139.99.131.6 - IPInfo

Basic Info

City: Sydney

Region: New South Wales

Country: Australia

Internet Service Provider: OVH Australia Pty Ltd

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Trolling for resource vulnerabilities	2020-04-09 05:36:43

Comments on same subnet:

IP	Type	Details	Datetime
139.99.131.140	attackbotsspam	(sshd) Failed SSH login from 139.99.131.140 (AU/Australia/ns539894.ip-139-99-131.net): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Apr 26 02:45:39 host sshd[74987]: Invalid user auto from 139.99.131.140 port 58678	2020-04-26 14:56:42
139.99.131.57	attackspam	9200/tcp 8088/tcp 6380/tcp... [2020-04-08]8pkt,8pt.(tcp)	2020-04-09 05:30:36
139.99.131.57	attackbotsspam	Detected by ModSecurity. Request URI: /index.php?s=index/\think\app/invokefunction&function=call_user_func_array&vars[0]=phpinfo&vars[1][]=1	2020-04-04 09:33:36

Type

Details

Datetime

139.99.131.140

attackbotsspam

(sshd) Failed SSH login from 139.99.131.140 (AU/Australia/ns539894.ip-139-99-131.net): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Apr 26 02:45:39 host sshd[74987]: Invalid user auto from 139.99.131.140 port 58678

2020-04-26 14:56:42

139.99.131.57

attackspam

9200/tcp 8088/tcp 6380/tcp...
[2020-04-08]8pkt,8pt.(tcp)

2020-04-09 05:30:36

139.99.131.57

attackbotsspam

Detected by ModSecurity. Request URI: /index.php?s=index/\think\app/invokefunction&function=call_user_func_array&vars[0]=phpinfo&vars[1][]=1

2020-04-04 09:33:36

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.99.131.6
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 15038
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.99.131.6.			IN	A

;; AUTHORITY SECTION:
.			397	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020040801 1800 900 604800 86400

;; Query time: 123 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Apr 09 05:36:40 CST 2020
;; MSG SIZE  rcvd: 116

Host info

6.131.99.139.in-addr.arpa domain name pointer ausvip2.noc401.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
6.131.99.139.in-addr.arpa	name = ausvip2.noc401.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
58.246.187.102	attackbots	(sshd) Failed SSH login from 58.246.187.102 (-): 5 in the last 3600 secs	2019-10-08 00:51:07
42.157.128.188	attack	2019-10-07T11:41:28.885551abusebot-5.cloudsearch.cf sshd\[21340\]: Invalid user max from 42.157.128.188 port 44572	2019-10-08 00:50:38
46.101.17.215	attackspam	Oct 7 04:20:20 tdfoods sshd\[16700\]: Invalid user P@\$\$w0rt0101 from 46.101.17.215 Oct 7 04:20:20 tdfoods sshd\[16700\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=policies.musiciansfirst.com Oct 7 04:20:23 tdfoods sshd\[16700\]: Failed password for invalid user P@\$\$w0rt0101 from 46.101.17.215 port 37198 ssh2 Oct 7 04:24:34 tdfoods sshd\[17087\]: Invalid user Photo2017 from 46.101.17.215 Oct 7 04:24:34 tdfoods sshd\[17087\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=policies.musiciansfirst.com	2019-10-08 00:49:53
5.135.179.178	attack	Oct 7 11:55:35 work-partkepr sshd\[29269\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.135.179.178 user=root Oct 7 11:55:37 work-partkepr sshd\[29269\]: Failed password for root from 5.135.179.178 port 40414 ssh2 ...	2019-10-08 00:40:11
49.88.112.68	attackspambots	Oct 7 19:41:03 sauna sshd[232562]: Failed password for root from 49.88.112.68 port 27512 ssh2 ...	2019-10-08 00:46:14
203.121.116.11	attackspam	Oct 7 05:51:59 friendsofhawaii sshd\[31126\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.121.116.11 user=root Oct 7 05:52:01 friendsofhawaii sshd\[31126\]: Failed password for root from 203.121.116.11 port 43661 ssh2 Oct 7 05:56:56 friendsofhawaii sshd\[31564\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.121.116.11 user=root Oct 7 05:56:58 friendsofhawaii sshd\[31564\]: Failed password for root from 203.121.116.11 port 35440 ssh2 Oct 7 06:01:58 friendsofhawaii sshd\[32005\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.121.116.11 user=root	2019-10-08 00:19:33
111.231.85.239	attackbots	Oct 7 17:05:26 andromeda postfix/smtpd\[41154\]: warning: unknown\[111.231.85.239\]: SASL LOGIN authentication failed: authentication failure Oct 7 17:05:28 andromeda postfix/smtpd\[40751\]: warning: unknown\[111.231.85.239\]: SASL LOGIN authentication failed: authentication failure Oct 7 17:05:33 andromeda postfix/smtpd\[38019\]: warning: unknown\[111.231.85.239\]: SASL LOGIN authentication failed: authentication failure Oct 7 17:05:38 andromeda postfix/smtpd\[41154\]: warning: unknown\[111.231.85.239\]: SASL LOGIN authentication failed: authentication failure Oct 7 17:05:43 andromeda postfix/smtpd\[38080\]: warning: unknown\[111.231.85.239\]: SASL LOGIN authentication failed: authentication failure	2019-10-08 00:44:09
104.236.176.175	attackspam	Oct 7 16:08:20 lnxmail61 sshd[1395]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.236.176.175	2019-10-08 00:22:36
151.101.76.116	attackbotsspam	Message ID <05F.20190213154431.8.3721.7a67b41e3808486797c2b446653183ce@www.yelp.com> Created at: Sun, Oct 6, 2019 at 3:50 PM (Delivered after 46204 seconds) From: Blood Sugar Formula To: b@gmail.com Subject: 1 Blood Sugar 'Trick' Keeps Blood Sugar Normal - Try Tonight SPF: PASS with IP 52.69.6.196	2019-10-08 00:26:21
191.249.57.241	attackbots	Automatic report - Port Scan Attack	2019-10-08 00:15:44
51.77.212.124	attack	Oct 7 19:11:39 sauna sshd[231870]: Failed password for root from 51.77.212.124 port 52860 ssh2 ...	2019-10-08 00:24:02
107.173.51.116	attackspam	Oct 7 16:13:36 web8 sshd\[29981\]: Invalid user Movie@123 from 107.173.51.116 Oct 7 16:13:36 web8 sshd\[29981\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.173.51.116 Oct 7 16:13:38 web8 sshd\[29981\]: Failed password for invalid user Movie@123 from 107.173.51.116 port 37534 ssh2 Oct 7 16:17:57 web8 sshd\[32145\]: Invalid user Nicolas123 from 107.173.51.116 Oct 7 16:17:57 web8 sshd\[32145\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.173.51.116	2019-10-08 00:33:14
92.119.160.143	attackspambots	10/07/2019-12:08:18.736106 92.119.160.143 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-10-08 00:16:00
187.162.66.168	attack	Autoban 187.162.66.168 AUTH/CONNECT	2019-10-08 00:42:12
52.69.6.196	attackbotsspam	Message ID <05F.20190213154431.8.3721.7a67b41e3808486797c2b446653183ce@www.yelp.com> Created at: Sun, Oct 6, 2019 at 3:50 PM (Delivered after 46204 seconds) From: Blood Sugar Formula To: b@gmail.com Subject: 1 Blood Sugar 'Trick' Keeps Blood Sugar Normal - Try Tonight SPF: PASS with IP 52.69.6.196	2019-10-08 00:48:31

Recently Reported IPs

189.144.203.36	186.72.254.131	67.134.123.31	122.134.39.217
100.160.220.223	45.76.174.117	156.254.197.172	41.42.106.147
137.220.175.83	174.252.227.19	81.17.149.189	47.183.23.125
108.131.90.123	100.6.30.205	78.191.91.81	195.142.178.74
204.215.230.235	220.32.183.205	39.200.162.57	197.125.146.232