222.139.3.0 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: China Unicom Henan Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Sep 16 01:18:28 mail kernel: [702455.655209] [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3d:86:ee:00:08:e3:ff:fd:90:08:00 SRC=222.139.3.0 DST=91.205.173.180 LEN=52 TOS=0x02 PREC=0x00 TTL=114 ID=30617 DF PROTO=TCP SPT=11603 DPT=4899 WINDOW=8192 RES=0x00 CWR ECE SYN URGP=0 Sep 16 01:18:31 mail kernel: [702458.656018] [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3d:86:ee:00:08:e3:ff:fd:90:08:00 SRC=222.139.3.0 DST=91.205.173.180 LEN=52 TOS=0x02 PREC=0x00 TTL=114 ID=30618 DF PROTO=TCP SPT=11603 DPT=4899 WINDOW=8192 RES=0x00 CWR ECE SYN URGP=0 Sep 16 01:18:37 mail kernel: [702464.661804] [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3d:86:ee:00:08:e3:ff:fd:90:08:00 SRC=222.139.3.0 DST=91.205.173.180 LEN=48 TOS=0x00 PREC=0x00 TTL=114 ID=30619 DF PROTO=TCP SPT=11657 DPT=4899 WINDOW=8192 RES=0x00 SYN URGP=0	2019-09-16 10:13:43

Type

Details

Datetime

attack

Sep 16 01:18:28 mail kernel: [702455.655209] [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3d:86:ee:00:08:e3:ff:fd:90:08:00 SRC=222.139.3.0 DST=91.205.173.180 LEN=52 TOS=0x02 PREC=0x00 TTL=114 ID=30617 DF PROTO=TCP SPT=11603 DPT=4899 WINDOW=8192 RES=0x00 CWR ECE SYN URGP=0 
Sep 16 01:18:31 mail kernel: [702458.656018] [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3d:86:ee:00:08:e3:ff:fd:90:08:00 SRC=222.139.3.0 DST=91.205.173.180 LEN=52 TOS=0x02 PREC=0x00 TTL=114 ID=30618 DF PROTO=TCP SPT=11603 DPT=4899 WINDOW=8192 RES=0x00 CWR ECE SYN URGP=0 
Sep 16 01:18:37 mail kernel: [702464.661804] [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3d:86:ee:00:08:e3:ff:fd:90:08:00 SRC=222.139.3.0 DST=91.205.173.180 LEN=48 TOS=0x00 PREC=0x00 TTL=114 ID=30619 DF PROTO=TCP SPT=11657 DPT=4899 WINDOW=8192 RES=0x00 SYN URGP=0

2019-09-16 10:13:43

Comments on same subnet:

IP	Type	Details	Datetime
222.139.35.179	attackbotsspam	Scanning random ports - tries to find possible vulnerable services	2020-02-24 07:31:08

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 222.139.3.0
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 27237
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;222.139.3.0.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019091501 1800 900 604800 86400

;; Query time: 4 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Sep 16 10:13:38 CST 2019
;; MSG SIZE  rcvd: 115

Host info

0.3.139.222.in-addr.arpa domain name pointer hn.kd.ny.adsl.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
0.3.139.222.in-addr.arpa	name = hn.kd.ny.adsl.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
125.26.186.199	attack	1583211026 - 03/03/2020 05:50:26 Host: 125.26.186.199/125.26.186.199 Port: 445 TCP Blocked	2020-03-03 19:51:04
42.179.61.175	attack	$f2bV_matches	2020-03-03 19:43:36
35.240.145.52	attack	2020-03-03T04:15:07.555938linuxbox-skyline sshd[105591]: Invalid user postgres from 35.240.145.52 port 50678 ...	2020-03-03 19:28:36
212.129.164.73	attackbots	Mar 3 11:34:16 MK-Soft-VM5 sshd[31506]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.129.164.73 Mar 3 11:34:17 MK-Soft-VM5 sshd[31506]: Failed password for invalid user Ronald from 212.129.164.73 port 59829 ssh2 ...	2020-03-03 19:24:04
46.148.34.43	attack	(directadmin) Failed DirectAdmin login from 46.148.34.43 (IR/Iran/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020:03:03-08:20:30: '46.148.34.43' 1 failed login attempts. Account 'unknown'	2020-03-03 19:44:54
116.107.174.209	attackspambots	Port probing on unauthorized port 445	2020-03-03 19:22:32
203.6.211.71	attackbotsspam	$f2bV_matches	2020-03-03 19:44:02
36.66.188.183	attack	Mar 3 10:34:36 game-panel sshd[9367]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.66.188.183 Mar 3 10:34:38 game-panel sshd[9367]: Failed password for invalid user test from 36.66.188.183 port 46213 ssh2 Mar 3 10:38:38 game-panel sshd[9492]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.66.188.183	2020-03-03 19:36:19
121.36.46.110	attackspam	Port scan on 3 port(s): 2375 2376 2377	2020-03-03 19:23:39
51.75.25.12	attack	Mar 3 03:57:53 server sshd\[21070\]: Failed password for invalid user nx from 51.75.25.12 port 55420 ssh2 Mar 3 10:02:34 server sshd\[23042\]: Invalid user sinusbot1 from 51.75.25.12 Mar 3 10:02:34 server sshd\[23042\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=mail.hugo-benchetrit.fr Mar 3 10:02:36 server sshd\[23042\]: Failed password for invalid user sinusbot1 from 51.75.25.12 port 57082 ssh2 Mar 3 10:11:09 server sshd\[24607\]: Invalid user gzw from 51.75.25.12 ...	2020-03-03 19:41:38
95.58.76.57	attackspam	Email rejected due to spam filtering	2020-03-03 19:27:09
93.170.76.84	attackbots	Email rejected due to spam filtering	2020-03-03 19:45:28
45.136.108.64	attackspambots	scan z	2020-03-03 19:52:07
188.120.244.60	attack	2020-03-03T04:28:46.049977suse-nuc sshd[20093]: Invalid user honda from 188.120.244.60 port 60586 ...	2020-03-03 19:41:04
206.81.11.216	attack	Mar 3 12:03:29 vps691689 sshd[12663]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.81.11.216 Mar 3 12:03:31 vps691689 sshd[12663]: Failed password for invalid user lijiang from 206.81.11.216 port 43908 ssh2 ...	2020-03-03 19:22:53

Recently Reported IPs

134.73.95.181	195.154.113.173	123.145.55.251	79.185.220.9
84.39.178.245	173.56.79.97	165.22.43.250	201.152.108.43
55.136.104.153	142.42.227.48	161.20.165.152	37.156.146.132
95.222.206.115	115.159.85.165	195.154.169.186	61.147.59.140
203.88.166.38	113.64.127.72	40.87.143.29	158.168.190.205