City: Beijing
Region: Beijing
Country: China
Internet Service Provider: unknown
Hostname: unknown
Organization: Shenzhen Tencent Computer Systems Company Limited
Usage Type: unknown
| IP | Type | Details | Datetime |
|---|---|---|---|
| 139.199.5.50 | attackspambots | Oct 12 12:46:29 lanister sshd[30633]: Invalid user kazuhisa from 139.199.5.50 Oct 12 12:46:29 lanister sshd[30633]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.5.50 Oct 12 12:46:29 lanister sshd[30633]: Invalid user kazuhisa from 139.199.5.50 Oct 12 12:46:31 lanister sshd[30633]: Failed password for invalid user kazuhisa from 139.199.5.50 port 60894 ssh2 |
2020-10-13 00:50:20 |
| 139.199.5.50 | attackspam | Oct 11 20:17:17 mockhub sshd[1232386]: Invalid user julie from 139.199.5.50 port 47312 Oct 11 20:17:19 mockhub sshd[1232386]: Failed password for invalid user julie from 139.199.5.50 port 47312 ssh2 Oct 11 20:20:33 mockhub sshd[1232501]: Invalid user ih from 139.199.5.50 port 40938 ... |
2020-10-12 16:14:24 |
| 139.199.5.50 | attackspambots | 139.199.5.50 (CN/China/-), 6 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Oct 6 16:17:19 server2 sshd[5279]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.35.118.42 user=root Oct 6 16:17:21 server2 sshd[5279]: Failed password for root from 117.35.118.42 port 54764 ssh2 Oct 6 16:19:31 server2 sshd[5675]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.98.124.86 user=root Oct 6 16:19:32 server2 sshd[5671]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.5.50 user=root Oct 6 16:19:14 server2 sshd[5636]: Failed password for root from 60.220.185.64 port 36822 ssh2 Oct 6 16:19:11 server2 sshd[5636]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.220.185.64 user=root IP Addresses Blocked: 117.35.118.42 (CN/China/-) 66.98.124.86 (US/United States/-) |
2020-10-07 05:01:01 |
| 139.199.5.50 | attackspambots | Oct 6 08:02:29 firewall sshd[6834]: Failed password for root from 139.199.5.50 port 51790 ssh2 Oct 6 08:06:14 firewall sshd[6912]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.5.50 user=root Oct 6 08:06:16 firewall sshd[6912]: Failed password for root from 139.199.5.50 port 45618 ssh2 ... |
2020-10-06 21:08:11 |
| 139.199.5.50 | attackspambots | Oct 6 02:46:56 *hidden* sshd[29517]: Failed password for *hidden* from 139.199.5.50 port 54982 ssh2 Oct 6 02:50:42 *hidden* sshd[30971]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.5.50 user=root Oct 6 02:50:45 *hidden* sshd[30971]: Failed password for *hidden* from 139.199.5.50 port 56904 ssh2 Oct 6 02:54:23 *hidden* sshd[32323]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.5.50 user=root Oct 6 02:54:24 *hidden* sshd[32323]: Failed password for *hidden* from 139.199.5.50 port 58804 ssh2 |
2020-10-06 12:48:58 |
| 139.199.5.50 | attackbotsspam | Invalid user support3 from 139.199.5.50 port 54350 |
2020-10-02 08:01:32 |
| 139.199.5.50 | attackspambots | Invalid user support3 from 139.199.5.50 port 54350 |
2020-10-02 00:37:47 |
| 139.199.5.50 | attackbotsspam | fail2ban -- 139.199.5.50 ... |
2020-10-01 16:42:39 |
| 139.199.5.50 | attack | frenzy |
2020-09-13 01:58:14 |
| 139.199.5.50 | attackspambots | frenzy |
2020-09-12 17:58:10 |
| 139.199.5.50 | attack | Aug 30 13:51:48 gamehost-one sshd[5925]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.5.50 Aug 30 13:51:50 gamehost-one sshd[5925]: Failed password for invalid user tester from 139.199.5.50 port 58266 ssh2 Aug 30 14:16:11 gamehost-one sshd[8694]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.5.50 ... |
2020-08-30 20:46:51 |
| 139.199.5.50 | attack | Aug 28 16:18:51 ws22vmsma01 sshd[27380]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.5.50 Aug 28 16:18:54 ws22vmsma01 sshd[27380]: Failed password for invalid user postgres from 139.199.5.50 port 43594 ssh2 ... |
2020-08-29 03:49:52 |
| 139.199.5.50 | attackbotsspam | Aug 25 15:20:05 george sshd[5010]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.5.50 Aug 25 15:20:07 george sshd[5010]: Failed password for invalid user test10 from 139.199.5.50 port 58590 ssh2 Aug 25 15:23:53 george sshd[5063]: Invalid user prueba1 from 139.199.5.50 port 56318 Aug 25 15:23:53 george sshd[5063]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.5.50 Aug 25 15:23:55 george sshd[5063]: Failed password for invalid user prueba1 from 139.199.5.50 port 56318 ssh2 ... |
2020-08-26 03:43:54 |
| 139.199.5.50 | attackspambots | Aug 13 07:00:34 piServer sshd[1876]: Failed password for root from 139.199.5.50 port 48472 ssh2 Aug 13 07:03:43 piServer sshd[2297]: Failed password for root from 139.199.5.50 port 59670 ssh2 ... |
2020-08-13 13:24:02 |
| 139.199.5.50 | attackbotsspam | Aug 11 20:11:17 lunarastro sshd[23349]: Failed password for root from 139.199.5.50 port 33716 ssh2 Aug 11 20:25:31 lunarastro sshd[23576]: Failed password for root from 139.199.5.50 port 50524 ssh2 |
2020-08-12 03:57:07 |
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.199.5.115
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 45273
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.199.5.115. IN A
;; AUTHORITY SECTION:
. 3600 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2019061300 1800 900 604800 86400
;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Jun 13 16:23:08 CST 2019
;; MSG SIZE rcvd: 117
Host 115.5.199.139.in-addr.arpa. not found: 3(NXDOMAIN)
Server: 67.207.67.2
Address: 67.207.67.2#53
** server can't find 115.5.199.139.in-addr.arpa: NXDOMAIN
| IP | Type | Details | Datetime |
|---|---|---|---|
| 148.70.236.112 | attack | Invalid user minecraft from 148.70.236.112 port 52482 |
2020-02-22 09:34:44 |
| 222.186.173.238 | attack | 2020-02-22T01:18:22.836002shield sshd\[11347\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.238 user=root 2020-02-22T01:18:24.839280shield sshd\[11347\]: Failed password for root from 222.186.173.238 port 59884 ssh2 2020-02-22T01:18:28.630405shield sshd\[11347\]: Failed password for root from 222.186.173.238 port 59884 ssh2 2020-02-22T01:18:32.160837shield sshd\[11347\]: Failed password for root from 222.186.173.238 port 59884 ssh2 2020-02-22T01:18:35.568522shield sshd\[11347\]: Failed password for root from 222.186.173.238 port 59884 ssh2 |
2020-02-22 09:20:44 |
| 95.156.31.74 | attackspambots | Feb 22 01:54:11 vps647732 sshd[5100]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.156.31.74 Feb 22 01:54:12 vps647732 sshd[5100]: Failed password for invalid user net from 95.156.31.74 port 12041 ssh2 ... |
2020-02-22 09:09:29 |
| 129.204.93.65 | attack | Feb 21 15:04:18 hpm sshd\[9337\]: Invalid user sysop from 129.204.93.65 Feb 21 15:04:18 hpm sshd\[9337\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.93.65 Feb 21 15:04:20 hpm sshd\[9337\]: Failed password for invalid user sysop from 129.204.93.65 port 40852 ssh2 Feb 21 15:08:01 hpm sshd\[9658\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.93.65 user=root Feb 21 15:08:02 hpm sshd\[9658\]: Failed password for root from 129.204.93.65 port 41530 ssh2 |
2020-02-22 09:18:33 |
| 185.249.198.177 | attack | Feb 21 22:27:13 debian-2gb-nbg1-2 kernel: \[4579641.180723\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=185.249.198.177 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=119 ID=30200 DF PROTO=TCP SPT=55852 DPT=20560 WINDOW=0 RES=0x00 ACK URGP=0 |
2020-02-22 09:17:23 |
| 141.98.80.173 | attackbotsspam | Feb 22 05:57:36 gw1 sshd[6726]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.98.80.173 Feb 22 05:57:38 gw1 sshd[6726]: Failed password for invalid user admin from 141.98.80.173 port 55343 ssh2 ... |
2020-02-22 09:01:34 |
| 45.148.10.92 | attackspambots | SSH-BruteForce |
2020-02-22 08:55:31 |
| 118.25.196.31 | attack | Feb 21 14:33:00 php1 sshd\[24194\]: Invalid user nathan from 118.25.196.31 Feb 21 14:33:00 php1 sshd\[24194\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.196.31 Feb 21 14:33:02 php1 sshd\[24194\]: Failed password for invalid user nathan from 118.25.196.31 port 38972 ssh2 Feb 21 14:35:35 php1 sshd\[24422\]: Invalid user bot2 from 118.25.196.31 Feb 21 14:35:35 php1 sshd\[24422\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.196.31 |
2020-02-22 09:01:49 |
| 222.186.173.154 | attackspam | Feb 22 02:13:40 dedicated sshd[9214]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.154 user=root Feb 22 02:13:42 dedicated sshd[9214]: Failed password for root from 222.186.173.154 port 14740 ssh2 |
2020-02-22 09:19:40 |
| 79.118.223.109 | attack | port scan and connect, tcp 23 (telnet) |
2020-02-22 09:13:40 |
| 36.79.123.15 | attackspambots | 1582320468 - 02/21/2020 22:27:48 Host: 36.79.123.15/36.79.123.15 Port: 445 TCP Blocked |
2020-02-22 08:54:43 |
| 35.199.38.243 | attack | Invalid user unix from 35.199.38.243 port 37444 |
2020-02-22 09:31:57 |
| 118.89.190.90 | attackspam | Invalid user mailman from 118.89.190.90 port 48436 |
2020-02-22 09:30:04 |
| 117.50.17.51 | attack | Invalid user ubuntu from 117.50.17.51 port 43972 |
2020-02-22 09:07:54 |
| 213.112.38.34 | attackspambots | Honeypot attack, port: 81, PTR: ua-213-112-38-34.bbcust.telenor.se. |
2020-02-22 09:11:20 |