139.199.4.219 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: V6Yun (Beijing) Network Co. Ltd

Hostname: unknown

Organization: unknown

Usage Type: Search Engine Spider

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	2020-09-05T16:49:21.383212n23.at sshd[2759233]: Invalid user crh from 139.199.4.219 port 49398 2020-09-05T16:49:23.939133n23.at sshd[2759233]: Failed password for invalid user crh from 139.199.4.219 port 49398 ssh2 2020-09-05T17:06:41.799307n23.at sshd[2773662]: Invalid user union from 139.199.4.219 port 33930 ...	2020-09-06 01:29:22
attackbots	2020-09-05 09:19:20,286 fail2ban.actions: WARNING [ssh] Ban 139.199.4.219	2020-09-05 17:01:02
attack	Sep 1 10:08:06 server sshd[24765]: User root from 139.199.4.219 not allowed because listed in DenyUsers Sep 1 10:08:06 server sshd[24765]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.4.219 user=root Sep 1 10:08:06 server sshd[24765]: User root from 139.199.4.219 not allowed because listed in DenyUsers Sep 1 10:08:07 server sshd[24765]: Failed password for invalid user root from 139.199.4.219 port 43778 ssh2 Sep 1 10:09:32 server sshd[21253]: Invalid user hfh from 139.199.4.219 port 39306 ...	2020-09-01 15:53:50
attackspam	SSH Login Bruteforce	2020-08-31 23:27:47
attackbots	Aug 30 18:11:05 mout sshd[11760]: Invalid user lahiru from 139.199.4.219 port 45714 Aug 30 18:11:07 mout sshd[11760]: Failed password for invalid user lahiru from 139.199.4.219 port 45714 ssh2 Aug 30 18:11:08 mout sshd[11760]: Disconnected from invalid user lahiru 139.199.4.219 port 45714 [preauth]	2020-08-31 00:11:20
attackspam	Bruteforce detected by fail2ban	2020-08-25 00:42:28
attackspambots	Jul 24 10:55:37 webhost01 sshd[27098]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.4.219 Jul 24 10:55:38 webhost01 sshd[27098]: Failed password for invalid user node from 139.199.4.219 port 33254 ssh2 ...	2020-07-24 12:09:41
attackbots	2020-07-22T05:52:50.030820ns386461 sshd\[9756\]: Invalid user pulse from 139.199.4.219 port 33204 2020-07-22T05:52:50.035408ns386461 sshd\[9756\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.4.219 2020-07-22T05:52:52.198593ns386461 sshd\[9756\]: Failed password for invalid user pulse from 139.199.4.219 port 33204 ssh2 2020-07-22T05:59:43.436810ns386461 sshd\[15742\]: Invalid user hamish from 139.199.4.219 port 41624 2020-07-22T05:59:43.440861ns386461 sshd\[15742\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.4.219 ...	2020-07-22 12:08:08
attackbots	2020-07-19T08:03:59.285112hostname sshd[25980]: Failed password for invalid user team3 from 139.199.4.219 port 46146 ssh2 ...	2020-07-21 03:24:26
attackbots	Jul 17 19:07:28 gw1 sshd[31604]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.4.219 Jul 17 19:07:30 gw1 sshd[31604]: Failed password for invalid user lsa from 139.199.4.219 port 54576 ssh2 ...	2020-07-18 01:01:58
attack	$f2bV_matches	2020-07-13 15:01:16
attack	Invalid user han from 139.199.4.219 port 56294	2020-07-02 02:46:16
attackspam	Jun 22 18:53:27 haigwepa sshd[9222]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.4.219 Jun 22 18:53:29 haigwepa sshd[9222]: Failed password for invalid user sysop from 139.199.4.219 port 43196 ssh2 ...	2020-06-23 02:27:16
attack	Jun 17 15:48:02 vps sshd[125295]: Invalid user ubuntu from 139.199.4.219 port 38356 Jun 17 15:48:02 vps sshd[125295]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.4.219 Jun 17 15:48:04 vps sshd[125295]: Failed password for invalid user ubuntu from 139.199.4.219 port 38356 ssh2 Jun 17 15:50:30 vps sshd[137921]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.4.219 user=root Jun 17 15:50:33 vps sshd[137921]: Failed password for root from 139.199.4.219 port 36324 ssh2 ...	2020-06-17 22:24:23
attack	2020-06-05T08:20:02.090864+02:00 sshd[30038]: Failed password for root from 139.199.4.219 port 60792 ssh2	2020-06-05 14:28:39
attackspambots	May 30 14:28:02 server1 sshd\[7130\]: Failed password for root from 139.199.4.219 port 42918 ssh2 May 30 14:32:36 server1 sshd\[8566\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.4.219 user=root May 30 14:32:37 server1 sshd\[8566\]: Failed password for root from 139.199.4.219 port 38338 ssh2 May 30 14:36:45 server1 sshd\[9926\]: Invalid user csserver from 139.199.4.219 May 30 14:36:45 server1 sshd\[9926\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.4.219 ...	2020-05-31 05:14:40
attackbotsspam	May 28 17:47:35 NPSTNNYC01T sshd[18765]: Failed password for root from 139.199.4.219 port 41302 ssh2 May 28 17:51:07 NPSTNNYC01T sshd[19069]: Failed password for root from 139.199.4.219 port 57106 ssh2 ...	2020-05-29 05:56:55
attackspam	May 27 05:58:25 prod4 sshd\[5274\]: Failed password for root from 139.199.4.219 port 38792 ssh2 May 27 05:59:53 prod4 sshd\[5604\]: Failed password for root from 139.199.4.219 port 60684 ssh2 May 27 06:01:21 prod4 sshd\[6701\]: Failed password for root from 139.199.4.219 port 54352 ssh2 ...	2020-05-27 14:18:00
attack	Apr 5 14:58:40 vps647732 sshd[28203]: Failed password for root from 139.199.4.219 port 43826 ssh2 ...	2020-04-05 21:11:05
attackspambots	Unauthorized SSH login attempts	2020-04-02 22:13:51
attackbotsspam	Invalid user cpanelconnecttrack from 139.199.4.219 port 35460	2020-03-11 15:13:47
attackspambots	Invalid user edena from 139.199.4.219 port 45098	2020-02-15 15:10:56
attack	Feb 12 10:13:11 silence02 sshd[20631]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.4.219 Feb 12 10:13:13 silence02 sshd[20631]: Failed password for invalid user mmo2 from 139.199.4.219 port 57736 ssh2 Feb 12 10:20:37 silence02 sshd[21191]: Failed password for root from 139.199.4.219 port 48888 ssh2	2020-02-12 20:34:37

Comments on same subnet:

IP	Type	Details	Datetime
139.199.45.83	attack	Oct 12 17:30:43 minden010 sshd[13193]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.45.83 Oct 12 17:30:45 minden010 sshd[13193]: Failed password for invalid user celina from 139.199.45.83 port 45008 ssh2 Oct 12 17:35:20 minden010 sshd[14132]: Failed password for root from 139.199.45.83 port 39056 ssh2 ...	2020-10-13 04:07:27
139.199.45.83	attack	$f2bV_matches	2020-10-12 19:44:20
139.199.45.83	attack	(sshd) Failed SSH login from 139.199.45.83 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 24 09:32:37 server4 sshd[28535]: Invalid user office from 139.199.45.83 Sep 24 09:32:37 server4 sshd[28535]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.45.83 Sep 24 09:32:39 server4 sshd[28535]: Failed password for invalid user office from 139.199.45.83 port 56518 ssh2 Sep 24 09:41:23 server4 sshd[1121]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.45.83 user=root Sep 24 09:41:25 server4 sshd[1121]: Failed password for root from 139.199.45.83 port 50346 ssh2	2020-09-24 23:46:16
139.199.45.83	attackspam	Invalid user test from 139.199.45.83 port 43226	2020-09-24 15:32:43
139.199.45.83	attackspambots	(sshd) Failed SSH login from 139.199.45.83 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 23 15:37:10 server5 sshd[20109]: Invalid user apps from 139.199.45.83 Sep 23 15:37:10 server5 sshd[20109]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.45.83 Sep 23 15:37:12 server5 sshd[20109]: Failed password for invalid user apps from 139.199.45.83 port 51344 ssh2 Sep 23 15:49:28 server5 sshd[25497]: Invalid user ts3user from 139.199.45.83 Sep 23 15:49:28 server5 sshd[25497]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.45.83	2020-09-24 06:58:39
139.199.44.125	attackspambots	(sshd) Failed SSH login from 139.199.44.125 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 9 04:24:13 optimus sshd[3626]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.44.125 user=root Sep 9 04:24:15 optimus sshd[3626]: Failed password for root from 139.199.44.125 port 42892 ssh2 Sep 9 04:27:24 optimus sshd[4442]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.44.125 user=root Sep 9 04:27:26 optimus sshd[4442]: Failed password for root from 139.199.44.125 port 35242 ssh2 Sep 9 04:33:16 optimus sshd[5914]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.44.125 user=root	2020-09-10 01:47:22
139.199.45.83	attack	Aug 30 17:22:52 h2646465 sshd[22610]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.45.83 user=root Aug 30 17:22:54 h2646465 sshd[22610]: Failed password for root from 139.199.45.83 port 40330 ssh2 Aug 30 17:49:21 h2646465 sshd[25856]: Invalid user hosts from 139.199.45.83 Aug 30 17:49:21 h2646465 sshd[25856]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.45.83 Aug 30 17:49:21 h2646465 sshd[25856]: Invalid user hosts from 139.199.45.83 Aug 30 17:49:23 h2646465 sshd[25856]: Failed password for invalid user hosts from 139.199.45.83 port 45484 ssh2 Aug 30 17:53:23 h2646465 sshd[26459]: Invalid user user1 from 139.199.45.83 Aug 30 17:53:23 h2646465 sshd[26459]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.45.83 Aug 30 17:53:23 h2646465 sshd[26459]: Invalid user user1 from 139.199.45.83 Aug 30 17:53:25 h2646465 sshd[26459]: Failed password for invalid user user1 fr	2020-08-31 00:25:06
139.199.45.83	attackbotsspam	Invalid user big from 139.199.45.83 port 52174	2020-08-19 13:01:32
139.199.45.83	attack	Aug 12 08:06:13 cosmoit sshd[9920]: Failed password for root from 139.199.45.83 port 55750 ssh2	2020-08-12 14:12:20
139.199.45.83	attack	Aug 5 23:14:00 dignus sshd[29884]: Failed password for root from 139.199.45.83 port 40906 ssh2 Aug 5 23:15:51 dignus sshd[30126]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.45.83 user=root Aug 5 23:15:52 dignus sshd[30126]: Failed password for root from 139.199.45.83 port 59928 ssh2 Aug 5 23:17:32 dignus sshd[30351]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.45.83 user=root Aug 5 23:17:34 dignus sshd[30351]: Failed password for root from 139.199.45.83 port 50740 ssh2 ...	2020-08-06 14:20:32
139.199.45.83	attack	Aug 2 19:00:49 ns382633 sshd\[24403\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.45.83 user=root Aug 2 19:00:51 ns382633 sshd\[24403\]: Failed password for root from 139.199.45.83 port 35718 ssh2 Aug 2 19:14:46 ns382633 sshd\[27434\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.45.83 user=root Aug 2 19:14:48 ns382633 sshd\[27434\]: Failed password for root from 139.199.45.83 port 39696 ssh2 Aug 2 19:19:35 ns382633 sshd\[28325\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.45.83 user=root	2020-08-03 03:08:15
139.199.45.83	attackbots	Jul 29 07:57:56 * sshd[27400]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.45.83 Jul 29 07:57:58 * sshd[27400]: Failed password for invalid user shifeng from 139.199.45.83 port 37558 ssh2	2020-07-29 17:43:26
139.199.45.83	attack	Connection to SSH Honeypot - Detected by HoneypotDB	2020-07-28 16:58:54
139.199.48.217	attack	Exploited Host.	2020-07-26 02:23:25
139.199.45.83	attack	Invalid user qxl from 139.199.45.83 port 34370	2020-07-25 13:01:03

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.199.4.219
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 34606
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.199.4.219.			IN	A

;; AUTHORITY SECTION:
.			155	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020021200 1800 900 604800 86400

;; Query time: 391 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Feb 12 20:34:30 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 219.4.199.139.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.82.98
Address:	183.60.82.98#53

Non-authoritative answer:
*** Can't find 219.4.199.139.in-addr.arpa.: No answer

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
87.139.230.5	attack	Jun 17 08:44:34 web sshd[18555]: Invalid user personal from 87.139.230.5 port 18753 Jun 17 08:44:34 web sshd[18555]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=87.139.230.5 Jun 17 08:44:36 web sshd[18555]: Failed password for invalid user personal from 87.139.230.5 port 18753 ssh2 Jun 17 08:44:37 web sshd[18555]: Received disconnect from 87.139.230.5 port 18753:11: Bye Bye [preauth] Jun 17 08:44:37 web sshd[18555]: Disconnected from invalid user personal 87.139.230.5 port 18753 [preauth] Jun 17 08:58:25 web sshd[18731]: Invalid user xf from 87.139.230.5 port 35028 Jun 17 08:58:25 web sshd[18731]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=87.139.230.5 Jun 17 08:58:27 web sshd[18731]: Failed password for invalid user xf from 87.139.230.5 port 35028 ssh2 Jun 17 08:58:27 web sshd[18731]: Received disconnect from 87.139.230.5 port 35028:11: Bye Bye [preauth]	2020-06-17 23:48:05
54.36.149.59	attackbots	Automated report (2020-06-17T20:02:11+08:00). Scraper detected at this address.	2020-06-17 23:58:03
51.178.52.56	attackspambots	Jun 17 13:27:54 XXX sshd[29891]: Invalid user kodi from 51.178.52.56 port 50474	2020-06-17 23:33:15
39.37.185.88	attackbots	Unauthorized connection attempt from IP address 39.37.185.88 on Port 445(SMB)	2020-06-17 23:30:55
46.38.145.254	attackbots	Jun 17 17:30:37 v22019058497090703 postfix/smtpd[9098]: warning: unknown[46.38.145.254]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 17 17:32:21 v22019058497090703 postfix/smtpd[7423]: warning: unknown[46.38.145.254]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 17 17:34:02 v22019058497090703 postfix/smtpd[7423]: warning: unknown[46.38.145.254]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-06-17 23:36:11
69.162.98.70	attackbotsspam	Honeypot attack, port: 445, PTR: 70-98-162-69.static.reverse.lstn.net.	2020-06-17 23:56:10
212.64.81.216	attack	2020-06-17T15:35:10.759399shield sshd\[936\]: Invalid user fax from 212.64.81.216 port 52344 2020-06-17T15:35:10.763256shield sshd\[936\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.81.216 2020-06-17T15:35:12.817337shield sshd\[936\]: Failed password for invalid user fax from 212.64.81.216 port 52344 ssh2 2020-06-17T15:39:07.590865shield sshd\[1410\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.81.216 user=root 2020-06-17T15:39:09.514450shield sshd\[1410\]: Failed password for root from 212.64.81.216 port 37814 ssh2	2020-06-17 23:45:10
152.136.139.129	attackbots	$f2bV_matches	2020-06-17 23:56:41
115.186.187.83	attackspambots	Jun 17 17:37:47 pve1 sshd[14411]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.186.187.83 Jun 17 17:37:49 pve1 sshd[14411]: Failed password for invalid user oracle from 115.186.187.83 port 47130 ssh2 ...	2020-06-17 23:38:56
123.176.39.74	attack	Unauthorized connection attempt from IP address 123.176.39.74 on Port 445(SMB)	2020-06-17 23:25:57
83.239.66.174	attackbots	Unauthorized connection attempt from IP address 83.239.66.174 on Port 445(SMB)	2020-06-17 23:36:55
14.235.177.46	attackspam	Unauthorized connection attempt from IP address 14.235.177.46 on Port 445(SMB)	2020-06-18 00:00:18
45.141.84.30	attack	Jun 17 17:14:59 debian-2gb-nbg1-2 kernel: \[14665597.665350\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.141.84.30 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=17580 PROTO=TCP SPT=50749 DPT=2479 WINDOW=1024 RES=0x00 SYN URGP=0	2020-06-17 23:19:51
111.229.190.111	attackbotsspam	Jun 17 12:02:10 ip-172-31-61-156 sshd[26555]: Invalid user gm from 111.229.190.111 Jun 17 12:02:12 ip-172-31-61-156 sshd[26555]: Failed password for invalid user gm from 111.229.190.111 port 59517 ssh2 Jun 17 12:02:10 ip-172-31-61-156 sshd[26555]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.190.111 Jun 17 12:02:10 ip-172-31-61-156 sshd[26555]: Invalid user gm from 111.229.190.111 Jun 17 12:02:12 ip-172-31-61-156 sshd[26555]: Failed password for invalid user gm from 111.229.190.111 port 59517 ssh2 ...	2020-06-17 23:55:16
104.40.7.127	attackspam	2020-06-17T14:32:59.424961shield sshd\[24626\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.40.7.127 user=root 2020-06-17T14:33:01.614581shield sshd\[24626\]: Failed password for root from 104.40.7.127 port 12352 ssh2 2020-06-17T14:36:45.780281shield sshd\[25180\]: Invalid user odoo from 104.40.7.127 port 12352 2020-06-17T14:36:45.783934shield sshd\[25180\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.40.7.127 2020-06-17T14:36:47.662751shield sshd\[25180\]: Failed password for invalid user odoo from 104.40.7.127 port 12352 ssh2	2020-06-17 23:41:05

Recently Reported IPs

197.47.81.43	109.234.164.145	189.15.170.52	122.117.152.98
51.83.251.145	102.68.135.61	119.236.36.141	183.250.155.206
103.68.18.118	87.249.21.180	70.93.7.213	255.140.208.56
118.68.154.68	51.83.19.59	14.177.190.54	114.35.144.104
51.77.11.94	114.33.174.129	203.170.66.162	222.254.220.32