139.199.131.237

Basic Info

City: Beijing

Region: Beijing

Country: China

Internet Service Provider: V6Yun (Beijing) Network Co. Ltd

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
139.199.131.147	attack	scans once in preceeding hours on the ports (in chronological order) 6379 resulting in total of 1 scans from 139.199.0.0/16 block.	2020-05-22 01:20:27
139.199.131.245	attackbots	JP - 1H : (98) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : JP NAME ASN : ASN45090 IP : 139.199.131.245 CIDR : 139.199.128.0/21 PREFIX COUNT : 1788 UNIQUE IP COUNT : 2600192 WYKRYTE ATAKI Z ASN45090 : 1H - 4 3H - 7 6H - 15 12H - 24 24H - 62 INFO : SERVER - Looking for resource vulnerabilities Detected and Blocked by ADMIN - data recovery https://help-dysk.pl	2019-09-11 09:36:55
139.199.131.245	attackbotsspam	10 attempts against mh-misc-ban on pine.magehost.pro	2019-08-01 03:43:49
139.199.131.245	attackspam	30.07.2019 12:16:56 Web Distributed Authoring and Versioning server availability scan (webdav)	2019-07-31 02:33:15
139.199.131.245	attackbots	php WP PHPmyadamin ABUSE blocked for 12h	2019-06-26 18:54:09

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.199.131.237
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 49335
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.199.131.237.		IN	A

;; AUTHORITY SECTION:
.			481	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019110800 1800 900 604800 86400

;; Query time: 120 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Nov 08 23:07:10 CST 2019
;; MSG SIZE  rcvd: 119

Host info

Host 237.131.199.139.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 237.131.199.139.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
123.59.213.68	attackspam	May 22 05:55:18 localhost sshd\[17354\]: Invalid user dsh from 123.59.213.68 May 22 05:55:18 localhost sshd\[17354\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.59.213.68 May 22 05:55:20 localhost sshd\[17354\]: Failed password for invalid user dsh from 123.59.213.68 port 38436 ssh2 May 22 05:59:14 localhost sshd\[17423\]: Invalid user lvd from 123.59.213.68 May 22 05:59:14 localhost sshd\[17423\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.59.213.68 ...	2020-05-22 12:20:46
171.229.77.144	attackbots	Unauthorized connection attempt from IP address 171.229.77.144 on Port 445(SMB)	2020-05-22 12:24:18
114.67.105.220	attackbots	May 22 04:59:33 ajax sshd[30439]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.67.105.220 May 22 04:59:35 ajax sshd[30439]: Failed password for invalid user rns from 114.67.105.220 port 40184 ssh2	2020-05-22 12:12:19
206.189.126.86	attackspam	206.189.126.86 - - [22/May/2020:05:59:30 +0200] "GET /wp-login.php HTTP/1.1" 200 6702 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 206.189.126.86 - - [22/May/2020:05:59:38 +0200] "POST /wp-login.php HTTP/1.1" 200 6953 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 206.189.126.86 - - [22/May/2020:05:59:43 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-05-22 12:05:26
182.61.138.203	attack	IP blocked	2020-05-22 12:01:37
218.92.0.158	attackbotsspam	May 22 06:19:43 * sshd[32661]: Failed password for root from 218.92.0.158 port 53299 ssh2 May 22 06:19:56 * sshd[32661]: error: maximum authentication attempts exceeded for root from 218.92.0.158 port 53299 ssh2 [preauth]	2020-05-22 12:23:53
185.10.68.149	attackspambots	05/21/2020-23:59:11.220420 185.10.68.149 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-05-22 12:26:01
222.186.173.154	attackspambots	2020-05-22T06:03:26.147856 sshd[6161]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.154 user=root 2020-05-22T06:03:28.833526 sshd[6161]: Failed password for root from 222.186.173.154 port 15668 ssh2 2020-05-22T06:03:33.900498 sshd[6161]: Failed password for root from 222.186.173.154 port 15668 ssh2 2020-05-22T06:03:26.147856 sshd[6161]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.154 user=root 2020-05-22T06:03:28.833526 sshd[6161]: Failed password for root from 222.186.173.154 port 15668 ssh2 2020-05-22T06:03:33.900498 sshd[6161]: Failed password for root from 222.186.173.154 port 15668 ssh2 ...	2020-05-22 12:07:01
112.201.172.90	attack	Repeated attempts against wp-login	2020-05-22 12:04:40
106.13.60.28	attackbots	May 22 06:20:47 vps647732 sshd[27143]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.60.28 May 22 06:20:49 vps647732 sshd[27143]: Failed password for invalid user sli from 106.13.60.28 port 46998 ssh2 ...	2020-05-22 12:27:07
203.56.24.180	attack	May 21 18:00:11 kapalua sshd\[18822\]: Invalid user qtk from 203.56.24.180 May 21 18:00:11 kapalua sshd\[18822\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.56.24.180 May 21 18:00:12 kapalua sshd\[18822\]: Failed password for invalid user qtk from 203.56.24.180 port 43368 ssh2 May 21 18:03:31 kapalua sshd\[19079\]: Invalid user pso from 203.56.24.180 May 21 18:03:31 kapalua sshd\[19079\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.56.24.180	2020-05-22 12:09:22
195.54.167.76	attack	May 22 05:59:46 debian-2gb-nbg1-2 kernel: \[12378805.162008\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=195.54.167.76 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=34590 PROTO=TCP SPT=52139 DPT=34590 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-22 12:02:44
222.186.180.41	attackbotsspam	$f2bV_matches	2020-05-22 12:16:44
201.49.127.212	attackbots	May 22 05:56:20 srv01 sshd[14904]: Invalid user ansiblessh from 201.49.127.212 port 56742 May 22 05:56:20 srv01 sshd[14904]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.49.127.212 May 22 05:56:20 srv01 sshd[14904]: Invalid user ansiblessh from 201.49.127.212 port 56742 May 22 05:56:22 srv01 sshd[14904]: Failed password for invalid user ansiblessh from 201.49.127.212 port 56742 ssh2 May 22 05:59:50 srv01 sshd[15014]: Invalid user moz from 201.49.127.212 port 43444 ...	2020-05-22 12:00:34
116.85.40.181	attackbots	attack on server	2020-05-22 12:30:41

Recently Reported IPs

109.103.193.43	144.91.88.62	45.253.65.97	201.47.255.49
134.175.20.222	37.223.19.84	46.191.233.59	134.175.20.201
183.2.220.242	144.91.94.158	106.54.215.194	142.255.41.95
171.239.216.215	216.198.171.130	187.236.226.125	139.59.26.106
45.33.76.4	93.42.255.250	95.216.97.183	195.122.11.96