222.189.55.138

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: ChinaNet Jiangsu Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	RDP Bruteforce	2019-10-25 22:22:07

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 222.189.55.138
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 5470
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;222.189.55.138.			IN	A

;; AUTHORITY SECTION:
.			195	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019102500 1800 900 604800 86400

;; Query time: 178 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Oct 25 22:22:00 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 138.55.189.222.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 138.55.189.222.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
89.3.236.207	attackspam	Aug 28 15:45:58 kapalua sshd\[10272\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip-207.net-89-3-236.rev.numericable.fr user=root Aug 28 15:46:00 kapalua sshd\[10272\]: Failed password for root from 89.3.236.207 port 42834 ssh2 Aug 28 15:49:52 kapalua sshd\[10672\]: Invalid user wls from 89.3.236.207 Aug 28 15:49:52 kapalua sshd\[10672\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip-207.net-89-3-236.rev.numericable.fr Aug 28 15:49:55 kapalua sshd\[10672\]: Failed password for invalid user wls from 89.3.236.207 port 59910 ssh2	2019-08-29 14:20:56
59.57.34.58	attack	[Aegis] @ 2019-08-29 00:47:37 0100 -> Attempted Administrator Privilege Gain: ET SCAN LibSSH Based Frequent SSH Connections Likely BruteForce Attack	2019-08-29 14:01:54
178.128.183.90	attackspam	Aug 28 18:24:35 lcprod sshd\[32342\]: Invalid user www from 178.128.183.90 Aug 28 18:24:35 lcprod sshd\[32342\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.183.90 Aug 28 18:24:38 lcprod sshd\[32342\]: Failed password for invalid user www from 178.128.183.90 port 50910 ssh2 Aug 28 18:28:50 lcprod sshd\[32761\]: Invalid user lw from 178.128.183.90 Aug 28 18:28:50 lcprod sshd\[32761\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.183.90	2019-08-29 14:11:13
220.92.16.70	attackspambots	Aug 29 05:52:42 XXX sshd[55478]: Invalid user ofsaa from 220.92.16.70 port 50728	2019-08-29 14:07:54
190.13.173.67	attack	Invalid user ubuntu from 190.13.173.67 port 34336	2019-08-29 14:33:20
111.79.212.115	attack	2019-08-29T01:46:45.260147mail01 postfix/smtpd[17585]: warning: unknown[111.79.212.115]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-08-29T01:46:55.013014mail01 postfix/smtpd[17688]: warning: unknown[111.79.212.115]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-08-29T01:47:08.111496mail01 postfix/smtpd[17624]: warning: unknown[111.79.212.115]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2019-08-29 14:30:55
217.32.246.248	attack	Invalid user alice from 217.32.246.248 port 33819	2019-08-29 14:26:32
52.164.211.22	attack	$f2bV_matches	2019-08-29 14:19:55
35.231.6.102	attackspam	Aug 29 02:39:34 pkdns2 sshd\[28889\]: Invalid user al from 35.231.6.102Aug 29 02:39:36 pkdns2 sshd\[28889\]: Failed password for invalid user al from 35.231.6.102 port 47720 ssh2Aug 29 02:43:28 pkdns2 sshd\[29086\]: Invalid user kinder from 35.231.6.102Aug 29 02:43:30 pkdns2 sshd\[29086\]: Failed password for invalid user kinder from 35.231.6.102 port 36050 ssh2Aug 29 02:47:17 pkdns2 sshd\[29264\]: Invalid user minecraft from 35.231.6.102Aug 29 02:47:18 pkdns2 sshd\[29264\]: Failed password for invalid user minecraft from 35.231.6.102 port 52590 ssh2 ...	2019-08-29 14:19:29
115.70.196.41	attackspambots	Aug 28 19:05:30 web1 sshd\[25057\]: Invalid user sysadm from 115.70.196.41 Aug 28 19:05:30 web1 sshd\[25057\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.70.196.41 Aug 28 19:05:31 web1 sshd\[25057\]: Failed password for invalid user sysadm from 115.70.196.41 port 46340 ssh2 Aug 28 19:10:49 web1 sshd\[25562\]: Invalid user homekit from 115.70.196.41 Aug 28 19:10:49 web1 sshd\[25562\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.70.196.41	2019-08-29 14:52:00
49.234.203.5	attackbotsspam	Aug 28 17:17:40 web1 sshd\[14536\]: Invalid user tun from 49.234.203.5 Aug 28 17:17:40 web1 sshd\[14536\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.203.5 Aug 28 17:17:42 web1 sshd\[14536\]: Failed password for invalid user tun from 49.234.203.5 port 47508 ssh2 Aug 28 17:21:37 web1 sshd\[14875\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.203.5 user=root Aug 28 17:21:39 web1 sshd\[14875\]: Failed password for root from 49.234.203.5 port 52522 ssh2	2019-08-29 14:15:00
139.59.59.194	attackbotsspam	Aug 29 02:44:52 ns341937 sshd[14372]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.59.194 Aug 29 02:44:54 ns341937 sshd[14372]: Failed password for invalid user radio from 139.59.59.194 port 43872 ssh2 Aug 29 02:57:42 ns341937 sshd[17006]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.59.194 ...	2019-08-29 14:37:38
210.217.24.226	attack	Aug 29 04:25:02 XXX sshd[54257]: Invalid user ofsaa from 210.217.24.226 port 51452	2019-08-29 14:45:40
106.13.35.212	attackspam	Aug 29 02:17:12 vps691689 sshd[17913]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.35.212 Aug 29 02:17:13 vps691689 sshd[17913]: Failed password for invalid user 11111111 from 106.13.35.212 port 57672 ssh2 Aug 29 02:21:34 vps691689 sshd[18049]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.35.212 ...	2019-08-29 14:09:50
106.13.144.8	attackspambots	Aug 29 01:42:38 mail1 sshd\[14505\]: Invalid user denzel from 106.13.144.8 port 45038 Aug 29 01:42:38 mail1 sshd\[14505\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.144.8 Aug 29 01:42:40 mail1 sshd\[14505\]: Failed password for invalid user denzel from 106.13.144.8 port 45038 ssh2 Aug 29 01:46:54 mail1 sshd\[16363\]: Invalid user xerox from 106.13.144.8 port 50012 Aug 29 01:46:54 mail1 sshd\[16363\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.144.8 ...	2019-08-29 14:44:34

Recently Reported IPs

21.30.127.111	178.128.85.193	111.231.200.37	171.38.151.175
177.194.71.18	237.133.144.183	35.229.243.88	117.74.15.135
217.158.61.233	185.24.124.51	209.97.158.88	189.133.52.249
121.55.171.52	204.48.22.125	171.46.139.207	75.173.167.231
185.220.101.79	42.164.167.182	218.225.137.32	116.4.96.173