222.84.254.139

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: ChinaNet Guangxi Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Invalid user ervisor from 222.84.254.139 port 40846	2020-04-12 08:07:41
attack	SSH brute-force: detected 11 distinct usernames within a 24-hour window.	2020-04-10 16:48:34
attackbots	Brute force SMTP login attempted. ...	2020-03-31 02:51:55
attackbotsspam	Mar 22 06:10:27 h2779839 sshd[16061]: Invalid user dujoey from 222.84.254.139 port 52227 Mar 22 06:10:27 h2779839 sshd[16061]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.84.254.139 Mar 22 06:10:27 h2779839 sshd[16061]: Invalid user dujoey from 222.84.254.139 port 52227 Mar 22 06:10:30 h2779839 sshd[16061]: Failed password for invalid user dujoey from 222.84.254.139 port 52227 ssh2 Mar 22 06:14:53 h2779839 sshd[16166]: Invalid user zhangzihan from 222.84.254.139 port 37198 Mar 22 06:14:53 h2779839 sshd[16166]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.84.254.139 Mar 22 06:14:53 h2779839 sshd[16166]: Invalid user zhangzihan from 222.84.254.139 port 37198 Mar 22 06:14:54 h2779839 sshd[16166]: Failed password for invalid user zhangzihan from 222.84.254.139 port 37198 ssh2 Mar 22 06:19:19 h2779839 sshd[16243]: Invalid user ak47 from 222.84.254.139 port 50403 ...	2020-03-22 16:56:53
attackbotsspam	Mar 10 17:35:27 mail sshd\[22326\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.84.254.139 user=root ...	2020-03-11 05:51:12
attackspambots	Feb 8 20:28:29 vps647732 sshd[4859]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.84.254.139 Feb 8 20:28:31 vps647732 sshd[4859]: Failed password for invalid user oe from 222.84.254.139 port 38832 ssh2 ...	2020-02-09 04:20:01
attack	Unauthorized connection attempt detected from IP address 222.84.254.139 to port 2220 [J]	2020-02-02 09:46:32
attack	Feb 1 15:54:23 sd-53420 sshd\[12554\]: Invalid user tststs from 222.84.254.139 Feb 1 15:54:23 sd-53420 sshd\[12554\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.84.254.139 Feb 1 15:54:26 sd-53420 sshd\[12554\]: Failed password for invalid user tststs from 222.84.254.139 port 51468 ssh2 Feb 1 15:57:11 sd-53420 sshd\[12792\]: Invalid user 1 from 222.84.254.139 Feb 1 15:57:11 sd-53420 sshd\[12792\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.84.254.139 ...	2020-02-01 23:20:09

Comments on same subnet:

IP	Type	Details	Datetime
222.84.254.88	attackspambots	Sep 14 10:03:53 mockhub sshd[332594]: Invalid user webadmin from 222.84.254.88 port 32774 Sep 14 10:03:55 mockhub sshd[332594]: Failed password for invalid user webadmin from 222.84.254.88 port 32774 ssh2 Sep 14 10:06:21 mockhub sshd[332656]: Invalid user deborah from 222.84.254.88 port 53294 ...	2020-09-15 02:56:33
222.84.254.88	attack	$f2bV_matches	2020-09-14 18:47:14
222.84.254.88	attackspambots	Invalid user dank from 222.84.254.88 port 38068	2020-08-26 00:08:56
222.84.254.88	attackspambots	2020-08-05T14:24:00.877360mail.broermann.family sshd[16917]: Failed password for root from 222.84.254.88 port 36960 ssh2 2020-08-05T14:29:08.391348mail.broermann.family sshd[17123]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.84.254.88 user=root 2020-08-05T14:29:10.309382mail.broermann.family sshd[17123]: Failed password for root from 222.84.254.88 port 57274 ssh2 2020-08-05T14:34:18.390942mail.broermann.family sshd[17348]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.84.254.88 user=root 2020-08-05T14:34:21.200340mail.broermann.family sshd[17348]: Failed password for root from 222.84.254.88 port 49360 ssh2 ...	2020-08-05 22:49:03
222.84.254.88	attackspam	Unauthorized connection attempt detected	2020-07-20 19:02:57
222.84.254.88	attack	Jun 29 14:46:22 pornomens sshd\[24980\]: Invalid user kkk from 222.84.254.88 port 37516 Jun 29 14:46:22 pornomens sshd\[24980\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.84.254.88 Jun 29 14:46:24 pornomens sshd\[24980\]: Failed password for invalid user kkk from 222.84.254.88 port 37516 ssh2 ...	2020-06-30 00:23:33
222.84.254.88	attackbotsspam	Jun 28 04:45:26 vps46666688 sshd[20650]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.84.254.88 Jun 28 04:45:28 vps46666688 sshd[20650]: Failed password for invalid user teamspeak2 from 222.84.254.88 port 58090 ssh2 ...	2020-06-28 16:19:46
222.84.254.88	attackbots	Jun 14 23:19:23 abendstille sshd\[3172\]: Invalid user sst from 222.84.254.88 Jun 14 23:19:23 abendstille sshd\[3172\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.84.254.88 Jun 14 23:19:25 abendstille sshd\[3172\]: Failed password for invalid user sst from 222.84.254.88 port 45326 ssh2 Jun 14 23:22:46 abendstille sshd\[6409\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.84.254.88 user=root Jun 14 23:22:47 abendstille sshd\[6409\]: Failed password for root from 222.84.254.88 port 59928 ssh2 ...	2020-06-15 09:59:24
222.84.254.88	attackspambots	Apr 26 00:30:20 sso sshd[1109]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.84.254.88 Apr 26 00:30:22 sso sshd[1109]: Failed password for invalid user horus from 222.84.254.88 port 56644 ssh2 ...	2020-04-26 06:42:15
222.84.254.102	attack	Apr 18 22:08:25 scw-6657dc sshd[18715]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.84.254.102 Apr 18 22:08:25 scw-6657dc sshd[18715]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.84.254.102 Apr 18 22:08:27 scw-6657dc sshd[18715]: Failed password for invalid user my from 222.84.254.102 port 53370 ssh2 ...	2020-04-19 06:28:07
222.84.254.88	attackspam	Apr 5 11:30:20 srv-ubuntu-dev3 sshd[5170]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.84.254.88 user=root Apr 5 11:30:22 srv-ubuntu-dev3 sshd[5170]: Failed password for root from 222.84.254.88 port 36634 ssh2 Apr 5 11:32:06 srv-ubuntu-dev3 sshd[5471]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.84.254.88 user=root Apr 5 11:32:08 srv-ubuntu-dev3 sshd[5471]: Failed password for root from 222.84.254.88 port 60952 ssh2 Apr 5 11:33:55 srv-ubuntu-dev3 sshd[5720]: Invalid user 123 from 222.84.254.88 Apr 5 11:33:55 srv-ubuntu-dev3 sshd[5720]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.84.254.88 Apr 5 11:33:55 srv-ubuntu-dev3 sshd[5720]: Invalid user 123 from 222.84.254.88 Apr 5 11:33:57 srv-ubuntu-dev3 sshd[5720]: Failed password for invalid user 123 from 222.84.254.88 port 57050 ssh2 Apr 5 11:35:43 srv-ubuntu-dev3 sshd[5971]: Invalid user ...	2020-04-05 19:54:17
222.84.254.102	attackbots	Apr 1 04:51:07 yesfletchmain sshd\[3071\]: User root from 222.84.254.102 not allowed because not listed in AllowUsers Apr 1 04:51:07 yesfletchmain sshd\[3071\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.84.254.102 user=root Apr 1 04:51:09 yesfletchmain sshd\[3071\]: Failed password for invalid user root from 222.84.254.102 port 44343 ssh2 Apr 1 04:55:03 yesfletchmain sshd\[3141\]: User root from 222.84.254.102 not allowed because not listed in AllowUsers Apr 1 04:55:03 yesfletchmain sshd\[3141\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.84.254.102 user=root ...	2020-04-01 13:22:32
222.84.254.102	attack	(sshd) Failed SSH login from 222.84.254.102 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Mar 30 19:44:26 s1 sshd[30485]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.84.254.102 user=root Mar 30 19:44:28 s1 sshd[30485]: Failed password for root from 222.84.254.102 port 46708 ssh2 Mar 30 19:56:12 s1 sshd[30964]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.84.254.102 user=root Mar 30 19:56:14 s1 sshd[30964]: Failed password for root from 222.84.254.102 port 33494 ssh2 Mar 30 20:02:56 s1 sshd[31367]: Invalid user test from 222.84.254.102 port 60084	2020-03-31 02:53:10
222.84.254.88	attack	SSH Brute-Forcing (server2)	2020-03-29 06:08:53
222.84.254.207	attackspam	Repeated brute force against a port	2020-03-18 20:01:26

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 222.84.254.139
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 29195
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;222.84.254.139.			IN	A

;; AUTHORITY SECTION:
.			250	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020020101 1800 900 604800 86400

;; Query time: 100 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Feb 01 23:20:02 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 139.254.84.222.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 100.100.2.136, trying next server
;; Got SERVFAIL reply from 100.100.2.138, trying next server
Server:		100.100.2.138
Address:	100.100.2.138#53

** server can't find 139.254.84.222.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
128.199.84.41	attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-11-28 18:15:42
145.239.87.109	attack	Nov 28 09:58:54 web8 sshd\[30277\]: Invalid user 123 from 145.239.87.109 Nov 28 09:58:54 web8 sshd\[30277\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.87.109 Nov 28 09:58:56 web8 sshd\[30277\]: Failed password for invalid user 123 from 145.239.87.109 port 47458 ssh2 Nov 28 10:05:00 web8 sshd\[559\]: Invalid user heinjus from 145.239.87.109 Nov 28 10:05:00 web8 sshd\[559\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.87.109	2019-11-28 18:27:22
106.13.219.171	attackbots	Nov 28 06:53:23 vps sshd[28105]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.219.171 Nov 28 06:53:25 vps sshd[28105]: Failed password for invalid user vcsa from 106.13.219.171 port 33164 ssh2 Nov 28 07:26:06 vps sshd[29717]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.219.171 ...	2019-11-28 17:53:36
190.235.64.67	attack	DATE:2019-11-28 07:25:40, IP:190.235.64.67, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2019-11-28 18:09:16
122.155.169.223	attackbotsspam	SSH authentication failure x 6 reported by Fail2Ban ...	2019-11-28 18:21:08
213.147.113.131	attackbots	Port scan: Attack repeated for 24 hours	2019-11-28 18:20:41
58.208.229.74	attackspam	SASL broute force	2019-11-28 18:23:03
129.204.147.102	attack	Automatic report - Banned IP Access	2019-11-28 17:59:06
157.245.243.4	attackspambots	Nov 27 23:25:54 web1 sshd\[21584\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.243.4 user=root Nov 27 23:25:56 web1 sshd\[21584\]: Failed password for root from 157.245.243.4 port 48366 ssh2 Nov 27 23:32:08 web1 sshd\[22116\]: Invalid user sa from 157.245.243.4 Nov 27 23:32:08 web1 sshd\[22116\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.243.4 Nov 27 23:32:10 web1 sshd\[22116\]: Failed password for invalid user sa from 157.245.243.4 port 56870 ssh2	2019-11-28 18:12:39
222.186.175.181	attackbotsspam	Nov 28 10:45:06 fr01 sshd[20305]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.181 user=root Nov 28 10:45:08 fr01 sshd[20305]: Failed password for root from 222.186.175.181 port 49005 ssh2 ...	2019-11-28 17:54:35
190.74.0.155	attack	Connection by 190.74.0.155 on port: 26 got caught by honeypot at 11/28/2019 5:25:23 AM	2019-11-28 18:23:29
106.13.67.90	attack	Brute-force attempt banned	2019-11-28 18:24:11
222.186.180.17	attackspambots	pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.17 user=root Failed password for root from 222.186.180.17 port 29842 ssh2 Failed password for root from 222.186.180.17 port 29842 ssh2 Failed password for root from 222.186.180.17 port 29842 ssh2 Failed password for root from 222.186.180.17 port 29842 ssh2	2019-11-28 18:19:54
196.9.24.40	attackspambots	2019-11-28T07:16:04.451823struts4.enskede.local sshd\[29297\]: Invalid user rebbie from 196.9.24.40 port 41206 2019-11-28T07:16:04.458792struts4.enskede.local sshd\[29297\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.9.24.40 2019-11-28T07:16:07.412399struts4.enskede.local sshd\[29297\]: Failed password for invalid user rebbie from 196.9.24.40 port 41206 ssh2 2019-11-28T07:24:36.648773struts4.enskede.local sshd\[29317\]: Invalid user yt from 196.9.24.40 port 49516 2019-11-28T07:24:36.656469struts4.enskede.local sshd\[29317\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.9.24.40 ...	2019-11-28 18:06:34
193.176.116.162	attackspam	11/28/2019-07:25:22.455710 193.176.116.162 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2019-11-28 18:17:16

Recently Reported IPs

215.185.192.61	222.56.70.189	143.135.65.124	72.90.54.104
50.107.98.232	95.240.202.25	1.220.170.49	204.12.7.211
64.225.119.93	189.249.176.232	118.96.134.33	80.82.77.236
185.216.140.36	58.56.104.228	117.3.71.121	52.148.245.97
36.16.122.174	47.90.178.230	166.70.101.200	37.203.197.137