119.139.199.169

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: ChinaNet Guangdong Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Invalid user in from 119.139.199.169 port 39462	2020-04-30 03:28:17
attack	Lines containing failures of 119.139.199.169 Apr 17 11:09:22 icinga sshd[18483]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.139.199.169 user=r.r Apr 17 11:09:24 icinga sshd[18483]: Failed password for r.r from 119.139.199.169 port 57084 ssh2 Apr 17 11:09:24 icinga sshd[18483]: Received disconnect from 119.139.199.169 port 57084:11: Bye Bye [preauth] Apr 17 11:09:24 icinga sshd[18483]: Disconnected from authenticating user r.r 119.139.199.169 port 57084 [preauth] Apr 17 11:21:07 icinga sshd[21716]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.139.199.169 user=r.r Apr 17 11:21:09 icinga sshd[21716]: Failed password for r.r from 119.139.199.169 port 43960 ssh2 Apr 17 11:21:10 icinga sshd[21716]: Received disconnect from 119.139.199.169 port 43960:11: Bye Bye [preauth] Apr 17 11:21:10 icinga sshd[21716]: Disconnected from authenticating user r.r 119.139.199.169 port 43960 [preau........ ------------------------------	2020-04-19 01:39:46
attack	2020-04-17T10:48:08.655006abusebot.cloudsearch.cf sshd[26084]: Invalid user admin from 119.139.199.169 port 46566 2020-04-17T10:48:08.661391abusebot.cloudsearch.cf sshd[26084]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.139.199.169 2020-04-17T10:48:08.655006abusebot.cloudsearch.cf sshd[26084]: Invalid user admin from 119.139.199.169 port 46566 2020-04-17T10:48:10.309493abusebot.cloudsearch.cf sshd[26084]: Failed password for invalid user admin from 119.139.199.169 port 46566 ssh2 2020-04-17T10:55:26.679947abusebot.cloudsearch.cf sshd[26755]: Invalid user um from 119.139.199.169 port 37730 2020-04-17T10:55:26.686051abusebot.cloudsearch.cf sshd[26755]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.139.199.169 2020-04-17T10:55:26.679947abusebot.cloudsearch.cf sshd[26755]: Invalid user um from 119.139.199.169 port 37730 2020-04-17T10:55:29.131833abusebot.cloudsearch.cf sshd[26755]: Failed passwor ...	2020-04-17 22:33:21

Type

Details

Datetime

attack

Invalid user in from 119.139.199.169 port 39462

2020-04-30 03:28:17

attack

Lines containing failures of 119.139.199.169
Apr 17 11:09:22 icinga sshd[18483]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.139.199.169  user=r.r
Apr 17 11:09:24 icinga sshd[18483]: Failed password for r.r from 119.139.199.169 port 57084 ssh2
Apr 17 11:09:24 icinga sshd[18483]: Received disconnect from 119.139.199.169 port 57084:11: Bye Bye [preauth]
Apr 17 11:09:24 icinga sshd[18483]: Disconnected from authenticating user r.r 119.139.199.169 port 57084 [preauth]
Apr 17 11:21:07 icinga sshd[21716]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.139.199.169  user=r.r
Apr 17 11:21:09 icinga sshd[21716]: Failed password for r.r from 119.139.199.169 port 43960 ssh2
Apr 17 11:21:10 icinga sshd[21716]: Received disconnect from 119.139.199.169 port 43960:11: Bye Bye [preauth]
Apr 17 11:21:10 icinga sshd[21716]: Disconnected from authenticating user r.r 119.139.199.169 port 43960 [preau........
------------------------------

2020-04-19 01:39:46

attack

2020-04-17T10:48:08.655006abusebot.cloudsearch.cf sshd[26084]: Invalid user admin from 119.139.199.169 port 46566
2020-04-17T10:48:08.661391abusebot.cloudsearch.cf sshd[26084]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.139.199.169
2020-04-17T10:48:08.655006abusebot.cloudsearch.cf sshd[26084]: Invalid user admin from 119.139.199.169 port 46566
2020-04-17T10:48:10.309493abusebot.cloudsearch.cf sshd[26084]: Failed password for invalid user admin from 119.139.199.169 port 46566 ssh2
2020-04-17T10:55:26.679947abusebot.cloudsearch.cf sshd[26755]: Invalid user um from 119.139.199.169 port 37730
2020-04-17T10:55:26.686051abusebot.cloudsearch.cf sshd[26755]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.139.199.169
2020-04-17T10:55:26.679947abusebot.cloudsearch.cf sshd[26755]: Invalid user um from 119.139.199.169 port 37730
2020-04-17T10:55:29.131833abusebot.cloudsearch.cf sshd[26755]: Failed passwor
...

2020-04-17 22:33:21

Comments on same subnet:

IP	Type	Details	Datetime
119.139.199.28	attackspambots	Feb 28 10:44:00 liveconfig01 sshd[30775]: Connection closed by 119.139.199.28 port 22309 [preauth] Feb 28 10:57:57 liveconfig01 sshd[31448]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.139.199.28 user=mysql Feb 28 10:57:58 liveconfig01 sshd[31448]: Failed password for mysql from 119.139.199.28 port 10332 ssh2 Feb 28 10:57:59 liveconfig01 sshd[31448]: Received disconnect from 119.139.199.28 port 10332:11: Normal Shutdown [preauth] Feb 28 10:57:59 liveconfig01 sshd[31448]: Disconnected from 119.139.199.28 port 10332 [preauth] Feb 28 11:05:20 liveconfig01 sshd[31756]: Invalid user www from 119.139.199.28 Feb 28 11:05:20 liveconfig01 sshd[31756]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.139.199.28 Feb 28 11:05:22 liveconfig01 sshd[31756]: Failed password for invalid user www from 119.139.199.28 port 36332 ssh2 Feb 28 11:05:22 liveconfig01 sshd[31756]: Received disconnect from........ -------------------------------	2020-03-01 23:40:57
119.139.199.28	attackspambots	$f2bV_matches	2020-02-29 16:03:05
119.139.199.146	attackbotsspam	Unauthorized connection attempt detected from IP address 119.139.199.146 to port 1433	2019-12-31 08:51:57
119.139.199.173	attackspam	Aug 16 21:10:31 tdfoods sshd\[3976\]: Invalid user aok from 119.139.199.173 Aug 16 21:10:31 tdfoods sshd\[3976\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.139.199.173 Aug 16 21:10:33 tdfoods sshd\[3976\]: Failed password for invalid user aok from 119.139.199.173 port 51018 ssh2 Aug 16 21:17:45 tdfoods sshd\[4615\]: Invalid user kafka from 119.139.199.173 Aug 16 21:17:45 tdfoods sshd\[4615\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.139.199.173	2019-08-17 21:51:50

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 119.139.199.169
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44971
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;119.139.199.169.		IN	A

;; AUTHORITY SECTION:
.			600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020041602 1800 900 604800 86400

;; Query time: 107 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Apr 17 22:33:16 CST 2020
;; MSG SIZE  rcvd: 119

Host info

Host 169.199.139.119.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 169.199.139.119.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
54.37.139.198	attack	Aug 29 02:22:11 hcbbdb sshd\[16994\]: Invalid user user from 54.37.139.198 Aug 29 02:22:11 hcbbdb sshd\[16994\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.ip-54-37-139.eu Aug 29 02:22:13 hcbbdb sshd\[16994\]: Failed password for invalid user user from 54.37.139.198 port 55156 ssh2 Aug 29 02:26:33 hcbbdb sshd\[17466\]: Invalid user davids from 54.37.139.198 Aug 29 02:26:33 hcbbdb sshd\[17466\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.ip-54-37-139.eu	2019-08-29 10:29:03
84.63.209.212	attack	Aug 29 05:12:38 yabzik sshd[15350]: Failed password for root from 84.63.209.212 port 39982 ssh2 Aug 29 05:21:52 yabzik sshd[18410]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=84.63.209.212 Aug 29 05:21:54 yabzik sshd[18410]: Failed password for invalid user ftp_id from 84.63.209.212 port 34191 ssh2	2019-08-29 10:28:40
198.20.87.98	attackspam	13/tcp 9042/tcp 4786/tcp... [2019-06-28/08-28]283pkt,156pt.(tcp),26pt.(udp)	2019-08-29 10:25:18
14.6.200.22	attackspam	Aug 28 21:28:03 aat-srv002 sshd[1594]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.6.200.22 Aug 28 21:28:05 aat-srv002 sshd[1594]: Failed password for invalid user vivian from 14.6.200.22 port 57082 ssh2 Aug 28 21:33:21 aat-srv002 sshd[1752]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.6.200.22 Aug 28 21:33:22 aat-srv002 sshd[1752]: Failed password for invalid user ssms from 14.6.200.22 port 46522 ssh2 ...	2019-08-29 10:56:55
64.53.14.211	attackbots	Aug 29 01:47:22 legacy sshd[20474]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=64.53.14.211 Aug 29 01:47:24 legacy sshd[20474]: Failed password for invalid user bathory from 64.53.14.211 port 47742 ssh2 Aug 29 01:51:19 legacy sshd[20562]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=64.53.14.211 ...	2019-08-29 10:43:51
37.224.46.130	attackbots	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-08-28 22:16:18,559 INFO [amun_request_handler] PortScan Detected on Port: 445 (37.224.46.130)	2019-08-29 10:53:50
198.50.138.230	attack	SSH Brute-Force reported by Fail2Ban	2019-08-29 10:41:25
80.211.133.238	attackbotsspam	Aug 28 16:02:39 hiderm sshd\[22314\]: Invalid user ircd from 80.211.133.238 Aug 28 16:02:39 hiderm sshd\[22314\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=cultadv.cloud Aug 28 16:02:41 hiderm sshd\[22314\]: Failed password for invalid user ircd from 80.211.133.238 port 56890 ssh2 Aug 28 16:06:41 hiderm sshd\[22688\]: Invalid user test from 80.211.133.238 Aug 28 16:06:41 hiderm sshd\[22688\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=cultadv.cloud	2019-08-29 10:19:43
144.217.165.133	attackbotsspam	2019-08-12T15:15:26.732295wiz-ks3 sshd[29863]: Invalid user user1 from 144.217.165.133 port 33792 2019-08-12T15:15:26.734358wiz-ks3 sshd[29863]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=133.ip-144-217-165.net 2019-08-12T15:15:26.732295wiz-ks3 sshd[29863]: Invalid user user1 from 144.217.165.133 port 33792 2019-08-12T15:15:29.101047wiz-ks3 sshd[29863]: Failed password for invalid user user1 from 144.217.165.133 port 33792 ssh2 2019-08-12T15:15:31.487858wiz-ks3 sshd[29865]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=133.ip-144-217-165.net user=sshd 2019-08-12T15:15:33.206216wiz-ks3 sshd[29865]: Failed password for sshd from 144.217.165.133 port 35734 ssh2 2019-08-12T15:44:33.972030wiz-ks3 sshd[30533]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=133.ip-144-217-165.net user=root 2019-08-12T15:44:35.836912wiz-ks3 sshd[30533]: Failed password for root from 144.217.165.133 port 46	2019-08-29 10:54:28
27.104.24.1	attack	Aug 28 23:51:18 MK-Soft-VM7 sshd\[9282\]: Invalid user admin from 27.104.24.1 port 52580 Aug 28 23:51:18 MK-Soft-VM7 sshd\[9282\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.104.24.1 Aug 28 23:51:20 MK-Soft-VM7 sshd\[9282\]: Failed password for invalid user admin from 27.104.24.1 port 52580 ssh2 ...	2019-08-29 10:46:04
114.118.91.64	attackspam	Aug 29 01:51:18 ubuntu-2gb-nbg1-dc3-1 sshd[22978]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.118.91.64 Aug 29 01:51:20 ubuntu-2gb-nbg1-dc3-1 sshd[22978]: Failed password for invalid user new from 114.118.91.64 port 37970 ssh2 ...	2019-08-29 10:47:47
178.70.24.228	attack	2019-08-29T01:42:42.018211ldap.arvenenaske.de sshd[16345]: Connection from 178.70.24.228 port 42110 on 5.199.128.55 port 22 2019-08-29T01:42:42.504383ldap.arvenenaske.de sshd[16345]: Invalid user admin from 178.70.24.228 port 42110 2019-08-29T01:42:42.510369ldap.arvenenaske.de sshd[16345]: pam_sss(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.70.24.228 user=admin 2019-08-29T01:42:42.511889ldap.arvenenaske.de sshd[16345]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.70.24.228 2019-08-29T01:42:42.018211ldap.arvenenaske.de sshd[16345]: Connection from 178.70.24.228 port 42110 on 5.199.128.55 port 22 2019-08-29T01:42:42.504383ldap.arvenenaske.de sshd[16345]: Invalid user admin from 178.70.24.228 port 42110 2019-08-29T01:42:44.423373ldap.arvenenaske.de sshd[16345]: Failed password for invalid user admin from 178.70.24.228 port 42110 ssh2 2019-08-29T01:42:44.676391ldap.arvenenaske.de sshd[16345........ ------------------------------	2019-08-29 10:39:18
51.68.173.108	attackspambots	SSH Brute-Force reported by Fail2Ban	2019-08-29 10:33:36
106.12.222.40	attackbots	2019-08-28T23:51:10.264845abusebot-2.cloudsearch.cf sshd\[29755\]: Invalid user oracle from 106.12.222.40 port 38152	2019-08-29 10:52:36
101.88.85.25	attackspambots	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-08-28 22:23:39,861 INFO [amun_request_handler] PortScan Detected on Port: 445 (101.88.85.25)	2019-08-29 10:14:20

Recently Reported IPs

171.124.210.114	189.170.5.157	185.253.235.226	192.241.237.74
91.238.89.18	89.203.13.6	175.173.100.43	193.112.165.134
191.34.233.183	167.71.175.69	113.161.53.147	49.235.149.108
32.243.75.16	55.69.218.158	57.49.163.238	183.91.158.139
128.232.46.188	49.48.131.36	82.129.223.90	227.43.33.203