139.199.115.249

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: V6Yun (Beijing) Network Co. Ltd

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Mar 16 16:52:11 v22018076622670303 sshd\[30228\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.115.249 user=root Mar 16 16:52:13 v22018076622670303 sshd\[30228\]: Failed password for root from 139.199.115.249 port 42760 ssh2 Mar 16 17:01:24 v22018076622670303 sshd\[30291\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.115.249 user=www-data ...	2020-03-17 04:19:28
attackspam	Brute force SMTP login attempted. ...	2019-08-10 01:50:09

Type

Details

Datetime

attackspambots

Mar 16 16:52:11 v22018076622670303 sshd\[30228\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.115.249  user=root
Mar 16 16:52:13 v22018076622670303 sshd\[30228\]: Failed password for root from 139.199.115.249 port 42760 ssh2
Mar 16 17:01:24 v22018076622670303 sshd\[30291\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.115.249  user=www-data
...

2020-03-17 04:19:28

attackspam

Brute force SMTP login attempted.
...

2019-08-10 01:50:09

Comments on same subnet:

IP	Type	Details	Datetime
139.199.115.210	attackbotsspam	Sep 26 19:56:29 vmd17057 sshd[17985]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.115.210 Sep 26 19:56:31 vmd17057 sshd[17985]: Failed password for invalid user student3 from 139.199.115.210 port 58668 ssh2 ...	2020-09-27 04:36:20
139.199.115.210	attackspambots	Invalid user gzw from 139.199.115.210 port 27202	2020-09-26 20:44:00
139.199.115.210	attackspambots	Invalid user daniel from 139.199.115.210 port 55740	2020-09-26 12:27:08
139.199.115.210	attackbots	Aug 4 05:53:20 sso sshd[28412]: Failed password for root from 139.199.115.210 port 25313 ssh2 ...	2020-08-04 12:17:47
139.199.115.210	attackbotsspam	2020-07-27T13:10:52.980754+02:00 sshd[22882]: Failed password for invalid user vx from 139.199.115.210 port 32972 ssh2	2020-07-27 19:26:38
139.199.115.210	attackspam	Exploited Host.	2020-07-26 02:26:38
139.199.115.210	attackbotsspam	$f2bV_matches	2020-06-22 14:26:27
139.199.115.133	attack	21 attempts against mh-ssh on echoip	2020-06-20 02:47:15
139.199.115.133	attack	Jun 17 22:53:12 srv-ubuntu-dev3 sshd[23057]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.115.133 user=root Jun 17 22:53:14 srv-ubuntu-dev3 sshd[23057]: Failed password for root from 139.199.115.133 port 35540 ssh2 Jun 17 22:57:34 srv-ubuntu-dev3 sshd[23670]: Invalid user xiao from 139.199.115.133 Jun 17 22:57:34 srv-ubuntu-dev3 sshd[23670]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.115.133 Jun 17 22:57:34 srv-ubuntu-dev3 sshd[23670]: Invalid user xiao from 139.199.115.133 Jun 17 22:57:36 srv-ubuntu-dev3 sshd[23670]: Failed password for invalid user xiao from 139.199.115.133 port 59238 ssh2 Jun 17 23:02:04 srv-ubuntu-dev3 sshd[24499]: Invalid user istian from 139.199.115.133 Jun 17 23:02:04 srv-ubuntu-dev3 sshd[24499]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.115.133 Jun 17 23:02:04 srv-ubuntu-dev3 sshd[24499]: Invalid user ist ...	2020-06-18 05:11:06
139.199.115.210	attackspambots	$f2bV_matches	2020-06-17 20:14:17
139.199.115.133	attack	2020-06-16T17:32:16.312353afi-git.jinr.ru sshd[20909]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.115.133 2020-06-16T17:32:16.309184afi-git.jinr.ru sshd[20909]: Invalid user spring from 139.199.115.133 port 33734 2020-06-16T17:32:18.713747afi-git.jinr.ru sshd[20909]: Failed password for invalid user spring from 139.199.115.133 port 33734 ssh2 2020-06-16T17:34:06.620368afi-git.jinr.ru sshd[21284]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.115.133 user=root 2020-06-16T17:34:08.790668afi-git.jinr.ru sshd[21284]: Failed password for root from 139.199.115.133 port 52298 ssh2 ...	2020-06-16 22:44:28
139.199.115.133	attackspam	Jun 14 01:16:54 pi sshd[8749]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.115.133 Jun 14 01:16:56 pi sshd[8749]: Failed password for invalid user wei1 from 139.199.115.133 port 52286 ssh2	2020-06-14 16:35:29
139.199.115.133	attackspambots	Jun 10 13:57:22 lukav-desktop sshd\[31841\]: Invalid user vomocil from 139.199.115.133 Jun 10 13:57:22 lukav-desktop sshd\[31841\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.115.133 Jun 10 13:57:23 lukav-desktop sshd\[31841\]: Failed password for invalid user vomocil from 139.199.115.133 port 39772 ssh2 Jun 10 14:01:57 lukav-desktop sshd\[31919\]: Invalid user iizuka from 139.199.115.133 Jun 10 14:01:57 lukav-desktop sshd\[31919\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.115.133	2020-06-10 20:15:25
139.199.115.210	attackspam	Failed password for invalid user justify from 139.199.115.210 port 24670 ssh2	2020-06-10 19:15:35
139.199.115.210	attackspambots	Jun 3 06:28:29 roki-contabo sshd\[23560\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.115.210 user=root Jun 3 06:28:30 roki-contabo sshd\[23560\]: Failed password for root from 139.199.115.210 port 26968 ssh2 Jun 3 06:47:34 roki-contabo sshd\[23821\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.115.210 user=root Jun 3 06:47:36 roki-contabo sshd\[23821\]: Failed password for root from 139.199.115.210 port 21629 ssh2 Jun 3 06:51:58 roki-contabo sshd\[23874\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.115.210 user=root ...	2020-06-03 13:43:17

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.199.115.249
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 49950
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.199.115.249.		IN	A

;; AUTHORITY SECTION:
.			3514	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019050801 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Thu May 09 03:12:24 +08 2019
;; MSG SIZE  rcvd: 119

Host info

Host 249.115.199.139.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 249.115.199.139.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
193.31.24.113	attackspam	10/25/2019-12:20:15.356330 193.31.24.113 Protocol: 6 SURICATA TLS invalid record/traffic	2019-10-25 18:28:45
122.54.254.11	attack	Chat Spam	2019-10-25 18:12:10
195.123.242.210	attackspam	Unauthorised access (Oct 25) SRC=195.123.242.210 LEN=40 TTL=237 ID=39027 TCP DPT=1433 WINDOW=1024 SYN	2019-10-25 18:27:22
49.88.112.114	attackbotsspam	Oct 25 12:18:26 rotator sshd\[30855\]: Failed password for root from 49.88.112.114 port 58774 ssh2Oct 25 12:18:28 rotator sshd\[30855\]: Failed password for root from 49.88.112.114 port 58774 ssh2Oct 25 12:18:30 rotator sshd\[30855\]: Failed password for root from 49.88.112.114 port 58774 ssh2Oct 25 12:19:13 rotator sshd\[30862\]: Failed password for root from 49.88.112.114 port 59182 ssh2Oct 25 12:19:15 rotator sshd\[30862\]: Failed password for root from 49.88.112.114 port 59182 ssh2Oct 25 12:19:17 rotator sshd\[30862\]: Failed password for root from 49.88.112.114 port 59182 ssh2 ...	2019-10-25 18:21:36
5.249.145.245	attackbots	Oct 24 19:12:50 auw2 sshd\[4243\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.249.145.245 user=root Oct 24 19:12:52 auw2 sshd\[4243\]: Failed password for root from 5.249.145.245 port 46847 ssh2 Oct 24 19:17:01 auw2 sshd\[4581\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.249.145.245 user=root Oct 24 19:17:03 auw2 sshd\[4581\]: Failed password for root from 5.249.145.245 port 37414 ssh2 Oct 24 19:21:17 auw2 sshd\[4947\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.249.145.245 user=root	2019-10-25 18:08:05
132.232.101.100	attackbots	Oct 25 08:20:32 mail sshd[9190]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.101.100 Oct 25 08:20:34 mail sshd[9190]: Failed password for invalid user 123321 from 132.232.101.100 port 48146 ssh2 Oct 25 08:25:35 mail sshd[10928]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.101.100	2019-10-25 18:16:45
223.247.213.245	attack	Oct 25 05:21:28 h2022099 sshd[16694]: Invalid user ventass from 223.247.213.245 Oct 25 05:21:28 h2022099 sshd[16694]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.247.213.245 Oct 25 05:21:30 h2022099 sshd[16694]: Failed password for invalid user ventass from 223.247.213.245 port 59856 ssh2 Oct 25 05:21:30 h2022099 sshd[16694]: Received disconnect from 223.247.213.245: 11: Bye Bye [preauth] Oct 25 05:26:48 h2022099 sshd[17451]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.247.213.245 user=r.r Oct 25 05:26:49 h2022099 sshd[17451]: Failed password for r.r from 223.247.213.245 port 43030 ssh2 Oct 25 05:26:49 h2022099 sshd[17451]: Received disconnect from 223.247.213.245: 11: Bye Bye [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=223.247.213.245	2019-10-25 18:05:00
123.31.47.20	attack	Fail2Ban - SSH Bruteforce Attempt	2019-10-25 18:41:04
68.183.124.53	attackspam	Invalid user qy from 68.183.124.53 port 55138	2019-10-25 18:35:01
49.88.112.115	attackspam	SSH invalid-user multiple login attempts	2019-10-25 18:30:14
51.158.104.58	attackbotsspam	Oct 24 15:57:10 server sshd\[18963\]: Invalid user remnux from 51.158.104.58 Oct 24 15:57:10 server sshd\[18963\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.158.104.58 Oct 24 15:57:12 server sshd\[18963\]: Failed password for invalid user remnux from 51.158.104.58 port 40122 ssh2 Oct 25 06:48:47 server sshd\[31772\]: Invalid user artur from 51.158.104.58 Oct 25 06:48:47 server sshd\[31772\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.158.104.58 ...	2019-10-25 18:05:45
81.0.34.218	attack	2019-10-21 x@x 2019-10-21 15:31:32 unexpected disconnection while reading SMTP command from (static.218.34.0.81.ibercom.com) [81.0.34.218]:6886 I=[10.100.18.22]:25 (error: Connection reset by peer) 2019-10-21 x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=81.0.34.218	2019-10-25 18:42:09
162.244.80.228	attack	Port Scan: UDP/1900	2019-10-25 18:37:51
223.202.201.210	attackbots	Invalid user esearch from 223.202.201.210 port 60831	2019-10-25 18:31:45
218.111.88.185	attackbots	Oct 25 05:47:56 plusreed sshd[14310]: Invalid user 1a2s3d4 from 218.111.88.185 ...	2019-10-25 18:23:05

Recently Reported IPs

80.84.57.95	100.8.79.230	61.189.43.58	80.127.116.96
199.249.230.109	185.53.88.121	80.84.57.111	185.107.47.171
134.209.11.199	180.76.53.12	109.201.96.171	115.84.91.13
178.62.6.115	222.79.184.36	174.123.26.164	78.187.78.193
137.118.108.10	103.254.71.92	89.68.225.6	190.255.222.2