221.231.139.169

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: ChinaNet Jiangsu Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Jan 24 06:27:33 master sshd[30511]: Did not receive identification string from 221.231.139.169 Jan 24 06:28:05 master sshd[30512]: Did not receive identification string from 221.231.139.169 Jan 24 06:28:27 master sshd[30513]: Failed password for invalid user bad from 221.231.139.169 port 34110 ssh2 Jan 24 06:28:37 master sshd[30515]: Failed password for invalid user testdev from 221.231.139.169 port 40806 ssh2 Jan 24 06:28:47 master sshd[30519]: Failed password for invalid user system from 221.231.139.169 port 51598 ssh2 Jan 24 06:28:57 master sshd[30521]: Failed password for invalid user taffy from 221.231.139.169 port 34168 ssh2 Jan 24 06:29:06 master sshd[30523]: Failed password for invalid user tarzan from 221.231.139.169 port 44994 ssh2 Jan 24 06:29:17 master sshd[30525]: Failed password for invalid user tbird from 221.231.139.169 port 55888 ssh2 Jan 24 06:29:26 master sshd[30527]: Failed password for invalid user teddy from 221.231.139.169 port 38524 ssh2 Jan 24 06:29:36 master sshd[30529]: Failed passw	2020-01-24 19:44:42
attack	$f2bV_matches	2020-01-13 20:09:16

Type

Details

Datetime

attackbots

Jan 24 06:27:33 master sshd[30511]: Did not receive identification string from 221.231.139.169
Jan 24 06:28:05 master sshd[30512]: Did not receive identification string from 221.231.139.169
Jan 24 06:28:27 master sshd[30513]: Failed password for invalid user bad from 221.231.139.169 port 34110 ssh2
Jan 24 06:28:37 master sshd[30515]: Failed password for invalid user testdev from 221.231.139.169 port 40806 ssh2
Jan 24 06:28:47 master sshd[30519]: Failed password for invalid user system from 221.231.139.169 port 51598 ssh2
Jan 24 06:28:57 master sshd[30521]: Failed password for invalid user taffy from 221.231.139.169 port 34168 ssh2
Jan 24 06:29:06 master sshd[30523]: Failed password for invalid user tarzan from 221.231.139.169 port 44994 ssh2
Jan 24 06:29:17 master sshd[30525]: Failed password for invalid user tbird from 221.231.139.169 port 55888 ssh2
Jan 24 06:29:26 master sshd[30527]: Failed password for invalid user teddy from 221.231.139.169 port 38524 ssh2
Jan 24 06:29:36 master sshd[30529]: Failed passw

2020-01-24 19:44:42

attack

$f2bV_matches

2020-01-13 20:09:16

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 221.231.139.169
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 60532
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;221.231.139.169.		IN	A

;; AUTHORITY SECTION:
.			417	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020011300 1800 900 604800 86400

;; Query time: 100 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jan 13 20:09:12 CST 2020
;; MSG SIZE  rcvd: 119

Host info

Host 169.139.231.221.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 169.139.231.221.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
113.190.44.110	attackbots	20/8/26@00:21:51: FAIL: Alarm-Network address from=113.190.44.110 20/8/26@00:21:52: FAIL: Alarm-Network address from=113.190.44.110 ...	2020-08-26 17:02:49
163.172.198.72	attack	Aug 26 04:39:56 shivevps sshd[23372]: Bad protocol version identification '\024' from 163.172.198.72 port 60088 Aug 26 04:41:32 shivevps sshd[25747]: Bad protocol version identification '\024' from 163.172.198.72 port 36093 Aug 26 04:43:06 shivevps sshd[28735]: Bad protocol version identification '\024' from 163.172.198.72 port 38041 Aug 26 04:43:32 shivevps sshd[29288]: Bad protocol version identification '\024' from 163.172.198.72 port 36243 ...	2020-08-26 16:35:35
115.209.78.8	attackbotsspam	Aug 26 04:37:42 shivevps sshd[19136]: Bad protocol version identification '\024' from 115.209.78.8 port 38384 Aug 26 04:38:26 shivevps sshd[20763]: Bad protocol version identification '\024' from 115.209.78.8 port 44638 Aug 26 04:38:42 shivevps sshd[21274]: Bad protocol version identification '\024' from 115.209.78.8 port 47264 ...	2020-08-26 16:41:40
5.53.17.193	attack	Aug 26 04:37:41 shivevps sshd[19113]: Bad protocol version identification '\024' from 5.53.17.193 port 56111 Aug 26 04:38:14 shivevps sshd[20331]: Bad protocol version identification '\024' from 5.53.17.193 port 56979 Aug 26 04:40:46 shivevps sshd[24576]: Bad protocol version identification '\024' from 5.53.17.193 port 36750 ...	2020-08-26 16:51:40
195.189.60.97	attack	Aug 26 04:38:36 shivevps sshd[21106]: Bad protocol version identification '\024' from 195.189.60.97 port 41507 Aug 26 04:41:10 shivevps sshd[25231]: Bad protocol version identification '\024' from 195.189.60.97 port 47025 Aug 26 04:43:58 shivevps sshd[30343]: Bad protocol version identification '\024' from 195.189.60.97 port 46573 ...	2020-08-26 16:47:32
194.61.24.177	attackbotsspam	Aug 26 08:07:16 XXXXXX sshd[57981]: Invalid user router from 194.61.24.177 port 34573	2020-08-26 17:08:43
175.165.230.156	attackspam	Aug 26 04:36:50 shivevps sshd[17575]: Bad protocol version identification '\024' from 175.165.230.156 port 59548 Aug 26 04:37:41 shivevps sshd[19097]: Bad protocol version identification '\024' from 175.165.230.156 port 33556 Aug 26 04:38:23 shivevps sshd[20680]: Bad protocol version identification '\024' from 175.165.230.156 port 50548 Aug 26 04:39:21 shivevps sshd[22459]: Bad protocol version identification '\024' from 175.165.230.156 port 54232 ...	2020-08-26 16:45:35
94.26.87.55	attackspambots	Invalid user admin from 94.26.87.55 port 56866	2020-08-26 16:28:50
210.184.2.66	attack	Aug 26 10:40:17 h1745522 sshd[14890]: Invalid user berlin from 210.184.2.66 port 37632 Aug 26 10:40:17 h1745522 sshd[14890]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.184.2.66 Aug 26 10:40:17 h1745522 sshd[14890]: Invalid user berlin from 210.184.2.66 port 37632 Aug 26 10:40:19 h1745522 sshd[14890]: Failed password for invalid user berlin from 210.184.2.66 port 37632 ssh2 Aug 26 10:45:08 h1745522 sshd[15606]: Invalid user ftpuser from 210.184.2.66 port 45026 Aug 26 10:45:08 h1745522 sshd[15606]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.184.2.66 Aug 26 10:45:08 h1745522 sshd[15606]: Invalid user ftpuser from 210.184.2.66 port 45026 Aug 26 10:45:11 h1745522 sshd[15606]: Failed password for invalid user ftpuser from 210.184.2.66 port 45026 ssh2 Aug 26 10:50:02 h1745522 sshd[16354]: Invalid user ben from 210.184.2.66 port 52422 ...	2020-08-26 17:08:19
41.79.194.202	attackbotsspam	Aug 26 04:40:00 shivevps sshd[23508]: Bad protocol version identification '\024' from 41.79.194.202 port 59647 Aug 26 04:42:18 shivevps sshd[26423]: Bad protocol version identification '\024' from 41.79.194.202 port 34001 Aug 26 04:44:24 shivevps sshd[31223]: Bad protocol version identification '\024' from 41.79.194.202 port 35480 ...	2020-08-26 16:48:59
89.219.62.89	attackspambots	Automatic report - XMLRPC Attack	2020-08-26 16:59:36
183.88.212.184	attack	Aug 26 04:41:12 shivevps sshd[25326]: Bad protocol version identification '\024' from 183.88.212.184 port 48502 Aug 26 04:42:47 shivevps sshd[27930]: Bad protocol version identification '\024' from 183.88.212.184 port 53041 Aug 26 04:44:47 shivevps sshd[31809]: Bad protocol version identification '\024' from 183.88.212.184 port 57846 ...	2020-08-26 16:40:26
136.243.72.5	attackspam	Aug 26 10:44:53 relay postfix/smtpd\[21677\]: warning: mon.risse-it.de\[136.243.72.5\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 26 10:44:53 relay postfix/smtpd\[21669\]: warning: mon.risse-it.de\[136.243.72.5\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 26 10:44:53 relay postfix/smtpd\[21676\]: warning: mon.risse-it.de\[136.243.72.5\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 26 10:44:53 relay postfix/smtpd\[20002\]: warning: mon.risse-it.de\[136.243.72.5\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 26 10:44:53 relay postfix/smtpd\[21674\]: warning: mon.risse-it.de\[136.243.72.5\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 26 10:44:53 relay postfix/smtpd\[22074\]: warning: mon.risse-it.de\[136.243.72.5\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 26 10:44:53 relay postfix/smtpd\[20467\]: warning: mon.risse-it.de\[136.243.72.5\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 26 10:44:53 relay postfix/smtpd\[22076\]: warning: ...	2020-08-26 16:56:02
179.83.202.205	attack	Automatic report - Port Scan Attack	2020-08-26 16:38:28
109.195.2.119	attackbots	Aug 26 04:38:41 shivevps sshd[21243]: Bad protocol version identification '\024' from 109.195.2.119 port 34329 Aug 26 04:42:57 shivevps sshd[28390]: Bad protocol version identification '\024' from 109.195.2.119 port 38755 Aug 26 04:43:35 shivevps sshd[29471]: Bad protocol version identification '\024' from 109.195.2.119 port 39176 Aug 26 04:43:52 shivevps sshd[30092]: Bad protocol version identification '\024' from 109.195.2.119 port 39512 ...	2020-08-26 16:30:57

Recently Reported IPs

91.237.84.161	103.131.16.42	36.77.27.58	116.108.250.230
24.89.229.195	181.199.122.16	49.145.237.122	42.112.108.253
159.192.232.136	114.36.165.47	112.158.118.159	60.248.160.1
1.10.198.176	180.218.26.155	120.133.131.62	195.54.210.203
82.63.213.128	113.104.242.34	171.37.105.174	122.154.48.30