139.199.0.84 - IPInfo

基本信息:

城市(city): Beijing

省份(region): Beijing

国家(country): China

运营商(isp): V6Yun (Beijing) Network Co. Ltd

主机名(hostname): unknown

机构(organization): Shenzhen Tencent Computer Systems Company Limited

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Jun 22 05:53:19 ArkNodeAT sshd\[5296\]: Invalid user i686 from 139.199.0.84 Jun 22 05:53:19 ArkNodeAT sshd\[5296\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.0.84 Jun 22 05:53:21 ArkNodeAT sshd\[5296\]: Failed password for invalid user i686 from 139.199.0.84 port 34482 ssh2	2020-06-22 14:30:14
attack	SSH Bruteforce Attempt (failed auth)	2020-06-18 08:19:04
attackbotsspam	Jun 14 12:12:43 v22019038103785759 sshd\[32590\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.0.84 user=root Jun 14 12:12:45 v22019038103785759 sshd\[32590\]: Failed password for root from 139.199.0.84 port 58086 ssh2 Jun 14 12:15:41 v22019038103785759 sshd\[32742\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.0.84 user=root Jun 14 12:15:43 v22019038103785759 sshd\[32742\]: Failed password for root from 139.199.0.84 port 27740 ssh2 Jun 14 12:17:30 v22019038103785759 sshd\[385\]: Invalid user x-bot from 139.199.0.84 port 44456 Jun 14 12:17:30 v22019038103785759 sshd\[385\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.0.84 ...	2020-06-14 18:40:13
attack	Jun 4 23:23:45 sip sshd[542633]: Failed password for root from 139.199.0.84 port 37860 ssh2 Jun 4 23:26:37 sip sshd[542690]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.0.84 user=root Jun 4 23:26:39 sip sshd[542690]: Failed password for root from 139.199.0.84 port 16220 ssh2 ...	2020-06-05 08:24:01
attack	May 25 23:00:57 haigwepa sshd[18098]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.0.84 May 25 23:00:59 haigwepa sshd[18098]: Failed password for invalid user aura from 139.199.0.84 port 47620 ssh2 ...	2020-05-26 05:34:11
attack	May 15 22:54:14 host sshd[12862]: Invalid user simonef from 139.199.0.84 port 46064 ...	2020-05-16 05:38:17
attack	frenzy	2020-05-03 17:28:35
attackbotsspam	ssh brute force	2020-04-27 18:32:26
attack	04/25/2020-00:28:43.272598 139.199.0.84 Protocol: 6 ET SCAN Potential SSH Scan	2020-04-25 12:29:32
attack	Apr 24 02:31:16 web9 sshd\[6949\]: Invalid user admin from 139.199.0.84 Apr 24 02:31:16 web9 sshd\[6949\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.0.84 Apr 24 02:31:19 web9 sshd\[6949\]: Failed password for invalid user admin from 139.199.0.84 port 47054 ssh2 Apr 24 02:33:50 web9 sshd\[7305\]: Invalid user mu from 139.199.0.84 Apr 24 02:33:50 web9 sshd\[7305\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.0.84	2020-04-25 01:26:43
attack	Invalid user teamspeak from 139.199.0.84 port 31320	2020-04-22 06:46:36
attackspam	Apr 9 03:14:59 s158375 sshd[1113]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.0.84	2020-04-09 20:01:33
attack	$f2bV_matches	2020-04-02 14:36:45
attackspam	Apr 1 12:43:09 pornomens sshd\[14850\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.0.84 user=root Apr 1 12:43:11 pornomens sshd\[14850\]: Failed password for root from 139.199.0.84 port 61050 ssh2 Apr 1 13:02:54 pornomens sshd\[15000\]: Invalid user deployer from 139.199.0.84 port 54870 Apr 1 13:02:54 pornomens sshd\[15000\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.0.84 ...	2020-04-01 20:00:51
attackbotsspam	2020-03-24 UTC: (24x) - admin,aral,aruga,casidhe,craig,dl,dolphin,ethereal,feng,gerre,hong,hv,luoruixuan,mic,montana,od,postgres,snow,squid,tenesha,trinette,xiang,xzt,yv	2020-03-25 18:00:04
attack	2020-03-12T21:10:39.923294homeassistant sshd[5091]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.0.84 user=root 2020-03-12T21:10:42.801995homeassistant sshd[5091]: Failed password for root from 139.199.0.84 port 19818 ssh2 ...	2020-03-13 06:31:57
attackbots	Too many connections or unauthorized access detected from Arctic banned ip	2020-03-11 14:04:51
attackbotsspam	web-1 [ssh] SSH Attack	2020-03-08 14:01:37
attack	2020-02-03T17:36:18.6161821495-001 sshd[63339]: Invalid user postgres from 139.199.0.84 port 45496 2020-02-03T17:36:18.6198261495-001 sshd[63339]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.0.84 2020-02-03T17:36:18.6161821495-001 sshd[63339]: Invalid user postgres from 139.199.0.84 port 45496 2020-02-03T17:36:20.4793491495-001 sshd[63339]: Failed password for invalid user postgres from 139.199.0.84 port 45496 ssh2 2020-02-03T17:45:07.8163151495-001 sshd[63726]: Invalid user db2inst1 from 139.199.0.84 port 35724 2020-02-03T17:45:07.8208611495-001 sshd[63726]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.0.84 2020-02-03T17:45:07.8163151495-001 sshd[63726]: Invalid user db2inst1 from 139.199.0.84 port 35724 2020-02-03T17:45:09.6353621495-001 sshd[63726]: Failed password for invalid user db2inst1 from 139.199.0.84 port 35724 ssh2 2020-02-03T17:48:21.4536681495-001 sshd[63893]: Invalid us ...	2020-02-04 08:07:43
attackspam	SSH bruteforce (Triggered fail2ban)	2020-01-29 03:08:17
attackspambots	Unauthorized connection attempt detected from IP address 139.199.0.84 to port 2220 [J]	2020-01-15 20:12:16
attack	$f2bV_matches	2020-01-12 00:22:33
attackspambots	Dec 18 16:32:17 MK-Soft-VM7 sshd[30915]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.0.84 Dec 18 16:32:19 MK-Soft-VM7 sshd[30915]: Failed password for invalid user langinieux from 139.199.0.84 port 45784 ssh2 ...	2019-12-19 05:51:16
attack	$f2bV_matches	2019-12-02 01:22:43
attackbots	ssh failed login	2019-11-24 03:26:44
attackbots	Nov 4 01:07:38 lanister sshd[3463]: Failed password for invalid user testuser from 139.199.0.84 port 21962 ssh2 Nov 4 01:18:04 lanister sshd[3647]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.0.84 user=root Nov 4 01:18:06 lanister sshd[3647]: Failed password for root from 139.199.0.84 port 29912 ssh2 Nov 4 01:23:25 lanister sshd[3702]: Invalid user jansi from 139.199.0.84 ...	2019-11-04 19:58:13
attack	Oct 26 19:03:26 php1 sshd\[16889\]: Invalid user zj from 139.199.0.84 Oct 26 19:03:26 php1 sshd\[16889\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.0.84 Oct 26 19:03:28 php1 sshd\[16889\]: Failed password for invalid user zj from 139.199.0.84 port 60586 ssh2 Oct 26 19:09:22 php1 sshd\[17507\]: Invalid user Kcpiovezan from 139.199.0.84 Oct 26 19:09:22 php1 sshd\[17507\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.0.84	2019-10-27 19:55:06
attackspam	Sep 12 17:10:31 microserver sshd[64493]: Invalid user nodejs from 139.199.0.84 port 10832 Sep 12 17:10:31 microserver sshd[64493]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.0.84 Sep 12 17:10:33 microserver sshd[64493]: Failed password for invalid user nodejs from 139.199.0.84 port 10832 ssh2 Sep 12 17:15:42 microserver sshd[65251]: Invalid user user1 from 139.199.0.84 port 46562 Sep 12 17:15:42 microserver sshd[65251]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.0.84 Sep 12 17:26:02 microserver sshd[1713]: Invalid user ftpuser from 139.199.0.84 port 62772 Sep 12 17:26:02 microserver sshd[1713]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.0.84 Sep 12 17:26:04 microserver sshd[1713]: Failed password for invalid user ftpuser from 139.199.0.84 port 62772 ssh2 Sep 12 17:31:04 microserver sshd[2456]: Invalid user radio from 139.199.0.84 port 43188 Sep 12 17:31	2019-09-13 07:04:43
attackbots	Aug 14 19:34:45 yabzik sshd[30932]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.0.84 Aug 14 19:34:47 yabzik sshd[30932]: Failed password for invalid user 123 from 139.199.0.84 port 49978 ssh2 Aug 14 19:38:00 yabzik sshd[32193]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.0.84	2019-08-15 04:23:30
attackspam	Lines containing failures of 139.199.0.84 Jul 28 02:43:36 vps9 sshd[29504]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.0.84 user=r.r Jul 28 02:43:37 vps9 sshd[29504]: Failed password for r.r from 139.199.0.84 port 34972 ssh2 Jul 28 02:43:38 vps9 sshd[29504]: Received disconnect from 139.199.0.84 port 34972:11: Bye Bye [preauth] Jul 28 02:43:38 vps9 sshd[29504]: Disconnected from authenticating user r.r 139.199.0.84 port 34972 [preauth] Jul 28 03:03:51 vps9 sshd[14063]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.0.84 user=r.r Jul 28 03:03:52 vps9 sshd[14063]: Failed password for r.r from 139.199.0.84 port 31790 ssh2 Jul 28 03:03:52 vps9 sshd[14063]: Received disconnect from 139.199.0.84 port 31790:11: Bye Bye [preauth] Jul 28 03:03:52 vps9 sshd[14063]: Disconnected from authenticating user r.r 139.199.0.84 port 31790 [preauth] Jul 28 03:06:58 vps9 sshd[17161]: pam_u........ ------------------------------	2019-07-28 23:41:38

相同子网IP讨论:

IP	类型	评论内容	时间
139.199.0.28	attackspam	Invalid user user from 139.199.0.28 port 33012	2020-06-20 18:58:56
139.199.0.28	attack	2020-05-22T21:16:09.490445shield sshd\[13732\]: Invalid user psg from 139.199.0.28 port 52762 2020-05-22T21:16:09.494126shield sshd\[13732\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.0.28 2020-05-22T21:16:11.619867shield sshd\[13732\]: Failed password for invalid user psg from 139.199.0.28 port 52762 ssh2 2020-05-22T21:17:10.171891shield sshd\[14016\]: Invalid user pjc from 139.199.0.28 port 35516 2020-05-22T21:17:10.175414shield sshd\[14016\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.0.28	2020-05-23 05:34:11
139.199.0.28	attack	May 21 14:58:47 mout sshd[5346]: Invalid user fou from 139.199.0.28 port 42510	2020-05-21 21:56:04
139.199.0.28	attackspambots	May 15 21:26:33 sip sshd[19847]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.0.28 May 15 21:26:34 sip sshd[19847]: Failed password for invalid user deploy from 139.199.0.28 port 48400 ssh2 May 15 21:32:22 sip sshd[22044]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.0.28	2020-05-16 04:07:55
139.199.0.28	attackspambots	May 8 07:36:00 meumeu sshd[21848]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.0.28 May 8 07:36:02 meumeu sshd[21848]: Failed password for invalid user david from 139.199.0.28 port 49224 ssh2 May 8 07:40:53 meumeu sshd[23579]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.0.28 ...	2020-05-08 13:49:48
139.199.0.28	attackbotsspam	May 5 00:42:44 hosting sshd[13108]: Invalid user ftpuser from 139.199.0.28 port 54696 ...	2020-05-05 06:59:38
139.199.0.28	attack	odoo8 ...	2020-04-25 08:27:22
139.199.0.28	attack	Found by fail2ban	2020-04-23 23:34:47
139.199.0.28	attack	Apr 16 20:34:07 icinga sshd[14091]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.0.28 Apr 16 20:34:09 icinga sshd[14091]: Failed password for invalid user jw from 139.199.0.28 port 53418 ssh2 Apr 16 20:39:55 icinga sshd[23284]: Failed password for root from 139.199.0.28 port 52080 ssh2 ...	2020-04-17 03:52:56
139.199.0.28	attackspam	Jan 27 07:44:01 www5 sshd\[62895\]: Invalid user ftptest from 139.199.0.28 Jan 27 07:44:01 www5 sshd\[62895\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.0.28 Jan 27 07:44:02 www5 sshd\[62895\]: Failed password for invalid user ftptest from 139.199.0.28 port 35696 ssh2 ...	2020-01-27 13:45:38

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.199.0.84
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 20887
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.199.0.84.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019072800 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Jul 28 23:41:23 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 84.0.199.139.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 84.0.199.139.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
203.8.25.11	attackbots	Port Scan: TCP/1433	2019-09-16 06:39:19
72.24.197.18	attackbots	Port Scan: UDP/53	2019-09-16 06:58:32
68.184.190.211	attackbots	Port Scan: TCP/135	2019-09-16 06:59:45
186.92.69.127	attackspam	Port Scan: TCP/23	2019-09-16 06:44:29
179.182.3.39	attackbotsspam	Port Scan: TCP/23	2019-09-16 07:13:30
175.214.59.9	attackspam	Port Scan: TCP/1433	2019-09-16 06:47:10
106.47.9.86	attackspam	Port Scan: TCP/22	2019-09-16 06:52:23
178.150.63.228	attackspambots	Port Scan: TCP/445	2019-09-16 07:14:12
49.159.114.136	attack	Port Scan: TCP/1433	2019-09-16 07:02:34
163.172.86.102	attackspam	firewall-block, port(s): 1900/udp	2019-09-16 07:16:26
223.15.207.167	attackspam	Port Scan: TCP/23	2019-09-16 07:08:08
113.74.197.51	attackspam	Port Scan: TCP/1433	2019-09-16 07:19:58
115.219.35.67	attack	Port Scan: TCP/1433	2019-09-16 06:50:44
174.79.125.155	attackspambots	Port Scan: TCP/445	2019-09-16 07:15:12
157.119.222.180	attackspambots	Sending SPAM email	2019-09-16 07:17:10

最近上报的IP列表

190.8.4.247	54.148.22.101	183.96.188.230	185.139.21.21
52.250.38.89	172.114.40.201	215.109.9.60	12.132.247.86
115.110.188.8	72.130.17.188	58.87.100.49	79.55.248.77
112.118.236.96	107.215.114.244	96.195.123.105	178.120.41.101
218.195.172.141	59.109.65.56	137.44.199.154	177.74.229.20