139.199.27.174

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: V6Yun (Beijing) Network Co. Ltd

Hostname: unknown

Organization: unknown

Usage Type: Search Engine Spider

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Invalid user test from 139.199.27.174 port 43886	2020-04-30 00:50:27
attack	Apr 28 19:20:38 wbs sshd\[7983\]: Invalid user dh from 139.199.27.174 Apr 28 19:20:38 wbs sshd\[7983\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.27.174 Apr 28 19:20:41 wbs sshd\[7983\]: Failed password for invalid user dh from 139.199.27.174 port 45272 ssh2 Apr 28 19:27:27 wbs sshd\[8579\]: Invalid user miw from 139.199.27.174 Apr 28 19:27:27 wbs sshd\[8579\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.27.174	2020-04-29 17:40:03
attack	2020-04-28T17:07:10.7857961495-001 sshd[41766]: Invalid user chris from 139.199.27.174 port 48400 2020-04-28T17:07:10.7931521495-001 sshd[41766]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.27.174 2020-04-28T17:07:10.7857961495-001 sshd[41766]: Invalid user chris from 139.199.27.174 port 48400 2020-04-28T17:07:13.0931711495-001 sshd[41766]: Failed password for invalid user chris from 139.199.27.174 port 48400 ssh2 2020-04-28T17:11:13.3544201495-001 sshd[41995]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.27.174 user=root 2020-04-28T17:11:15.0118291495-001 sshd[41995]: Failed password for root from 139.199.27.174 port 49650 ssh2 ...	2020-04-29 05:32:42
attackspam	Apr 27 19:55:48 ns3164893 sshd[15071]: Failed password for root from 139.199.27.174 port 41534 ssh2 Apr 27 20:14:37 ns3164893 sshd[15406]: Invalid user morty from 139.199.27.174 port 38934 ...	2020-04-28 02:19:15
attackspam	SSH login attempts.	2020-04-22 00:57:19

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.199.27.174
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 48502
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.199.27.174.			IN	A

;; AUTHORITY SECTION:
.			600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020042100 1800 900 604800 86400

;; Query time: 100 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Apr 22 00:57:15 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 174.27.199.139.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 174.27.199.139.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
37.139.4.138	attackbotsspam	SSH brutforce	2020-06-05 19:31:39
164.132.51.91	attackbotsspam	(mod_security) mod_security (id:210492) triggered by 164.132.51.91 (FR/France/91.ip-164-132-51.eu): 5 in the last 3600 secs	2020-06-05 19:23:40
209.97.168.205	attackbotsspam	Jun 5 05:42:26 vmd26974 sshd[13285]: Failed password for root from 209.97.168.205 port 50544 ssh2 ...	2020-06-05 19:19:30
35.187.218.159	attackspam	TCP (SYN) 35.187.218.159:56295 -> port 23950, len 44	2020-06-05 19:07:36
218.78.46.81	attack	Jun 5 05:34:37 mail sshd\[50940\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.78.46.81 user=root ...	2020-06-05 19:15:28
185.173.35.9	attack	TCP (SYN) 185.173.35.9:62725 -> port 8888, len 44	2020-06-05 19:20:08
192.162.179.148	attack	(PL/Poland/-) SMTP Bruteforcing attempts	2020-06-05 19:28:20
111.229.85.164	attackbots	Jun 5 04:13:46 game-panel sshd[26134]: Failed password for root from 111.229.85.164 port 40827 ssh2 Jun 5 04:15:06 game-panel sshd[26186]: Failed password for root from 111.229.85.164 port 57371 ssh2	2020-06-05 19:00:10
46.101.204.20	attack	Jun 5 08:32:15 vlre-nyc-1 sshd\[7512\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.204.20 user=root Jun 5 08:32:17 vlre-nyc-1 sshd\[7512\]: Failed password for root from 46.101.204.20 port 42412 ssh2 Jun 5 08:38:21 vlre-nyc-1 sshd\[7738\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.204.20 user=root Jun 5 08:38:23 vlre-nyc-1 sshd\[7738\]: Failed password for root from 46.101.204.20 port 41618 ssh2 Jun 5 08:41:46 vlre-nyc-1 sshd\[7878\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.204.20 user=root ...	2020-06-05 19:26:09
167.99.224.160	attackspambots	Jun 5 05:09:20 our-server-hostname sshd[518]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.224.160 user=r.r Jun 5 05:09:22 our-server-hostname sshd[518]: Failed password for r.r from 167.99.224.160 port 59968 ssh2 Jun 5 05:57:31 our-server-hostname sshd[6682]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.224.160 user=r.r Jun 5 05:57:34 our-server-hostname sshd[6682]: Failed password for r.r from 167.99.224.160 port 53044 ssh2 Jun 5 06:02:05 our-server-hostname sshd[7375]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.224.160 user=r.r Jun 5 06:02:07 our-server-hostname sshd[7375]: Failed password for r.r from 167.99.224.160 port 56358 ssh2 Jun 5 06:06:35 our-server-hostname sshd[7992]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.224.160 user=r.r Jun 5 06:06:37 ou........ -------------------------------	2020-06-05 19:10:24
95.243.136.198	attackbots	bruteforce detected	2020-06-05 19:33:15
31.42.190.137	attackbotsspam	Tried sshing with brute force.	2020-06-05 19:35:16
96.3.122.191	attackspambots	Brute forcing email accounts	2020-06-05 19:19:00
111.230.226.124	attackspambots	SSH Brute-Force reported by Fail2Ban	2020-06-05 19:04:56
194.187.249.55	attack	(From hacker@andreas-ocklenburg.com) PLEASE FORWARD THIS EMAIL TO SOMEONE IN YOUR COMPANY WHO IS ALLOWED TO MAKE IMPORTANT DECISIONS! We have hacked your website http://www.lakeside-chiro.com and extracted your databases. How did this happen? Our team has found a vulnerability within your site that we were able to exploit. After finding the vulnerability we were able to get your database credentials and extract your entire database and move the information to an offshore server. What does this mean? We will systematically go through a series of steps of totally damaging your reputation. First your database will be leaked or sold to the highest bidder which they will use with whatever their intentions are. Next if there are e-mails found they will be e-mailed that their information has been sold or leaked and your site http://www.lakeside-chiro.com was at fault thusly damaging your reputation and having angry customers/associates with whatever angry customers/associates do. Lastly any links that y	2020-06-05 18:58:35

Recently Reported IPs

85.114.63.32	2.7.152.10	69.79.8.114	105.14.231.145
57.254.110.147	8.238.83.56	116.167.103.133	63.39.54.205
110.221.81.142	106.12.31.186	163.115.202.113	104.211.211.244
103.45.101.7	77.55.212.211	101.193.34.228	73.246.166.86
186.194.111.1	112.244.71.17	72.239.24.37	52.18.34.5