119.139.198.117

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: ChinaNet Guangdong Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	SSH Brute-Forcing (server2)	2020-03-26 19:23:14
attackbots	Mar 25 21:34:28 ws22vmsma01 sshd[29738]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.139.198.117 Mar 25 21:34:29 ws22vmsma01 sshd[29738]: Failed password for invalid user admin from 119.139.198.117 port 37462 ssh2 ...	2020-03-26 08:54:53

Type

Details

Datetime

attackspam

SSH Brute-Forcing (server2)

2020-03-26 19:23:14

attackbots

Mar 25 21:34:28 ws22vmsma01 sshd[29738]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.139.198.117
Mar 25 21:34:29 ws22vmsma01 sshd[29738]: Failed password for invalid user admin from 119.139.198.117 port 37462 ssh2
...

2020-03-26 08:54:53

Comments on same subnet:

IP	Type	Details	Datetime
119.139.198.74	attackspam	2020-05-10T10:03:22.2681831495-001 sshd[27932]: Invalid user csgoserver from 119.139.198.74 port 35479 2020-05-10T10:03:24.3315611495-001 sshd[27932]: Failed password for invalid user csgoserver from 119.139.198.74 port 35479 ssh2 2020-05-10T10:06:04.2953941495-001 sshd[28061]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.139.198.74 user=root 2020-05-10T10:06:06.5964691495-001 sshd[28061]: Failed password for root from 119.139.198.74 port 49517 ssh2 2020-05-10T10:08:55.1414411495-001 sshd[28173]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.139.198.74 user=root 2020-05-10T10:08:56.9161881495-001 sshd[28173]: Failed password for root from 119.139.198.74 port 35319 ssh2 ...	2020-05-11 03:00:25
119.139.198.3	attackspambots	2020-05-07T10:10:06.103580abusebot-7.cloudsearch.cf sshd[4036]: Invalid user admin from 119.139.198.3 port 45971 2020-05-07T10:10:06.110721abusebot-7.cloudsearch.cf sshd[4036]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.139.198.3 2020-05-07T10:10:06.103580abusebot-7.cloudsearch.cf sshd[4036]: Invalid user admin from 119.139.198.3 port 45971 2020-05-07T10:10:08.450591abusebot-7.cloudsearch.cf sshd[4036]: Failed password for invalid user admin from 119.139.198.3 port 45971 ssh2 2020-05-07T10:12:28.788632abusebot-7.cloudsearch.cf sshd[4194]: Invalid user sme from 119.139.198.3 port 32829 2020-05-07T10:12:28.795960abusebot-7.cloudsearch.cf sshd[4194]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.139.198.3 2020-05-07T10:12:28.788632abusebot-7.cloudsearch.cf sshd[4194]: Invalid user sme from 119.139.198.3 port 32829 2020-05-07T10:12:30.629172abusebot-7.cloudsearch.cf sshd[4194]: Failed password fo ...	2020-05-07 19:25:31
119.139.198.156	attackbotsspam	1433/tcp [2020-03-31]1pkt	2020-04-01 05:18:39
119.139.198.166	attackspambots	Aug 13 01:54:26 www sshd\[9012\]: Invalid user nokia from 119.139.198.166Aug 13 01:54:28 www sshd\[9012\]: Failed password for invalid user nokia from 119.139.198.166 port 56934 ssh2Aug 13 02:00:45 www sshd\[9077\]: Invalid user test6 from 119.139.198.166 ...	2019-08-13 07:08:54

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 119.139.198.117
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 6253
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;119.139.198.117.		IN	A

;; AUTHORITY SECTION:
.			167	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020032503 1800 900 604800 86400

;; Query time: 41 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Mar 26 08:54:49 CST 2020
;; MSG SIZE  rcvd: 119

Host info

Host 117.198.139.119.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 117.198.139.119.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
94.181.241.214	attack	Wordpress File Manager Plugin Remote Code Execution Vulnerability, PTR: dynamicip-94-181-241-214.pppoe.kirov.ertelecom.ru.	2020-09-08 02:14:22
162.247.74.213	attackbots	Sep 7 18:40:30 host sshd[13777]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=snowden.tor-exit.calyxinstitute.org user=root Sep 7 18:40:32 host sshd[13777]: Failed password for root from 162.247.74.213 port 41386 ssh2 ...	2020-09-08 02:11:27
122.118.2.162	attackbotsspam	DATE:2020-09-07 15:33:52, IP:122.118.2.162, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-09-08 01:58:36
89.248.160.150	attack	89.248.160.150 was recorded 6 times by 4 hosts attempting to connect to the following ports: 9189,9011. Incident counter (4h, 24h, all-time): 6, 34, 16622	2020-09-08 01:35:39
209.141.48.230	attackspambots	TCP (SYN) 209.141.48.230:39845 -> port 23, len 44	2020-09-08 01:32:52
94.241.253.75	attackbotsspam	1599410920 - 09/06/2020 18:48:40 Host: 94.241.253.75/94.241.253.75 Port: 445 TCP Blocked	2020-09-08 02:01:37
161.35.126.137	attackspambots	Sep 7 20:42:07 ift sshd\[41484\]: Failed password for root from 161.35.126.137 port 56688 ssh2Sep 7 20:42:17 ift sshd\[41521\]: Invalid user oracle from 161.35.126.137Sep 7 20:42:19 ift sshd\[41521\]: Failed password for invalid user oracle from 161.35.126.137 port 58592 ssh2Sep 7 20:42:31 ift sshd\[41540\]: Failed password for root from 161.35.126.137 port 60076 ssh2Sep 7 20:42:40 ift sshd\[41579\]: Invalid user postgres from 161.35.126.137 ...	2020-09-08 01:56:44
117.4.247.103	attack	Unauthorized connection attempt from IP address 117.4.247.103 on Port 445(SMB)	2020-09-08 02:08:40
192.241.239.16	attackbotsspam	firewall-block, port(s): 20547/tcp	2020-09-08 01:30:40
37.76.147.31	attackspam	Sep 8 01:13:26 NG-HHDC-SVS-001 sshd[16027]: Invalid user dev from 37.76.147.31 ...	2020-09-08 02:06:14
94.102.49.191	attackbots	Port-scan: detected 167 distinct ports within a 24-hour window.	2020-09-08 01:39:50
139.99.141.237	attackbots	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: svr02-vs02.svr02.goau.net.au.	2020-09-08 01:27:46
186.103.171.78	attackspam	20/9/7@00:12:34: FAIL: Alarm-Network address from=186.103.171.78 ...	2020-09-08 01:59:10
49.235.69.9	attack	Sep 7 18:33:00 vps647732 sshd[14963]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.69.9 Sep 7 18:33:03 vps647732 sshd[14963]: Failed password for invalid user deploy from 49.235.69.9 port 58428 ssh2 ...	2020-09-08 01:52:09
62.210.136.231	attack	2020-09-07T05:09:01.310634morrigan.ad5gb.com sshd[1986177]: Failed password for root from 62.210.136.231 port 40144 ssh2 2020-09-07T05:09:01.767550morrigan.ad5gb.com sshd[1986177]: Disconnected from authenticating user root 62.210.136.231 port 40144 [preauth]	2020-09-08 01:29:59

Recently Reported IPs

92.20.174.64	118.24.248.17	56.139.47.226	113.173.239.188
104.180.219.31	63.141.31.40	210.208.252.215	123.37.36.61
125.25.86.175	181.169.155.174	98.199.202.48	116.107.238.79
61.183.139.132	49.234.70.105	23.224.167.160	125.99.46.47
193.142.59.230	111.9.56.34	182.43.134.224	135.221.28.136