117.139.166.203

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: China Mobile Communications Corporation

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	"SSH brute force auth login attempt."	2020-01-23 18:11:16
attack	Unauthorized connection attempt detected from IP address 117.139.166.203 to port 2220 [J]	2020-01-18 23:38:03
attack	Unauthorized connection attempt detected from IP address 117.139.166.203 to port 2220 [J]	2020-01-18 03:03:31
attackspam	Dec 22 11:53:47 * sshd[21663]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.203 Dec 22 11:53:49 * sshd[21663]: Failed password for invalid user 123 from 117.139.166.203 port 14582 ssh2	2019-12-22 21:11:19
attackspam	Dec 7 18:23:44 linuxvps sshd\[30087\]: Invalid user boxuser from 117.139.166.203 Dec 7 18:23:44 linuxvps sshd\[30087\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.203 Dec 7 18:23:47 linuxvps sshd\[30087\]: Failed password for invalid user boxuser from 117.139.166.203 port 21076 ssh2 Dec 7 18:30:49 linuxvps sshd\[34121\]: Invalid user wwwid from 117.139.166.203 Dec 7 18:30:49 linuxvps sshd\[34121\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.203	2019-12-08 07:54:28
attackbots	2019-10-16T11:58:59.197453shield sshd\[16679\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.203 user=root 2019-10-16T11:59:00.836490shield sshd\[16679\]: Failed password for root from 117.139.166.203 port 22926 ssh2 2019-10-16T12:03:48.022960shield sshd\[17299\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.203 user=root 2019-10-16T12:03:50.198985shield sshd\[17299\]: Failed password for root from 117.139.166.203 port 26286 ssh2 2019-10-16T12:08:43.359927shield sshd\[17600\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.203 user=root	2019-10-16 22:35:44
attack	Oct 7 14:40:31 root sshd[25180]: Failed password for root from 117.139.166.203 port 61247 ssh2 Oct 7 14:45:22 root sshd[25263]: Failed password for root from 117.139.166.203 port 63504 ssh2 ...	2019-10-08 03:28:38
attack	Sep 22 10:17:37 saschabauer sshd[29603]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.203 Sep 22 10:17:39 saschabauer sshd[29603]: Failed password for invalid user anni from 117.139.166.203 port 45357 ssh2	2019-09-22 16:42:24
attackspam	Sep 19 17:11:50 areeb-Workstation sshd[3123]: Failed password for root from 117.139.166.203 port 27526 ssh2 Sep 19 17:18:15 areeb-Workstation sshd[6358]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.203 ...	2019-09-19 19:56:38
attackspam	Sep 18 00:10:07 areeb-Workstation sshd[10161]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.203 Sep 18 00:10:09 areeb-Workstation sshd[10161]: Failed password for invalid user hha from 117.139.166.203 port 59332 ssh2 ...	2019-09-18 02:43:36
attack	Aug 18 21:55:55 dedicated sshd[11613]: Invalid user ftpuser1 from 117.139.166.203 port 62839	2019-08-19 04:07:53
attackspam	Aug 3 18:17:08 MK-Soft-Root2 sshd\[13895\]: Invalid user lwen from 117.139.166.203 port 40460 Aug 3 18:17:08 MK-Soft-Root2 sshd\[13895\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.203 Aug 3 18:17:10 MK-Soft-Root2 sshd\[13895\]: Failed password for invalid user lwen from 117.139.166.203 port 40460 ssh2 ...	2019-08-04 01:53:38
attack	Jul 26 23:52:55 ks10 sshd[18484]: Failed password for root from 117.139.166.203 port 52627 ssh2 ...	2019-07-27 08:56:53
attackspambots	Jul 17 20:03:27 dedicated sshd[22428]: Invalid user chu from 117.139.166.203 port 28733	2019-07-18 04:29:13
attackspam	Jul 17 12:29:55 dedicated sshd[16470]: Invalid user vnc from 117.139.166.203 port 15101	2019-07-17 18:52:51
attack	20 attempts against mh-ssh on wood.magehost.pro	2019-06-23 09:18:09

Comments on same subnet:

IP	Type	Details	Datetime
117.139.166.27	attackbots	2020-08-29T08:14:57.320093paragon sshd[684023]: Invalid user mfm from 117.139.166.27 port 15497 2020-08-29T08:14:57.322637paragon sshd[684023]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.27 2020-08-29T08:14:57.320093paragon sshd[684023]: Invalid user mfm from 117.139.166.27 port 15497 2020-08-29T08:14:58.840575paragon sshd[684023]: Failed password for invalid user mfm from 117.139.166.27 port 15497 ssh2 2020-08-29T08:19:09.091273paragon sshd[684431]: Invalid user vna from 117.139.166.27 port 15498 ...	2020-08-29 13:36:08
117.139.166.27	attackbots	SSH authentication failure x 6 reported by Fail2Ban ...	2020-08-17 19:25:48
117.139.166.27	attackspambots	frenzy	2020-08-15 13:13:30
117.139.166.27	attackspambots	Aug 11 03:40:48 ws26vmsma01 sshd[107035]: Failed password for root from 117.139.166.27 port 12928 ssh2 ...	2020-08-11 17:38:25
117.139.166.27	attackbotsspam	2020-08-01T20:20:39.721396correo.[domain] sshd[1199]: Failed password for root from 117.139.166.27 port 12972 ssh2 2020-08-01T20:25:06.660781correo.[domain] sshd[2131]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.27 user=root 2020-08-01T20:25:08.800741correo.[domain] sshd[2131]: Failed password for root from 117.139.166.27 port 12973 ssh2 ...	2020-08-02 06:18:28
117.139.166.27	attackbotsspam	detected by Fail2Ban	2020-07-31 21:12:27
117.139.166.27	attack	Invalid user anna from 117.139.166.27 port 10573	2020-07-18 22:00:58
117.139.166.27	attack	Jul 15 20:54:44 nas sshd[4927]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.27 Jul 15 20:54:46 nas sshd[4927]: Failed password for invalid user qiuhong from 117.139.166.27 port 9949 ssh2 Jul 15 21:02:12 nas sshd[5355]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.27 ...	2020-07-16 03:49:27
117.139.166.27	attackbots	Jul 12 05:56:26 mout sshd[32147]: Invalid user wdk from 117.139.166.27 port 11204 Jul 12 05:56:28 mout sshd[32147]: Failed password for invalid user wdk from 117.139.166.27 port 11204 ssh2 Jul 12 05:56:28 mout sshd[32147]: Disconnected from invalid user wdk 117.139.166.27 port 11204 [preauth]	2020-07-12 12:21:30
117.139.166.27	attackspambots	Invalid user pramod from 117.139.166.27 port 9906	2020-07-11 07:19:40
117.139.166.27	attackbots	$f2bV_matches	2020-06-30 02:49:09
117.139.166.27	attackspambots	Jun 22 21:28:35 mockhub sshd[10584]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.27 Jun 22 21:28:37 mockhub sshd[10584]: Failed password for invalid user monitor from 117.139.166.27 port 7515 ssh2 ...	2020-06-23 13:26:28
117.139.166.27	attackspam	Jun 18 00:19:47 ny01 sshd[27029]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.27 Jun 18 00:19:49 ny01 sshd[27029]: Failed password for invalid user ftpuser from 117.139.166.27 port 6721 ssh2 Jun 18 00:23:15 ny01 sshd[27429]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.27	2020-06-18 12:33:18
117.139.166.27	attackbotsspam	Invalid user varkey from 117.139.166.27 port 5960	2020-05-30 13:03:06
117.139.166.27	attack	May 28 20:36:32 server sshd[8203]: Failed password for invalid user 72 from 117.139.166.27 port 5656 ssh2 May 28 21:07:59 server sshd[32679]: Failed password for root from 117.139.166.27 port 5663 ssh2 May 28 21:11:39 server sshd[35619]: Failed password for root from 117.139.166.27 port 5664 ssh2	2020-05-29 03:25:24

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 117.139.166.203
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 6677
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;117.139.166.203.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019062202 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Jun 23 09:18:02 CST 2019
;; MSG SIZE  rcvd: 119

Host info

203.166.139.117.in-addr.arpa has no PTR record

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 203.166.139.117.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
103.235.170.162	attackspam	Jul 27 12:50:02 *** sshd[30095]: Invalid user cod1 from 103.235.170.162	2020-07-27 21:39:57
183.80.60.197	attackbotsspam	Automatic Fail2ban report - Trying login SSH	2020-07-27 21:09:29
182.122.5.244	attack	Invalid user giacomo from 182.122.5.244 port 56200	2020-07-27 21:09:02
218.92.0.248	attackbotsspam	failed root login	2020-07-27 21:23:43
78.128.113.62	attackbots	20 attempts against mh-misbehave-ban on float	2020-07-27 21:31:42
222.186.173.226	attackbots	Jul 27 15:15:18 nextcloud sshd\[12561\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.226 user=root Jul 27 15:15:21 nextcloud sshd\[12561\]: Failed password for root from 222.186.173.226 port 21076 ssh2 Jul 27 15:15:24 nextcloud sshd\[12561\]: Failed password for root from 222.186.173.226 port 21076 ssh2	2020-07-27 21:16:22
191.8.88.128	attack	Jul 27 06:56:16 s158375 sshd[4367]: Failed password for invalid user ubuntu from 191.8.88.128 port 46510 ssh2	2020-07-27 21:29:54
122.51.204.51	attack	Jul 27 04:51:34 dignus sshd[5290]: Failed password for invalid user steven from 122.51.204.51 port 40910 ssh2 Jul 27 04:58:30 dignus sshd[6107]: Invalid user test4 from 122.51.204.51 port 51560 Jul 27 04:58:30 dignus sshd[6107]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.204.51 Jul 27 04:58:32 dignus sshd[6107]: Failed password for invalid user test4 from 122.51.204.51 port 51560 ssh2 Jul 27 05:02:06 dignus sshd[6573]: Invalid user student from 122.51.204.51 port 34998 ...	2020-07-27 21:00:02
185.174.210.198	attackspam	Dovecot Invalid User Login Attempt.	2020-07-27 21:37:56
145.239.2.29	attackbotsspam	[2020-07-27 08:58:10] NOTICE[1248] chan_sip.c: Registration from '' failed for '145.239.2.29:54384' - Wrong password [2020-07-27 08:58:10] SECURITY[1275] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-07-27T08:58:10.983-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="3735",SessionID="0x7f27200510e8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/145.239.2.29/54384",Challenge="0617269c",ReceivedChallenge="0617269c",ReceivedHash="d44e7e37d4db4c6d421e0b72bd9ad369" [2020-07-27 08:58:21] NOTICE[1248] chan_sip.c: Registration from '' failed for '145.239.2.29:56753' - Wrong password ...	2020-07-27 21:08:04
183.82.155.24	attackspambots	20/7/27@07:56:26: FAIL: Alarm-Network address from=183.82.155.24 ...	2020-07-27 21:20:32
211.234.119.189	attackbotsspam	Jul 27 09:06:45 NPSTNNYC01T sshd[32351]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.234.119.189 Jul 27 09:06:47 NPSTNNYC01T sshd[32351]: Failed password for invalid user apache from 211.234.119.189 port 38878 ssh2 Jul 27 09:11:41 NPSTNNYC01T sshd[343]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.234.119.189 ...	2020-07-27 21:19:06
222.249.235.234	attack	Jul 27 12:27:25 localhost sshd\[4481\]: Invalid user zzp from 222.249.235.234 port 33638 Jul 27 12:27:25 localhost sshd\[4481\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.249.235.234 Jul 27 12:27:27 localhost sshd\[4481\]: Failed password for invalid user zzp from 222.249.235.234 port 33638 ssh2 ...	2020-07-27 21:30:39
167.172.38.238	attackbots	Jul 27 14:21:00 rocket sshd[9550]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.172.38.238 Jul 27 14:21:03 rocket sshd[9550]: Failed password for invalid user user5 from 167.172.38.238 port 48186 ssh2 ...	2020-07-27 21:36:09
5.15.172.6	attackspambots	Port probing on unauthorized port 88	2020-07-27 21:21:32

Recently Reported IPs

61.58.60.240	191.53.254.123	23.238.25.12	131.100.209.139
68.183.94.110	179.146.241.44	188.226.151.23	165.227.63.207
123.130.226.231	31.171.1.86	91.228.198.113	81.219.66.154
117.175.105.92	103.249.52.5	91.107.18.249	184.83.227.254
183.196.178.167	183.152.69.171	167.160.127.88	220.172.80.206