139.217.103.44

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Microsoft (China) Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Jul 22 08:57:28 gw1 sshd[28488]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.217.103.44 Jul 22 08:57:29 gw1 sshd[28488]: Failed password for invalid user ron from 139.217.103.44 port 40088 ssh2 ...	2020-07-22 13:55:43
attackbots	Jul 12 05:49:09 raspberrypi sshd[16967]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.217.103.44 Jul 12 05:49:11 raspberrypi sshd[16967]: Failed password for invalid user blinda from 139.217.103.44 port 43480 ssh2 ...	2020-07-12 18:23:03
attackbots	2020-07-07T12:51:09.459130mail.csmailer.org sshd[6286]: Failed password for root from 139.217.103.44 port 36088 ssh2 2020-07-07T12:52:48.325671mail.csmailer.org sshd[6375]: Invalid user System from 139.217.103.44 port 44858 2020-07-07T12:52:48.328475mail.csmailer.org sshd[6375]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.217.103.44 2020-07-07T12:52:48.325671mail.csmailer.org sshd[6375]: Invalid user System from 139.217.103.44 port 44858 2020-07-07T12:52:50.949413mail.csmailer.org sshd[6375]: Failed password for invalid user System from 139.217.103.44 port 44858 ssh2 ...	2020-07-07 20:50:37

Type

Details

Datetime

attack

Jul 22 08:57:28 gw1 sshd[28488]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.217.103.44
Jul 22 08:57:29 gw1 sshd[28488]: Failed password for invalid user ron from 139.217.103.44 port 40088 ssh2
...

2020-07-22 13:55:43

attackbots

Jul 12 05:49:09 raspberrypi sshd[16967]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.217.103.44 
Jul 12 05:49:11 raspberrypi sshd[16967]: Failed password for invalid user blinda from 139.217.103.44 port 43480 ssh2
...

2020-07-12 18:23:03

attackbots

2020-07-07T12:51:09.459130mail.csmailer.org sshd[6286]: Failed password for root from 139.217.103.44 port 36088 ssh2
2020-07-07T12:52:48.325671mail.csmailer.org sshd[6375]: Invalid user System from 139.217.103.44 port 44858
2020-07-07T12:52:48.328475mail.csmailer.org sshd[6375]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.217.103.44
2020-07-07T12:52:48.325671mail.csmailer.org sshd[6375]: Invalid user System from 139.217.103.44 port 44858
2020-07-07T12:52:50.949413mail.csmailer.org sshd[6375]: Failed password for invalid user System from 139.217.103.44 port 44858 ssh2
...

2020-07-07 20:50:37

Comments on same subnet:

IP	Type	Details	Datetime
139.217.103.62	attackbotsspam	2019-11-02T04:25:00.244485ns547587 sshd\[9839\]: Invalid user user6 from 139.217.103.62 port 44654 2019-11-02T04:25:00.250099ns547587 sshd\[9839\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.217.103.62 2019-11-02T04:25:01.976781ns547587 sshd\[9839\]: Failed password for invalid user user6 from 139.217.103.62 port 44654 ssh2 2019-11-02T04:30:12.087998ns547587 sshd\[19661\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.217.103.62 user=root 2019-11-02T04:40:29.925215ns547587 sshd\[6923\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.217.103.62 user=root 2019-11-02T04:40:32.188370ns547587 sshd\[6923\]: Failed password for root from 139.217.103.62 port 52950 ssh2 2019-11-02T04:45:49.224267ns547587 sshd\[17122\]: Invalid user godfrey from 139.217.103.62 port 36918 2019-11-02T04:45:49.230066ns547587 sshd\[17122\]: pam_unix$sshd:auth$: auth ...	2019-11-03 02:33:41
139.217.103.240	attackbotsspam	Oct 25 09:15:45 rotator sshd\[2644\]: Invalid user geography from 139.217.103.240Oct 25 09:15:47 rotator sshd\[2644\]: Failed password for invalid user geography from 139.217.103.240 port 51258 ssh2Oct 25 09:20:18 rotator sshd\[3405\]: Invalid user kk from 139.217.103.240Oct 25 09:20:20 rotator sshd\[3405\]: Failed password for invalid user kk from 139.217.103.240 port 57208 ssh2Oct 25 09:25:05 rotator sshd\[3490\]: Invalid user wpyan from 139.217.103.240Oct 25 09:25:07 rotator sshd\[3490\]: Failed password for invalid user wpyan from 139.217.103.240 port 34958 ssh2 ...	2019-10-25 15:27:41
139.217.103.62	attackspam	Oct 21 16:26:15 MK-Soft-Root1 sshd[22940]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.217.103.62 Oct 21 16:26:17 MK-Soft-Root1 sshd[22940]: Failed password for invalid user scb from 139.217.103.62 port 54476 ssh2 ...	2019-10-21 22:39:17
139.217.103.62	attackbots	Oct 18 15:48:44 legacy sshd[11453]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.217.103.62 Oct 18 15:48:46 legacy sshd[11453]: Failed password for invalid user ts3 from 139.217.103.62 port 42392 ssh2 Oct 18 15:54:31 legacy sshd[11575]: Failed password for root from 139.217.103.62 port 36068 ssh2 ...	2019-10-18 22:06:53
139.217.103.62	attackspambots	Oct 10 09:22:07 dedicated sshd[22877]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.217.103.62 user=root Oct 10 09:22:09 dedicated sshd[22877]: Failed password for root from 139.217.103.62 port 40308 ssh2	2019-10-10 15:35:16
139.217.103.62	attackbots	Sep 28 14:26:46 friendsofhawaii sshd\[25162\]: Invalid user yg from 139.217.103.62 Sep 28 14:26:46 friendsofhawaii sshd\[25162\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.217.103.62 Sep 28 14:26:48 friendsofhawaii sshd\[25162\]: Failed password for invalid user yg from 139.217.103.62 port 42734 ssh2 Sep 28 14:31:05 friendsofhawaii sshd\[25559\]: Invalid user dwairiuko from 139.217.103.62 Sep 28 14:31:05 friendsofhawaii sshd\[25559\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.217.103.62	2019-09-29 08:44:36
139.217.103.62	attack	Sep 24 04:38:06 amida sshd[198976]: Invalid user lw from 139.217.103.62 Sep 24 04:38:06 amida sshd[198976]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.217.103.62 Sep 24 04:38:08 amida sshd[198976]: Failed password for invalid user lw from 139.217.103.62 port 43240 ssh2 Sep 24 04:38:09 amida sshd[198976]: Received disconnect from 139.217.103.62: 11: Bye Bye [preauth] Sep 24 04:55:03 amida sshd[209612]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.217.103.62 user=ftp Sep 24 04:55:05 amida sshd[209612]: Failed password for ftp from 139.217.103.62 port 55534 ssh2 Sep 24 04:55:05 amida sshd[209612]: Received disconnect from 139.217.103.62: 11: Bye Bye [preauth] Sep 24 04:57:20 amida sshd[210572]: Invalid user both from 139.217.103.62 Sep 24 04:57:20 amida sshd[210572]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.217.103.62 Sep 24 ........ -------------------------------	2019-09-24 20:01:31
139.217.103.62	attack	Sep 13 22:25:15 MK-Soft-VM5 sshd\[25734\]: Invalid user metra from 139.217.103.62 port 45802 Sep 13 22:25:15 MK-Soft-VM5 sshd\[25734\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.217.103.62 Sep 13 22:25:17 MK-Soft-VM5 sshd\[25734\]: Failed password for invalid user metra from 139.217.103.62 port 45802 ssh2 ...	2019-09-14 06:41:51
139.217.103.92	attackbotsspam	Caught in portsentry honeypot	2019-07-26 03:18:08

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.217.103.44
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 48251
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.217.103.44.			IN	A

;; AUTHORITY SECTION:
.			525	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020070700 1800 900 604800 86400

;; Query time: 107 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Jul 07 20:50:32 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 44.103.217.139.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 44.103.217.139.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
61.216.13.170	attackspam	Oct 3 23:07:53 thevastnessof sshd[9173]: Failed password for root from 61.216.13.170 port 4649 ssh2 ...	2019-10-04 08:30:23
27.223.89.238	attackbots	Oct 3 19:21:11 TORMINT sshd\[11152\]: Invalid user 123456 from 27.223.89.238 Oct 3 19:21:11 TORMINT sshd\[11152\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.223.89.238 Oct 3 19:21:13 TORMINT sshd\[11152\]: Failed password for invalid user 123456 from 27.223.89.238 port 33126 ssh2 ...	2019-10-04 08:35:58
51.77.230.125	attack	Oct 4 02:25:06 mail sshd\[10365\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.230.125 user=root Oct 4 02:25:08 mail sshd\[10365\]: Failed password for root from 51.77.230.125 port 32858 ssh2 Oct 4 02:28:56 mail sshd\[10715\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.230.125 user=root Oct 4 02:28:58 mail sshd\[10715\]: Failed password for root from 51.77.230.125 port 45186 ssh2 Oct 4 02:32:43 mail sshd\[11094\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.230.125 user=root	2019-10-04 08:54:15
109.236.91.85	attackbots	Oct 3 22:48:07 herz-der-gamer sshd[8933]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.236.91.85 user=ts3 Oct 3 22:48:09 herz-der-gamer sshd[8933]: Failed password for ts3 from 109.236.91.85 port 36055 ssh2 ...	2019-10-04 09:04:30
181.174.164.66	attackspam	Oct 3 16:12:55 localhost kernel: [3871394.718849] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=181.174.164.66 DST=[mungedIP2] LEN=40 TOS=0x08 PREC=0x20 TTL=66 ID=28091 DF PROTO=TCP SPT=62797 DPT=22 SEQ=3294969235 ACK=0 WINDOW=29200 RES=0x00 SYN URGP=0 Oct 3 16:48:49 localhost kernel: [3873548.633136] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=181.174.164.66 DST=[mungedIP2] LEN=40 TOS=0x08 PREC=0x20 TTL=78 ID=55412 DF PROTO=TCP SPT=55773 DPT=22 WINDOW=29200 RES=0x00 SYN URGP=0 Oct 3 16:48:49 localhost kernel: [3873548.633171] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=181.174.164.66 DST=[mungedIP2] LEN=40 TOS=0x08 PREC=0x20 TTL=78 ID=55412 DF PROTO=TCP SPT=55773 DPT=22 SEQ=669450212 ACK=0 WINDOW=29200 RES=0x00 SYN URGP=0	2019-10-04 08:37:21
49.88.112.114	attackspam	Oct 3 14:23:12 php1 sshd\[11467\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.114 user=root Oct 3 14:23:14 php1 sshd\[11467\]: Failed password for root from 49.88.112.114 port 57582 ssh2 Oct 3 14:23:17 php1 sshd\[11467\]: Failed password for root from 49.88.112.114 port 57582 ssh2 Oct 3 14:23:19 php1 sshd\[11467\]: Failed password for root from 49.88.112.114 port 57582 ssh2 Oct 3 14:24:11 php1 sshd\[11588\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.114 user=root	2019-10-04 08:33:05
91.98.108.187	attackbots	Autoban 91.98.108.187 AUTH/CONNECT	2019-10-04 08:39:43
89.248.174.214	attackspambots	10/03/2019-19:37:54.576504 89.248.174.214 Protocol: 6 ET CINS Active Threat Intelligence Poor Reputation IP group 98	2019-10-04 08:53:36
206.189.212.81	attackbotsspam	2019-10-03T21:18:45.295018abusebot.cloudsearch.cf sshd\[19979\]: Invalid user samanta from 206.189.212.81 port 44348	2019-10-04 08:40:24
170.0.128.10	attackspam	Oct 4 06:50:16 lcl-usvr-01 sshd[877]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=170.0.128.10 user=root Oct 4 06:55:01 lcl-usvr-01 sshd[2159]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=170.0.128.10 user=root Oct 4 06:59:53 lcl-usvr-01 sshd[3585]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=170.0.128.10 user=root	2019-10-04 08:58:25
134.209.12.162	attackbots	Oct 4 01:39:03 meumeu sshd[26745]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.12.162 Oct 4 01:39:05 meumeu sshd[26745]: Failed password for invalid user admin from 134.209.12.162 port 45088 ssh2 Oct 4 01:43:36 meumeu sshd[27516]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.12.162 ...	2019-10-04 08:56:06
180.250.248.169	attack	Oct 3 23:03:40 ncomp sshd[8631]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.250.248.169 user=root Oct 3 23:03:42 ncomp sshd[8631]: Failed password for root from 180.250.248.169 port 56956 ssh2 Oct 3 23:20:20 ncomp sshd[8948]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.250.248.169 user=root Oct 3 23:20:22 ncomp sshd[8948]: Failed password for root from 180.250.248.169 port 47450 ssh2	2019-10-04 08:53:03
148.72.232.164	attack	Automatic report - XMLRPC Attack	2019-10-04 08:51:27
129.204.77.45	attack	Oct 3 11:58:01 sachi sshd\[10356\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.77.45 user=root Oct 3 11:58:03 sachi sshd\[10356\]: Failed password for root from 129.204.77.45 port 56370 ssh2 Oct 3 12:01:25 sachi sshd\[10625\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.77.45 user=root Oct 3 12:01:27 sachi sshd\[10625\]: Failed password for root from 129.204.77.45 port 42841 ssh2 Oct 3 12:06:30 sachi sshd\[11045\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.77.45 user=root	2019-10-04 08:34:00
165.22.182.168	attack	$f2bV_matches	2019-10-04 08:42:52

Recently Reported IPs

145.239.91.163	110.139.206.154	158.140.173.146	103.40.48.219
152.136.206.208	60.191.201.99	36.90.45.50	36.74.167.199
46.61.91.239	78.188.167.108	166.175.62.234	85.113.129.85
122.52.196.85	152.107.31.254	177.124.171.119	103.253.140.40
183.82.113.128	47.245.55.101	125.162.10.85	117.0.61.172