139.196.189.71

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Aliyun Computing Co. Ltd

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Jun 27 22:44:03 host proftpd[25375]: 0.0.0.0 (139.196.189.71[139.196.189.71]) - USER anonymous: no such user found from 139.196.189.71 [139.196.189.71] to 163.172.107.87:21 ...	2020-06-28 08:09:40

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.196.189.71
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 17769
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.196.189.71.			IN	A

;; AUTHORITY SECTION:
.			327	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020062701 1800 900 604800 86400

;; Query time: 97 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jun 28 08:09:36 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 71.189.196.139.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 71.189.196.139.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
51.178.176.12	attackspam	" "	2020-10-06 12:29:30
112.85.42.190	attackbots	Oct 6 06:28:04 hidden sshd[43415]: Failed password for hidden from 112.85.42.190 port 64060 ssh2 Oct 6 06:28:07 hidden sshd[43415]: Failed password for hidden from 112.85.42.190 port 64060 ssh2 Oct 6 06:28:12 hidden sshd[43415]: Failed password for hidden from 112.85.42.190 port 64060 ssh2 Oct 6 06:28:17 hidden sshd[43415]: Failed password for hidden from 112.85.42.190 port 64060 ssh2 Oct 6 06:28:23 hidden sshd[43415]: Failed password for hidden from 112.85.42.190 port 64060 ssh2	2020-10-06 12:40:54
180.101.221.152	attackbots	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-10-05T21:11:46Z and 2020-10-05T21:18:51Z	2020-10-06 12:19:47
91.233.226.170	attack	Lines containing failures of 91.233.226.170 Oct 5 18:05:37 new sshd[17614]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.233.226.170 user=r.r Oct 5 18:05:39 new sshd[17614]: Failed password for r.r from 91.233.226.170 port 56944 ssh2 Oct 5 18:05:40 new sshd[17614]: Received disconnect from 91.233.226.170 port 56944:11: Bye Bye [preauth] Oct 5 18:05:40 new sshd[17614]: Disconnected from authenticating user r.r 91.233.226.170 port 56944 [preauth] Oct 5 18:19:05 new sshd[20888]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.233.226.170 user=r.r Oct 5 18:19:07 new sshd[20888]: Failed password for r.r from 91.233.226.170 port 43546 ssh2 Oct 5 18:19:08 new sshd[20888]: Received disconnect from 91.233.226.170 port 43546:11: Bye Bye [preauth] Oct 5 18:19:08 new sshd[20888]: Disconnected from authenticating user r.r 91.233.226.170 port 43546 [preauth] Oct 5 18:23:16 new sshd[2201........ ------------------------------	2020-10-06 12:31:21
186.154.234.165	attackspam	Unauthorised access (Oct 5) SRC=186.154.234.165 LEN=52 TTL=110 ID=21298 DF TCP DPT=445 WINDOW=8192 SYN	2020-10-06 12:42:19
119.45.6.9	attack	Lines containing failures of 119.45.6.9 Oct 6 01:54:30 rancher sshd[13573]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.6.9 user=r.r Oct 6 01:54:31 rancher sshd[13573]: Failed password for r.r from 119.45.6.9 port 51554 ssh2 Oct 6 01:54:31 rancher sshd[13573]: Received disconnect from 119.45.6.9 port 51554:11: Bye Bye [preauth] Oct 6 01:54:31 rancher sshd[13573]: Disconnected from authenticating user r.r 119.45.6.9 port 51554 [preauth] Oct 6 02:09:19 rancher sshd[13917]: Connection closed by 119.45.6.9 port 37736 [preauth] Oct 6 02:14:15 rancher sshd[13987]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.6.9 user=r.r Oct 6 02:14:17 rancher sshd[13987]: Failed password for r.r from 119.45.6.9 port 32978 ssh2 Oct 6 02:14:18 rancher sshd[13987]: Received disconnect from 119.45.6.9 port 32978:11: Bye Bye [preauth] Oct 6 02:14:18 rancher sshd[13987]: Disconnected from........ ------------------------------	2020-10-06 12:08:27
195.54.160.180	attackbotsspam	SSH-BruteForce	2020-10-06 12:25:46
177.107.68.26	attackspambots	Dovecot Invalid User Login Attempt.	2020-10-06 12:44:44
195.54.160.188	attackbots	Repeated RDP login failures. Last user: administrator	2020-10-06 12:37:45
187.189.52.132	attack	Oct 6 06:33:23 localhost sshd\[17830\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.189.52.132 user=root Oct 6 06:33:25 localhost sshd\[17830\]: Failed password for root from 187.189.52.132 port 50718 ssh2 Oct 6 06:37:18 localhost sshd\[18049\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.189.52.132 user=root Oct 6 06:37:20 localhost sshd\[18049\]: Failed password for root from 187.189.52.132 port 45564 ssh2 Oct 6 06:41:13 localhost sshd\[18302\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.189.52.132 user=root ...	2020-10-06 12:44:12
46.209.4.194	attackspambots	Oct 6 03:28:12 nextcloud sshd\[4037\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.209.4.194 user=root Oct 6 03:28:15 nextcloud sshd\[4037\]: Failed password for root from 46.209.4.194 port 37078 ssh2 Oct 6 03:32:31 nextcloud sshd\[7984\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.209.4.194 user=root	2020-10-06 12:19:25
218.92.0.168	attackbots	2020-10-06T06:10:20.927457vps773228.ovh.net sshd[13728]: Failed password for root from 218.92.0.168 port 59030 ssh2 2020-10-06T06:10:24.126284vps773228.ovh.net sshd[13728]: Failed password for root from 218.92.0.168 port 59030 ssh2 2020-10-06T06:10:27.071676vps773228.ovh.net sshd[13728]: Failed password for root from 218.92.0.168 port 59030 ssh2 2020-10-06T06:10:30.426990vps773228.ovh.net sshd[13728]: Failed password for root from 218.92.0.168 port 59030 ssh2 2020-10-06T06:10:32.861088vps773228.ovh.net sshd[13728]: Failed password for root from 218.92.0.168 port 59030 ssh2 ...	2020-10-06 12:10:42
216.172.128.122	attackbots	TCP (SYN) 216.172.128.122:60155 -> port 445, len 52	2020-10-06 12:17:46
125.69.68.125	attackspam	Brute-force attempt banned	2020-10-06 12:45:43
151.253.125.136	attackspam	Oct 6 06:17:56 vmd26974 sshd[927]: Failed password for root from 151.253.125.136 port 33132 ssh2 ...	2020-10-06 12:40:41

Recently Reported IPs

80.67.241.204	141.7.204.117	67.236.247.132	191.196.10.169
2.58.12.137	24.141.83.130	70.67.252.1	110.96.25.52
78.32.96.78	74.140.27.153	190.112.188.208	97.152.214.200
18.181.241.86	181.215.59.75	197.233.113.203	184.205.114.48
141.216.80.5	68.59.158.49	218.235.41.176	47.38.174.209