139.199.37.189

Basic Info

City: Beijing

Region: Beijing

Country: China

Internet Service Provider: Tencent Cloud Computing (Beijing) Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Invalid user qr from 139.199.37.189 port 40685	2019-10-27 01:14:47
attack	Oct 25 14:32:16 ns41 sshd[3136]: Failed password for root from 139.199.37.189 port 35342 ssh2 Oct 25 14:32:16 ns41 sshd[3136]: Failed password for root from 139.199.37.189 port 35342 ssh2	2019-10-25 21:01:13
attackbots	Oct 21 08:54:24 mail1 sshd\[16409\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.37.189 user=root Oct 21 08:54:27 mail1 sshd\[16409\]: Failed password for root from 139.199.37.189 port 39638 ssh2 Oct 21 09:05:15 mail1 sshd\[21384\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.37.189 user=root Oct 21 09:05:17 mail1 sshd\[21384\]: Failed password for root from 139.199.37.189 port 43803 ssh2 Oct 21 09:10:24 mail1 sshd\[23703\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.37.189 user=mysql ...	2019-10-21 15:12:16
attack	Oct 20 08:24:45 markkoudstaal sshd[15705]: Failed password for root from 139.199.37.189 port 33985 ssh2 Oct 20 08:30:28 markkoudstaal sshd[16273]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.37.189 Oct 20 08:30:31 markkoudstaal sshd[16273]: Failed password for invalid user teamspeak from 139.199.37.189 port 52943 ssh2	2019-10-20 18:11:03
attackspambots	Oct 17 05:04:11 hpm sshd\[27704\]: Invalid user ulrika from 139.199.37.189 Oct 17 05:04:11 hpm sshd\[27704\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.37.189 Oct 17 05:04:13 hpm sshd\[27704\]: Failed password for invalid user ulrika from 139.199.37.189 port 57404 ssh2 Oct 17 05:10:35 hpm sshd\[28348\]: Invalid user admin from 139.199.37.189 Oct 17 05:10:35 hpm sshd\[28348\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.37.189	2019-10-17 23:12:13
attackbots	Too many connections or unauthorized access detected from Arctic banned ip	2019-10-17 13:15:23
attack	Oct 13 07:00:08 www sshd\[167233\]: Invalid user Q1W2E3R4T5 from 139.199.37.189 Oct 13 07:00:08 www sshd\[167233\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.37.189 Oct 13 07:00:10 www sshd\[167233\]: Failed password for invalid user Q1W2E3R4T5 from 139.199.37.189 port 50353 ssh2 ...	2019-10-13 19:13:20
attack	ssh intrusion attempt	2019-10-12 14:30:01
attackspambots	Oct 9 07:31:08 xtremcommunity sshd\[343696\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.37.189 user=root Oct 9 07:31:10 xtremcommunity sshd\[343696\]: Failed password for root from 139.199.37.189 port 54011 ssh2 Oct 9 07:36:02 xtremcommunity sshd\[343793\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.37.189 user=root Oct 9 07:36:05 xtremcommunity sshd\[343793\]: Failed password for root from 139.199.37.189 port 42932 ssh2 Oct 9 07:41:03 xtremcommunity sshd\[343946\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.37.189 user=root ...	2019-10-09 20:31:52
attackspambots	$f2bV_matches	2019-10-03 13:54:20
attackbots	Oct 1 14:03:07 eventyay sshd[8454]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.37.189 Oct 1 14:03:09 eventyay sshd[8454]: Failed password for invalid user koelper from 139.199.37.189 port 52256 ssh2 Oct 1 14:13:02 eventyay sshd[8569]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.37.189 ...	2019-10-02 02:25:13

Comments on same subnet:

IP	Type	Details	Datetime
139.199.37.61	attackspam	SSH login attempts.	2020-03-18 18:43:11
139.199.37.61	attack	Invalid user princess from 139.199.37.61 port 50314	2020-03-13 21:27:03
139.199.37.61	attackspam	Feb 18 07:38:32 sd-53420 sshd\[26068\]: Invalid user jquery from 139.199.37.61 Feb 18 07:38:32 sd-53420 sshd\[26068\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.37.61 Feb 18 07:38:34 sd-53420 sshd\[26068\]: Failed password for invalid user jquery from 139.199.37.61 port 56986 ssh2 Feb 18 07:42:37 sd-53420 sshd\[26569\]: Invalid user cron from 139.199.37.61 Feb 18 07:42:37 sd-53420 sshd\[26569\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.37.61 ...	2020-02-18 16:18:51
139.199.37.61	attack	Lines containing failures of 139.199.37.61 Feb 11 18:10:08 kmh-vmh-002-fsn07 sshd[6113]: Invalid user ixf from 139.199.37.61 port 58612 Feb 11 18:10:08 kmh-vmh-002-fsn07 sshd[6113]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.37.61 Feb 11 18:10:10 kmh-vmh-002-fsn07 sshd[6113]: Failed password for invalid user ixf from 139.199.37.61 port 58612 ssh2 Feb 11 18:10:14 kmh-vmh-002-fsn07 sshd[6113]: Received disconnect from 139.199.37.61 port 58612:11: Bye Bye [preauth] Feb 11 18:10:14 kmh-vmh-002-fsn07 sshd[6113]: Disconnected from invalid user ixf 139.199.37.61 port 58612 [preauth] Feb 11 18:31:43 kmh-vmh-002-fsn07 sshd[7010]: Invalid user ka from 139.199.37.61 port 40372 Feb 11 18:31:43 kmh-vmh-002-fsn07 sshd[7010]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.37.61 Feb 11 18:31:45 kmh-vmh-002-fsn07 sshd[7010]: Failed password for invalid user ka from 139.199.37.61 port 4........ ------------------------------	2020-02-16 06:14:00
139.199.37.61	attackspambots	SSH/22 MH Probe, BF, Hack -	2020-02-12 23:19:01

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.199.37.189
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 19415
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.199.37.189.			IN	A

;; AUTHORITY SECTION:
.			466	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019100102 1800 900 604800 86400

;; Query time: 98 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Oct 02 02:25:07 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 189.37.199.139.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 189.37.199.139.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
222.240.1.0	attackspam	Jul 30 22:05:06 mail sshd\[4104\]: Invalid user lin from 222.240.1.0\ Jul 30 22:05:08 mail sshd\[4104\]: Failed password for invalid user lin from 222.240.1.0 port 10655 ssh2\ Jul 30 22:08:54 mail sshd\[4113\]: Invalid user admin from 222.240.1.0\ Jul 30 22:08:56 mail sshd\[4113\]: Failed password for invalid user admin from 222.240.1.0 port 28623 ssh2\ Jul 30 22:12:37 mail sshd\[4170\]: Invalid user qhsupport from 222.240.1.0\ Jul 30 22:12:39 mail sshd\[4170\]: Failed password for invalid user qhsupport from 222.240.1.0 port 12664 ssh2\	2019-07-31 04:41:49
106.13.29.223	attack	ssh failed login	2019-07-31 04:49:26
103.245.115.4	attackbotsspam	SSH authentication failure x 6 reported by Fail2Ban ...	2019-07-31 04:53:52
103.112.214.33	attackbots	Jul 30 14:14:25 [munged] sshd[27859]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.112.214.33	2019-07-31 04:27:39
200.117.185.230	attack	fraudulent SSH attempt	2019-07-31 04:27:58
31.14.252.114	attackbots	Probes for open dns resolvers	2019-07-31 04:39:42
103.54.250.103	attack	Jul 30 22:26:15 www4 sshd\[2120\]: Invalid user Jewel123 from 103.54.250.103 Jul 30 22:26:15 www4 sshd\[2120\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.54.250.103 Jul 30 22:26:17 www4 sshd\[2120\]: Failed password for invalid user Jewel123 from 103.54.250.103 port 46364 ssh2 Jul 30 22:31:52 www4 sshd\[2676\]: Invalid user neide from 103.54.250.103 Jul 30 22:31:52 www4 sshd\[2676\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.54.250.103 ...	2019-07-31 04:39:20
61.28.227.178	attackbotsspam	WordPress wp-login brute force :: 61.28.227.178 0.176 BYPASS [31/Jul/2019:02:50:55 1000] [censored_1] "POST /wp-login.php HTTP/1.1" 200 3972 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-07-31 04:32:51
54.36.222.37	attackspam	ssh intrusion attempt	2019-07-31 04:51:12
113.203.253.17	attackspam	firewall-block, port(s): 445/tcp	2019-07-31 05:07:47
201.213.16.34	attackbots	Lines containing failures of 201.213.16.34 Jul 29 13:16:08 mailserver sshd[27366]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.213.16.34 user=r.r Jul 29 13:16:11 mailserver sshd[27366]: Failed password for r.r from 201.213.16.34 port 51394 ssh2 Jul 29 13:16:11 mailserver sshd[27366]: Received disconnect from 201.213.16.34 port 51394:11: Bye Bye [preauth] Jul 29 13:16:11 mailserver sshd[27366]: Disconnected from authenticating user r.r 201.213.16.34 port 51394 [preauth] Jul 29 13:49:56 mailserver sshd[31032]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.213.16.34 user=r.r Jul 29 13:49:58 mailserver sshd[31032]: Failed password for r.r from 201.213.16.34 port 52941 ssh2 Jul 29 13:49:59 mailserver sshd[31032]: Received disconnect from 201.213.16.34 port 52941:11: Bye Bye [preauth] Jul 29 13:49:59 mailserver sshd[31032]: Disconnected from authenticating user r.r 201.213.16.34 por........ ------------------------------	2019-07-31 04:46:08
179.191.234.1	attack	44553/tcp [2019-07-30]1pkt	2019-07-31 04:26:37
112.85.42.175	attack	Jul 30 22:08:39 icinga sshd[7552]: Failed password for root from 112.85.42.175 port 53918 ssh2 Jul 30 22:08:53 icinga sshd[7552]: error: maximum authentication attempts exceeded for root from 112.85.42.175 port 53918 ssh2 [preauth] ...	2019-07-31 04:31:38
218.92.0.168	attackspam	Jul 30 19:36:30 bouncer sshd\[11631\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.168 user=root Jul 30 19:36:33 bouncer sshd\[11631\]: Failed password for root from 218.92.0.168 port 31209 ssh2 Jul 30 19:36:36 bouncer sshd\[11631\]: Failed password for root from 218.92.0.168 port 31209 ssh2 ...	2019-07-31 04:26:57
113.141.31.106	attackbotsspam	1433/tcp [2019-07-30]1pkt	2019-07-31 04:47:14

Recently Reported IPs

12.218.140.151	119.231.102.227	63.248.233.201	202.100.147.64
76.190.226.24	87.201.21.79	179.241.250.122	219.9.6.28
161.52.159.123	196.188.0.172	69.151.84.55	125.184.91.199
172.9.255.31	31.253.221.192	186.229.8.10	36.155.13.227
173.252.211.187	173.117.101.123	94.183.157.127	170.84.47.139