139.201.164.73

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: ChinaNet Sichuan Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	(ftpd) Failed FTP login from 139.201.164.73 (CN/China/-): 10 in the last 3600 secs	2020-04-02 19:29:35

Comments on same subnet:

IP	Type	Details	Datetime
139.201.164.50	attackspam	Apr 20 05:54:03 host proftpd[5213]: 0.0.0.0 (139.201.164.50[139.201.164.50]) - USER anonymous: no such user found from 139.201.164.50 [139.201.164.50] to 163.172.107.87:21 ...	2020-04-20 17:26:23
139.201.164.254	attackspambots	Unauthorized access to SSH at 2/Sep/2019:23:06:58 +0000.	2019-09-03 09:20:17

Type

Details

Datetime

139.201.164.50

attackspam

Apr 20 05:54:03 host proftpd[5213]: 0.0.0.0 (139.201.164.50[139.201.164.50]) - USER anonymous: no such user found from 139.201.164.50 [139.201.164.50] to 163.172.107.87:21
...

2020-04-20 17:26:23

139.201.164.254

attackspambots

Unauthorized access to SSH at 2/Sep/2019:23:06:58 +0000.

2019-09-03 09:20:17

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.201.164.73
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 15101
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.201.164.73.			IN	A

;; AUTHORITY SECTION:
.			317	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020040200 1800 900 604800 86400

;; Query time: 87 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Apr 02 19:29:29 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 73.164.201.139.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 73.164.201.139.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
198.245.63.94	attack	Dec 21 05:31:39 auw2 sshd\[22457\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns508619.ip-198-245-63.net user=www-data Dec 21 05:31:41 auw2 sshd\[22457\]: Failed password for www-data from 198.245.63.94 port 51358 ssh2 Dec 21 05:37:01 auw2 sshd\[22991\]: Invalid user phone from 198.245.63.94 Dec 21 05:37:01 auw2 sshd\[22991\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns508619.ip-198-245-63.net Dec 21 05:37:03 auw2 sshd\[22991\]: Failed password for invalid user phone from 198.245.63.94 port 55956 ssh2	2019-12-22 05:11:33
54.39.151.22	attackbotsspam	Dec 21 19:06:23 pornomens sshd\[23979\]: Invalid user webadmin from 54.39.151.22 port 60800 Dec 21 19:06:23 pornomens sshd\[23979\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.151.22 Dec 21 19:06:26 pornomens sshd\[23979\]: Failed password for invalid user webadmin from 54.39.151.22 port 60800 ssh2 ...	2019-12-22 04:55:09
196.192.110.100	attack	Dec 21 20:47:17 sso sshd[3563]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.192.110.100 Dec 21 20:47:19 sso sshd[3563]: Failed password for invalid user tambe from 196.192.110.100 port 49270 ssh2 ...	2019-12-22 04:47:55
51.77.200.62	attackbots	php WP PHPmyadamin ABUSE blocked for 12h	2019-12-22 04:37:29
128.199.162.108	attackspambots	Invalid user paul from 128.199.162.108 port 60422	2019-12-22 05:05:54
121.126.211.108	attackspam	Dec 21 17:54:40 wh01 sshd[21427]: Failed password for root from 121.126.211.108 port 40844 ssh2 Dec 21 17:54:40 wh01 sshd[21427]: Received disconnect from 121.126.211.108 port 40844:11: Bye Bye [preauth] Dec 21 17:54:40 wh01 sshd[21427]: Disconnected from 121.126.211.108 port 40844 [preauth] Dec 21 18:08:02 wh01 sshd[22450]: Invalid user manfre from 121.126.211.108 port 60890 Dec 21 18:08:02 wh01 sshd[22450]: Failed password for invalid user manfre from 121.126.211.108 port 60890 ssh2 Dec 21 18:32:07 wh01 sshd[24517]: Invalid user hague from 121.126.211.108 port 58486 Dec 21 18:32:07 wh01 sshd[24517]: Failed password for invalid user hague from 121.126.211.108 port 58486 ssh2 Dec 21 18:32:08 wh01 sshd[24517]: Received disconnect from 121.126.211.108 port 58486:11: Bye Bye [preauth] Dec 21 18:32:08 wh01 sshd[24517]: Disconnected from 121.126.211.108 port 58486 [preauth] Dec 21 18:38:22 wh01 sshd[25046]: Invalid user lechanu from 121.126.211.108 port 36714 Dec 21 18:38:22 wh01 sshd[25046	2019-12-22 05:10:09
81.171.107.119	attack	\[2019-12-21 15:34:31\] NOTICE\[2839\] chan_sip.c: Registration from '\' failed for '81.171.107.119:50672' - Wrong password \[2019-12-21 15:34:31\] SECURITY\[2857\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-12-21T15:34:31.240-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="174",SessionID="0x7f0fb4612b68",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/81.171.107.119/50672",Challenge="1822874b",ReceivedChallenge="1822874b",ReceivedHash="576fb56d54f9d8562d5fca14169943d0" \[2019-12-21 15:42:46\] NOTICE\[2839\] chan_sip.c: Registration from '\' failed for '81.171.107.119:63992' - Wrong password \[2019-12-21 15:42:46\] SECURITY\[2857\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-12-21T15:42:46.413-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="175",SessionID="0x7f0fb4957928",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/81.171.107	2019-12-22 05:06:16
185.253.96.27	attackbotsspam	0,41-00/00 [bc01/m10] PostRequest-Spammer scoring: zurich	2019-12-22 04:46:32
62.218.84.53	attackspam	Dec 21 12:16:44 TORMINT sshd\[1573\]: Invalid user brook from 62.218.84.53 Dec 21 12:16:44 TORMINT sshd\[1573\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.218.84.53 Dec 21 12:16:46 TORMINT sshd\[1573\]: Failed password for invalid user brook from 62.218.84.53 port 33674 ssh2 ...	2019-12-22 05:05:13
185.40.20.70	attackbotsspam	Dec 16 16:44:51 ihdb003 sshd[28875]: Connection from 185.40.20.70 port 45654 on 178.128.173.140 port 22 Dec 16 16:44:51 ihdb003 sshd[28875]: Did not receive identification string from 185.40.20.70 port 45654 Dec 16 17:36:10 ihdb003 sshd[28996]: Connection from 185.40.20.70 port 43428 on 178.128.173.140 port 22 Dec 16 17:36:10 ihdb003 sshd[28996]: Did not receive identification string from 185.40.20.70 port 43428 Dec 16 17:37:14 ihdb003 sshd[28997]: Connection from 185.40.20.70 port 59456 on 178.128.173.140 port 22 Dec 16 17:37:14 ihdb003 sshd[28997]: Did not receive identification string from 185.40.20.70 port 59456 Dec 16 17:40:05 ihdb003 sshd[29012]: Connection from 185.40.20.70 port 57164 on 178.128.173.140 port 22 Dec 16 17:40:06 ihdb003 sshd[29012]: Invalid user ftpuser from 185.40.20.70 port 57164 Dec 16 17:40:06 ihdb003 sshd[29012]: Received disconnect from 185.40.20.70 port 57164:11: Normal Shutdown, Thank you for playing [preauth] Dec 16 17:40:06 ihdb003 sshd[2........ -------------------------------	2019-12-22 04:43:52
182.33.159.107	attackspambots	Unauthorized access or intrusion attempt detected from Bifur banned IP	2019-12-22 04:56:47
210.16.187.206	attack	Dec 21 07:00:19 auw2 sshd\[32199\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.16.187.206 user=root Dec 21 07:00:21 auw2 sshd\[32199\]: Failed password for root from 210.16.187.206 port 40678 ssh2 Dec 21 07:08:01 auw2 sshd\[410\]: Invalid user abbery from 210.16.187.206 Dec 21 07:08:01 auw2 sshd\[410\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.16.187.206 Dec 21 07:08:03 auw2 sshd\[410\]: Failed password for invalid user abbery from 210.16.187.206 port 38872 ssh2	2019-12-22 04:40:22
122.70.153.229	attackbots	SSH bruteforce (Triggered fail2ban)	2019-12-22 04:41:11
202.107.232.162	attack	Dec 21 16:37:26 vtv3 sshd[9253]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.107.232.162 Dec 21 16:37:28 vtv3 sshd[9253]: Failed password for invalid user baine from 202.107.232.162 port 59692 ssh2 Dec 21 16:45:18 vtv3 sshd[12893]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.107.232.162 Dec 21 16:59:39 vtv3 sshd[19023]: Failed password for root from 202.107.232.162 port 34592 ssh2 Dec 21 17:06:25 vtv3 sshd[22338]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.107.232.162 Dec 21 17:06:28 vtv3 sshd[22338]: Failed password for invalid user gj from 202.107.232.162 port 54430 ssh2 Dec 21 17:19:59 vtv3 sshd[28289]: Failed password for root from 202.107.232.162 port 37650 ssh2 Dec 21 17:26:46 vtv3 sshd[31737]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.107.232.162 Dec 21 17:26:48 vtv3 sshd[31737]: Failed password for invalid	2019-12-22 04:38:49
222.186.175.148	attackbots	Dec 21 21:39:32 vps691689 sshd[26256]: Failed password for root from 222.186.175.148 port 12790 ssh2 Dec 21 21:39:35 vps691689 sshd[26256]: Failed password for root from 222.186.175.148 port 12790 ssh2 Dec 21 21:39:39 vps691689 sshd[26256]: Failed password for root from 222.186.175.148 port 12790 ssh2 ...	2019-12-22 04:49:49

Recently Reported IPs

34.11.245.76	130.61.153.108	139.180.226.98	33.219.201.58
80.95.252.89	99.210.107.166	154.215.13.221	8.117.136.60
55.81.34.150	165.184.228.13	84.192.9.192	72.197.168.202
41.39.89.171	148.52.38.141	50.166.76.66	103.91.190.120
148.26.35.6	106.217.95.109	194.218.20.114	153.227.125.5