Go
220.166.42.139
is a
Hacker
100 %
China
Report Abuse
155attacks reported
126Brute-ForceSSH
11SSH
5Brute-Force
4uncategorized
2FTP Brute-ForceHackingBrute-ForceSSH
2Port ScanBrute-ForceSSH
2FTP Brute-ForceHacking
1HackingSSH
1DDoS AttackPort ScanBrute-ForceWeb App AttackSSH
1Bad Web Bot
from 79 distinct reporters
and 5 distinct sources : BadIPs.com, Blocklist.de, FireHOL, GreenSnow.co, AbuseIPDB
220.166.42.139 was first signaled at 2020-06-21 12:49 and last record was at 2020-08-04 14:30.
IP

220.166.42.139

Organization
No.31,Jin-rong Street
Localisation
China
Sichuan, Chengdu
NetRange : First & Last IP
220.166.0.0 - 220.167.127.255
Network CIDR
220.166.0.0/15

Cybercrime IP Feeds

Date UTC Category Sub Categories Source List Source Logs
2020-08-04 14:30 attacks Brute-ForceSSH AbuseIPDB Aug 4 19:15:51 mx sshd[2414]: Failed password for root from 220.166.42.139 port 46190 ssh2
2020-08-04 12:52 attacks Brute-ForceSSH AbuseIPDB 2020-08-04T23:51:27.468779n23.at sshd[2549393]: Failed password for root from 220.166.42.139 port 38974 ssh2 2020-08-04T23:52:14.512766n23.at sshd[254
2020-08-04 08:54 attacks SSH AbuseIPDB k+ssh-bruteforce
2020-08-04 06:38 attacks Brute-ForceSSH AbuseIPDB Aug 4 17:32:56 vmd17057 sshd[16589]: Failed password for root from 220.166.42.139 port 59638 ssh2
2020-08-04 04:25 attacks Brute-ForceSSH AbuseIPDB Failed password for root from 220.166.42.139 port 34488 ssh2 pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2
2020-08-04 01:00 attacks Brute-ForceSSH AbuseIPDB Failed password for root from 220.166.42.139 port 51876 ssh2
2020-08-04 00:59 attacks Brute-ForceSSH AbuseIPDB Aug 4 07:01:13 master sshd[12384]: Failed password for root from 220.166.42.139 port 52392 ssh2 Aug 4 07:11:56 master sshd[12591]: Failed password for
2020-08-04 00:17 attacks Brute-ForceSSH AbuseIPDB Aug 4 06:14:22 firewall sshd[5159]: Failed password for root from 220.166.42.139 port 52790 ssh2 Aug 4 06:17:10 firewall sshd[6467]: pam_unix(sshd:aut
2020-08-03 23:09 attacks Brute-ForceSSH AbuseIPDB Aug 4 05:07:06 firewall sshd[6074]: Failed password for root from 220.166.42.139 port 53306 ssh2 Aug 4 05:09:51 firewall sshd[7353]: pam_unix(sshd:aut
2020-08-03 22:03 attacks Brute-ForceSSH AbuseIPDB Aug 4 04:00:25 firewall sshd[14336]: Failed password for root from 220.166.42.139 port 53816 ssh2 Aug 4 04:03:06 firewall sshd[15474]: pam_unix(sshd:a
2020-08-03 21:46 attacks Brute-ForceSSH AbuseIPDB Aug 4 06:46:49 *** sshd[9167]: User root from 220.166.42.139 not allowed because not listed in AllowUsers
2020-08-03 14:03 attacks Brute-ForceSSH AbuseIPDB Aug 4 00:41:20 Ubuntu-1404-trusty-64-minimal sshd\[10883\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost
2020-08-03 00:44 attacks Brute-ForceSSH AbuseIPDB 2020-08-02 UTC: (63x) - root(63x)
2020-08-02 09:50 attacks Brute-ForceSSH AbuseIPDB Aug 2 20:48:43 haigwepa sshd[8722]: Failed password for root from 220.166.42.139 port 52074 ssh2
2020-08-02 09:32 attacks Brute-ForceSSH AbuseIPDB Aug 2 20:27:23 haigwepa sshd[7529]: Failed password for root from 220.166.42.139 port 42246 ssh2
2020-08-02 09:09 attacks Brute-ForceSSH AbuseIPDB Aug 2 20:02:51 haigwepa sshd[6234]: Failed password for root from 220.166.42.139 port 35506 ssh2
2020-08-01 23:25 attacks Brute-Force AbuseIPDB 2020-08-02T02:59:30.395626morrigan.ad5gb.com sshd[1294038]: Failed password for root from 220.166.42.139 port 55970 ssh2 2020-08-02T02:59:32.859292mor
2020-08-01 08:14 attacks Brute-ForceSSH AbuseIPDB Aug 1 19:11:48 inter-technics sshd[14964]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.166.42.139 user
2020-08-01 07:47 attacks Brute-ForceSSH AbuseIPDB Aug 1 18:42:31 inter-technics sshd[12884]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.166.42.139 user
2020-07-30 22:31 attacks SSH AbuseIPDB Connection to SSH Honeypot - Detected by HoneypotDB
2020-07-30 19:34 attacks Brute-ForceSSH AbuseIPDB $f2bV_matches
2020-07-30 13:32 attacks Brute-ForceSSH AbuseIPDB  
2020-07-30 03:29 attacks Brute-ForceSSH AbuseIPDB Jul 30 12:29:53 jumpserver sshd[315056]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.166.42.139 Jul 3
2020-07-30 02:03 attacks Brute-ForceSSH AbuseIPDB Jul 30 11:01:19 jumpserver sshd[313947]: Invalid user kdo from 220.166.42.139 port 55608 Jul 30 11:01:21 jumpserver sshd[313947]: Failed password for
2020-07-29 18:14 attacks Brute-ForceSSH AbuseIPDB Jul 30 05:13:59 fhem-rasp sshd[17413]: Invalid user miaoshan from 220.166.42.139 port 41292
2020-07-29 17:07 attacks Brute-ForceSSH AbuseIPDB Jul 30 04:07:57 fhem-rasp sshd[9051]: Invalid user semi from 220.166.42.139 port 35566
2020-07-29 16:34 attacks Brute-ForceSSH AbuseIPDB Jul 30 03:34:10 fhem-rasp sshd[3386]: Invalid user chenhangting from 220.166.42.139 port 34052
2020-07-29 16:13 attacks Brute-ForceSSH AbuseIPDB Jul 30 03:13:46 fhem-rasp sshd[25773]: Invalid user zhu from 220.166.42.139 port 50098
2020-07-29 15:50 attacks Brute-ForceSSH AbuseIPDB Jul 30 02:50:24 fhem-rasp sshd[9621]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.166.42.139 Jul 30 02
2020-07-29 02:20 attacks Brute-ForceSSH AbuseIPDB fail2ban/Jul 29 13:17:57 h1962932 sshd[24219]: Invalid user lixx from 220.166.42.139 port 39284 Jul 29 13:17:57 h1962932 sshd[24219]: pam_unix(sshd:au
2020-07-28 20:09 attacks Brute-ForceSSH AbuseIPDB Brute force attempt
2020-07-28 15:51 attacks Brute-ForceSSH AbuseIPDB 2020-07-29T00:48:47.906407abusebot.cloudsearch.cf sshd[621]: Invalid user mozhaoquan from 220.166.42.139 port 53924 2020-07-29T00:48:47.910784abusebot
2020-07-28 01:17 attacks Brute-ForceSSH AbuseIPDB Jul 27 17:15:08 h2427292 sshd\[32305\]: Invalid user matt from 220.166.42.139 Jul 27 17:15:08 h2427292 sshd\[32305\]: pam_unix\(sshd:auth\): authentic
2020-07-27 06:26 attacks Brute-ForceSSH AbuseIPDB 2020-07-27T15:26:28+0000 Failed SSH Authentication/Brute Force Attack. (Server 6)
2020-07-27 06:15 attacks Brute-ForceSSH AbuseIPDB Jul 27 17:15:08 h2427292 sshd\[32305\]: Invalid user matt from 220.166.42.139 Jul 27 17:15:08 h2427292 sshd\[32305\]: pam_unix\(sshd:auth\): authentic
2020-07-27 05:46 attacks Brute-ForceSSH AbuseIPDB Jul 27 16:46:17 mail sshd[7006]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.166.42.139 Jul 27 16:46:1
2020-07-27 03:03 attacks Brute-ForceSSH AbuseIPDB Unauthorized SSH login attempts
2020-07-26 21:04 attacks Brute-ForceSSH AbuseIPDB Jul 27 07:50:02 ns382633 sshd\[5040\]: Invalid user opus from 220.166.42.139 port 48566 Jul 27 07:50:02 ns382633 sshd\[5040\]: pam_unix\(sshd:auth\):
2020-07-26 14:57 attacks SSH AbuseIPDB Jul 27 00:57:05 l03 sshd[10512]: Invalid user user from 220.166.42.139 port 46378
2020-07-26 07:39 attacks FTP Brute-ForceHackingBrute-ForceSSH AbuseIPDB SSH brute-force attempt
2020-07-25 23:18 attacks Brute-ForceSSH AbuseIPDB Jul 26 09:42:32 *hidden* sshd[54579]: Failed password for invalid user coq from 220.166.42.139 port 49414 ssh2 Jul 26 10:12:50 *hidden* sshd[62187]: I
2020-07-25 13:48 attacks Brute-ForceSSH AbuseIPDB Jul 25 22:48:45 ws26vmsma01 sshd[114043]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.166.42.139 Jul 2
2020-07-25 11:26 attacks Brute-Force AbuseIPDB ssh intrusion attempt
2020-07-25 08:54 attacks Brute-ForceSSH AbuseIPDB Failed password for invalid user amit from 220.166.42.139 port 52574 ssh2
2020-07-25 03:29 attacks Brute-ForceSSH AbuseIPDB SSH Brute-Force attacks
2020-07-24 20:50 attacks Brute-ForceSSH AbuseIPDB 2020-07-25T05:49:04.353080abusebot-7.cloudsearch.cf sshd[25456]: Invalid user amandabackup from 220.166.42.139 port 34648 2020-07-25T05:49:04.357949ab
2020-07-24 19:26 attacks Brute-ForceSSH AbuseIPDB $f2bV_matches
2020-07-24 11:12 attacks FTP Brute-ForceHackingBrute-ForceSSH AbuseIPDB SSH brute-force attempt
2020-07-23 22:28 attacks Brute-ForceSSH AbuseIPDB Jul 24 09:28:34 serwer sshd\[16801\]: Invalid user sonar from 220.166.42.139 port 50580 Jul 24 09:28:34 serwer sshd\[16801\]: pam_unix\(sshd:auth\): a
2020-07-23 14:04 attacks SSH AbuseIPDB Jul 23 23:11:21 django-0 sshd[14675]: Invalid user swy from 220.166.42.139
2020-06-21 12:49 attacks Port ScanBrute-ForceSSH AbuseIPDB Unauthorized access or intrusion attempt detected from Thor banned IP
2020-06-21 15:46 attacks Brute-ForceSSH AbuseIPDB 20 attempts against mh-ssh on pluto
2020-06-21 16:54 attacks Brute-ForceSSH AbuseIPDB 21 attempts against mh-ssh on pluto
2020-06-21 22:54 attacks Brute-ForceSSH AbuseIPDB 20 attempts against mh-ssh on ice
2020-06-22 00:29 attacks Brute-ForceSSH AbuseIPDB 21 attempts against mh-ssh on ice
2020-06-22 01:26 attacks Brute-ForceSSH AbuseIPDB 20 attempts against mh-ssh on river
2020-06-22 02:11 attacks Brute-ForceSSH AbuseIPDB 20 attempts against mh-ssh on boat
2020-06-22 12:32 attacks Brute-ForceSSH AbuseIPDB Invalid user zhengnq from 220.166.42.139 port 46342
2020-06-22 18:01 attacks Brute-ForceSSH AbuseIPDB Jun 23 03:01:08 pbkit sshd[239923]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.166.42.139 Jun 23 03:
2020-06-22 18:04 attacks FTP Brute-ForceHacking AbuseIPDB Lines containing failures of 220.166.42.139 Jun 23 04:48:33 shared03 sshd[9912]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tt
2020-07-31 15:56 attacks bi_any_0_1d BadIPs.com  
2020-07-31 15:57 attacks SSH bi_ssh_0_1d BadIPs.com  
2020-07-31 15:57 attacks blocklist_de Blocklist.de  
2020-07-31 15:57 attacks SSH blocklist_de_ssh Blocklist.de  
2020-07-31 16:01 attacks firehol_level2 FireHOL  
2020-07-31 16:10 attacks greensnow GreenSnow.co  
2020-08-02 14:01 attacks SSH bi_sshd_0_1d BadIPs.com  
2020-08-04 12:00 attacks Bad Web Bot bi_badbots_0_1d BadIPs.com  
2020-08-04 12:00 attacks Brute-Force bi_bruteforce_0_1d BadIPs.com  
only last 50 and first 10 AbuseIPDB logs are shown

Threats Categories :

abuse
IPs used to spam forum, boards, blogs or smtp servers, automated web scripts or scrappers (bad bots)
anonymizer
Onion Router IP addresses. TOR network IPs, TOR exit points, socks or ssl proxy.
attacks
bruteforce ssh/ftp/system account, IPs that have been detected by fail2ban, ports scan, vulnerabilities scan, DDoS.
malware
Addresses that have been identified distributing malware, form-grabber and stealer, Viruses, Worms, Trojans, Ransomware, Adware, Spyware

Whois

inetnum: 220.166.0.0 - 220.167.127.255
netname: CHINANET-SC
descr: CHINANET sichuan province network
descr: Data Communication Division
descr: China Telecom
country: CN
admin-c: CH93-AP
tech-c: XS16-AP
mnt-by: MAINT-CHINANET
mnt-lower: MAINT-CHINANET-SC
status: ALLOCATED NON-PORTABLE
last-modified: 2008-09-04T06:52:05Z
source: APNIC

person: Chinanet Hostmaster
nic-hdl: CH93-AP
e-mail: anti-spam@ns.chinanet.cn.net
address: No.31 ,jingrong street,beijing
address: 100032
phone: +86-10-58501724
fax-no: +86-10-58501724
country: CN
mnt-by: MAINT-CHINANET
last-modified: 2014-02-27T03:37:38Z
source: APNIC

person: Xiaodong Shi
nic-hdl: XS16-AP
e-mail: scipadmin2013@189.cn
address: No.72,Wen Miao Qian Str.
address: Data Communication Bureau Of Sichuan Province
address: Chengdu
address: PR China
phone: +86-28-6190785
fax-no: +86-28-6190641
country: CN
mnt-by: MAINT-CHINANET-SC
last-modified: 2013-12-30T01:32:36Z
source: APNIC
most specific ip range is highlighted
Updated : 2020-08-04