139.170.149.161

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: China Unicom Qinghai Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	$f2bV_matches	2020-01-12 00:27:37
attackbotsspam	Dec 21 16:31:12 linuxvps sshd\[17934\]: Invalid user dw from 139.170.149.161 Dec 21 16:31:12 linuxvps sshd\[17934\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.170.149.161 Dec 21 16:31:13 linuxvps sshd\[17934\]: Failed password for invalid user dw from 139.170.149.161 port 53760 ssh2 Dec 21 16:37:18 linuxvps sshd\[22129\]: Invalid user cos from 139.170.149.161 Dec 21 16:37:18 linuxvps sshd\[22129\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.170.149.161	2019-12-22 06:48:47
attack	Invalid user ruckober from 139.170.149.161 port 43136	2019-12-14 05:06:43
attack	Dec 4 13:56:43 ncomp sshd[18668]: Invalid user marcia from 139.170.149.161 Dec 4 13:56:43 ncomp sshd[18668]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.170.149.161 Dec 4 13:56:43 ncomp sshd[18668]: Invalid user marcia from 139.170.149.161 Dec 4 13:56:45 ncomp sshd[18668]: Failed password for invalid user marcia from 139.170.149.161 port 36368 ssh2	2019-12-04 22:17:48
attack	Dec 3 19:41:39 php1 sshd\[27124\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.170.149.161 user=root Dec 3 19:41:41 php1 sshd\[27124\]: Failed password for root from 139.170.149.161 port 33826 ssh2 Dec 3 19:50:39 php1 sshd\[28398\]: Invalid user confrm from 139.170.149.161 Dec 3 19:50:39 php1 sshd\[28398\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.170.149.161 Dec 3 19:50:41 php1 sshd\[28398\]: Failed password for invalid user confrm from 139.170.149.161 port 43164 ssh2	2019-12-04 13:56:28
attackbots	Dec 1 07:19:41 server sshd\[12413\]: Invalid user Miia from 139.170.149.161 port 47924 Dec 1 07:19:41 server sshd\[12413\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.170.149.161 Dec 1 07:19:43 server sshd\[12413\]: Failed password for invalid user Miia from 139.170.149.161 port 47924 ssh2 Dec 1 07:24:29 server sshd\[8769\]: Invalid user xo from 139.170.149.161 port 54266 Dec 1 07:24:29 server sshd\[8769\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.170.149.161	2019-12-01 13:26:18
attackspam	Nov 23 09:09:58 server sshd\[6649\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.170.149.161 user=root Nov 23 09:10:01 server sshd\[6649\]: Failed password for root from 139.170.149.161 port 55474 ssh2 Nov 23 09:21:58 server sshd\[9926\]: Invalid user administrator from 139.170.149.161 Nov 23 09:21:58 server sshd\[9926\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.170.149.161 Nov 23 09:22:00 server sshd\[9926\]: Failed password for invalid user administrator from 139.170.149.161 port 46780 ssh2 ...	2019-11-23 19:52:00
attackbotsspam	Nov 16 04:54:17 v22018086721571380 sshd[7269]: Failed password for invalid user shara from 139.170.149.161 port 50200 ssh2 Nov 16 05:56:08 v22018086721571380 sshd[9349]: Failed password for invalid user ching from 139.170.149.161 port 58654 ssh2	2019-11-16 13:25:19
attack	Nov 9 23:07:32 gw1 sshd[20640]: Failed password for root from 139.170.149.161 port 36126 ssh2 ...	2019-11-10 02:22:25
attackspam	Oct 25 19:46:49 markkoudstaal sshd[6675]: Failed password for root from 139.170.149.161 port 53682 ssh2 Oct 25 19:51:42 markkoudstaal sshd[7130]: Failed password for root from 139.170.149.161 port 60854 ssh2	2019-10-26 02:08:59
attackspam	Oct 25 07:56:30 MK-Soft-VM6 sshd[10090]: Failed password for root from 139.170.149.161 port 34792 ssh2 ...	2019-10-25 18:27:43
attackspam	2019-09-27 12:27:12,064 fail2ban.actions [818]: NOTICE [sshd] Ban 139.170.149.161 2019-09-27 15:33:05,044 fail2ban.actions [818]: NOTICE [sshd] Ban 139.170.149.161 2019-09-27 18:42:03,300 fail2ban.actions [818]: NOTICE [sshd] Ban 139.170.149.161 ...	2019-10-19 01:32:56
attackspambots	Oct 18 09:27:23 areeb-Workstation sshd[22093]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.170.149.161 Oct 18 09:27:25 areeb-Workstation sshd[22093]: Failed password for invalid user admin from 139.170.149.161 port 57066 ssh2 ...	2019-10-18 12:08:56
attack	Oct 17 19:18:43 areeb-Workstation sshd[19441]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.170.149.161 Oct 17 19:18:45 areeb-Workstation sshd[19441]: Failed password for invalid user ahojky from 139.170.149.161 port 58418 ssh2 ...	2019-10-17 23:58:50
attack	$f2bV_matches	2019-10-16 08:29:36
attack	Oct 3 21:11:05 web9 sshd\[17134\]: Invalid user Aa@1234567 from 139.170.149.161 Oct 3 21:11:05 web9 sshd\[17134\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.170.149.161 Oct 3 21:11:07 web9 sshd\[17134\]: Failed password for invalid user Aa@1234567 from 139.170.149.161 port 46166 ssh2 Oct 3 21:16:14 web9 sshd\[17774\]: Invalid user Konfiguration from 139.170.149.161 Oct 3 21:16:14 web9 sshd\[17774\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.170.149.161	2019-10-04 18:02:25
attackspam	SSH invalid-user multiple login try	2019-10-03 16:40:45
attackspam	F2B jail: sshd. Time: 2019-10-01 23:54:13, Reported by: VKReport	2019-10-02 07:03:43
attack	Sep 26 06:52:45 mail1 sshd\[5340\]: Invalid user ventas from 139.170.149.161 port 36874 Sep 26 06:52:45 mail1 sshd\[5340\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.170.149.161 Sep 26 06:52:47 mail1 sshd\[5340\]: Failed password for invalid user ventas from 139.170.149.161 port 36874 ssh2 Sep 26 07:11:43 mail1 sshd\[13984\]: Invalid user plex from 139.170.149.161 port 56860 Sep 26 07:11:43 mail1 sshd\[13984\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.170.149.161 ...	2019-09-26 13:14:50
attackbotsspam	Sep 25 13:52:01 kapalua sshd\[28609\]: Invalid user nk from 139.170.149.161 Sep 25 13:52:01 kapalua sshd\[28609\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.170.149.161 Sep 25 13:52:03 kapalua sshd\[28609\]: Failed password for invalid user nk from 139.170.149.161 port 58382 ssh2 Sep 25 13:57:08 kapalua sshd\[28990\]: Invalid user ncs from 139.170.149.161 Sep 25 13:57:08 kapalua sshd\[28990\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.170.149.161	2019-09-26 07:57:51
attack	Sep 25 07:01:03 php1 sshd\[11182\]: Invalid user jy from 139.170.149.161 Sep 25 07:01:03 php1 sshd\[11182\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.170.149.161 Sep 25 07:01:05 php1 sshd\[11182\]: Failed password for invalid user jy from 139.170.149.161 port 58764 ssh2 Sep 25 07:06:52 php1 sshd\[11627\]: Invalid user service from 139.170.149.161 Sep 25 07:06:52 php1 sshd\[11627\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.170.149.161	2019-09-26 01:09:42
attackbotsspam	Sep 21 23:48:29 hcbbdb sshd\[15917\]: Invalid user ip from 139.170.149.161 Sep 21 23:48:29 hcbbdb sshd\[15917\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.170.149.161 Sep 21 23:48:32 hcbbdb sshd\[15917\]: Failed password for invalid user ip from 139.170.149.161 port 54752 ssh2 Sep 21 23:53:33 hcbbdb sshd\[16533\]: Invalid user rv from 139.170.149.161 Sep 21 23:53:33 hcbbdb sshd\[16533\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.170.149.161	2019-09-22 08:14:23
attack	2019-09-09T09:36:58.559294lon01.zurich-datacenter.net sshd\[21583\]: Invalid user qwe123 from 139.170.149.161 port 49106 2019-09-09T09:36:58.566360lon01.zurich-datacenter.net sshd\[21583\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.170.149.161 2019-09-09T09:37:00.689438lon01.zurich-datacenter.net sshd\[21583\]: Failed password for invalid user qwe123 from 139.170.149.161 port 49106 ssh2 2019-09-09T09:45:12.661401lon01.zurich-datacenter.net sshd\[21792\]: Invalid user ethos from 139.170.149.161 port 53742 2019-09-09T09:45:12.667100lon01.zurich-datacenter.net sshd\[21792\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.170.149.161 ...	2019-09-09 17:18:47
attackspambots	Aug 24 15:47:24 localhost sshd\[19725\]: Invalid user Jewel from 139.170.149.161 port 44796 Aug 24 15:47:24 localhost sshd\[19725\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.170.149.161 Aug 24 15:47:26 localhost sshd\[19725\]: Failed password for invalid user Jewel from 139.170.149.161 port 44796 ssh2	2019-08-25 04:50:07

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.170.149.161
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 62645
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.170.149.161.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019082001 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Aug 21 04:56:26 CST 2019
;; MSG SIZE  rcvd: 119

Host info

Host 161.149.170.139.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 161.149.170.139.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
200.98.73.50	attackbotsspam	Unauthorized connection attempt from IP address 200.98.73.50 on Port 445(SMB)	2019-12-26 06:36:05
46.242.61.139	attackspam	Unauthorized connection attempt from IP address 46.242.61.139 on Port 445(SMB)	2019-12-26 06:55:25
39.97.174.153	attackspambots	HTTP/80/443 Probe, BF, WP, Hack -	2019-12-26 06:51:13
222.255.129.45	attack	Unauthorized connection attempt from IP address 222.255.129.45 on Port 445(SMB)	2019-12-26 06:38:26
61.5.80.80	attackspambots	Unauthorized connection attempt from IP address 61.5.80.80 on Port 445(SMB)	2019-12-26 06:49:01
123.241.160.119	attack	port scan and connect, tcp 80 (http)	2019-12-26 06:53:29
200.194.12.102	attackspambots	Automatic report - Port Scan Attack	2019-12-26 06:48:33
178.124.161.75	attack	Dec 25 23:02:35 server sshd\[25067\]: Invalid user test from 178.124.161.75 Dec 25 23:02:35 server sshd\[25067\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.124.161.75 Dec 25 23:02:37 server sshd\[25067\]: Failed password for invalid user test from 178.124.161.75 port 60154 ssh2 Dec 25 23:07:45 server sshd\[26169\]: Invalid user backup from 178.124.161.75 Dec 25 23:07:45 server sshd\[26169\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.124.161.75 ...	2019-12-26 06:34:52
5.9.140.242	attackspambots	20 attempts against mh-misbehave-ban on leaf.magehost.pro	2019-12-26 07:02:37
103.82.235.2	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-12-26 06:56:48
88.247.108.120	attackbotsspam	Dec 25 23:56:07 sshd[18113]: Failed password for invalid user admin from 88.247.108.120 port 53278 ssh2	2019-12-26 07:09:52
92.244.36.89	attack	firewall-block, port(s): 23/tcp	2019-12-26 06:56:18
79.124.62.34	attack	Multiport scan : 17 ports scanned 3360 3362 3363 3365 3366 3367 3368 3370 3373 3374 3383 3385 3386 3388 3390 3393 3398	2019-12-26 06:49:48
106.51.3.214	attackspambots	SSH auth scanning - multiple failed logins	2019-12-26 06:37:19
177.185.240.209	attackspam	Honeypot attack, port: 445, PTR: PTR record not found	2019-12-26 06:57:19

Recently Reported IPs

195.52.204.19	96.211.251.117	186.251.253.53	222.222.49.34
105.143.93.208	67.247.33.174	115.211.12.23	176.110.134.2
45.82.34.86	117.102.176.226	37.222.206.132	144.175.242.158
106.52.169.209	246.195.93.116	90.220.22.179	99.14.180.236
5.250.33.85	169.163.28.52	70.246.107.186	90.1.169.155