City: Beijing
Region: Beijing
Country: China
Internet Service Provider: Tencent Cloud Computing (Beijing) Co. Ltd.
Hostname: unknown
Organization: Shenzhen Tencent Computer Systems Company Limited
Usage Type: Data Center/Web Hosting/Transit
| Type | Details | Datetime |
|---|---|---|
| attackspam | 2020-02-26T02:58:39.452830shield sshd\[17911\]: Invalid user magda from 139.199.112.85 port 47870 2020-02-26T02:58:39.457308shield sshd\[17911\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.112.85 2020-02-26T02:58:40.685184shield sshd\[17911\]: Failed password for invalid user magda from 139.199.112.85 port 47870 ssh2 2020-02-26T03:02:20.107745shield sshd\[18494\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.112.85 user=root 2020-02-26T03:02:22.008133shield sshd\[18494\]: Failed password for root from 139.199.112.85 port 35760 ssh2 |
2020-02-26 11:04:42 |
| attackspambots | Feb 23 06:45:14 localhost sshd\[10040\]: Invalid user HTTP from 139.199.112.85 port 58878 Feb 23 06:45:14 localhost sshd\[10040\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.112.85 Feb 23 06:45:16 localhost sshd\[10040\]: Failed password for invalid user HTTP from 139.199.112.85 port 58878 ssh2 |
2020-02-23 13:50:47 |
| attackbots | Feb 18 01:23:50 MK-Soft-VM8 sshd[30053]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.112.85 Feb 18 01:23:52 MK-Soft-VM8 sshd[30053]: Failed password for invalid user monkey from 139.199.112.85 port 34720 ssh2 ... |
2020-02-18 09:25:42 |
| attack | Unauthorized connection attempt detected from IP address 139.199.112.85 to port 2220 [J] |
2020-01-31 09:32:29 |
| attack | Unauthorized connection attempt detected from IP address 139.199.112.85 to port 2220 [J] |
2020-01-23 14:19:57 |
| attackbots | Unauthorized connection attempt detected from IP address 139.199.112.85 to port 2220 [J] |
2020-01-19 01:02:36 |
| attack | Invalid user suratinah from 139.199.112.85 port 59786 |
2020-01-01 07:30:32 |
| attackspambots | Dec 30 21:32:32 web9 sshd\[6551\]: Invalid user ts3srv from 139.199.112.85 Dec 30 21:32:32 web9 sshd\[6551\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.112.85 Dec 30 21:32:34 web9 sshd\[6551\]: Failed password for invalid user ts3srv from 139.199.112.85 port 37822 ssh2 Dec 30 21:33:59 web9 sshd\[6744\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.112.85 user=root Dec 30 21:34:02 web9 sshd\[6744\]: Failed password for root from 139.199.112.85 port 46974 ssh2 |
2019-12-31 15:42:21 |
| attackspam | Aug 25 10:19:03 pornomens sshd\[32285\]: Invalid user server from 139.199.112.85 port 47538 Aug 25 10:19:03 pornomens sshd\[32285\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.112.85 Aug 25 10:19:05 pornomens sshd\[32285\]: Failed password for invalid user server from 139.199.112.85 port 47538 ssh2 ... |
2019-08-25 18:50:09 |
| attackspambots | Aug 19 21:30:21 SilenceServices sshd[7589]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.112.85 Aug 19 21:30:23 SilenceServices sshd[7589]: Failed password for invalid user tiny from 139.199.112.85 port 56990 ssh2 Aug 19 21:33:07 SilenceServices sshd[9233]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.112.85 |
2019-08-20 07:05:47 |
| attackbots | Jul 14 09:17:18 OPSO sshd\[19458\]: Invalid user tomcat1 from 139.199.112.85 port 42258 Jul 14 09:17:18 OPSO sshd\[19458\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.112.85 Jul 14 09:17:20 OPSO sshd\[19458\]: Failed password for invalid user tomcat1 from 139.199.112.85 port 42258 ssh2 Jul 14 09:21:22 OPSO sshd\[19955\]: Invalid user james from 139.199.112.85 port 49558 Jul 14 09:21:22 OPSO sshd\[19955\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.112.85 |
2019-07-14 15:24:32 |
| attackbotsspam | Jul 12 11:47:10 icinga sshd[1206]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.112.85 Jul 12 11:47:12 icinga sshd[1206]: Failed password for invalid user hp from 139.199.112.85 port 41806 ssh2 ... |
2019-07-12 18:20:11 |
| attackspambots | Jun 25 13:16:03 srv-4 sshd\[14903\]: Invalid user sysadmin from 139.199.112.85 Jun 25 13:16:03 srv-4 sshd\[14903\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.112.85 Jun 25 13:16:06 srv-4 sshd\[14903\]: Failed password for invalid user sysadmin from 139.199.112.85 port 41054 ssh2 ... |
2019-06-25 18:27:02 |
| IP | Type | Details | Datetime |
|---|---|---|---|
| 139.199.112.48 | attackspambots | Jul 9 19:18:15 localhost kernel: [13958488.835801] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=139.199.112.48 DST=[mungedIP2] LEN=60 TOS=0x08 PREC=0x00 TTL=42 ID=62521 DF PROTO=TCP SPT=42994 DPT=6379 WINDOW=29200 RES=0x00 SYN URGP=0 Jul 9 19:18:15 localhost kernel: [13958488.835834] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=139.199.112.48 DST=[mungedIP2] LEN=60 TOS=0x08 PREC=0x00 TTL=42 ID=62521 DF PROTO=TCP SPT=42994 DPT=6379 SEQ=1296604 ACK=0 WINDOW=29200 RES=0x00 SYN URGP=0 OPT (020405900402080A03BD3CE50000000001030307) Jul 9 19:18:15 localhost kernel: [13958489.075846] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=139.199.112.48 DST=[mungedIP2] LEN=60 TOS=0x00 PREC=0x00 TTL=42 ID=918 DF PROTO=TCP SPT=34260 DPT=7002 WINDOW=29200 RES=0x00 SYN URGP=0 Jul 9 19:18:15 localhost kernel: [13958489.075871] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08 |
2019-07-10 15:16:10 |
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.199.112.85
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 17135
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.199.112.85. IN A
;; AUTHORITY SECTION:
. 3600 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2019032900 1800 900 604800 86400
;; Query time: 3 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Fri Mar 29 19:46:31 +08 2019
;; MSG SIZE rcvd: 118
Host 85.112.199.139.in-addr.arpa. not found: 3(NXDOMAIN)
Server: 67.207.67.3
Address: 67.207.67.3#53
** server can't find 85.112.199.139.in-addr.arpa: NXDOMAIN
| IP | Type | Details | Datetime |
|---|---|---|---|
| 129.204.181.48 | attack | Invalid user btr from 129.204.181.48 port 58838 |
2020-04-03 14:05:44 |
| 172.105.201.117 | attackbots | 20/4/2@23:54:37: FAIL: Alarm-Telnet address from=172.105.201.117 ... |
2020-04-03 14:08:29 |
| 51.91.247.125 | attackspam | 04/03/2020-02:07:24.304428 51.91.247.125 Protocol: 6 ET CINS Active Threat Intelligence Poor Reputation IP group 52 |
2020-04-03 14:20:32 |
| 165.227.51.249 | attackspambots | Apr 3 07:21:28 nextcloud sshd\[21733\]: Invalid user zanron from 165.227.51.249 Apr 3 07:21:28 nextcloud sshd\[21733\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.51.249 Apr 3 07:21:31 nextcloud sshd\[21733\]: Failed password for invalid user zanron from 165.227.51.249 port 51546 ssh2 |
2020-04-03 14:16:51 |
| 106.13.34.196 | attackbots | $f2bV_matches |
2020-04-03 14:03:56 |
| 141.98.254.225 | attackbots | fail2ban |
2020-04-03 14:12:51 |
| 37.187.181.182 | attackspam | 2020-04-03T05:40:27.116181homeassistant sshd[13857]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.187.181.182 user=root 2020-04-03T05:40:29.376390homeassistant sshd[13857]: Failed password for root from 37.187.181.182 port 39856 ssh2 ... |
2020-04-03 13:47:30 |
| 163.172.158.205 | attack | Apr 3 07:41:30 srv206 sshd[24680]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=163.172.158.205 user=root Apr 3 07:41:31 srv206 sshd[24680]: Failed password for root from 163.172.158.205 port 44530 ssh2 ... |
2020-04-03 13:59:50 |
| 222.186.173.142 | attackbotsspam | Apr 3 06:00:47 ip-172-31-62-245 sshd\[29969\]: Failed password for root from 222.186.173.142 port 64838 ssh2\ Apr 3 06:08:16 ip-172-31-62-245 sshd\[30014\]: Failed password for root from 222.186.173.142 port 24798 ssh2\ Apr 3 06:08:19 ip-172-31-62-245 sshd\[30014\]: Failed password for root from 222.186.173.142 port 24798 ssh2\ Apr 3 06:08:22 ip-172-31-62-245 sshd\[30014\]: Failed password for root from 222.186.173.142 port 24798 ssh2\ Apr 3 06:08:25 ip-172-31-62-245 sshd\[30014\]: Failed password for root from 222.186.173.142 port 24798 ssh2\ |
2020-04-03 14:10:52 |
| 103.60.214.110 | attackspambots | $f2bV_matches |
2020-04-03 13:49:23 |
| 204.48.27.62 | attackbots | Apr 3 07:09:17 mout sshd[23663]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=204.48.27.62 user=root Apr 3 07:09:20 mout sshd[23663]: Failed password for root from 204.48.27.62 port 41926 ssh2 |
2020-04-03 14:12:10 |
| 84.45.251.243 | attackspam | Apr 3 05:09:12 web8 sshd\[22948\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=84.45.251.243 user=root Apr 3 05:09:14 web8 sshd\[22948\]: Failed password for root from 84.45.251.243 port 37676 ssh2 Apr 3 05:12:49 web8 sshd\[24959\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=84.45.251.243 user=root Apr 3 05:12:52 web8 sshd\[24959\]: Failed password for root from 84.45.251.243 port 47742 ssh2 Apr 3 05:16:35 web8 sshd\[26936\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=84.45.251.243 user=root |
2020-04-03 13:41:30 |
| 129.28.191.35 | attackspam | Apr 3 03:45:42 ws26vmsma01 sshd[184811]: Failed password for root from 129.28.191.35 port 56942 ssh2 ... |
2020-04-03 13:30:42 |
| 190.151.105.182 | attackbots | Apr 3 06:54:35 DAAP sshd[18556]: Invalid user vg from 190.151.105.182 port 59926 Apr 3 06:54:35 DAAP sshd[18556]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.151.105.182 Apr 3 06:54:35 DAAP sshd[18556]: Invalid user vg from 190.151.105.182 port 59926 Apr 3 06:54:37 DAAP sshd[18556]: Failed password for invalid user vg from 190.151.105.182 port 59926 ssh2 Apr 3 07:03:37 DAAP sshd[18669]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.151.105.182 user=root Apr 3 07:03:38 DAAP sshd[18669]: Failed password for root from 190.151.105.182 port 42582 ssh2 ... |
2020-04-03 14:13:48 |
| 200.73.238.250 | attackbots | Apr 3 05:06:56 web8 sshd\[21811\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.73.238.250 user=root Apr 3 05:06:58 web8 sshd\[21811\]: Failed password for root from 200.73.238.250 port 43498 ssh2 Apr 3 05:11:43 web8 sshd\[24242\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.73.238.250 user=root Apr 3 05:11:45 web8 sshd\[24242\]: Failed password for root from 200.73.238.250 port 54460 ssh2 Apr 3 05:16:32 web8 sshd\[26923\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.73.238.250 user=root |
2020-04-03 13:34:38 |