139.196.161.84

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Aliyun Computing Co. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Unauthorized connection attempt detected from IP address 139.196.161.84 to port 7001	2020-07-25 21:22:45

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.196.161.84
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 31568
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.196.161.84.			IN	A

;; AUTHORITY SECTION:
.			481	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020072500 1800 900 604800 86400

;; Query time: 121 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Jul 25 21:22:39 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 84.161.196.139.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 84.161.196.139.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
94.100.6.27	attackbotsspam	Aug 13 00:10:45 vserver sshd\[25601\]: Failed password for root from 94.100.6.27 port 56607 ssh2Aug 13 00:10:49 vserver sshd\[25601\]: Failed password for root from 94.100.6.27 port 56607 ssh2Aug 13 00:10:51 vserver sshd\[25601\]: Failed password for root from 94.100.6.27 port 56607 ssh2Aug 13 00:10:54 vserver sshd\[25601\]: Failed password for root from 94.100.6.27 port 56607 ssh2 ...	2019-08-13 07:12:21
85.40.208.178	attack	Aug 13 01:56:07 pkdns2 sshd\[34466\]: Invalid user sybase from 85.40.208.178Aug 13 01:56:09 pkdns2 sshd\[34466\]: Failed password for invalid user sybase from 85.40.208.178 port 2461 ssh2Aug 13 02:00:31 pkdns2 sshd\[34633\]: Invalid user shop from 85.40.208.178Aug 13 02:00:33 pkdns2 sshd\[34633\]: Failed password for invalid user shop from 85.40.208.178 port 2462 ssh2Aug 13 02:04:57 pkdns2 sshd\[34763\]: Invalid user team from 85.40.208.178Aug 13 02:04:58 pkdns2 sshd\[34763\]: Failed password for invalid user team from 85.40.208.178 port 2463 ssh2 ...	2019-08-13 07:15:58
159.89.163.235	attackbotsspam	Aug 13 00:11:22 MK-Soft-Root1 sshd\[12307\]: Invalid user nb from 159.89.163.235 port 52340 Aug 13 00:11:22 MK-Soft-Root1 sshd\[12307\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.163.235 Aug 13 00:11:24 MK-Soft-Root1 sshd\[12307\]: Failed password for invalid user nb from 159.89.163.235 port 52340 ssh2 ...	2019-08-13 06:45:53
139.199.221.240	attackbotsspam	Aug 13 00:17:13 microserver sshd[20544]: Invalid user bot1 from 139.199.221.240 port 46570 Aug 13 00:17:13 microserver sshd[20544]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.221.240 Aug 13 00:17:15 microserver sshd[20544]: Failed password for invalid user bot1 from 139.199.221.240 port 46570 ssh2 Aug 13 00:22:23 microserver sshd[21266]: Invalid user bi from 139.199.221.240 port 36272 Aug 13 00:22:23 microserver sshd[21266]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.221.240 Aug 13 00:32:38 microserver sshd[22737]: Invalid user ts from 139.199.221.240 port 43890 Aug 13 00:32:38 microserver sshd[22737]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.221.240 Aug 13 00:32:40 microserver sshd[22737]: Failed password for invalid user ts from 139.199.221.240 port 43890 ssh2 Aug 13 00:37:49 microserver sshd[23431]: Invalid user sun from 139.199.221.240 port 33596	2019-08-13 06:58:50
119.28.212.175	attack	ThinkPHP Remote Code Execution Vulnerability, PTR: PTR record not found	2019-08-13 07:14:48
209.213.66.54	attack	445/tcp 445/tcp 445/tcp... [2019-06-12/08-12]15pkt,1pt.(tcp)	2019-08-13 07:14:00
125.119.35.126	attackspam	Spam Timestamp : 12-Aug-19 21:45 _ BlockList Provider combined abuse _ (876)	2019-08-13 06:47:49
202.46.38.8	attackbots	Aug 13 03:52:19 vibhu-HP-Z238-Microtower-Workstation sshd\[6051\]: Invalid user bei from 202.46.38.8 Aug 13 03:52:19 vibhu-HP-Z238-Microtower-Workstation sshd\[6051\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.46.38.8 Aug 13 03:52:22 vibhu-HP-Z238-Microtower-Workstation sshd\[6051\]: Failed password for invalid user bei from 202.46.38.8 port 42348 ssh2 Aug 13 03:57:49 vibhu-HP-Z238-Microtower-Workstation sshd\[6355\]: Invalid user msilva from 202.46.38.8 Aug 13 03:57:49 vibhu-HP-Z238-Microtower-Workstation sshd\[6355\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.46.38.8 ...	2019-08-13 06:43:02
142.44.241.49	attackbotsspam	Aug 13 06:16:27 webhost01 sshd[1982]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.44.241.49 Aug 13 06:16:29 webhost01 sshd[1982]: Failed password for invalid user mehdi from 142.44.241.49 port 56234 ssh2 ...	2019-08-13 07:26:12
1.180.165.110	attackbotsspam	Aug 12 17:45:38 eola postfix/smtpd[16494]: connect from unknown[1.180.165.110] Aug 12 17:45:39 eola postfix/smtpd[16494]: lost connection after AUTH from unknown[1.180.165.110] Aug 12 17:45:39 eola postfix/smtpd[16494]: disconnect from unknown[1.180.165.110] ehlo=1 auth=0/1 commands=1/2 Aug 12 17:45:39 eola postfix/smtpd[16494]: connect from unknown[1.180.165.110] Aug 12 17:45:40 eola postfix/smtpd[16494]: lost connection after AUTH from unknown[1.180.165.110] Aug 12 17:45:40 eola postfix/smtpd[16494]: disconnect from unknown[1.180.165.110] ehlo=1 auth=0/1 commands=1/2 Aug 12 17:45:40 eola postfix/smtpd[16494]: connect from unknown[1.180.165.110] Aug 12 17:45:41 eola postfix/smtpd[16494]: lost connection after AUTH from unknown[1.180.165.110] Aug 12 17:45:41 eola postfix/smtpd[16494]: disconnect from unknown[1.180.165.110] ehlo=1 auth=0/1 commands=1/2 Aug 12 17:45:42 eola postfix/smtpd[16494]: connect from unknown[1.180.165.110] Aug 12 17:45:43 eola postfix/smtpd[16494]........ -------------------------------	2019-08-13 06:55:33
12.10.12.179	attackspambots	CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2019-08-13 06:56:35
64.32.11.86	attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-08-13 06:42:08
128.14.134.134	attackbots	Port scan attempt detected by AWS-CCS, CTS, India	2019-08-13 07:27:20
92.222.75.80	attackbotsspam	Aug 12 19:08:16 vps200512 sshd\[13812\]: Invalid user renato from 92.222.75.80 Aug 12 19:08:16 vps200512 sshd\[13812\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.222.75.80 Aug 12 19:08:17 vps200512 sshd\[13812\]: Failed password for invalid user renato from 92.222.75.80 port 45472 ssh2 Aug 12 19:13:16 vps200512 sshd\[14021\]: Invalid user laur from 92.222.75.80 Aug 12 19:13:16 vps200512 sshd\[14021\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.222.75.80	2019-08-13 07:15:09
185.203.236.47	attackbotsspam	\[2019-08-12 18:57:22\] NOTICE\[2288\] chan_sip.c: Registration from '"4306" \' failed for '185.203.236.47:5064' - Wrong password \[2019-08-12 18:57:22\] SECURITY\[2326\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-08-12T18:57:22.377-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="4306",SessionID="0x7ff4d0c799b8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.203.236.47/5064",Challenge="4a3348a8",ReceivedChallenge="4a3348a8",ReceivedHash="0217371ca3307289a3bdf5be6a63b9f7" \[2019-08-12 18:59:45\] NOTICE\[2288\] chan_sip.c: Registration from '"3406" \' failed for '185.203.236.47:5081' - Wrong password \[2019-08-12 18:59:45\] SECURITY\[2326\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-08-12T18:59:45.386-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="3406",SessionID="0x7ff4d07952f8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4	2019-08-13 07:08:11

最近上报的IP列表

78.95.145.233	239.247.164.149	73.22.2.220	74.65.244.185
109.7.153.114	177.104.114.192	68.206.214.87	47.166.13.112
60.14.234.165	92.46.150.207	59.126.104.9	189.109.217.242
121.155.234.245	37.148.63.73	14.247.18.174	91.244.17.180
5.233.144.164	65.110.27.4	46.104.48.195	74.126.138.48