139.99.125.230

Basic Info

City: unknown

Region: unknown

Country: Singapore

Internet Service Provider: OVH Singapore Pte. Ltd

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	TCP (SYN) 139.99.125.230:51409 -> port 22, len 48	2020-09-01 21:06:56
attack	SmallBizIT.US 1 packets to tcp(22)	2020-09-01 18:25:28
attackspambots	2020-08-31T19:25:50.598331abusebot-2.cloudsearch.cf sshd[11620]: Invalid user ubnt from 139.99.125.230 port 59752 2020-08-31T19:25:50.645193abusebot-2.cloudsearch.cf sshd[11622]: Invalid user admin from 139.99.125.230 port 35698 2020-08-31T19:25:50.647160abusebot-2.cloudsearch.cf sshd[11626]: Invalid user 1234 from 139.99.125.230 port 43918 2020-08-31T19:25:51.722996abusebot-2.cloudsearch.cf sshd[11628]: Invalid user usuario from 139.99.125.230 port 49656 ...	2020-09-01 03:42:24

Type

Details

Datetime

attack

 TCP (SYN) 139.99.125.230:51409 -> port 22, len 48

2020-09-01 21:06:56

attack

SmallBizIT.US 1 packets to tcp(22)

2020-09-01 18:25:28

attackspambots

2020-08-31T19:25:50.598331abusebot-2.cloudsearch.cf sshd[11620]: Invalid user ubnt from 139.99.125.230 port 59752
2020-08-31T19:25:50.645193abusebot-2.cloudsearch.cf sshd[11622]: Invalid user admin from 139.99.125.230 port 35698
2020-08-31T19:25:50.647160abusebot-2.cloudsearch.cf sshd[11626]: Invalid user 1234 from 139.99.125.230 port 43918
2020-08-31T19:25:51.722996abusebot-2.cloudsearch.cf sshd[11628]: Invalid user usuario from 139.99.125.230 port 49656
...

2020-09-01 03:42:24

Comments on same subnet:

IP	Type	Details	Datetime
139.99.125.58	attackspam	Blocked by Sophos UTM Network Protection . / / proto=6 . srcport=10001 . dstport=32936 . (1089)	2020-09-17 19:04:12
139.99.125.231	attackspambots	TCP (SYN) 139.99.125.231:50637 -> port 22, len 48	2020-09-01 19:04:17
139.99.125.84	attackspambots	Port probing on unauthorized port 22	2020-08-29 02:11:39
139.99.125.86	attack	Attempted connection to port 64129.	2020-08-24 21:24:56
139.99.125.191	attackspam	139.99.125.191 was recorded 6 times by 4 hosts attempting to connect to the following ports: 26014,50570,39019,51856. Incident counter (4h, 24h, all-time): 6, 31, 1174	2020-04-28 21:33:58
139.99.125.191	attackbotsspam	139.99.125.191 was recorded 11 times by 7 hosts attempting to connect to the following ports: 26014,51856,39019,20269,50570,60429. Incident counter (4h, 24h, all-time): 11, 19, 1146	2020-04-27 23:12:32
139.99.125.191	attack	139.99.125.191 was recorded 28 times by 9 hosts attempting to connect to the following ports: 50570,51856,39019,54434,56610,52084,20269,60429,51142. Incident counter (4h, 24h, all-time): 28, 86, 1123	2020-04-25 21:06:30
139.99.125.191	attack	Port 27034 scan denied	2020-03-28 19:23:50
139.99.125.191	attackbots	139.99.125.191 was recorded 13 times by 8 hosts attempting to connect to the following ports: 39019,54434,20269,51856,56610,52084,60429,51142. Incident counter (4h, 24h, all-time): 13, 112, 855	2020-03-28 06:26:16
139.99.125.191	attackbotsspam	139.99.125.191 was recorded 8 times by 5 hosts attempting to connect to the following ports: 60429,54434,50570,52084,51142. Incident counter (4h, 24h, all-time): 8, 116, 846	2020-03-28 04:19:40
139.99.125.191	attackspam	probes 16 times on the port 34928 59003 62781	2020-03-27 18:25:06
139.99.125.191	attackspambots	139.99.125.191 was recorded 20 times by 9 hosts attempting to connect to the following ports: 51856,39019,50570,52084,54434,56610,51142,60429,26014. Incident counter (4h, 24h, all-time): 20, 82, 683	2020-03-26 16:58:49
139.99.125.191	attack	139.99.125.191 was recorded 20 times by 6 hosts attempting to connect to the following ports: 54434,56610,51142,51856,50570,60429. Incident counter (4h, 24h, all-time): 20, 96, 592	2020-03-25 14:04:47
139.99.125.191	attack	139.99.125.191 was recorded 18 times by 7 hosts attempting to connect to the following ports: 54434,39019,52084,51856,51142,50570,60429. Incident counter (4h, 24h, all-time): 18, 71, 554	2020-03-25 05:24:05
139.99.125.22	attackspam	3320/tcp [2020-03-23]1pkt	2020-03-23 20:06:07

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.99.125.230
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 51053
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.99.125.230.			IN	A

;; AUTHORITY SECTION:
.			309	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020083101 1800 900 604800 86400

;; Query time: 63 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Sep 01 03:42:20 CST 2020
;; MSG SIZE  rcvd: 118

Host info

230.125.99.139.in-addr.arpa domain name pointer ns5000489.ip-139-99-125.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
230.125.99.139.in-addr.arpa	name = ns5000489.ip-139-99-125.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
185.220.101.67	attackspam	WordPress login Brute force / Web App Attack on client site.	2019-07-09 05:51:54
41.45.101.237	attackbotsspam	2323/tcp [2019-07-08]1pkt	2019-07-09 05:56:12
61.227.193.76	attack	23/tcp [2019-07-08]1pkt	2019-07-09 05:57:36
206.189.119.73	attackspambots	Jul 8 14:44:12 xm3 sshd[13911]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.119.73 user=r.r Jul 8 14:44:14 xm3 sshd[13911]: Failed password for r.r from 206.189.119.73 port 49448 ssh2 Jul 8 14:44:14 xm3 sshd[13911]: Received disconnect from 206.189.119.73: 11: Bye Bye [preauth] Jul 8 14:46:48 xm3 sshd[20461]: Failed password for invalid user dc from 206.189.119.73 port 48938 ssh2 Jul 8 14:46:48 xm3 sshd[20461]: Received disconnect from 206.189.119.73: 11: Bye Bye [preauth] Jul 8 14:48:35 xm3 sshd[23304]: Failed password for invalid user lai from 206.189.119.73 port 38088 ssh2 Jul 8 14:48:35 xm3 sshd[23304]: Received disconnect from 206.189.119.73: 11: Bye Bye [preauth] Jul 8 14:50:13 xm3 sshd[30717]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.119.73 user=r.r Jul 8 14:50:16 xm3 sshd[30717]: Failed password for r.r from 206.189.119.73 port 55472 ssh2 Jul 8 ........ -------------------------------	2019-07-09 06:06:48
104.206.128.2	attackbotsspam	Portscan or hack attempt detected by psad/fwsnort	2019-07-09 06:24:42
148.70.88.43	attackbots	Jul 6 23:45:00 vpxxxxxxx22308 sshd[25852]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.88.43 user=r.r Jul 6 23:45:02 vpxxxxxxx22308 sshd[25852]: Failed password for r.r from 148.70.88.43 port 33101 ssh2 Jul 6 23:45:04 vpxxxxxxx22308 sshd[25858]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.88.43 user=r.r Jul 6 23:45:06 vpxxxxxxx22308 sshd[25858]: Failed password for r.r from 148.70.88.43 port 33138 ssh2 Jul 6 23:45:08 vpxxxxxxx22308 sshd[25864]: Invalid user pi from 148.70.88.43 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=148.70.88.43	2019-07-09 05:43:57
51.15.218.86	attackbotsspam	445/tcp [2019-07-08]1pkt	2019-07-09 06:24:57
195.123.227.76	attack	RDP BruteForce Attack	2019-07-09 06:14:39
185.30.68.192	attackbotsspam	Autoban 185.30.68.192 AUTH/CONNECT	2019-07-09 06:03:47
14.240.107.7	attackbots	82/tcp [2019-07-08]1pkt	2019-07-09 06:14:08
114.40.184.55	attackspambots	37215/tcp [2019-07-08]1pkt	2019-07-09 05:46:43
77.40.106.47	attackspam	445/tcp [2019-07-08]1pkt	2019-07-09 06:18:33
31.214.144.16	attackbotsspam	Jul 8 18:23:45 * sshd[24413]: Invalid user laura from 31.214.144.16 port 44220 Jul 8 18:23:48 * sshd[24413]: Failed password for invalid user laura from 31.214.144.16 port 44220 ssh2 Jul 8 18:23:48 * sshd[24413]: Received disconnect from 31.214.144.16 port 44220:11: Bye Bye [preauth] Jul 8 18:23:48 * sshd[24413]: Disconnected from 31.214.144.16 port 44220 [preauth] Jul 8 18:26:44 * sshd[26553]: Invalid user simon from 31.214.144.16 port 48868 Jul 8 18:26:46 * sshd[26553]: Failed password for invalid user simon from 31.214.144.16 port 48868 ssh2 Jul 8 18:26:46 * sshd[26553]: Received disconnect from 31.214.144.16 port 48868:11: Bye Bye [preauth] Jul 8 18:26:46 * sshd[26553]: Disconnected from 31.214.144.16 port 48868 [preauth] Jul 8 18:28:34 * sshd[27938]: Invalid user charles from 31.214.144.16 port 37856 Jul 8 18:28:36 * sshd[27938]: Failed password for invalid user charles from 31.214.144.16 port 37856 ssh2 Jul 8 18:28:36 *** sshd[27938]........ -------------------------------	2019-07-09 06:08:43
113.228.77.27	attackspambots	23/tcp 23/tcp [2019-07-08]2pkt	2019-07-09 05:45:17
193.70.36.161	attackbots	Brute force SMTP login attempted. ...	2019-07-09 06:10:01

Recently Reported IPs

107.173.141.130	191.164.94.6	147.63.190.80	136.147.121.113
219.54.62.72	212.80.219.131	92.15.106.231	215.225.45.123
212.69.113.249	172.139.201.218	195.58.38.25	220.125.212.214
180.244.154.75	110.42.98.4	141.228.80.228	154.0.173.95
24.88.33.41	108.195.234.233	200.23.153.141	185.4.42.222