139.199.32.57 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: V6Yun (Beijing) Network Co. Ltd

Hostname: unknown

Organization: unknown

Usage Type: Search Engine Spider

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Brute-force attempt banned	2020-09-20 23:42:20
attackspam	SSH bruteforce	2020-09-20 15:31:47
attackbots	SSH bruteforce	2020-09-20 07:26:44
attackspambots	Aug 23 17:44:56 ws12vmsma01 sshd[47717]: Invalid user lig from 139.199.32.57 Aug 23 17:44:59 ws12vmsma01 sshd[47717]: Failed password for invalid user lig from 139.199.32.57 port 45464 ssh2 Aug 23 17:50:42 ws12vmsma01 sshd[48498]: Invalid user theodore from 139.199.32.57 ...	2020-08-24 07:13:26
attack	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-08-08T20:15:37Z and 2020-08-08T20:26:58Z	2020-08-09 06:07:53
attackspambots	Invalid user trade from 139.199.32.57 port 56376	2020-07-27 07:45:28
attack	Invalid user trade from 139.199.32.57 port 56376	2020-07-22 05:20:10
attackspam	2020-06-26T06:53:46.401294ionos.janbro.de sshd[37700]: Failed password for invalid user patch from 139.199.32.57 port 53198 ssh2 2020-06-26T06:58:25.444479ionos.janbro.de sshd[37731]: Invalid user sakamoto from 139.199.32.57 port 42470 2020-06-26T06:58:25.625184ionos.janbro.de sshd[37731]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.32.57 2020-06-26T06:58:25.444479ionos.janbro.de sshd[37731]: Invalid user sakamoto from 139.199.32.57 port 42470 2020-06-26T06:58:27.863192ionos.janbro.de sshd[37731]: Failed password for invalid user sakamoto from 139.199.32.57 port 42470 ssh2 2020-06-26T07:00:41.621258ionos.janbro.de sshd[37761]: Invalid user om from 139.199.32.57 port 37092 2020-06-26T07:00:41.673415ionos.janbro.de sshd[37761]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.32.57 2020-06-26T07:00:41.621258ionos.janbro.de sshd[37761]: Invalid user om from 139.199.32.57 port 37092 2020-06-2 ...	2020-06-26 15:33:44
attackspam	Jun 25 08:25:24 ns381471 sshd[22568]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.32.57 Jun 25 08:25:26 ns381471 sshd[22568]: Failed password for invalid user lwq from 139.199.32.57 port 39748 ssh2	2020-06-25 16:38:40
attackbotsspam	Jun 3 16:32:54 inter-technics sshd[21498]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.32.57 user=root Jun 3 16:32:56 inter-technics sshd[21498]: Failed password for root from 139.199.32.57 port 39038 ssh2 Jun 3 16:37:00 inter-technics sshd[21728]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.32.57 user=root Jun 3 16:37:02 inter-technics sshd[21728]: Failed password for root from 139.199.32.57 port 54696 ssh2 Jun 3 16:41:05 inter-technics sshd[22064]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.32.57 user=root Jun 3 16:41:07 inter-technics sshd[22064]: Failed password for root from 139.199.32.57 port 42120 ssh2 ...	2020-06-03 22:45:14
attackbotsspam	Invalid user lah from 139.199.32.57 port 42814	2020-05-24 02:19:24
attack	May 21 08:01:53 ncomp sshd[3651]: Invalid user jye from 139.199.32.57 May 21 08:01:53 ncomp sshd[3651]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.32.57 May 21 08:01:53 ncomp sshd[3651]: Invalid user jye from 139.199.32.57 May 21 08:01:56 ncomp sshd[3651]: Failed password for invalid user jye from 139.199.32.57 port 51190 ssh2	2020-05-21 15:44:43
attackspambots	Invalid user user from 139.199.32.57 port 34434	2020-05-14 07:16:49
attackbots	Invalid user user from 139.199.32.57 port 34434	2020-05-13 15:28:59
attack	[Aegis] @ 2019-12-31 21:23:25 0100 -> Attempted Administrator Privilege Gain: ET SCAN LibSSH Based Frequent SSH Connections Likely BruteForce Attack	2020-05-01 23:03:58
attack	SSH bruteforce	2020-04-30 03:23:06
attack	Apr 22 20:32:40 xeon sshd[52668]: Failed password for root from 139.199.32.57 port 41146 ssh2	2020-04-23 04:03:46
attack	Mar 27 07:05:20 IngegnereFirenze sshd[12492]: Failed password for invalid user lzv from 139.199.32.57 port 46216 ssh2 ...	2020-03-27 19:46:44
attack	Mar 18 23:09:01 dev0-dcde-rnet sshd[16475]: Failed password for root from 139.199.32.57 port 44026 ssh2 Mar 18 23:12:26 dev0-dcde-rnet sshd[16528]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.32.57 Mar 18 23:12:28 dev0-dcde-rnet sshd[16528]: Failed password for invalid user git from 139.199.32.57 port 48558 ssh2	2020-03-19 09:40:01
attack	Mar 7 07:58:28 sso sshd[16878]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.32.57 Mar 7 07:58:29 sso sshd[16878]: Failed password for invalid user csserver from 139.199.32.57 port 51352 ssh2 ...	2020-03-07 18:35:01
attackspambots	Unauthorized connection attempt detected from IP address 139.199.32.57 to port 2220 [J]	2020-01-22 22:27:36
attackbotsspam	Unauthorized connection attempt detected from IP address 139.199.32.57 to port 2220 [J]	2020-01-06 13:48:57
attackspambots	Jan 4 07:45:28 server sshd\[17100\]: Invalid user sybase from 139.199.32.57 Jan 4 07:45:28 server sshd\[17100\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.32.57 Jan 4 07:45:29 server sshd\[17100\]: Failed password for invalid user sybase from 139.199.32.57 port 47740 ssh2 Jan 4 07:55:35 server sshd\[19467\]: Invalid user r00t from 139.199.32.57 Jan 4 07:55:35 server sshd\[19467\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.32.57 ...	2020-01-04 14:07:10

Comments on same subnet:

IP	Type	Details	Datetime
139.199.32.22	attackspam	$f2bV_matches	2020-10-14 02:11:32
139.199.32.22	attackbotsspam	fail2ban: brute force SSH detected	2020-10-13 17:24:33
139.199.32.22	attackspam	SSH Bruteforce Attempt on Honeypot	2020-10-12 23:33:50
139.199.32.22	attackbots	Cowrie Honeypot: Unauthorised SSH/Telnet login attempt with user "duncan" at 2020-10-12T06:16:36Z	2020-10-12 14:57:42
139.199.32.22	attack	Sep 21 15:22:47 eventyay sshd[22358]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.32.22 Sep 21 15:22:49 eventyay sshd[22358]: Failed password for invalid user sftp from 139.199.32.22 port 39036 ssh2 Sep 21 15:25:41 eventyay sshd[22395]: Failed password for root from 139.199.32.22 port 44058 ssh2 ...	2020-09-21 22:10:09
139.199.32.22	attackbotsspam	2020-09-21T01:04:04.910546abusebot.cloudsearch.cf sshd[20975]: Invalid user mysql from 139.199.32.22 port 39816 2020-09-21T01:04:04.915784abusebot.cloudsearch.cf sshd[20975]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.32.22 2020-09-21T01:04:04.910546abusebot.cloudsearch.cf sshd[20975]: Invalid user mysql from 139.199.32.22 port 39816 2020-09-21T01:04:07.088345abusebot.cloudsearch.cf sshd[20975]: Failed password for invalid user mysql from 139.199.32.22 port 39816 ssh2 2020-09-21T01:09:58.888117abusebot.cloudsearch.cf sshd[21034]: Invalid user teste from 139.199.32.22 port 49338 2020-09-21T01:09:58.895068abusebot.cloudsearch.cf sshd[21034]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.32.22 2020-09-21T01:09:58.888117abusebot.cloudsearch.cf sshd[21034]: Invalid user teste from 139.199.32.22 port 49338 2020-09-21T01:10:01.664622abusebot.cloudsearch.cf sshd[21034]: Failed password for in ...	2020-09-21 13:57:29
139.199.32.22	attackspam	Sep 20 22:30:56 rocket sshd[16181]: Failed password for root from 139.199.32.22 port 40824 ssh2 Sep 20 22:36:38 rocket sshd[17050]: Failed password for root from 139.199.32.22 port 48566 ssh2 ...	2020-09-21 05:46:03
139.199.32.22	attackbotsspam	2020-08-25T23:37:15.396204mail.broermann.family sshd[5846]: Failed password for invalid user git from 139.199.32.22 port 37886 ssh2 2020-08-25T23:48:32.489328mail.broermann.family sshd[6273]: Invalid user lhb from 139.199.32.22 port 48118 2020-08-25T23:48:32.493985mail.broermann.family sshd[6273]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.32.22 2020-08-25T23:48:32.489328mail.broermann.family sshd[6273]: Invalid user lhb from 139.199.32.22 port 48118 2020-08-25T23:48:34.803179mail.broermann.family sshd[6273]: Failed password for invalid user lhb from 139.199.32.22 port 48118 ssh2 ...	2020-08-26 06:34:47
139.199.32.22	attackbotsspam	Aug 16 10:18:57 s158375 sshd[4453]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.32.22	2020-08-17 02:32:46
139.199.32.22	attackbots	Aug 12 23:13:55 piServer sshd[10417]: Failed password for root from 139.199.32.22 port 36586 ssh2 Aug 12 23:15:48 piServer sshd[10724]: Failed password for root from 139.199.32.22 port 58916 ssh2 ...	2020-08-13 06:41:39
139.199.32.22	attackspambots	Aug 10 06:20:11 lnxded64 sshd[29806]: Failed password for root from 139.199.32.22 port 48710 ssh2 Aug 10 06:20:11 lnxded64 sshd[29806]: Failed password for root from 139.199.32.22 port 48710 ssh2	2020-08-10 13:06:59
139.199.32.22	attackspam	2020-07-21T18:57:55+0200 Failed SSH Authentication/Brute Force Attack.(Server 2)	2020-07-22 02:35:27
139.199.32.22	attack	Jul 8 06:46:45 abendstille sshd\[2585\]: Invalid user fct from 139.199.32.22 Jul 8 06:46:45 abendstille sshd\[2585\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.32.22 Jul 8 06:46:48 abendstille sshd\[2585\]: Failed password for invalid user fct from 139.199.32.22 port 43424 ssh2 Jul 8 06:50:49 abendstille sshd\[6271\]: Invalid user zhaohongyu from 139.199.32.22 Jul 8 06:50:49 abendstille sshd\[6271\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.32.22 ...	2020-07-08 12:57:37
139.199.32.22	attackbots	2020-07-04T13:47:47.451133n23.at sshd[2499383]: Failed password for invalid user jacob from 139.199.32.22 port 47294 ssh2 2020-07-04T14:12:07.634442n23.at sshd[2519729]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.32.22 user=root 2020-07-04T14:12:09.170813n23.at sshd[2519729]: Failed password for root from 139.199.32.22 port 48206 ssh2 ...	2020-07-04 22:53:55
139.199.32.22	attackbots	Jul 3 20:31:40 mailserver sshd\[15819\]: Invalid user rw from 139.199.32.22 ...	2020-07-04 02:50:38

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.199.32.57
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57012
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.199.32.57.			IN	A

;; AUTHORITY SECTION:
.			491	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020010400 1800 900 604800 86400

;; Query time: 185 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Jan 04 14:07:06 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 57.32.199.139.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 57.32.199.139.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
60.191.82.107	attackbots	Sep 30 14:11:15 dev0-dcfr-rnet sshd[1948]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.191.82.107 Sep 30 14:11:17 dev0-dcfr-rnet sshd[1948]: Failed password for invalid user user3 from 60.191.82.107 port 28148 ssh2 Sep 30 14:13:30 dev0-dcfr-rnet sshd[1950]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.191.82.107	2019-10-01 00:56:11
186.219.241.41	attackbots	Automatic report - Port Scan Attack	2019-10-01 00:57:03
118.141.215.184	attackbotsspam	Sep 30 05:54:20 auw2 sshd\[11217\]: Invalid user pi from 118.141.215.184 Sep 30 05:54:20 auw2 sshd\[11217\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.141.215.184 Sep 30 05:54:20 auw2 sshd\[11222\]: Invalid user pi from 118.141.215.184 Sep 30 05:54:20 auw2 sshd\[11222\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.141.215.184 Sep 30 05:54:22 auw2 sshd\[11217\]: Failed password for invalid user pi from 118.141.215.184 port 43620 ssh2	2019-10-01 01:18:51
197.232.252.146	attack	Telnet/23 MH Probe, BF, Hack -	2019-10-01 00:47:23
61.63.153.169	attackspam	SMB Server BruteForce Attack	2019-10-01 00:40:46
114.40.90.167	attack	2323/tcp 23/tcp 23/tcp [2019-09-28/30]3pkt	2019-10-01 01:01:11
124.156.198.92	attackbots	1214/tcp 32753/udp 32766/udp... [2019-08-06/09-30]8pkt,6pt.(tcp),2pt.(udp)	2019-10-01 00:47:48
153.37.121.128	attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-10-01 00:57:19
190.95.234.122	attackspam	Telnet/23 MH Probe, BF, Hack -	2019-10-01 01:10:35
102.165.211.28	attackspam	Automatic report - Port Scan Attack	2019-10-01 01:25:16
51.75.248.127	attackspam	Sep 30 18:09:52 ArkNodeAT sshd\[27228\]: Invalid user zxin10 from 51.75.248.127 Sep 30 18:09:52 ArkNodeAT sshd\[27228\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.248.127 Sep 30 18:09:54 ArkNodeAT sshd\[27228\]: Failed password for invalid user zxin10 from 51.75.248.127 port 51454 ssh2	2019-10-01 00:58:54
59.31.163.141	attackbots	23/tcp 37215/tcp... [2019-07-30/09-29]46pkt,2pt.(tcp)	2019-10-01 01:13:35
49.88.112.71	attackspambots	Sep 30 12:13:34 localhost sshd\[4302\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.71 user=root Sep 30 12:13:36 localhost sshd\[4302\]: Failed password for root from 49.88.112.71 port 25164 ssh2 Sep 30 12:13:39 localhost sshd\[4302\]: Failed password for root from 49.88.112.71 port 25164 ssh2 ...	2019-10-01 00:45:48
165.16.37.164	attackspambots	Unauthorised access (Sep 30) SRC=165.16.37.164 LEN=40 TTL=243 ID=6340 DF TCP DPT=8080 WINDOW=14600 SYN	2019-10-01 01:25:58
27.118.21.254	attack	www.geburtshaus-fulda.de 27.118.21.254 \[30/Sep/2019:16:30:47 +0200\] "POST /wp-login.php HTTP/1.1" 200 5786 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" www.geburtshaus-fulda.de 27.118.21.254 \[30/Sep/2019:16:30:50 +0200\] "POST /wp-login.php HTTP/1.1" 200 5790 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2019-10-01 01:13:56

Recently Reported IPs

103.85.84.226	54.169.197.207	151.21.35.238	189.131.16.220
157.39.111.47	180.76.99.165	49.24.98.114	203.127.156.113
185.49.97.196	76.116.247.249	204.57.165.154	203.146.238.133
68.6.214.114	173.172.134.211	109.105.168.234	59.160.233.114
40.136.247.78	141.165.125.100	207.254.182.198	177.93.70.24