129.213.139.225

Basic Info

City: unknown

Region: unknown

Country: United States of America

Internet Service Provider: Oracle Public Cloud

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	port scan and connect, tcp 8080 (http-proxy)	2020-05-01 18:58:40

Comments on same subnet:

IP	Type	Details	Datetime
129.213.139.213	attack	Feb 24 20:16:01 lcl-usvr-02 sshd[27528]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.139.213 user=root Feb 24 20:16:03 lcl-usvr-02 sshd[27528]: Failed password for root from 129.213.139.213 port 64567 ssh2 ...	2020-02-25 07:15:19
129.213.139.213	attackspam	serveres are UTC Lines containing failures of 129.213.139.213 Feb 17 11:40:53 tux2 sshd[2990]: Invalid user support from 129.213.139.213 port 57031 Feb 17 11:40:53 tux2 sshd[2990]: Failed password for invalid user support from 129.213.139.213 port 57031 ssh2 Feb 17 11:40:53 tux2 sshd[2990]: Connection closed by invalid user support 129.213.139.213 port 57031 [preauth] Feb 18 20:00:58 tux2 sshd[18915]: Invalid user support from 129.213.139.213 port 63310 Feb 18 20:00:58 tux2 sshd[18915]: Failed password for invalid user support from 129.213.139.213 port 63310 ssh2 Feb 18 20:00:58 tux2 sshd[18915]: Connection closed by invalid user support 129.213.139.213 port 63310 [preauth] Feb 19 01:36:39 tux2 sshd[6389]: Invalid user support from 129.213.139.213 port 64612 Feb 19 01:36:39 tux2 sshd[6389]: Failed password for invalid user support from 129.213.139.213 port 64612 ssh2 Feb 19 01:36:39 tux2 sshd[6389]: Connection closed by invalid user support 129.213.139.213 port 64612 [p........ ------------------------------	2020-02-24 03:49:22
129.213.139.9	attackspambots	Dec 11 15:19:15 yesfletchmain sshd\[31931\]: Invalid user yngwie from 129.213.139.9 port 48874 Dec 11 15:19:15 yesfletchmain sshd\[31931\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.139.9 Dec 11 15:19:17 yesfletchmain sshd\[31931\]: Failed password for invalid user yngwie from 129.213.139.9 port 48874 ssh2 Dec 11 15:25:33 yesfletchmain sshd\[32084\]: User root from 129.213.139.9 not allowed because not listed in AllowUsers Dec 11 15:25:33 yesfletchmain sshd\[32084\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.139.9 user=root ...	2019-12-24 01:07:35
129.213.139.9	attackbotsspam	leo_www	2019-12-10 21:40:55
129.213.139.9	attack	Dec 8 21:24:53 game-panel sshd[13403]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.139.9 Dec 8 21:24:54 game-panel sshd[13403]: Failed password for invalid user sua from 129.213.139.9 port 34320 ssh2 Dec 8 21:31:04 game-panel sshd[13855]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.139.9	2019-12-09 05:41:25
129.213.139.9	attackbotsspam	Dec 7 12:49:13 vps691689 sshd[18454]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.139.9 Dec 7 12:49:15 vps691689 sshd[18454]: Failed password for invalid user chiemi from 129.213.139.9 port 43478 ssh2 ...	2019-12-07 19:55:50
129.213.139.9	attackspam	Dec 4 08:44:54 legacy sshd[7432]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.139.9 Dec 4 08:44:56 legacy sshd[7432]: Failed password for invalid user heitzman from 129.213.139.9 port 38352 ssh2 Dec 4 08:50:44 legacy sshd[7786]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.139.9 ...	2019-12-04 15:58:15

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 129.213.139.225
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 16031
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;129.213.139.225.		IN	A

;; AUTHORITY SECTION:
.			554	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020050101 1800 900 604800 86400

;; Query time: 57 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri May 01 18:58:33 CST 2020
;; MSG SIZE  rcvd: 119

Host info

Host 225.139.213.129.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 225.139.213.129.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
92.18.125.33	attack	Automatic report - Port Scan Attack	2020-06-03 01:00:44
197.185.109.27	attack	2020-06-02 13:56:31 H=(rain-197-185-106-201.rain.network) [197.185.109.27] F=: Unknown user ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=197.185.109.27	2020-06-03 00:30:23
119.84.8.43	attackspam	Jun 2 15:25:22 sigma sshd\[32002\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.84.8.43 user=rootJun 2 15:45:05 sigma sshd\[844\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.84.8.43 user=root ...	2020-06-03 00:33:07
46.32.45.207	attack	Jun 2 16:03:29 vps647732 sshd[30578]: Failed password for root from 46.32.45.207 port 36478 ssh2 ...	2020-06-03 00:53:29
94.102.63.82	attackspam	trying to access non-authorized port	2020-06-03 01:03:05
103.112.191.100	attack	Jun 2 17:09:35 hosting sshd[16231]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.112.191.100 user=root Jun 2 17:09:37 hosting sshd[16231]: Failed password for root from 103.112.191.100 port 20361 ssh2 ...	2020-06-03 00:33:56
137.74.199.180	attack	May 29 20:53:05 v2202003116398111542 sshd[21640]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=137.74.199.180	2020-06-03 00:54:41
161.35.80.37	attackbots	(sshd) Failed SSH login from 161.35.80.37 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jun 2 18:59:11 s1 sshd[4220]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=161.35.80.37 user=root Jun 2 18:59:13 s1 sshd[4220]: Failed password for root from 161.35.80.37 port 45580 ssh2 Jun 2 19:14:16 s1 sshd[4751]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=161.35.80.37 user=root Jun 2 19:14:18 s1 sshd[4751]: Failed password for root from 161.35.80.37 port 34862 ssh2 Jun 2 19:18:51 s1 sshd[4889]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=161.35.80.37 user=root	2020-06-03 01:07:44
190.242.113.107	attackspambots	TCP (SYN) 190.242.113.107:57524 -> port 445, len 40	2020-06-03 01:06:39
2.228.163.157	attackspambots	2020-06-02T16:59:25.063868mail.broermann.family sshd[29268]: Failed password for root from 2.228.163.157 port 52778 ssh2 2020-06-02T17:03:00.070396mail.broermann.family sshd[29707]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2-228-163-157.ip192.fastwebnet.it user=root 2020-06-02T17:03:01.943074mail.broermann.family sshd[29707]: Failed password for root from 2.228.163.157 port 58446 ssh2 2020-06-02T17:06:32.518155mail.broermann.family sshd[30123]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2-228-163-157.ip192.fastwebnet.it user=root 2020-06-02T17:06:34.825878mail.broermann.family sshd[30123]: Failed password for root from 2.228.163.157 port 35874 ssh2 ...	2020-06-03 00:32:43
182.61.2.238	attack	Jun 2 17:40:05 web01 sshd[32760]: Failed password for root from 182.61.2.238 port 50756 ssh2 ...	2020-06-03 01:12:55
45.56.78.110	attack	[Tue Jun 02 08:53:28 2020] - DDoS Attack From IP: 45.56.78.110 Port: 59282	2020-06-03 00:35:13
125.210.191.239	attack	Unauthorized access or intrusion attempt detected from Thor banned IP	2020-06-03 00:47:43
118.172.98.127	attack	From CCTV User Interface Log ...::ffff:118.172.98.127 - - [02/Jun/2020:08:04:12 +0000] "GET / HTTP/1.1" 200 960 ...	2020-06-03 00:45:07
103.213.131.108	attack	ft-1848-basketball.de 103.213.131.108 [02/Jun/2020:14:03:37 +0200] "POST /xmlrpc.php HTTP/1.1" 200 408 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.109 Safari/537.36" ft-1848-basketball.de 103.213.131.108 [02/Jun/2020:14:03:41 +0200] "POST /xmlrpc.php HTTP/1.1" 200 408 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.109 Safari/537.36"	2020-06-03 01:04:12

Recently Reported IPs

113.83.32.207	133.246.225.240	15.184.183.139	211.28.60.5
98.187.171.212	140.192.194.134	160.61.35.17	13.204.200.218
195.246.82.197	115.131.177.42	106.123.17.60	192.206.107.121
37.159.78.136	197.104.58.146	139.240.210.220	35.94.239.182
93.114.198.46	64.111.168.78	84.83.66.53	118.25.123.165