City: unknown
Region: unknown
Country: China
Internet Service Provider: Tencent Cloud Computing (Beijing) Co. Ltd.
Hostname: unknown
Organization: unknown
Usage Type: Data Center/Web Hosting/Transit
| Type | Details | Datetime |
|---|---|---|
| attackspambots | Jun 27 06:33:17 ip-172-31-62-245 sshd\[24171\]: Invalid user supervisor from 139.199.201.51\ Jun 27 06:33:19 ip-172-31-62-245 sshd\[24171\]: Failed password for invalid user supervisor from 139.199.201.51 port 41630 ssh2\ Jun 27 06:34:48 ip-172-31-62-245 sshd\[24176\]: Invalid user charity from 139.199.201.51\ Jun 27 06:34:50 ip-172-31-62-245 sshd\[24176\]: Failed password for invalid user charity from 139.199.201.51 port 54602 ssh2\ Jun 27 06:37:41 ip-172-31-62-245 sshd\[24188\]: Invalid user training from 139.199.201.51\ |
2019-06-27 14:52:35 |
| IP | Type | Details | Datetime |
|---|---|---|---|
| 139.199.201.141 | attack | SSH invalid-user multiple login try |
2020-10-13 00:07:39 |
| 139.199.201.141 | attackbotsspam | Oct 12 08:22:23 mout sshd[16815]: Invalid user ru from 139.199.201.141 port 61071 |
2020-10-12 15:30:33 |
| 139.199.201.243 | attackbots | 1597351475 - 08/13/2020 22:44:35 Host: 139.199.201.243/139.199.201.243 Port: 445 TCP Blocked |
2020-08-14 06:53:30 |
| 139.199.201.141 | attackbotsspam | May 19 11:24:48 lnxweb61 sshd[31891]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.201.141 May 19 11:24:49 lnxweb61 sshd[31891]: Failed password for invalid user esd from 139.199.201.141 port 54701 ssh2 May 19 11:30:24 lnxweb61 sshd[5696]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.201.141 |
2020-05-20 05:14:59 |
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.199.201.51
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63088
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.199.201.51. IN A
;; AUTHORITY SECTION:
. 3600 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2019050800 1800 900 604800 86400
;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Wed May 08 16:42:27 +08 2019
;; MSG SIZE rcvd: 118
Host 51.201.199.139.in-addr.arpa. not found: 3(NXDOMAIN)
Server: 67.207.67.3
Address: 67.207.67.3#53
** server can't find 51.201.199.139.in-addr.arpa: NXDOMAIN
| IP | Type | Details | Datetime |
|---|---|---|---|
| 183.16.100.208 | attack | Mar 29 14:45:42 debian-2gb-nbg1-2 kernel: \[7745004.288366\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=183.16.100.208 DST=195.201.40.59 LEN=52 TOS=0x00 PREC=0x00 TTL=114 ID=26746 DF PROTO=TCP SPT=63597 DPT=4899 WINDOW=8192 RES=0x00 SYN URGP=0 |
2020-03-30 00:37:42 |
| 104.236.75.62 | attackbotsspam | 104.236.75.62 - - [29/Mar/2020:14:45:30 +0200] "POST /wp-login.php HTTP/1.1" 200 3686 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.236.75.62 - - [29/Mar/2020:14:45:32 +0200] "POST /wp-login.php HTTP/1.1" 200 3663 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ... |
2020-03-30 00:48:16 |
| 51.38.130.242 | attackspambots | Mar 29 13:31:32 localhost sshd[53411]: Invalid user lichaonan from 51.38.130.242 port 39650 Mar 29 13:31:32 localhost sshd[53411]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=242.ip-51-38-130.eu Mar 29 13:31:32 localhost sshd[53411]: Invalid user lichaonan from 51.38.130.242 port 39650 Mar 29 13:31:35 localhost sshd[53411]: Failed password for invalid user lichaonan from 51.38.130.242 port 39650 ssh2 Mar 29 13:37:13 localhost sshd[53820]: Invalid user ja from 51.38.130.242 port 47450 ... |
2020-03-30 00:16:55 |
| 87.117.9.12 | attack | Unauthorized connection attempt from IP address 87.117.9.12 on Port 445(SMB) |
2020-03-30 00:52:17 |
| 114.67.75.142 | attack | Lines containing failures of 114.67.75.142 Mar 28 12:28:14 shared04 sshd[15253]: Invalid user cmb from 114.67.75.142 port 59384 Mar 28 12:28:14 shared04 sshd[15253]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.67.75.142 Mar 28 12:28:16 shared04 sshd[15253]: Failed password for invalid user cmb from 114.67.75.142 port 59384 ssh2 Mar 28 12:28:17 shared04 sshd[15253]: Received disconnect from 114.67.75.142 port 59384:11: Bye Bye [preauth] Mar 28 12:28:17 shared04 sshd[15253]: Disconnected from invalid user cmb 114.67.75.142 port 59384 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=114.67.75.142 |
2020-03-30 00:35:38 |
| 73.68.9.170 | attack | Invalid user Terminator from 73.68.9.170 port 52308 |
2020-03-30 00:33:18 |
| 35.231.219.146 | attackbots | Mar 29 16:14:23 localhost sshd[21807]: Invalid user germania from 35.231.219.146 port 50052 ... |
2020-03-30 00:54:32 |
| 70.78.168.146 | attack | Attempted to connect 6 times to port 3707 TCP |
2020-03-30 00:38:36 |
| 81.17.2.162 | attack | Unauthorized connection attempt from IP address 81.17.2.162 on Port 445(SMB) |
2020-03-30 00:32:16 |
| 85.72.51.33 | attack | Attempted connection to port 3389. |
2020-03-30 00:57:50 |
| 162.243.132.165 | attack | 514/tcp 9529/tcp 2049/tcp... [2020-02-14/03-28]27pkt,25pt.(tcp),2pt.(udp) |
2020-03-30 00:55:23 |
| 27.145.33.239 | attack | Attempted connection to port 9530. |
2020-03-30 00:58:28 |
| 45.178.1.8 | attackbotsspam | Unauthorized connection attempt from IP address 45.178.1.8 on Port 445(SMB) |
2020-03-30 00:46:43 |
| 167.71.93.122 | attackbotsspam | DigitalOcean BotNet attack - 10s of requests to non- pages - :443/app-ads.txt - typically bursts of 8 requests per second - undefined, XSS attacks UA removed |
2020-03-30 00:25:10 |
| 219.147.15.232 | attack | Unauthorized connection attempt from IP address 219.147.15.232 on Port 445(SMB) |
2020-03-30 00:21:55 |