117.139.166.27

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: China Mobile Communications Corporation

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	2020-08-29T08:14:57.320093paragon sshd[684023]: Invalid user mfm from 117.139.166.27 port 15497 2020-08-29T08:14:57.322637paragon sshd[684023]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.27 2020-08-29T08:14:57.320093paragon sshd[684023]: Invalid user mfm from 117.139.166.27 port 15497 2020-08-29T08:14:58.840575paragon sshd[684023]: Failed password for invalid user mfm from 117.139.166.27 port 15497 ssh2 2020-08-29T08:19:09.091273paragon sshd[684431]: Invalid user vna from 117.139.166.27 port 15498 ...	2020-08-29 13:36:08
attackbots	SSH authentication failure x 6 reported by Fail2Ban ...	2020-08-17 19:25:48
attackspambots	frenzy	2020-08-15 13:13:30
attackspambots	Aug 11 03:40:48 ws26vmsma01 sshd[107035]: Failed password for root from 117.139.166.27 port 12928 ssh2 ...	2020-08-11 17:38:25
attackbotsspam	2020-08-01T20:20:39.721396correo.[domain] sshd[1199]: Failed password for root from 117.139.166.27 port 12972 ssh2 2020-08-01T20:25:06.660781correo.[domain] sshd[2131]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.27 user=root 2020-08-01T20:25:08.800741correo.[domain] sshd[2131]: Failed password for root from 117.139.166.27 port 12973 ssh2 ...	2020-08-02 06:18:28
attackbotsspam	detected by Fail2Ban	2020-07-31 21:12:27
attack	Invalid user anna from 117.139.166.27 port 10573	2020-07-18 22:00:58
attack	Jul 15 20:54:44 nas sshd[4927]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.27 Jul 15 20:54:46 nas sshd[4927]: Failed password for invalid user qiuhong from 117.139.166.27 port 9949 ssh2 Jul 15 21:02:12 nas sshd[5355]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.27 ...	2020-07-16 03:49:27
attackbots	Jul 12 05:56:26 mout sshd[32147]: Invalid user wdk from 117.139.166.27 port 11204 Jul 12 05:56:28 mout sshd[32147]: Failed password for invalid user wdk from 117.139.166.27 port 11204 ssh2 Jul 12 05:56:28 mout sshd[32147]: Disconnected from invalid user wdk 117.139.166.27 port 11204 [preauth]	2020-07-12 12:21:30
attackspambots	Invalid user pramod from 117.139.166.27 port 9906	2020-07-11 07:19:40
attackbots	$f2bV_matches	2020-06-30 02:49:09
attackspambots	Jun 22 21:28:35 mockhub sshd[10584]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.27 Jun 22 21:28:37 mockhub sshd[10584]: Failed password for invalid user monitor from 117.139.166.27 port 7515 ssh2 ...	2020-06-23 13:26:28
attackspam	Jun 18 00:19:47 ny01 sshd[27029]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.27 Jun 18 00:19:49 ny01 sshd[27029]: Failed password for invalid user ftpuser from 117.139.166.27 port 6721 ssh2 Jun 18 00:23:15 ny01 sshd[27429]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.27	2020-06-18 12:33:18
attackbotsspam	Invalid user varkey from 117.139.166.27 port 5960	2020-05-30 13:03:06
attack	May 28 20:36:32 server sshd[8203]: Failed password for invalid user 72 from 117.139.166.27 port 5656 ssh2 May 28 21:07:59 server sshd[32679]: Failed password for root from 117.139.166.27 port 5663 ssh2 May 28 21:11:39 server sshd[35619]: Failed password for root from 117.139.166.27 port 5664 ssh2	2020-05-29 03:25:24
attack	SSH Brute Force	2020-05-06 06:26:38
attackspambots	Invalid user elemental from 117.139.166.27 port 3367	2020-04-23 23:08:41
attackspambots	Unauthorized SSH login attempts	2020-04-10 18:35:18
attack	SSH Brute-Forcing (ownc)	2019-11-09 08:47:07
attackbotsspam	Nov 7 22:56:37 game-panel sshd[7403]: Failed password for root from 117.139.166.27 port 3685 ssh2 Nov 7 23:01:07 game-panel sshd[7582]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.27 Nov 7 23:01:09 game-panel sshd[7582]: Failed password for invalid user ubnt from 117.139.166.27 port 3687 ssh2	2019-11-08 07:43:42
attackbots	Unauthorized SSH login attempts	2019-11-08 01:32:20
attackspambots	Nov 7 19:05:19 webhost01 sshd[4047]: Failed password for root from 117.139.166.27 port 3053 ssh2 ...	2019-11-07 20:16:56
attack	2019-11-04T13:17:12.739036hub.schaetter.us sshd\[12799\]: Invalid user c-comatic from 117.139.166.27 port 2722 2019-11-04T13:17:12.750152hub.schaetter.us sshd\[12799\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.27 2019-11-04T13:17:15.080444hub.schaetter.us sshd\[12799\]: Failed password for invalid user c-comatic from 117.139.166.27 port 2722 ssh2 2019-11-04T13:22:31.286717hub.schaetter.us sshd\[12835\]: Invalid user fernie from 117.139.166.27 port 2723 2019-11-04T13:22:31.298118hub.schaetter.us sshd\[12835\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.27 ...	2019-11-04 22:08:09
attackspambots	Oct 28 17:17:01 roadrisk sshd[9562]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.27 user=r.r Oct 28 17:17:04 roadrisk sshd[9562]: Failed password for r.r from 117.139.166.27 port 2055 ssh2 Oct 28 17:17:04 roadrisk sshd[9562]: Received disconnect from 117.139.166.27: 11: Bye Bye [preauth] Oct 28 17:32:08 roadrisk sshd[9831]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.27 user=r.r Oct 28 17:32:10 roadrisk sshd[9831]: Failed password for r.r from 117.139.166.27 port 2060 ssh2 Oct 28 17:32:10 roadrisk sshd[9831]: Received disconnect from 117.139.166.27: 11: Bye Bye [preauth] Oct 28 17:37:31 roadrisk sshd[9900]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.27 user=r.r Oct 28 17:37:33 roadrisk sshd[9900]: Failed password for r.r from 117.139.166.27 port 2062 ssh2 Oct 28 17:37:33 roadrisk sshd[9900]: Received ........ -------------------------------	2019-11-03 06:00:23
attackbots	Oct 28 17:17:01 roadrisk sshd[9562]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.27 user=r.r Oct 28 17:17:04 roadrisk sshd[9562]: Failed password for r.r from 117.139.166.27 port 2055 ssh2 Oct 28 17:17:04 roadrisk sshd[9562]: Received disconnect from 117.139.166.27: 11: Bye Bye [preauth] Oct 28 17:32:08 roadrisk sshd[9831]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.27 user=r.r Oct 28 17:32:10 roadrisk sshd[9831]: Failed password for r.r from 117.139.166.27 port 2060 ssh2 Oct 28 17:32:10 roadrisk sshd[9831]: Received disconnect from 117.139.166.27: 11: Bye Bye [preauth] Oct 28 17:37:31 roadrisk sshd[9900]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.27 user=r.r Oct 28 17:37:33 roadrisk sshd[9900]: Failed password for r.r from 117.139.166.27 port 2062 ssh2 Oct 28 17:37:33 roadrisk sshd[9900]: Received ........ -------------------------------	2019-11-01 19:18:11
attackspam	Oct 28 17:17:01 roadrisk sshd[9562]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.27 user=r.r Oct 28 17:17:04 roadrisk sshd[9562]: Failed password for r.r from 117.139.166.27 port 2055 ssh2 Oct 28 17:17:04 roadrisk sshd[9562]: Received disconnect from 117.139.166.27: 11: Bye Bye [preauth] Oct 28 17:32:08 roadrisk sshd[9831]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.27 user=r.r Oct 28 17:32:10 roadrisk sshd[9831]: Failed password for r.r from 117.139.166.27 port 2060 ssh2 Oct 28 17:32:10 roadrisk sshd[9831]: Received disconnect from 117.139.166.27: 11: Bye Bye [preauth] Oct 28 17:37:31 roadrisk sshd[9900]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.27 user=r.r Oct 28 17:37:33 roadrisk sshd[9900]: Failed password for r.r from 117.139.166.27 port 2062 ssh2 Oct 28 17:37:33 roadrisk sshd[9900]: Received ........ -------------------------------	2019-10-31 08:31:30
attack	SSH/22 MH Probe, BF, Hack -	2019-10-29 14:05:08

Comments on same subnet:

IP	Type	Details	Datetime
117.139.166.203	attackspambots	"SSH brute force auth login attempt."	2020-01-23 18:11:16
117.139.166.203	attack	Unauthorized connection attempt detected from IP address 117.139.166.203 to port 2220 [J]	2020-01-18 23:38:03
117.139.166.203	attack	Unauthorized connection attempt detected from IP address 117.139.166.203 to port 2220 [J]	2020-01-18 03:03:31
117.139.166.203	attackspam	Dec 22 11:53:47 * sshd[21663]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.203 Dec 22 11:53:49 * sshd[21663]: Failed password for invalid user 123 from 117.139.166.203 port 14582 ssh2	2019-12-22 21:11:19
117.139.166.203	attackspam	Dec 7 18:23:44 linuxvps sshd\[30087\]: Invalid user boxuser from 117.139.166.203 Dec 7 18:23:44 linuxvps sshd\[30087\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.203 Dec 7 18:23:47 linuxvps sshd\[30087\]: Failed password for invalid user boxuser from 117.139.166.203 port 21076 ssh2 Dec 7 18:30:49 linuxvps sshd\[34121\]: Invalid user wwwid from 117.139.166.203 Dec 7 18:30:49 linuxvps sshd\[34121\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.203	2019-12-08 07:54:28
117.139.166.20	attack	Nov 7 19:46:05 auw2 sshd\[19760\]: Invalid user urged from 117.139.166.20 Nov 7 19:46:05 auw2 sshd\[19760\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.20 Nov 7 19:46:08 auw2 sshd\[19760\]: Failed password for invalid user urged from 117.139.166.20 port 49725 ssh2 Nov 7 19:51:22 auw2 sshd\[20186\]: Invalid user salesg from 117.139.166.20 Nov 7 19:51:22 auw2 sshd\[20186\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.20	2019-11-08 13:53:31
117.139.166.20	attackspambots	2019-11-02T17:22:02.256911luisaranguren sshd[2114860]: Connection from 117.139.166.20 port 36076 on 10.10.10.6 port 22 2019-11-02T17:22:04.980653luisaranguren sshd[2114860]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.20 user=root 2019-11-02T17:22:07.109563luisaranguren sshd[2114860]: Failed password for root from 117.139.166.20 port 36076 ssh2 2019-11-02T17:52:05.425153luisaranguren sshd[2120888]: Connection from 117.139.166.20 port 40395 on 10.10.10.6 port 22 2019-11-02T17:52:08.818078luisaranguren sshd[2120888]: Invalid user 70 from 117.139.166.20 port 40395 ...	2019-11-02 18:40:40
117.139.166.203	attackbots	2019-10-16T11:58:59.197453shield sshd\[16679\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.203 user=root 2019-10-16T11:59:00.836490shield sshd\[16679\]: Failed password for root from 117.139.166.203 port 22926 ssh2 2019-10-16T12:03:48.022960shield sshd\[17299\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.203 user=root 2019-10-16T12:03:50.198985shield sshd\[17299\]: Failed password for root from 117.139.166.203 port 26286 ssh2 2019-10-16T12:08:43.359927shield sshd\[17600\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.203 user=root	2019-10-16 22:35:44
117.139.166.203	attack	Oct 7 14:40:31 root sshd[25180]: Failed password for root from 117.139.166.203 port 61247 ssh2 Oct 7 14:45:22 root sshd[25263]: Failed password for root from 117.139.166.203 port 63504 ssh2 ...	2019-10-08 03:28:38
117.139.166.203	attack	Sep 22 10:17:37 saschabauer sshd[29603]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.203 Sep 22 10:17:39 saschabauer sshd[29603]: Failed password for invalid user anni from 117.139.166.203 port 45357 ssh2	2019-09-22 16:42:24
117.139.166.203	attackspam	Sep 19 17:11:50 areeb-Workstation sshd[3123]: Failed password for root from 117.139.166.203 port 27526 ssh2 Sep 19 17:18:15 areeb-Workstation sshd[6358]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.203 ...	2019-09-19 19:56:38
117.139.166.203	attackspam	Sep 18 00:10:07 areeb-Workstation sshd[10161]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.203 Sep 18 00:10:09 areeb-Workstation sshd[10161]: Failed password for invalid user hha from 117.139.166.203 port 59332 ssh2 ...	2019-09-18 02:43:36
117.139.166.203	attack	Aug 18 21:55:55 dedicated sshd[11613]: Invalid user ftpuser1 from 117.139.166.203 port 62839	2019-08-19 04:07:53
117.139.166.203	attackspam	Aug 3 18:17:08 MK-Soft-Root2 sshd\[13895\]: Invalid user lwen from 117.139.166.203 port 40460 Aug 3 18:17:08 MK-Soft-Root2 sshd\[13895\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.203 Aug 3 18:17:10 MK-Soft-Root2 sshd\[13895\]: Failed password for invalid user lwen from 117.139.166.203 port 40460 ssh2 ...	2019-08-04 01:53:38
117.139.166.203	attack	Jul 26 23:52:55 ks10 sshd[18484]: Failed password for root from 117.139.166.203 port 52627 ssh2 ...	2019-07-27 08:56:53

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 117.139.166.27
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 21730
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;117.139.166.27.			IN	A

;; AUTHORITY SECTION:
.			494	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019102900 1800 900 604800 86400

;; Query time: 109 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Oct 29 14:05:05 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 27.166.139.117.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 27.166.139.117.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
105.159.253.46	attackspam	SSH brute force attempt	2020-06-16 08:22:35
129.204.77.124	attackbotsspam	Jun 15 22:41:13 vmd17057 sshd[1130]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.77.124 Jun 15 22:41:15 vmd17057 sshd[1130]: Failed password for invalid user wangzhe from 129.204.77.124 port 36988 ssh2 ...	2020-06-16 08:11:16
80.187.112.135	attackbotsspam	Chat Spam	2020-06-16 07:58:09
192.99.245.135	attackspambots	Jun 16 00:07:47 vmd48417 sshd[17446]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.99.245.135	2020-06-16 08:03:29
142.90.121.163	attackspambots	Lines containing failures of 142.90.121.163 Jun 15 22:08:42 g1 sshd[23848]: Invalid user jeronimo from 142.90.121.163 port 58790 Jun 15 22:08:42 g1 sshd[23848]: Failed password for invalid user jeronimo from 142.90.121.163 port 58790 ssh2 Jun 15 22:08:42 g1 sshd[23848]: Received disconnect from 142.90.121.163 port 58790:11: Bye Bye [preauth] Jun 15 22:08:42 g1 sshd[23848]: Disconnected from invalid user jeronimo 142.90.121.163 port 58790 [preauth] Jun 15 22:28:44 g1 sshd[24197]: Invalid user ivete from 142.90.121.163 port 40170 Jun 15 22:28:44 g1 sshd[24197]: Failed password for invalid user ivete from 142.90.121.163 port 40170 ssh2 Jun 15 22:28:44 g1 sshd[24197]: Received disconnect from 142.90.121.163 port 40170:11: Bye Bye [preauth] Jun 15 22:28:44 g1 sshd[24197]: Disconnected from invalid user ivete 142.90.121.163 port 40170 [preauth] Jun 15 22:30:43 g1 sshd[24254]: Invalid user linux from 142.90.121.163 port 49238 Jun 15 22:30:43 g1 sshd[24254]: Failed password for ........ ------------------------------	2020-06-16 08:07:27
62.28.217.62	attackbots	SSH Invalid Login	2020-06-16 08:01:35
122.51.150.134	attackspambots	Jun 15 20:39:41 onepixel sshd[1240937]: Invalid user ec2-user from 122.51.150.134 port 47540 Jun 15 20:39:41 onepixel sshd[1240937]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.150.134 Jun 15 20:39:41 onepixel sshd[1240937]: Invalid user ec2-user from 122.51.150.134 port 47540 Jun 15 20:39:43 onepixel sshd[1240937]: Failed password for invalid user ec2-user from 122.51.150.134 port 47540 ssh2 Jun 15 20:41:13 onepixel sshd[1241084]: Invalid user don from 122.51.150.134 port 37038	2020-06-16 08:14:20
101.178.175.30	attackbotsspam	2020-06-15T23:26:49.945128shield sshd\[11484\]: Invalid user cwu from 101.178.175.30 port 2596 2020-06-15T23:26:49.950219shield sshd\[11484\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.178.175.30 2020-06-15T23:26:51.866509shield sshd\[11484\]: Failed password for invalid user cwu from 101.178.175.30 port 2596 ssh2 2020-06-15T23:31:34.130959shield sshd\[11972\]: Invalid user kji from 101.178.175.30 port 34911 2020-06-15T23:31:34.135582shield sshd\[11972\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.178.175.30	2020-06-16 08:08:51
23.239.12.197	attackbotsspam	Honeypot hit.	2020-06-16 07:53:19
140.143.149.71	attackbots	SSH / Telnet Brute Force Attempts on Honeypot	2020-06-16 08:17:23
45.33.85.194	attack	UDP 45.33.85.194:49807 -> port 5353, len 74	2020-06-16 08:22:57
188.81.40.115	attack	...	2020-06-16 08:02:30
156.204.98.94	attackspam	DATE:2020-06-15 22:41:10, IP:156.204.98.94, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-06-16 08:10:28
89.223.124.218	attack	SSH Invalid Login	2020-06-16 08:06:31
112.196.54.35	attackspam	102. On Jun 15 2020 experienced a Brute Force SSH login attempt -> 10 unique times by 112.196.54.35.	2020-06-16 08:21:18

Recently Reported IPs

218.132.9.224	22.16.155.45	117.238.165.55	178.62.27.245
154.248.32.20	164.18.18.244	11.61.216.128	130.20.125.88
142.156.206.23	213.116.49.101	207.90.139.0	71.210.86.6
48.125.212.248	255.203.216.50	6.183.168.145	253.187.205.98
178.129.4.53	37.49.231.149	174.144.122.111	217.68.208.49