City: unknown
Region: unknown
Country: Singapore
Internet Service Provider: PT. Cloud Hosting Indonesia
Hostname: unknown
Organization: OVH SAS
Usage Type: Data Center/Web Hosting/Transit
| Type | Details | Datetime |
|---|---|---|
| attackspambots | Brute forcing Wordpress login |
2019-08-13 14:17:31 |
| attackspambots | xmlrpc attack |
2019-07-23 13:05:11 |
| attack | www.ft-1848-basketball.de 139.99.2.13 \[23/Jun/2019:12:05:17 +0200\] "POST /wp-login.php HTTP/1.1" 200 2174 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" www.ft-1848-basketball.de 139.99.2.13 \[23/Jun/2019:12:05:18 +0200\] "POST /wp-login.php HTTP/1.1" 200 2144 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" |
2019-06-23 18:24:34 |
| IP | Type | Details | Datetime |
|---|---|---|---|
| 139.99.222.79 | spambotsattackproxynormal | Super win |
2022-06-06 06:47:34 |
| 139.99.203.12 | attackspambots | Oct 6 18:07:32 scw-gallant-ride sshd[18950]: Failed password for root from 139.99.203.12 port 50320 ssh2 |
2020-10-07 02:23:59 |
| 139.99.203.12 | attack | $f2bV_matches |
2020-10-06 18:20:20 |
| 139.99.219.208 | attackbots | 5x Failed Password |
2020-10-04 08:15:40 |
| 139.99.238.150 | attackbots | $f2bV_matches |
2020-10-04 03:14:53 |
| 139.99.219.208 | attackbots | detected by Fail2Ban |
2020-10-04 00:41:33 |
| 139.99.238.150 | attackbots | Oct 3 08:51:54 itv-usvr-01 sshd[28621]: Invalid user cloudera from 139.99.238.150 Oct 3 08:51:54 itv-usvr-01 sshd[28621]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.238.150 Oct 3 08:51:54 itv-usvr-01 sshd[28621]: Invalid user cloudera from 139.99.238.150 Oct 3 08:51:56 itv-usvr-01 sshd[28621]: Failed password for invalid user cloudera from 139.99.238.150 port 56232 ssh2 |
2020-10-03 19:07:48 |
| 139.99.219.208 | attackspam | detected by Fail2Ban |
2020-10-03 16:30:33 |
| 139.99.238.150 | attack | Sep 30 12:05:18 rocket sshd[6208]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.238.150 Sep 30 12:05:20 rocket sshd[6208]: Failed password for invalid user postmaster from 139.99.238.150 port 59568 ssh2 ... |
2020-10-01 03:03:51 |
| 139.99.219.208 | attack | [f2b] sshd bruteforce, retries: 1 |
2020-10-01 02:59:10 |
| 139.99.238.150 | attackspam | Sep 30 12:05:18 rocket sshd[6208]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.238.150 Sep 30 12:05:20 rocket sshd[6208]: Failed password for invalid user postmaster from 139.99.238.150 port 59568 ssh2 ... |
2020-09-30 19:16:49 |
| 139.99.203.12 | attackspambots | Sep 24 11:34:25 gw1 sshd[17805]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.203.12 Sep 24 11:34:28 gw1 sshd[17805]: Failed password for invalid user sandbox from 139.99.203.12 port 56940 ssh2 ... |
2020-09-24 22:23:01 |
| 139.99.203.12 | attackspam | Sep 24 11:12:30 gw1 sshd[17259]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.203.12 Sep 24 11:12:32 gw1 sshd[17259]: Failed password for invalid user minecraft from 139.99.203.12 port 34858 ssh2 ... |
2020-09-24 14:15:22 |
| 139.99.203.12 | attackbots | 2020-09-24T02:28:50.439441hostname sshd[12857]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.203.12 user=root 2020-09-24T02:28:52.294815hostname sshd[12857]: Failed password for root from 139.99.203.12 port 37342 ssh2 2020-09-24T02:31:52.026106hostname sshd[14044]: Invalid user teamspeak from 139.99.203.12 port 53466 ... |
2020-09-24 05:42:47 |
| 139.99.239.230 | attackbotsspam | 139.99.239.230 (AU/Australia/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 23 08:05:36 server2 sshd[29455]: Failed password for root from 139.99.239.230 port 54690 ssh2 Sep 23 08:06:25 server2 sshd[29972]: Failed password for root from 211.23.167.152 port 54474 ssh2 Sep 23 08:08:49 server2 sshd[31240]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.18.159.82 user=root Sep 23 08:05:51 server2 sshd[29627]: Failed password for root from 106.13.176.163 port 47966 ssh2 Sep 23 08:05:49 server2 sshd[29627]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.176.163 user=root IP Addresses Blocked: |
2020-09-23 20:36:18 |
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.99.2.13
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24265
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.99.2.13. IN A
;; AUTHORITY SECTION:
. 3457 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2019050100 1800 900 604800 86400
;; Query time: 1 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Thu May 02 01:00:47 +08 2019
;; MSG SIZE rcvd: 115
13.2.99.139.in-addr.arpa domain name pointer sgx51.cloudhost.id.
Server: 67.207.67.3
Address: 67.207.67.3#53
Non-authoritative answer:
13.2.99.139.in-addr.arpa name = sgx51.cloudhost.id.
Authoritative answers can be found from:
| IP | Type | Details | Datetime |
|---|---|---|---|
| 123.31.32.150 | attackspam | Apr 5 20:55:26 OPSO sshd\[15393\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.31.32.150 user=root Apr 5 20:55:27 OPSO sshd\[15393\]: Failed password for root from 123.31.32.150 port 45718 ssh2 Apr 5 20:59:11 OPSO sshd\[15784\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.31.32.150 user=root Apr 5 20:59:13 OPSO sshd\[15784\]: Failed password for root from 123.31.32.150 port 48312 ssh2 Apr 5 21:02:59 OPSO sshd\[16529\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.31.32.150 user=root |
2020-04-06 03:21:51 |
| 162.243.133.179 | attackbots | Unauthorized connection attempt detected from IP address 162.243.133.179 to port 8140 [T] |
2020-04-06 03:53:51 |
| 111.67.194.5 | attackspam | Apr 5 18:02:44 sso sshd[28579]: Failed password for root from 111.67.194.5 port 56846 ssh2 ... |
2020-04-06 03:29:02 |
| 68.183.228.99 | attackbots | WordPress brute-force |
2020-04-06 03:25:32 |
| 79.99.49.242 | attack | CMS (WordPress or Joomla) login attempt. |
2020-04-06 03:14:54 |
| 116.206.233.146 | attackbots | Automatic report - XMLRPC Attack |
2020-04-06 03:51:01 |
| 221.158.165.94 | attackbots | Apr 5 21:30:39 meumeu sshd[8694]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.158.165.94 Apr 5 21:30:41 meumeu sshd[8694]: Failed password for invalid user sybase from 221.158.165.94 port 37462 ssh2 Apr 5 21:32:49 meumeu sshd[8902]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.158.165.94 ... |
2020-04-06 03:47:56 |
| 185.94.98.117 | attack | xmlrpc attack |
2020-04-06 03:19:23 |
| 165.22.204.147 | attackbots | $f2bV_matches |
2020-04-06 03:15:44 |
| 106.12.210.127 | attackbots | 5x Failed Password |
2020-04-06 03:41:06 |
| 47.56.238.201 | attackbots | WordPress xmlrpc |
2020-04-06 03:47:30 |
| 77.247.109.241 | attackspambots | Apr 5 21:39:05 debian-2gb-nbg1-2 kernel: \[8374574.944116\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=77.247.109.241 DST=195.201.40.59 LEN=444 TOS=0x00 PREC=0x00 TTL=54 ID=27190 DF PROTO=UDP SPT=5072 DPT=5060 LEN=424 |
2020-04-06 03:48:34 |
| 165.22.78.222 | attackbots | $f2bV_matches |
2020-04-06 03:12:59 |
| 222.122.31.133 | attackbots | Apr 5 04:09:23 web9 sshd\[24992\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.122.31.133 user=root Apr 5 04:09:24 web9 sshd\[24992\]: Failed password for root from 222.122.31.133 port 46950 ssh2 Apr 5 04:14:04 web9 sshd\[25628\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.122.31.133 user=root Apr 5 04:14:06 web9 sshd\[25628\]: Failed password for root from 222.122.31.133 port 57314 ssh2 Apr 5 04:18:49 web9 sshd\[26237\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.122.31.133 user=root |
2020-04-06 03:25:03 |
| 109.12.217.42 | attackspam | $f2bV_matches |
2020-04-06 03:37:29 |