218.255.139.66

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Hong Kong

运营商(isp): HKBN Enterprise Solutions HK Limited

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	" "	2020-04-30 15:57:25
attack	Apr 25 08:34:39 home sshd[23756]: Failed password for root from 218.255.139.66 port 65438 ssh2 Apr 25 08:39:06 home sshd[24541]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.255.139.66 Apr 25 08:39:08 home sshd[24541]: Failed password for invalid user sybase from 218.255.139.66 port 17542 ssh2 ...	2020-04-25 16:52:00
attackbotsspam	"fail2ban match"	2020-04-24 14:18:09
attackspambots	odoo8 ...	2020-04-22 07:39:15
attackspambots	SSH auth scanning - multiple failed logins	2020-04-19 22:22:06
attackspambots	Apr 10 20:11:58 eventyay sshd[12429]: Failed password for root from 218.255.139.66 port 20042 ssh2 Apr 10 20:15:30 eventyay sshd[12505]: Failed password for root from 218.255.139.66 port 26214 ssh2 Apr 10 20:19:05 eventyay sshd[12630]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.255.139.66 ...	2020-04-11 02:35:46
attackbotsspam	Apr 7 21:57:00 vpn01 sshd[12206]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.255.139.66 Apr 7 21:57:02 vpn01 sshd[12206]: Failed password for invalid user ubuntu from 218.255.139.66 port 57810 ssh2 ...	2020-04-08 04:52:55
attackspam	detected by Fail2Ban	2020-04-07 19:22:34
attackspambots	Apr 6 17:46:14 srv01 sshd[31285]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.255.139.66 user=root Apr 6 17:46:16 srv01 sshd[31285]: Failed password for root from 218.255.139.66 port 30434 ssh2 Apr 6 17:49:53 srv01 sshd[31472]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.255.139.66 user=root Apr 6 17:49:54 srv01 sshd[31472]: Failed password for root from 218.255.139.66 port 47866 ssh2 Apr 6 17:53:30 srv01 sshd[31695]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.255.139.66 user=root Apr 6 17:53:32 srv01 sshd[31695]: Failed password for root from 218.255.139.66 port 20658 ssh2 ...	2020-04-07 00:57:09
attackspambots	2020-04-05T03:36:44.741972linuxbox-skyline sshd[70717]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.255.139.66 user=root 2020-04-05T03:36:46.357688linuxbox-skyline sshd[70717]: Failed password for root from 218.255.139.66 port 1421 ssh2 ...	2020-04-05 18:08:25
attackspambots	2020-04-02T22:18:17.042964shield sshd\[1924\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.255.139.66 user=root 2020-04-02T22:18:18.864738shield sshd\[1924\]: Failed password for root from 218.255.139.66 port 33651 ssh2 2020-04-02T22:21:23.542909shield sshd\[2650\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.255.139.66 user=root 2020-04-02T22:21:25.563885shield sshd\[2650\]: Failed password for root from 218.255.139.66 port 25794 ssh2 2020-04-02T22:24:21.102316shield sshd\[3540\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.255.139.66 user=root	2020-04-03 09:39:57
attackbotsspam	20 attempts against mh-ssh on echoip	2020-04-01 20:26:47
attackbotsspam	20 attempts against mh-ssh on echoip	2020-03-18 02:15:53
attackbots	$f2bV_matches	2020-03-16 21:32:53

相同子网IP讨论:

IP	类型	评论内容	时间
218.255.139.205	attackspambots	suspicious action Sat, 22 Feb 2020 13:47:03 -0300	2020-02-23 04:07:47
218.255.139.205	attack	Honeypot attack, port: 445, PTR: static.reserve.wtt.net.hk.	2020-02-09 05:29:38
218.255.139.205	attack	firewall-block, port(s): 445/tcp	2020-02-05 07:27:36
218.255.139.205	attack	Honeypot attack, port: 445, PTR: static.reserve.wtt.net.hk.	2020-01-18 06:14:12

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 218.255.139.66
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 3375
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;218.255.139.66.			IN	A

;; AUTHORITY SECTION:
.			496	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020031600 1800 900 604800 86400

;; Query time: 110 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Mar 16 21:32:45 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

66.139.255.218.in-addr.arpa domain name pointer static.reserve.wtt.net.hk.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
66.139.255.218.in-addr.arpa	name = static.reserve.wtt.net.hk.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
116.6.114.20	attack	Unauthorized connection attempt from IP address 116.6.114.20 on Port 445(SMB)	2019-11-11 22:49:51
159.138.159.170	attack	1 month rest and then no longer so stupid behavior!	2019-11-11 23:29:25
104.153.66.93	attackbotsspam	Nov 11 15:12:25 vtv3 sshd\[16124\]: Invalid user service from 104.153.66.93 port 44642 Nov 11 15:12:25 vtv3 sshd\[16124\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.153.66.93 Nov 11 15:12:27 vtv3 sshd\[16124\]: Failed password for invalid user service from 104.153.66.93 port 44642 ssh2 Nov 11 15:16:43 vtv3 sshd\[18324\]: Invalid user hemker from 104.153.66.93 port 53852 Nov 11 15:16:43 vtv3 sshd\[18324\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.153.66.93 Nov 11 15:30:57 vtv3 sshd\[25490\]: Invalid user myworkingcrack from 104.153.66.93 port 53266 Nov 11 15:30:57 vtv3 sshd\[25490\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.153.66.93 Nov 11 15:30:59 vtv3 sshd\[25490\]: Failed password for invalid user myworkingcrack from 104.153.66.93 port 53266 ssh2 Nov 11 15:35:28 vtv3 sshd\[27770\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid	2019-11-11 22:49:06
46.246.36.62	attack	2019-11-11T15:45:55.604557scmdmz1 sshd\[31037\]: Invalid user alex from 46.246.36.62 port 49130 2019-11-11T15:45:55.607533scmdmz1 sshd\[31037\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=anon-36-62.vpn.ipredator.se 2019-11-11T15:45:58.221296scmdmz1 sshd\[31037\]: Failed password for invalid user alex from 46.246.36.62 port 49130 ssh2 ...	2019-11-11 22:51:28
88.200.236.170	attackspambots	Unauthorized connection attempt from IP address 88.200.236.170 on Port 445(SMB)	2019-11-11 22:51:01
51.83.78.56	attackbotsspam	Invalid user elvis from 51.83.78.56 port 37062 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.83.78.56 Failed password for invalid user elvis from 51.83.78.56 port 37062 ssh2 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.83.78.56 user=root Failed password for root from 51.83.78.56 port 45790 ssh2	2019-11-11 23:24:19
14.248.97.160	attackspam	Unauthorized connection attempt from IP address 14.248.97.160 on Port 445(SMB)	2019-11-11 22:57:03
206.189.52.160	attack	206.189.52.160 - - \[11/Nov/2019:15:44:52 +0100\] "POST /wp-login.php HTTP/1.0" 200 5314 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 206.189.52.160 - - \[11/Nov/2019:15:45:30 +0100\] "POST /wp-login.php HTTP/1.0" 200 5137 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 206.189.52.160 - - \[11/Nov/2019:15:45:34 +0100\] "POST /wp-login.php HTTP/1.0" 200 5129 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2019-11-11 23:19:45
201.176.153.145	attack	port scan and connect, tcp 1433 (ms-sql-s)	2019-11-11 22:53:44
2403:3a00:202:190f:133:167:76:185	attackspam	WordPress login Brute force / Web App Attack on client site.	2019-11-11 22:56:45
94.23.198.73	attack	2019-11-11T10:56:37.238706scmdmz1 sshd\[4932\]: Invalid user test from 94.23.198.73 port 52577 2019-11-11T10:56:37.241503scmdmz1 sshd\[4932\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ks3097275.kimsufi.com 2019-11-11T10:56:39.279167scmdmz1 sshd\[4932\]: Failed password for invalid user test from 94.23.198.73 port 52577 ssh2 ...	2019-11-11 22:45:44
98.143.227.144	attackspam	Nov 11 16:45:46 ncomp sshd[27126]: Invalid user ubuntu from 98.143.227.144 Nov 11 16:45:46 ncomp sshd[27126]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=98.143.227.144 Nov 11 16:45:46 ncomp sshd[27126]: Invalid user ubuntu from 98.143.227.144 Nov 11 16:45:48 ncomp sshd[27126]: Failed password for invalid user ubuntu from 98.143.227.144 port 60651 ssh2	2019-11-11 23:06:15
85.93.20.146	attackspam	191111 3:41:29 \[Warning\] Access denied for user 'root'@'85.93.20.146' $using password: YES$ 191111 8:05:25 \[Warning\] Access denied for user 'root'@'85.93.20.146' $using password: YES$ 191111 9:35:14 \[Warning\] Access denied for user 'root'@'85.93.20.146' $using password: YES$ ...	2019-11-11 23:03:03
90.161.88.39	attackbotsspam	IMAP	2019-11-11 23:13:03
148.72.42.181	attackspam	148.72.42.181 - - \[11/Nov/2019:14:45:38 +0000\] "POST /wp-login.php HTTP/1.1" 200 4358 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 148.72.42.181 - - \[11/Nov/2019:14:45:38 +0000\] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" ...	2019-11-11 23:15:38

最近上报的IP列表

14.29.241.29	190.182.80.174	158.140.174.216	188.215.179.193
83.148.8.22	123.22.117.10	86.35.252.66	138.118.214.145
50.193.101.86	143.137.28.98	14.161.37.242	110.77.138.18
58.213.123.19	116.108.54.212	162.243.131.80	190.210.164.165
180.248.151.28	123.27.10.47	14.184.242.127	84.17.49.33