139.99.2.13 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Singapore

Internet Service Provider: PT. Cloud Hosting Indonesia

Hostname: unknown

Organization: OVH SAS

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Brute forcing Wordpress login	2019-08-13 14:17:31
attackspambots	xmlrpc attack	2019-07-23 13:05:11
attack	www.ft-1848-basketball.de 139.99.2.13 \[23/Jun/2019:12:05:17 +0200\] "POST /wp-login.php HTTP/1.1" 200 2174 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" www.ft-1848-basketball.de 139.99.2.13 \[23/Jun/2019:12:05:18 +0200\] "POST /wp-login.php HTTP/1.1" 200 2144 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-06-23 18:24:34

Type

Details

Datetime

attackspambots

Brute forcing Wordpress login

2019-08-13 14:17:31

attackspambots

xmlrpc attack

2019-07-23 13:05:11

attack

www.ft-1848-basketball.de 139.99.2.13 \[23/Jun/2019:12:05:17 +0200\] "POST /wp-login.php HTTP/1.1" 200 2174 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
www.ft-1848-basketball.de 139.99.2.13 \[23/Jun/2019:12:05:18 +0200\] "POST /wp-login.php HTTP/1.1" 200 2144 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"

2019-06-23 18:24:34

Comments on same subnet:

IP	Type	Details	Datetime
139.99.222.79	spambotsattackproxynormal	Super win	2022-06-06 06:47:34
139.99.203.12	attackspambots	Oct 6 18:07:32 scw-gallant-ride sshd[18950]: Failed password for root from 139.99.203.12 port 50320 ssh2	2020-10-07 02:23:59
139.99.203.12	attack	$f2bV_matches	2020-10-06 18:20:20
139.99.219.208	attackbots	5x Failed Password	2020-10-04 08:15:40
139.99.238.150	attackbots	$f2bV_matches	2020-10-04 03:14:53
139.99.219.208	attackbots	detected by Fail2Ban	2020-10-04 00:41:33
139.99.238.150	attackbots	Oct 3 08:51:54 itv-usvr-01 sshd[28621]: Invalid user cloudera from 139.99.238.150 Oct 3 08:51:54 itv-usvr-01 sshd[28621]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.238.150 Oct 3 08:51:54 itv-usvr-01 sshd[28621]: Invalid user cloudera from 139.99.238.150 Oct 3 08:51:56 itv-usvr-01 sshd[28621]: Failed password for invalid user cloudera from 139.99.238.150 port 56232 ssh2	2020-10-03 19:07:48
139.99.219.208	attackspam	detected by Fail2Ban	2020-10-03 16:30:33
139.99.238.150	attack	Sep 30 12:05:18 rocket sshd[6208]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.238.150 Sep 30 12:05:20 rocket sshd[6208]: Failed password for invalid user postmaster from 139.99.238.150 port 59568 ssh2 ...	2020-10-01 03:03:51
139.99.219.208	attack	[f2b] sshd bruteforce, retries: 1	2020-10-01 02:59:10
139.99.238.150	attackspam	Sep 30 12:05:18 rocket sshd[6208]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.238.150 Sep 30 12:05:20 rocket sshd[6208]: Failed password for invalid user postmaster from 139.99.238.150 port 59568 ssh2 ...	2020-09-30 19:16:49
139.99.203.12	attackspambots	Sep 24 11:34:25 gw1 sshd[17805]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.203.12 Sep 24 11:34:28 gw1 sshd[17805]: Failed password for invalid user sandbox from 139.99.203.12 port 56940 ssh2 ...	2020-09-24 22:23:01
139.99.203.12	attackspam	Sep 24 11:12:30 gw1 sshd[17259]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.203.12 Sep 24 11:12:32 gw1 sshd[17259]: Failed password for invalid user minecraft from 139.99.203.12 port 34858 ssh2 ...	2020-09-24 14:15:22
139.99.203.12	attackbots	2020-09-24T02:28:50.439441hostname sshd[12857]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.203.12 user=root 2020-09-24T02:28:52.294815hostname sshd[12857]: Failed password for root from 139.99.203.12 port 37342 ssh2 2020-09-24T02:31:52.026106hostname sshd[14044]: Invalid user teamspeak from 139.99.203.12 port 53466 ...	2020-09-24 05:42:47
139.99.239.230	attackbotsspam	139.99.239.230 (AU/Australia/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 23 08:05:36 server2 sshd[29455]: Failed password for root from 139.99.239.230 port 54690 ssh2 Sep 23 08:06:25 server2 sshd[29972]: Failed password for root from 211.23.167.152 port 54474 ssh2 Sep 23 08:08:49 server2 sshd[31240]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.18.159.82 user=root Sep 23 08:05:51 server2 sshd[29627]: Failed password for root from 106.13.176.163 port 47966 ssh2 Sep 23 08:05:49 server2 sshd[29627]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.176.163 user=root IP Addresses Blocked:	2020-09-23 20:36:18

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.99.2.13
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24265
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.99.2.13.			IN	A

;; AUTHORITY SECTION:
.			3457	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019050100 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Thu May 02 01:00:47 +08 2019
;; MSG SIZE  rcvd: 115

Host info

13.2.99.139.in-addr.arpa domain name pointer sgx51.cloudhost.id.

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
13.2.99.139.in-addr.arpa	name = sgx51.cloudhost.id.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
123.31.32.150	attackspam	Apr 5 20:55:26 OPSO sshd\[15393\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.31.32.150 user=root Apr 5 20:55:27 OPSO sshd\[15393\]: Failed password for root from 123.31.32.150 port 45718 ssh2 Apr 5 20:59:11 OPSO sshd\[15784\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.31.32.150 user=root Apr 5 20:59:13 OPSO sshd\[15784\]: Failed password for root from 123.31.32.150 port 48312 ssh2 Apr 5 21:02:59 OPSO sshd\[16529\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.31.32.150 user=root	2020-04-06 03:21:51
162.243.133.179	attackbots	Unauthorized connection attempt detected from IP address 162.243.133.179 to port 8140 [T]	2020-04-06 03:53:51
111.67.194.5	attackspam	Apr 5 18:02:44 sso sshd[28579]: Failed password for root from 111.67.194.5 port 56846 ssh2 ...	2020-04-06 03:29:02
68.183.228.99	attackbots	WordPress brute-force	2020-04-06 03:25:32
79.99.49.242	attack	CMS (WordPress or Joomla) login attempt.	2020-04-06 03:14:54
116.206.233.146	attackbots	Automatic report - XMLRPC Attack	2020-04-06 03:51:01
221.158.165.94	attackbots	Apr 5 21:30:39 meumeu sshd[8694]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.158.165.94 Apr 5 21:30:41 meumeu sshd[8694]: Failed password for invalid user sybase from 221.158.165.94 port 37462 ssh2 Apr 5 21:32:49 meumeu sshd[8902]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.158.165.94 ...	2020-04-06 03:47:56
185.94.98.117	attack	xmlrpc attack	2020-04-06 03:19:23
165.22.204.147	attackbots	$f2bV_matches	2020-04-06 03:15:44
106.12.210.127	attackbots	5x Failed Password	2020-04-06 03:41:06
47.56.238.201	attackbots	WordPress xmlrpc	2020-04-06 03:47:30
77.247.109.241	attackspambots	Apr 5 21:39:05 debian-2gb-nbg1-2 kernel: \[8374574.944116\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=77.247.109.241 DST=195.201.40.59 LEN=444 TOS=0x00 PREC=0x00 TTL=54 ID=27190 DF PROTO=UDP SPT=5072 DPT=5060 LEN=424	2020-04-06 03:48:34
165.22.78.222	attackbots	$f2bV_matches	2020-04-06 03:12:59
222.122.31.133	attackbots	Apr 5 04:09:23 web9 sshd\[24992\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.122.31.133 user=root Apr 5 04:09:24 web9 sshd\[24992\]: Failed password for root from 222.122.31.133 port 46950 ssh2 Apr 5 04:14:04 web9 sshd\[25628\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.122.31.133 user=root Apr 5 04:14:06 web9 sshd\[25628\]: Failed password for root from 222.122.31.133 port 57314 ssh2 Apr 5 04:18:49 web9 sshd\[26237\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.122.31.133 user=root	2020-04-06 03:25:03
109.12.217.42	attackspam	$f2bV_matches	2020-04-06 03:37:29

Recently Reported IPs

4.229.105.80	117.53.45.17	118.16.84.216	90.84.224.152
111.177.55.214	46.182.6.179	113.140.3.81	138.244.162.107
96.142.22.112	213.140.197.32	200.220.138.10	37.127.149.186
89.252.133.61	83.111.128.37	60.50.173.169	90.79.68.237
88.26.254.242	209.205.209.34	14.231.98.23	198.71.241.18