139.99.221.19 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Australia

Internet Service Provider: OVH Australia Pty Ltd

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Chat Spam	2019-09-07 16:35:02

Comments on same subnet:

IP	Type	Details	Datetime
139.99.221.61	attack	$f2bV_matches	2020-02-12 00:54:56
139.99.221.61	attack	Unauthorized connection attempt detected from IP address 139.99.221.61 to port 2220 [J]	2020-02-06 16:49:17
139.99.221.61	attackbots	Feb 2 05:58:33 haigwepa sshd[21028]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.221.61 Feb 2 05:58:36 haigwepa sshd[21028]: Failed password for invalid user upload from 139.99.221.61 port 37437 ssh2 ...	2020-02-02 13:10:17
139.99.221.61	attack	Unauthorized connection attempt detected from IP address 139.99.221.61 to port 2220 [J]	2020-01-26 15:13:09
139.99.221.61	attackspambots	Unauthorized connection attempt detected from IP address 139.99.221.61 to port 2220 [J]	2020-01-17 21:10:34
139.99.221.61	attack	$f2bV_matches	2020-01-11 23:46:20
139.99.221.61	attackbotsspam	Invalid user tomek from 139.99.221.61 port 57996	2020-01-10 22:30:27
139.99.221.61	attack	Dec 31 03:27:37 ws19vmsma01 sshd[147604]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.221.61 Dec 31 03:27:39 ws19vmsma01 sshd[147604]: Failed password for invalid user liaan from 139.99.221.61 port 35512 ssh2 ...	2019-12-31 16:00:05
139.99.221.61	attack	Dec 4 15:46:10 Ubuntu-1404-trusty-64-minimal sshd\[22367\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.221.61 user=root Dec 4 15:46:12 Ubuntu-1404-trusty-64-minimal sshd\[22367\]: Failed password for root from 139.99.221.61 port 37864 ssh2 Dec 4 15:57:05 Ubuntu-1404-trusty-64-minimal sshd\[2839\]: Invalid user admin from 139.99.221.61 Dec 4 15:57:05 Ubuntu-1404-trusty-64-minimal sshd\[2839\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.221.61 Dec 4 15:57:07 Ubuntu-1404-trusty-64-minimal sshd\[2839\]: Failed password for invalid user admin from 139.99.221.61 port 51553 ssh2	2019-12-04 23:20:56
139.99.221.61	attackbots	Nov 29 09:12:50 OPSO sshd\[6006\]: Invalid user dwlee200 from 139.99.221.61 port 52802 Nov 29 09:12:50 OPSO sshd\[6006\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.221.61 Nov 29 09:12:52 OPSO sshd\[6006\]: Failed password for invalid user dwlee200 from 139.99.221.61 port 52802 ssh2 Nov 29 09:16:52 OPSO sshd\[6662\]: Invalid user minella from 139.99.221.61 port 43209 Nov 29 09:16:52 OPSO sshd\[6662\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.221.61	2019-11-29 16:58:50
139.99.221.61	attack	2019-11-26T22:57:20.361407abusebot-7.cloudsearch.cf sshd\[24597\]: Invalid user creation from 139.99.221.61 port 44649	2019-11-27 07:05:52
139.99.221.61	attack	Nov 23 16:46:03 server sshd\[23466\]: User root from 139.99.221.61 not allowed because listed in DenyUsers Nov 23 16:46:03 server sshd\[23466\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.221.61 user=root Nov 23 16:46:04 server sshd\[23466\]: Failed password for invalid user root from 139.99.221.61 port 52611 ssh2 Nov 23 16:50:24 server sshd\[2950\]: User root from 139.99.221.61 not allowed because listed in DenyUsers Nov 23 16:50:24 server sshd\[2950\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.221.61 user=root	2019-11-23 23:01:16
139.99.221.61	attackbots	$f2bV_matches	2019-11-16 17:03:13
139.99.221.61	attack	Nov 13 13:44:00 herz-der-gamer sshd[29216]: Invalid user nfs from 139.99.221.61 port 38126 Nov 13 13:44:00 herz-der-gamer sshd[29216]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.221.61 Nov 13 13:44:00 herz-der-gamer sshd[29216]: Invalid user nfs from 139.99.221.61 port 38126 Nov 13 13:44:02 herz-der-gamer sshd[29216]: Failed password for invalid user nfs from 139.99.221.61 port 38126 ssh2 ...	2019-11-13 22:43:42
139.99.221.61	attackbots	Oct 9 05:56:50 host sshd\[26301\]: Invalid user 3edcxsw21qaz from 139.99.221.61 port 44388 Oct 9 05:56:50 host sshd\[26301\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.221.61 ...	2019-10-09 13:06:51

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.99.221.19
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 30557
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.99.221.19.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019090700 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Sep 07 16:34:55 CST 2019
;; MSG SIZE  rcvd: 117

Host info

19.221.99.139.in-addr.arpa domain name pointer ip-139-99-221.eu.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
19.221.99.139.in-addr.arpa	name = ip-139-99-221.eu.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
192.42.116.22	attack	Mar 26 15:44:39 vpn01 sshd[3004]: Failed password for root from 192.42.116.22 port 51054 ssh2 Mar 26 15:44:47 vpn01 sshd[3004]: Failed password for root from 192.42.116.22 port 51054 ssh2 ...	2020-03-27 01:24:56
81.16.1.45	attackbotsspam	This IOC was found in a paste: https://paste.cryptolaemus.com/emotet/2020/03/23/emotet-c2-rsa-update-03-23-20-1.html with the title "Emotet C2 and RSA Key Update - 03/23/2020 09:45" For more information, or to report interesting/incorrect findings, contact us - bot@tines.io	2020-03-27 01:35:10
185.94.252.12	attackbots	This IOC was found in a paste: https://paste.cryptolaemus.com/emotet/2020/03/23/emotet-c2-rsa-update-03-23-20-1.html with the title "Emotet C2 and RSA Key Update - 03/23/2020 09:45" For more information, or to report interesting/incorrect findings, contact us - bot@tines.io	2020-03-27 01:39:15
91.121.88.225	attackspambots	0,25-03/02 [bc230/m40] PostRequest-Spammer scoring: harare01	2020-03-27 01:05:10
190.147.137.153	attackbotsspam	This IOC was found in a paste: https://paste.cryptolaemus.com/emotet/2020/03/23/emotet-c2-rsa-update-03-23-20-1.html with the title "Emotet C2 and RSA Key Update - 03/23/2020 09:45" For more information, or to report interesting/incorrect findings, contact us - bot@tines.io	2020-03-27 01:44:11
72.47.248.48	attack	This IOC was found in a paste: https://paste.cryptolaemus.com/emotet/2020/03/23/emotet-c2-rsa-update-03-23-20-1.html with the title "Emotet C2 and RSA Key Update - 03/23/2020 09:45" For more information, or to report interesting/incorrect findings, contact us - bot@tines.io	2020-03-27 01:42:23
189.139.77.237	attack	This IOC was found in a paste: https://paste.cryptolaemus.com/emotet/2020/03/23/emotet-c2-rsa-update-03-23-20-1.html with the title "Emotet C2 and RSA Key Update - 03/23/2020 09:45" For more information, or to report interesting/incorrect findings, contact us - bot@tines.io	2020-03-27 01:29:17
106.12.45.236	attack	Mar 26 23:39:34 itv-usvr-01 sshd[29024]: Invalid user import from 106.12.45.236 Mar 26 23:39:34 itv-usvr-01 sshd[29024]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.45.236 Mar 26 23:39:34 itv-usvr-01 sshd[29024]: Invalid user import from 106.12.45.236 Mar 26 23:39:36 itv-usvr-01 sshd[29024]: Failed password for invalid user import from 106.12.45.236 port 46934 ssh2 Mar 26 23:48:49 itv-usvr-01 sshd[29389]: Invalid user os from 106.12.45.236	2020-03-27 01:11:59
192.241.143.52	attackbotsspam	This IOC was found in a paste: https://paste.cryptolaemus.com/emotet/2020/03/23/emotet-c2-rsa-update-03-23-20-1.html with the title "Emotet C2 and RSA Key Update - 03/23/2020 09:45" For more information, or to report interesting/incorrect findings, contact us - bot@tines.io	2020-03-27 01:43:50
106.12.148.127	attackbots	v+ssh-bruteforce	2020-03-27 01:11:41
77.123.155.201	attack	SSH Brute-Forcing (server1)	2020-03-27 00:57:22
211.110.184.22	attack	Invalid user postgres from 211.110.184.22 port 34713	2020-03-27 01:19:00
136.243.205.112	attackspambots	This IOC was found in a paste: https://paste.cryptolaemus.com/emotet/2020/03/23/emotet-c2-rsa-update-03-23-20-1.html with the title "Emotet C2 and RSA Key Update - 03/23/2020 09:45" For more information, or to report interesting/incorrect findings, contact us - bot@tines.io	2020-03-27 01:33:03
80.211.56.134	attackbotsspam	Mar 26 17:49:35 sso sshd[20608]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.56.134 Mar 26 17:49:37 sso sshd[20608]: Failed password for invalid user lq from 80.211.56.134 port 42800 ssh2 ...	2020-03-27 01:00:41
104.248.181.156	attackspam	Mar 26 18:02:38 mail sshd[601]: Invalid user admin from 104.248.181.156 Mar 26 18:02:38 mail sshd[601]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.181.156 Mar 26 18:02:38 mail sshd[601]: Invalid user admin from 104.248.181.156 Mar 26 18:02:40 mail sshd[601]: Failed password for invalid user admin from 104.248.181.156 port 44066 ssh2 Mar 26 18:04:26 mail sshd[3756]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.181.156 user=mysql Mar 26 18:04:28 mail sshd[3756]: Failed password for mysql from 104.248.181.156 port 33086 ssh2 ...	2020-03-27 01:10:47

Recently Reported IPs

49.83.118.97	62.210.178.165	177.190.89.146	212.83.163.47
23.253.173.172	49.235.91.152	117.93.81.75	150.81.77.134
186.0.136.202	89.91.236.60	125.163.119.115	88.225.220.181
2.183.214.236	244.128.140.57	168.232.5.133	115.236.72.27
54.36.149.48	54.36.148.110	14.127.200.160	195.231.4.4