139.99.218.212

Basic Info

City: Sydney

Region: New South Wales

Country: Australia

Internet Service Provider: OVH Australia Pty Ltd

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Chat Spam	2019-09-30 02:53:16

Comments on same subnet:

IP	Type	Details	Datetime
139.99.218.54	attack	Exploit Attempt	2020-05-14 04:12:48
139.99.218.233	attackspam	Chat Spam	2019-09-07 11:06:39
139.99.218.189	attack	\[2019-06-24 04:15:50\] NOTICE\[1849\] chan_sip.c: Registration from '\' failed for '139.99.218.189:48997' - Wrong password \[2019-06-24 04:15:50\] SECURITY\[1857\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-06-24T04:15:50.477-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="091",SessionID="0x7fc4242a2868",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/139.99.218.189/48997",Challenge="36d865c9",ReceivedChallenge="36d865c9",ReceivedHash="4a65d81ad2c4044d9d295f7ad31a57c8" \[2019-06-24 04:15:52\] NOTICE\[1849\] chan_sip.c: Registration from '\' failed for '139.99.218.189:52227' - Wrong password \[2019-06-24 04:15:52\] SECURITY\[1857\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-06-24T04:15:52.073-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="5000000001",SessionID="0x7fc42417ead8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/	2019-06-24 17:10:38
139.99.218.30	attackspam	Fail2Ban Ban Triggered	2019-06-24 07:55:57
139.99.218.189	attackbotsspam	\[2019-06-23 16:10:37\] NOTICE\[1849\] chan_sip.c: Registration from '\' failed for '139.99.218.189:54555' - Wrong password \[2019-06-23 16:10:37\] SECURITY\[1857\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-06-23T16:10:37.947-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="091",SessionID="0x7fc4242a2868",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/139.99.218.189/54555",Challenge="5e880bfa",ReceivedChallenge="5e880bfa",ReceivedHash="6bc0d3c5dac791ce923dfd1cc64e4829" \[2019-06-23 16:10:39\] NOTICE\[1849\] chan_sip.c: Registration from '\' failed for '139.99.218.189:46369' - Wrong password \[2019-06-23 16:10:39\] SECURITY\[1857\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-06-23T16:10:39.473-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="51",SessionID="0x7fc424245928",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/139.99.218.1	2019-06-24 04:59:28
139.99.218.189	attackspambots	\[2019-06-23 12:44:01\] NOTICE\[1849\] chan_sip.c: Registration from '\' failed for '139.99.218.189:49800' - Wrong password \[2019-06-23 12:44:01\] SECURITY\[1857\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-06-23T12:44:01.969-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="091",SessionID="0x7fc4242a2868",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/139.99.218.189/49800",Challenge="1ba70511",ReceivedChallenge="1ba70511",ReceivedHash="b2fadf1157e2aea79954277bd382840b" \[2019-06-23 12:44:03\] NOTICE\[1849\] chan_sip.c: Registration from '\' failed for '139.99.218.189:43777' - Wrong password \[2019-06-23 12:44:03\] SECURITY\[1857\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-06-23T12:44:03.509-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="4000000001",SessionID="0x7fc42417ead8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/	2019-06-24 01:36:06
139.99.218.30	attack	[SunJun2302:23:20.8385312019][:error][pid6731:tid47326407059200][client139.99.218.30:62053][client139.99.218.30]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch"$\?:POST\\|GET$"atREQUEST_METHOD.[file"/etc/apache2/conf.d/modsec_rules/99_asl_jitp.conf"][line"3488"][id"336461"][rev"8"][msg"Atomicorp.comWAFRules-VirtualJustInTimePatch:Possibleattempttomaliciouslyaccesswp-config.phpfile"][data"../../../../wp-config.php"][severity"CRITICAL"][hostname"giochintavola.ch"][uri"/wp-admin/admin-ajax.php"][unique_id"XQ7GeFrcV1YeehGUUjPgMAAAAEk"][SunJun2302:23:21.3870422019][:error][pid6732:tid47326432274176][client139.99.218.30:62392][client139.99.218.30]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch"python-requests/"atREQUEST_HEADERS:User-Agent.[file"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf"][line"206"][id"332039"][rev"4"][msg"Atomicorp.comWAFRules:SuspiciousUnusualUserAgent$python-requests$.Disablethisruleifyouusepython-requests/."][severity"CRIT	2019-06-23 08:42:09
139.99.218.189	attack	\[2019-06-22 03:57:01\] NOTICE\[1849\] chan_sip.c: Registration from '\' failed for '139.99.218.189:35330' - Wrong password \[2019-06-22 03:57:01\] SECURITY\[1857\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-06-22T03:57:01.550-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="091",SessionID="0x7fc4240077d8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/139.99.218.189/35330",Challenge="041cc17f",ReceivedChallenge="041cc17f",ReceivedHash="71b8eb87e94e589403512ca2a1f401d1" \[2019-06-22 03:57:03\] NOTICE\[1849\] chan_sip.c: Registration from '\' failed for '139.99.218.189:49604' - Wrong password \[2019-06-22 03:57:03\] SECURITY\[1857\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-06-22T03:57:03.165-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="200000001",SessionID="0x7fc424036c88",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UD	2019-06-22 17:05:00

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.99.218.212
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 60470
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.99.218.212.			IN	A

;; AUTHORITY SECTION:
.			531	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019092901 1800 900 604800 86400

;; Query time: 311 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Sep 30 02:53:11 CST 2019
;; MSG SIZE  rcvd: 118

Host info

212.218.99.139.in-addr.arpa domain name pointer ip-139-99-218.eu.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
212.218.99.139.in-addr.arpa	name = ip-139-99-218.eu.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
46.249.28.102	attack	Jun 21 12:09:05 *** sshd[13216]: User root from 46.249.28.102 not allowed because not listed in AllowUsers	2020-06-22 04:19:09
164.132.47.159	attackspambots	Jun 21 22:27:42 vpn01 sshd[20337]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.132.47.159 Jun 21 22:27:44 vpn01 sshd[20337]: Failed password for invalid user billy from 164.132.47.159 port 33158 ssh2 ...	2020-06-22 04:38:35
106.12.161.118	attackspam	Cowrie Honeypot: 10 unauthorised SSH/Telnet login attempts between 2020-06-21T20:08:30Z and 2020-06-21T20:27:45Z	2020-06-22 04:39:31
157.7.233.185	attackspambots	Banned for a week because repeated abuses, for example SSH, but not only	2020-06-22 04:49:04
93.123.16.126	attackbots	Triggered by Fail2Ban at Ares web server	2020-06-22 04:32:15
129.211.174.145	attackbots	2020-06-21T17:03:23.205581sd-86998 sshd[47973]: Invalid user recog from 129.211.174.145 port 59224 2020-06-21T17:03:23.211172sd-86998 sshd[47973]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.174.145 2020-06-21T17:03:23.205581sd-86998 sshd[47973]: Invalid user recog from 129.211.174.145 port 59224 2020-06-21T17:03:24.997143sd-86998 sshd[47973]: Failed password for invalid user recog from 129.211.174.145 port 59224 ssh2 2020-06-21T17:12:14.853746sd-86998 sshd[49065]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.174.145 user=root 2020-06-21T17:12:17.200639sd-86998 sshd[49065]: Failed password for root from 129.211.174.145 port 40234 ssh2 ...	2020-06-22 04:27:22
14.232.210.96	attackspambots	Unauthorized SSH login attempts	2020-06-22 04:24:57
40.87.31.208	attack	Jun 21 22:24:55 ns382633 sshd\[13925\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.87.31.208 user=root Jun 21 22:24:57 ns382633 sshd\[13925\]: Failed password for root from 40.87.31.208 port 35450 ssh2 Jun 21 22:26:22 ns382633 sshd\[14535\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.87.31.208 user=root Jun 21 22:26:24 ns382633 sshd\[14535\]: Failed password for root from 40.87.31.208 port 50004 ssh2 Jun 21 22:27:51 ns382633 sshd\[14678\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.87.31.208 user=root	2020-06-22 04:32:48
128.14.230.200	attackspambots	Jun 21 20:36:53 h2646465 sshd[28142]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.14.230.200 user=root Jun 21 20:36:55 h2646465 sshd[28142]: Failed password for root from 128.14.230.200 port 39506 ssh2 Jun 21 20:59:30 h2646465 sshd[29512]: Invalid user minecraft from 128.14.230.200 Jun 21 20:59:30 h2646465 sshd[29512]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.14.230.200 Jun 21 20:59:30 h2646465 sshd[29512]: Invalid user minecraft from 128.14.230.200 Jun 21 20:59:32 h2646465 sshd[29512]: Failed password for invalid user minecraft from 128.14.230.200 port 33758 ssh2 Jun 21 21:01:24 h2646465 sshd[30151]: Invalid user user from 128.14.230.200 Jun 21 21:01:24 h2646465 sshd[30151]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.14.230.200 Jun 21 21:01:24 h2646465 sshd[30151]: Invalid user user from 128.14.230.200 Jun 21 21:01:26 h2646465 sshd[30151]: Failed password for in	2020-06-22 04:19:53
27.150.22.44	attack	Jun 21 22:27:48 raspberrypi sshd[2348]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.150.22.44 Jun 21 22:27:50 raspberrypi sshd[2348]: Failed password for invalid user th from 27.150.22.44 port 44722 ssh2 ...	2020-06-22 04:34:07
116.102.117.138	attackbots	20/6/21@09:17:52: FAIL: Alarm-Network address from=116.102.117.138 20/6/21@09:17:52: FAIL: Alarm-Network address from=116.102.117.138 ...	2020-06-22 04:26:04
218.92.0.250	attack	Jun 21 22:32:39 abendstille sshd\[23195\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.250 user=root Jun 21 22:32:40 abendstille sshd\[23195\]: Failed password for root from 218.92.0.250 port 45580 ssh2 Jun 21 22:32:43 abendstille sshd\[23195\]: Failed password for root from 218.92.0.250 port 45580 ssh2 Jun 21 22:32:47 abendstille sshd\[23195\]: Failed password for root from 218.92.0.250 port 45580 ssh2 Jun 21 22:32:50 abendstille sshd\[23195\]: Failed password for root from 218.92.0.250 port 45580 ssh2 ...	2020-06-22 04:34:39
129.204.208.34	attackbots	Jun 21 22:27:44 fhem-rasp sshd[7570]: Invalid user avon from 129.204.208.34 port 50738 ...	2020-06-22 04:38:49
109.116.41.170	attack	$f2bV_matches	2020-06-22 04:24:29
75.64.181.230	attack	Port 22 Scan, PTR: None	2020-06-22 04:14:57

Recently Reported IPs

195.196.61.32	50.94.171.123	26.126.27.13	121.158.204.53
128.208.229.102	21.203.53.116	143.141.74.114	3.48.235.193
194.208.56.118	166.104.8.66	189.41.58.225	152.43.80.163
38.147.116.104	182.111.161.17	77.144.239.157	195.54.250.10
106.172.69.9	83.144.78.142	89.38.4.70	101.21.104.78