218.3.139.85 - IPInfo

Basic Info

City: unknown

Region: Jiangsu

Country: China

Internet Service Provider: Danyang Hongqingting Netbar

Hostname: unknown

Organization: No.31,Jin-rong Street

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	[Aegis] @ 2019-07-28 12:19:20 0100 -> Attempted Administrator Privilege Gain: ET SCAN LibSSH Based Frequent SSH Connections Likely BruteForce Attack	2020-05-02 04:32:44
attack	Unauthorized connection attempt detected from IP address 218.3.139.85 to port 2220 [J]	2020-01-13 09:26:31
attack	2019-11-29T07:59:51.601409abusebot-7.cloudsearch.cf sshd\[4662\]: Invalid user server from 218.3.139.85 port 35993	2019-11-29 18:05:43
attackbots	2019-11-24T10:39:43.694183homeassistant sshd[29862]: Invalid user atila from 218.3.139.85 port 53751 2019-11-24T10:39:43.700572homeassistant sshd[29862]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.3.139.85 ...	2019-11-24 20:38:34
attackbotsspam	F2B jail: sshd. Time: 2019-11-23 18:09:49, Reported by: VKReport	2019-11-24 06:13:45
attackbots	Nov 7 14:43:52 venus sshd\[27575\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.3.139.85 user=root Nov 7 14:43:54 venus sshd\[27575\]: Failed password for root from 218.3.139.85 port 57838 ssh2 Nov 7 14:49:00 venus sshd\[27639\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.3.139.85 user=root ...	2019-11-07 23:05:13
attackbotsspam	Nov 2 13:43:00 microserver sshd[53813]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.3.139.85 Nov 2 13:43:03 microserver sshd[53813]: Failed password for invalid user pinco from 218.3.139.85 port 60574 ssh2 Nov 2 13:47:55 microserver sshd[54474]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.3.139.85 user=root Nov 2 13:47:57 microserver sshd[54474]: Failed password for root from 218.3.139.85 port 51012 ssh2 Nov 2 14:00:45 microserver sshd[56394]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.3.139.85 user=root Nov 2 14:00:47 microserver sshd[56394]: Failed password for root from 218.3.139.85 port 50558 ssh2 Nov 2 14:05:13 microserver sshd[56902]: Invalid user telecomadmin from 218.3.139.85 port 41000 Nov 2 14:05:13 microserver sshd[56902]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.3.139.85 Nov 2 14:05:15 microser	2019-11-02 21:09:34
attackbotsspam	Oct 12 12:02:16 vps691689 sshd[8700]: Failed password for root from 218.3.139.85 port 60596 ssh2 Oct 12 12:06:32 vps691689 sshd[8771]: Failed password for root from 218.3.139.85 port 50572 ssh2 ...	2019-10-12 18:22:06
attack	Oct 11 05:53:02 tux-35-217 sshd\[615\]: Invalid user ROOT!1@2\#3 from 218.3.139.85 port 50202 Oct 11 05:53:02 tux-35-217 sshd\[615\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.3.139.85 Oct 11 05:53:05 tux-35-217 sshd\[615\]: Failed password for invalid user ROOT!1@2\#3 from 218.3.139.85 port 50202 ssh2 Oct 11 05:56:28 tux-35-217 sshd\[643\]: Invalid user Picture@2017 from 218.3.139.85 port 36076 Oct 11 05:56:28 tux-35-217 sshd\[643\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.3.139.85 ...	2019-10-11 13:49:25
attackspam	2019-10-10T10:23:06.241369tmaserv sshd\[9327\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.3.139.85 user=root 2019-10-10T10:23:07.814991tmaserv sshd\[9327\]: Failed password for root from 218.3.139.85 port 42411 ssh2 2019-10-10T10:27:26.046628tmaserv sshd\[9497\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.3.139.85 user=root 2019-10-10T10:27:27.980977tmaserv sshd\[9497\]: Failed password for root from 218.3.139.85 port 60582 ssh2 2019-10-10T10:31:53.033864tmaserv sshd\[9674\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.3.139.85 user=root 2019-10-10T10:31:55.626183tmaserv sshd\[9674\]: Failed password for root from 218.3.139.85 port 50515 ssh2 ...	2019-10-10 16:29:32
attackspam	Oct 8 16:36:44 lnxmail61 sshd[31879]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.3.139.85	2019-10-09 03:56:51
attackspam	SSH Brute-Forcing (ownc)	2019-10-06 21:56:18
attackspam	Oct 1 01:18:29 ntop sshd[15790]: Invalid user servermc from 218.3.139.85 port 34532 Oct 1 01:18:31 ntop sshd[15790]: Failed password for invalid user servermc from 218.3.139.85 port 34532 ssh2 Oct 1 01:18:31 ntop sshd[15790]: Received disconnect from 218.3.139.85 port 34532:11: Bye Bye [preauth] Oct 1 01:18:31 ntop sshd[15790]: Disconnected from 218.3.139.85 port 34532 [preauth] Oct 1 01:34:32 ntop sshd[16679]: Invalid user system from 218.3.139.85 port 50042 Oct 1 01:34:34 ntop sshd[16679]: Failed password for invalid user system from 218.3.139.85 port 50042 ssh2 Oct 1 01:34:34 ntop sshd[16679]: Received disconnect from 218.3.139.85 port 50042:11: Bye Bye [preauth] Oct 1 01:34:34 ntop sshd[16679]: Disconnected from 218.3.139.85 port 50042 [preauth] Oct 1 01:41:07 ntop sshd[17092]: User r.r from 218.3.139.85 not allowed because not listed in AllowUsers Oct 1 01:41:07 ntop sshd[17092]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh r........ -------------------------------	2019-10-04 13:48:34
attack	Sep 1 02:43:33 vtv3 sshd\[10320\]: Invalid user julio from 218.3.139.85 port 60983 Sep 1 02:43:33 vtv3 sshd\[10320\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.3.139.85 Sep 1 02:43:34 vtv3 sshd\[10320\]: Failed password for invalid user julio from 218.3.139.85 port 60983 ssh2 Sep 1 02:46:23 vtv3 sshd\[11877\]: Invalid user za from 218.3.139.85 port 45595 Sep 1 02:46:23 vtv3 sshd\[11877\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.3.139.85 Sep 1 02:56:38 vtv3 sshd\[17309\]: Invalid user ad from 218.3.139.85 port 40513 Sep 1 02:56:38 vtv3 sshd\[17309\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.3.139.85 Sep 1 02:56:40 vtv3 sshd\[17309\]: Failed password for invalid user ad from 218.3.139.85 port 40513 ssh2 Sep 1 02:59:20 vtv3 sshd\[18360\]: Invalid user anna from 218.3.139.85 port 53350 Sep 1 02:59:20 vtv3 sshd\[18360\]: pam_unix\(sshd:auth\): a	2019-09-27 02:59:10
attackspam	SSH Brute-Force reported by Fail2Ban	2019-09-16 16:16:43
attackspam	2019-09-09T15:35:28.157990abusebot-8.cloudsearch.cf sshd\[17238\]: Invalid user debian from 218.3.139.85 port 43486	2019-09-10 05:22:15
attack	Sep 2 05:34:21 hiderm sshd\[28453\]: Invalid user nevin from 218.3.139.85 Sep 2 05:34:21 hiderm sshd\[28453\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.3.139.85 Sep 2 05:34:23 hiderm sshd\[28453\]: Failed password for invalid user nevin from 218.3.139.85 port 56481 ssh2 Sep 2 05:39:01 hiderm sshd\[28825\]: Invalid user carlosfarah from 218.3.139.85 Sep 2 05:39:01 hiderm sshd\[28825\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.3.139.85	2019-09-03 05:01:05
attack	Sep 2 00:24:55 mail sshd\[2510\]: Invalid user dev from 218.3.139.85 Sep 2 00:24:55 mail sshd\[2510\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.3.139.85 Sep 2 00:24:57 mail sshd\[2510\]: Failed password for invalid user dev from 218.3.139.85 port 44749 ssh2 ...	2019-09-02 10:27:51
attackbots	Aug 21 23:28:07 MK-Soft-VM4 sshd\[24628\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.3.139.85 user=root Aug 21 23:28:09 MK-Soft-VM4 sshd\[24628\]: Failed password for root from 218.3.139.85 port 59016 ssh2 Aug 21 23:32:12 MK-Soft-VM4 sshd\[27145\]: Invalid user polycom from 218.3.139.85 port 49810 ...	2019-08-22 08:07:18
attackbotsspam	Jul 28 22:44:08 localhost sshd\[129730\]: Invalid user 1qaz2wsx3edc4rfv5tgb from 218.3.139.85 port 33094 Jul 28 22:44:08 localhost sshd\[129730\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.3.139.85 Jul 28 22:44:11 localhost sshd\[129730\]: Failed password for invalid user 1qaz2wsx3edc4rfv5tgb from 218.3.139.85 port 33094 ssh2 Jul 28 22:46:34 localhost sshd\[129803\]: Invalid user 10130215 from 218.3.139.85 port 46112 Jul 28 22:46:34 localhost sshd\[129803\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.3.139.85 ...	2019-07-29 11:54:53
attackspambots	Jul 28 18:36:06 localhost sshd\[120359\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.3.139.85 user=root Jul 28 18:36:08 localhost sshd\[120359\]: Failed password for root from 218.3.139.85 port 41214 ssh2 Jul 28 18:38:37 localhost sshd\[120454\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.3.139.85 user=root Jul 28 18:38:39 localhost sshd\[120454\]: Failed password for root from 218.3.139.85 port 54221 ssh2 Jul 28 18:41:12 localhost sshd\[120592\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.3.139.85 user=root ...	2019-07-29 03:00:14
attack	Jul 10 06:12:39 plusreed sshd[23117]: Invalid user vnc from 218.3.139.85 Jul 10 06:12:39 plusreed sshd[23117]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.3.139.85 Jul 10 06:12:39 plusreed sshd[23117]: Invalid user vnc from 218.3.139.85 Jul 10 06:12:42 plusreed sshd[23117]: Failed password for invalid user vnc from 218.3.139.85 port 55469 ssh2 Jul 10 06:16:20 plusreed sshd[24803]: Invalid user vic from 218.3.139.85 ...	2019-07-11 02:46:51
attackspam	SSH bruteforce	2019-07-07 20:09:10

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 218.3.139.85
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 51665
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;218.3.139.85.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019041700 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Wed Apr 17 18:37:23 +08 2019
;; MSG SIZE  rcvd: 116

Host info

Host 85.139.3.218.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 85.139.3.218.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
42.227.136.249	attackspambots	Unauthorized connection attempt detected from IP address 42.227.136.249 to port 23 [J]	2020-03-01 20:44:31
138.19.112.207	attack	Automatic report - XMLRPC Attack	2020-03-01 20:25:50
156.251.174.111	attackspambots	Feb 29 23:13:38 tdfoods sshd\[4426\]: Invalid user nx from 156.251.174.111 Feb 29 23:13:38 tdfoods sshd\[4426\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=156.251.174.111 Feb 29 23:13:40 tdfoods sshd\[4426\]: Failed password for invalid user nx from 156.251.174.111 port 36054 ssh2 Feb 29 23:22:25 tdfoods sshd\[5119\]: Invalid user eisp from 156.251.174.111 Feb 29 23:22:25 tdfoods sshd\[5119\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=156.251.174.111	2020-03-01 20:05:42
90.22.194.118	attackbots	Lines containing failures of 90.22.194.118 Feb 25 15:15:07 shared02 sshd[10096]: Invalid user pi from 90.22.194.118 port 41834 Feb 25 15:15:07 shared02 sshd[10096]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=90.22.194.118 Feb 25 15:15:07 shared02 sshd[10098]: Invalid user pi from 90.22.194.118 port 41836 Feb 25 15:15:07 shared02 sshd[10098]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=90.22.194.118 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=90.22.194.118	2020-03-01 20:38:23
104.227.139.186	attackbots	2020-03-01T22:53:29.628179luisaranguren sshd[2881740]: Invalid user landscape from 104.227.139.186 port 42364 2020-03-01T22:53:31.452281luisaranguren sshd[2881740]: Failed password for invalid user landscape from 104.227.139.186 port 42364 ssh2 ...	2020-03-01 20:15:13
222.186.175.212	attack	Mar 1 13:20:46 sso sshd[5812]: Failed password for root from 222.186.175.212 port 30104 ssh2 Mar 1 13:20:55 sso sshd[5812]: Failed password for root from 222.186.175.212 port 30104 ssh2 ...	2020-03-01 20:24:37
106.12.192.201	attack	Mar 1 13:30:28 ArkNodeAT sshd\[8602\]: Invalid user alex from 106.12.192.201 Mar 1 13:30:28 ArkNodeAT sshd\[8602\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.192.201 Mar 1 13:30:30 ArkNodeAT sshd\[8602\]: Failed password for invalid user alex from 106.12.192.201 port 52694 ssh2	2020-03-01 20:44:52
167.99.66.13	attack	[munged]::443 167.99.66.13 - - [01/Mar/2020:10:30:39 +0100] "POST /[munged]: HTTP/1.1" 200 6182 "-" "-"	2020-03-01 20:12:51
113.172.20.45	attack	(smtpauth) Failed SMTP AUTH login from 113.172.20.45 (VN/Vietnam/static.vnpt.vn): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-03-01 08:22:01 plain authenticator failed for ([127.0.0.1]) [113.172.20.45]: 535 Incorrect authentication data (set_id=3bebbd24)	2020-03-01 20:19:14
77.79.208.171	attackbots	Mar 1 11:57:09 vmd17057 sshd[21907]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=77.79.208.171 Mar 1 11:57:10 vmd17057 sshd[21907]: Failed password for invalid user laojiang from 77.79.208.171 port 46388 ssh2 ...	2020-03-01 20:32:06
222.186.175.182	attackbotsspam	SSH authentication failure x 6 reported by Fail2Ban ...	2020-03-01 20:00:46
45.33.70.146	attack	20/3/1@07:35:53: FAIL: Alarm-SSH address from=45.33.70.146 ...	2020-03-01 20:37:53
178.128.14.102	attackspambots	Brute-force attempt banned	2020-03-01 20:33:36
81.182.254.124	attackbots	Brute-force attempt banned	2020-03-01 20:12:09
217.66.30.205	attack	01.03.2020 13:19:29 - RDP Login Fail Detected by https://www.elinox.de/RDP-Wächter	2020-03-01 20:38:42

Recently Reported IPs

99.7.83.38	210.12.16.238	192.141.234.63	24.220.84.99
104.248.198.120	104.168.237.104	5.49.163.128	45.227.255.37
95.141.44.63	82.223.18.128	13.126.222.115	175.197.77.3
91.121.219.211	153.92.0.12	212.36.91.208	18.179.190.111
109.172.46.63	150.95.112.212	182.73.158.98	86.104.220.20