139.198.18.131

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
139.198.18.230	attack	detected by Fail2Ban	2020-10-08 00:16:11
139.198.18.230	attackbots	SSH login attempts.	2020-10-07 16:22:32
139.198.18.230	attackbots	(sshd) Failed SSH login from 139.198.18.230 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 24 06:41:30 server4 sshd[13072]: Invalid user tim from 139.198.18.230 Sep 24 06:41:30 server4 sshd[13072]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.18.230 Sep 24 06:41:33 server4 sshd[13072]: Failed password for invalid user tim from 139.198.18.230 port 50130 ssh2 Sep 24 06:59:25 server4 sshd[23314]: Invalid user jy from 139.198.18.230 Sep 24 06:59:25 server4 sshd[23314]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.18.230	2020-09-24 21:42:18
139.198.18.230	attack	Sep 23 21:52:44 firewall sshd[12823]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.18.230 Sep 23 21:52:44 firewall sshd[12823]: Invalid user neeraj from 139.198.18.230 Sep 23 21:52:47 firewall sshd[12823]: Failed password for invalid user neeraj from 139.198.18.230 port 43268 ssh2 ...	2020-09-24 13:36:09
139.198.18.230	attackspam	Sep 23 20:56:21 ns3033917 sshd[15917]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.18.230 Sep 23 20:56:20 ns3033917 sshd[15917]: Invalid user mailtest from 139.198.18.230 port 45582 Sep 23 20:56:23 ns3033917 sshd[15917]: Failed password for invalid user mailtest from 139.198.18.230 port 45582 ssh2 ...	2020-09-24 05:04:39
139.198.18.231	attack	Sep 20 18:28:30 pve1 sshd[21721]: Failed password for root from 139.198.18.231 port 56634 ssh2 ...	2020-09-21 00:50:02
139.198.18.231	attackspam	Sep 19 18:54:27 vserver sshd\[3145\]: Failed password for root from 139.198.18.231 port 55866 ssh2Sep 19 18:57:19 vserver sshd\[3164\]: Failed password for root from 139.198.18.231 port 60070 ssh2Sep 19 19:00:12 vserver sshd\[3179\]: Invalid user hmsftp from 139.198.18.231Sep 19 19:00:14 vserver sshd\[3179\]: Failed password for invalid user hmsftp from 139.198.18.231 port 36042 ssh2 ...	2020-09-20 02:33:09
139.198.18.231	attackspambots	DATE:2020-09-19 11:54:25, IP:139.198.18.231, PORT:ssh SSH brute force auth (docker-dc)	2020-09-19 18:28:32
139.198.18.230	attackbots	Sep 10 16:42:53 h2829583 sshd[24490]: Failed password for root from 139.198.18.230 port 37335 ssh2	2020-09-11 01:38:30
139.198.18.230	attackbots	Sep 10 08:22:01 hidden sshd[48972]: Failed password for hidden from 139.198.18.230 port 37655 ssh2 Sep 10 08:24:38 hidden sshd[49027]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.18.230 user=root Sep 10 08:24:40 hidden sshd[49027]: Failed password for hidden from 139.198.18.230 port 52577 ssh2	2020-09-10 16:58:47
139.198.18.230	attack	Sep 9 20:43:59 eventyay sshd[3291]: Failed password for root from 139.198.18.230 port 47806 ssh2 Sep 9 20:48:13 eventyay sshd[3670]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.18.230 Sep 9 20:48:15 eventyay sshd[3670]: Failed password for invalid user zxin from 139.198.18.230 port 47129 ssh2 ...	2020-09-10 07:32:58
139.198.18.230	attackspam	Invalid user benny from 139.198.18.230 port 35266	2020-08-22 07:06:07
139.198.18.230	attackbots	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-07-31T12:03:21Z and 2020-07-31T12:08:54Z	2020-07-31 22:26:15
139.198.18.230	attackbots	Jul 27 17:32:22 vps-51d81928 sshd[212070]: Invalid user songyy from 139.198.18.230 port 42677 Jul 27 17:32:22 vps-51d81928 sshd[212070]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.18.230 Jul 27 17:32:22 vps-51d81928 sshd[212070]: Invalid user songyy from 139.198.18.230 port 42677 Jul 27 17:32:24 vps-51d81928 sshd[212070]: Failed password for invalid user songyy from 139.198.18.230 port 42677 ssh2 Jul 27 17:37:00 vps-51d81928 sshd[212101]: Invalid user wrchang from 139.198.18.230 port 44043 ...	2020-07-28 01:58:30
139.198.18.184	attackbotsspam	Invalid user lanto from 139.198.18.184 port 51923	2020-07-19 03:29:48

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.198.18.131
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 19042
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;139.198.18.131.			IN	A

;; AUTHORITY SECTION:
.			600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022091500 1800 900 604800 86400

;; Query time: 169 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Sep 15 13:45:19 CST 2022
;; MSG SIZE  rcvd: 107

Host info

Host 131.18.198.139.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 131.18.198.139.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
51.15.197.4	attack	Jul 13 13:04:45 hosting sshd[25502]: Invalid user sci from 51.15.197.4 port 33980 Jul 13 13:04:45 hosting sshd[25502]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.15.197.4 Jul 13 13:04:45 hosting sshd[25502]: Invalid user sci from 51.15.197.4 port 33980 Jul 13 13:04:47 hosting sshd[25502]: Failed password for invalid user sci from 51.15.197.4 port 33980 ssh2 Jul 13 13:20:28 hosting sshd[27665]: Invalid user adey from 51.15.197.4 port 34460 ...	2020-07-13 18:57:49
49.235.244.115	attackspam	20 attempts against mh-ssh on echoip	2020-07-13 18:41:28
54.37.136.87	attackbots	Jul 13 04:14:13 XXX sshd[1523]: Invalid user sftpuser from 54.37.136.87 port 53136	2020-07-13 18:45:03
186.224.238.253	attackbots	2020-07-13T10:48:56.839885hostname sshd[127355]: Invalid user ariel from 186.224.238.253 port 58432 ...	2020-07-13 18:29:14
209.141.47.92	attackbotsspam	Jul 13 11:52:14 rocket sshd[21512]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=209.141.47.92 Jul 13 11:52:16 rocket sshd[21512]: Failed password for invalid user postgres from 209.141.47.92 port 46108 ssh2 ...	2020-07-13 18:58:12
178.128.123.111	attackspam	Jul 12 23:59:11 george sshd[18790]: Failed password for invalid user bkup from 178.128.123.111 port 49312 ssh2 Jul 13 00:02:34 george sshd[18946]: Invalid user dalila from 178.128.123.111 port 44150 Jul 13 00:02:34 george sshd[18946]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.123.111 Jul 13 00:02:35 george sshd[18946]: Failed password for invalid user dalila from 178.128.123.111 port 44150 ssh2 Jul 13 00:05:54 george sshd[18973]: Invalid user test from 178.128.123.111 port 38976 ...	2020-07-13 18:25:23
177.184.243.27	attackbotsspam	Brute forcing email accounts	2020-07-13 18:54:36
176.57.210.30	attackspambots	ft-1848-fussball.de 176.57.210.30 [13/Jul/2020:05:48:52 +0200] "POST /wp-login.php HTTP/1.1" 200 6234 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ft-1848-fussball.de 176.57.210.30 [13/Jul/2020:05:48:53 +0200] "POST /wp-login.php HTTP/1.1" 200 6200 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-07-13 18:36:30
103.28.84.55	attack	Dovecot Invalid User Login Attempt.	2020-07-13 18:40:21
106.54.14.42	attackbotsspam	Jul 13 08:12:05 home sshd[15712]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.14.42 Jul 13 08:12:07 home sshd[15712]: Failed password for invalid user upload from 106.54.14.42 port 32846 ssh2 Jul 13 08:13:43 home sshd[15857]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.14.42 ...	2020-07-13 18:51:01
169.255.148.18	attackspambots	Jul 13 10:31:58 vlre-nyc-1 sshd\[18524\]: Invalid user olimex from 169.255.148.18 Jul 13 10:31:58 vlre-nyc-1 sshd\[18524\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=169.255.148.18 Jul 13 10:32:00 vlre-nyc-1 sshd\[18524\]: Failed password for invalid user olimex from 169.255.148.18 port 40385 ssh2 Jul 13 10:36:07 vlre-nyc-1 sshd\[18641\]: Invalid user ron from 169.255.148.18 Jul 13 10:36:07 vlre-nyc-1 sshd\[18641\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=169.255.148.18 ...	2020-07-13 18:37:59
94.102.56.151	attackspambots	Port scanning [7 denied]	2020-07-13 18:27:15
186.209.217.4	attackbotsspam	20/7/12@23:48:15: FAIL: Alarm-Network address from=186.209.217.4 ...	2020-07-13 19:05:17
51.195.138.52	attackspambots	Jul 13 09:27:03 Invalid user user123 from 51.195.138.52 port 50274	2020-07-13 18:26:22
103.228.183.10	attack	Jul 13 00:27:38 php1 sshd\[22168\]: Invalid user kim from 103.228.183.10 Jul 13 00:27:38 php1 sshd\[22168\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.228.183.10 Jul 13 00:27:40 php1 sshd\[22168\]: Failed password for invalid user kim from 103.228.183.10 port 51162 ssh2 Jul 13 00:29:52 php1 sshd\[22323\]: Invalid user tss from 103.228.183.10 Jul 13 00:29:52 php1 sshd\[22323\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.228.183.10	2020-07-13 19:03:21

Recently Reported IPs

152.252.59.61	138.255.109.17	147.182.176.157	140.75.173.245
172.104.84.139	171.242.36.72	139.162.222.36	178.68.143.16
173.239.198.32	171.8.172.15	168.228.200.233	153.214.222.90
171.96.111.252	128.90.198.15	152.245.10.92	152.243.178.248
153.126.135.189	128.90.170.103	128.90.174.252	128.90.173.245