sshd[23799]: Invalid user misp from 79.247.208.194 Jul 29 13:34:32 l02a sshd[23799]: Failed password for invalid user misp from 79.247.208.194 port 48670 ssh2	2020-07-29 21:47:51
41.39.61.197	attackbotsspam	1596024779 - 07/29/2020 14:12:59 Host: 41.39.61.197/41.39.61.197 Port: 445 TCP Blocked	2020-07-29 21:44:37

最近上报的IP列表

146.91.30.44	177.107.205.186	196.31.98.122	79.56.6.201
134.209.158.77	117.193.122.73	222.188.29.91	113.35.96.245
198.12.86.18	104.248.149.81	104.211.229.225	39.70.32.158
181.236.250.193	52.184.136.218	156.234.192.235	129.146.129.165
119.237.177.121	52.199.163.188	115.90.244.154	51.83.98.104