139.99.8.3 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Singapore

Internet Service Provider: OVH Singapore Pte. Ltd

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	139.99.8.3 - - [04/Oct/2020:20:48:51 +0200] "GET /wp-login.php HTTP/1.1" 302 536 ...	2020-10-05 07:19:31
attackspambots	139.99.8.3 - - [04/Oct/2020:13:02:39 +0100] "POST /wp-login.php HTTP/1.1" 200 2591 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.99.8.3 - - [04/Oct/2020:13:02:41 +0100] "POST /wp-login.php HTTP/1.1" 200 2528 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.99.8.3 - - [04/Oct/2020:13:02:42 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-04 23:33:19
attackbotsspam	139.99.8.3 - - [04/Oct/2020:08:06:51 +0100] "POST /wp-login.php HTTP/1.1" 200 2478 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.99.8.3 - - [04/Oct/2020:08:06:53 +0100] "POST /wp-login.php HTTP/1.1" 200 2455 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.99.8.3 - - [04/Oct/2020:08:06:54 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-04 15:16:52
attackspam	139.99.8.3 - - [19/Aug/2020:12:18:35 +0200] "GET /wp-login.php HTTP/1.1" 200 1256 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.99.8.3 - - [19/Aug/2020:12:18:36 +0200] "POST /wp-login.php HTTP/1.1" 200 1651 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.99.8.3 - - [19/Aug/2020:12:18:37 +0200] "GET /wp-login.php HTTP/1.1" 200 1256 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.99.8.3 - - [19/Aug/2020:12:18:37 +0200] "POST /wp-login.php HTTP/1.1" 200 1629 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.99.8.3 - - [19/Aug/2020:12:21:51 +0200] "GET /wp-login.php HTTP/1.1" 200 1901 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.99.8.3 - - [19/Aug/2020:12:21:52 +0200] "POST /wp-login.php HTTP/1.1" 200 2031 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-19 19:40:42
attack	Automatic report - Banned IP Access	2020-08-11 13:20:53
attackspam	139.99.8.3 - - [09/Aug/2020:14:41:56 +0200] "GET /wp-login.php HTTP/1.1" 200 6310 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.99.8.3 - - [09/Aug/2020:14:41:57 +0200] "POST /wp-login.php HTTP/1.1" 200 6561 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.99.8.3 - - [09/Aug/2020:14:41:59 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-08-09 21:23:09
attack	Aug 8 05:59:25 b-vps wordpress(gpfans.cz)[3507]: Authentication attempt for unknown user buchtic from 139.99.8.3 ...	2020-08-08 12:04:42
attack	Automatic report - XMLRPC Attack	2020-08-07 12:15:36
attack	joshuajohannes.de 139.99.8.3 [05/Aug/2020:14:47:52 +0200] "POST /wp-login.php HTTP/1.1" 200 5961 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" joshuajohannes.de 139.99.8.3 [05/Aug/2020:14:47:53 +0200] "POST /wp-login.php HTTP/1.1" 200 5926 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-08-05 20:58:32
attackbots	php WP PHPmyadamin ABUSE blocked for 12h	2019-11-17 01:31:18
attack	LAMP,DEF GET /wp-login.php	2019-11-09 01:25:04

Comments on same subnet:

IP	Type	Details	Datetime
139.99.89.202	attackspam	Oct 12 09:47:12 dignus sshd[25365]: Failed password for invalid user wayne from 139.99.89.202 port 48464 ssh2 Oct 12 09:50:00 dignus sshd[25446]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.89.202 user=root Oct 12 09:50:01 dignus sshd[25446]: Failed password for root from 139.99.89.202 port 58828 ssh2 Oct 12 09:52:43 dignus sshd[25490]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.89.202 user=root Oct 12 09:52:45 dignus sshd[25490]: Failed password for root from 139.99.89.202 port 40958 ssh2 ...	2020-10-12 16:14:39
139.99.89.202	attackspam	Oct 4 23:23:02 minden010 sshd[1736]: Failed password for root from 139.99.89.202 port 59064 ssh2 Oct 4 23:26:51 minden010 sshd[3133]: Failed password for root from 139.99.89.202 port 35980 ssh2 ...	2020-10-05 07:15:17
139.99.89.202	attackbotsspam	2020-10-04T08:54:59.276426linuxbox-skyline sshd[272342]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.89.202 user=root 2020-10-04T08:55:00.799884linuxbox-skyline sshd[272342]: Failed password for root from 139.99.89.202 port 46682 ssh2 ...	2020-10-04 23:27:39
139.99.89.202	attackspambots	Invalid user sid from 139.99.89.202 port 35196	2020-10-04 15:11:08
139.99.89.202	attack	SSH Invalid Login	2020-10-04 06:20:57
139.99.89.202	attackspam	Invalid user sid from 139.99.89.202 port 35196	2020-10-03 22:25:18
139.99.89.202	attack	Invalid user sid from 139.99.89.202 port 35196	2020-10-03 14:07:49
139.99.89.202	attack	Brute-force attempt banned	2020-09-27 04:37:23
139.99.89.202	attackspam	Sep 26 12:27:44 plex-server sshd[2523457]: Invalid user tomcat from 139.99.89.202 port 34340 Sep 26 12:27:44 plex-server sshd[2523457]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.89.202 Sep 26 12:27:44 plex-server sshd[2523457]: Invalid user tomcat from 139.99.89.202 port 34340 Sep 26 12:27:46 plex-server sshd[2523457]: Failed password for invalid user tomcat from 139.99.89.202 port 34340 ssh2 Sep 26 12:31:57 plex-server sshd[2525180]: Invalid user deploy from 139.99.89.202 port 42486 ...	2020-09-26 20:45:28
139.99.89.202	attackspam	Sep 25 22:39:41 mout sshd[4405]: Invalid user 1234 from 139.99.89.202 port 48182 Sep 25 22:39:44 mout sshd[4405]: Failed password for invalid user 1234 from 139.99.89.202 port 48182 ssh2 Sep 25 22:39:46 mout sshd[4405]: Disconnected from invalid user 1234 139.99.89.202 port 48182 [preauth]	2020-09-26 12:28:27
139.99.89.91	attackbots	2020-08-25 07:25:27.848293-0500 localhost sshd[1492]: Failed password for root from 139.99.89.91 port 34132 ssh2	2020-08-25 20:38:26
139.99.89.91	attackbotsspam	20 attempts against mh-ssh on echoip	2020-08-20 20:56:01
139.99.8.177	attackbotsspam	Trolling for resource vulnerabilities	2020-08-20 09:03:48
139.99.89.91	attackbotsspam	SSH bruteforce	2020-08-12 15:21:46
139.99.89.91	attack	Aug 5 16:01:42 abendstille sshd\[20037\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.89.91 user=root Aug 5 16:01:45 abendstille sshd\[20037\]: Failed password for root from 139.99.89.91 port 47100 ssh2 Aug 5 16:06:27 abendstille sshd\[24215\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.89.91 user=root Aug 5 16:06:29 abendstille sshd\[24215\]: Failed password for root from 139.99.89.91 port 59104 ssh2 Aug 5 16:11:06 abendstille sshd\[29007\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.89.91 user=root ...	2020-08-05 23:54:34

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.99.8.3
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 38958
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.99.8.3.			IN	A

;; AUTHORITY SECTION:
.			340	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019110800 1800 900 604800 86400

;; Query time: 175 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Nov 09 01:25:00 CST 2019
;; MSG SIZE  rcvd: 114

Host info

3.8.99.139.in-addr.arpa domain name pointer ns536029.ip-139-99-8.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
3.8.99.139.in-addr.arpa	name = ns536029.ip-139-99-8.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
178.128.226.2	attackspam	Automatic report - Banned IP Access	2019-11-01 03:44:29
222.186.173.180	attackspam	2019-10-31T19:28:47.165127shield sshd\[7000\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.180 user=root 2019-10-31T19:28:49.013508shield sshd\[7000\]: Failed password for root from 222.186.173.180 port 33832 ssh2 2019-10-31T19:28:52.976107shield sshd\[7000\]: Failed password for root from 222.186.173.180 port 33832 ssh2 2019-10-31T19:28:56.809593shield sshd\[7000\]: Failed password for root from 222.186.173.180 port 33832 ssh2 2019-10-31T19:29:00.858399shield sshd\[7000\]: Failed password for root from 222.186.173.180 port 33832 ssh2	2019-11-01 03:31:06
93.174.67.17	attackbotsspam	Email spam message	2019-11-01 03:12:23
176.116.73.2	attack	10/31/2019-12:59:05.775904 176.116.73.2 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2019-11-01 03:13:20
203.160.132.4	attack	5x Failed Password	2019-11-01 03:15:08
218.93.33.52	attack	2019-10-30 17:56:03,718 fail2ban.actions \[1865\]: NOTICE \[ssh\] Ban 218.93.33.52 2019-10-30 18:14:04,008 fail2ban.actions \[1865\]: NOTICE \[ssh\] Ban 218.93.33.52 2019-10-30 18:32:13,767 fail2ban.actions \[1865\]: NOTICE \[ssh\] Ban 218.93.33.52 2019-10-30 19:26:54,876 fail2ban.actions \[1865\]: NOTICE \[ssh\] Ban 218.93.33.52 2019-10-30 19:44:41,217 fail2ban.actions \[1865\]: NOTICE \[ssh\] Ban 218.93.33.52 2019-10-30 17:56:03,718 fail2ban.actions \[1865\]: NOTICE \[ssh\] Ban 218.93.33.52 2019-10-30 18:14:04,008 fail2ban.actions \[1865\]: NOTICE \[ssh\] Ban 218.93.33.52 2019-10-30 18:32:13,767 fail2ban.actions \[1865\]: NOTICE \[ssh\] Ban 218.93.33.52 2019-10-30 19:26:54,876 fail2ban.actions \[1865\]: NOTICE \[ssh\] Ban 218.93.33.52 2019-10-30 19:44:41,217 fail2ban.actions \[1865\]: NOTICE \[ssh\] Ban 218.93.33.52 2019-10-30 17:56:03,718 fail2ban.actions \[1865\]: NOTICE \[ssh\] Ban 218.93.33.52 2019-10-30 18:14:04,008	2019-11-01 03:22:12
180.76.196.179	attack	2019-10-30 23:04:15,291 fail2ban.actions \[1865\]: NOTICE \[ssh\] Ban 180.76.196.179 2019-10-30 23:20:21,264 fail2ban.actions \[1865\]: NOTICE \[ssh\] Ban 180.76.196.179 2019-10-30 23:36:37,381 fail2ban.actions \[1865\]: NOTICE \[ssh\] Ban 180.76.196.179 2019-10-30 23:57:06,339 fail2ban.actions \[1865\]: NOTICE \[ssh\] Ban 180.76.196.179 2019-10-31 00:17:59,896 fail2ban.actions \[1865\]: NOTICE \[ssh\] Ban 180.76.196.179 2019-10-30 23:04:15,291 fail2ban.actions \[1865\]: NOTICE \[ssh\] Ban 180.76.196.179 2019-10-30 23:20:21,264 fail2ban.actions \[1865\]: NOTICE \[ssh\] Ban 180.76.196.179 2019-10-30 23:36:37,381 fail2ban.actions \[1865\]: NOTICE \[ssh\] Ban 180.76.196.179 2019-10-30 23:57:06,339 fail2ban.actions \[1865\]: NOTICE \[ssh\] Ban 180.76.196.179 2019-10-31 00:17:59,896 fail2ban.actions \[1865\]: NOTICE \[ssh\] Ban 180.76.196.179 2019-10-30 23:04:15,291 fail2ban.actions \[1865\]: NOTICE \[ssh\] Ban 180.76.196.179 2	2019-11-01 03:40:55
187.188.251.219	attack	Oct 31 15:43:02 srv01 sshd[26506]: Invalid user gesi from 187.188.251.219 Oct 31 15:43:02 srv01 sshd[26506]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=fixed-187-188-251-219.totalplay.net Oct 31 15:43:02 srv01 sshd[26506]: Invalid user gesi from 187.188.251.219 Oct 31 15:43:03 srv01 sshd[26506]: Failed password for invalid user gesi from 187.188.251.219 port 45074 ssh2 Oct 31 15:47:43 srv01 sshd[26802]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=fixed-187-188-251-219.totalplay.net user=root Oct 31 15:47:45 srv01 sshd[26802]: Failed password for root from 187.188.251.219 port 57018 ssh2 ...	2019-11-01 03:12:50
81.22.45.190	attackbots	Oct 31 20:36:12 mc1 kernel: \[3836891.004118\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.190 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=36991 PROTO=TCP SPT=46310 DPT=38539 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 31 20:38:01 mc1 kernel: \[3836999.553201\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.190 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=3198 PROTO=TCP SPT=46310 DPT=39080 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 31 20:39:50 mc1 kernel: \[3837108.869655\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.190 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=55448 PROTO=TCP SPT=46310 DPT=38635 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-11-01 03:44:11
118.193.28.58	attackbotsspam	191031 20:59:14 \[Warning\] Access denied for user 'root'@'118.193.28.58' $using password: NO$ 191031 20:59:16 \[Warning\] Access denied for user 'root'@'118.193.28.58' $using password: YES$ 191031 20:59:18 \[Warning\] Access denied for user 'root'@'118.193.28.58' $using password: YES$ ...	2019-11-01 03:43:42
115.238.236.74	attackbots	Oct 31 18:38:11 MK-Soft-VM4 sshd[21332]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.238.236.74 Oct 31 18:38:13 MK-Soft-VM4 sshd[21332]: Failed password for invalid user 321 from 115.238.236.74 port 34131 ssh2 ...	2019-11-01 03:14:17
123.206.68.35	attackbotsspam	Unauthorized SSH login attempts	2019-11-01 03:44:51
114.92.71.46	attackbots	Automatic report - Port Scan	2019-11-01 03:20:55
130.61.83.71	attackspam	Oct 31 18:52:39 vmanager6029 sshd\[20043\]: Invalid user al from 130.61.83.71 port 30505 Oct 31 18:52:39 vmanager6029 sshd\[20043\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=130.61.83.71 Oct 31 18:52:42 vmanager6029 sshd\[20043\]: Failed password for invalid user al from 130.61.83.71 port 30505 ssh2	2019-11-01 03:09:54
134.175.103.139	attack	$f2bV_matches	2019-11-01 03:15:32

Recently Reported IPs

40.71.190.223	167.58.65.38	85.208.96.70	45.89.106.160
177.248.128.203	190.140.204.129	87.229.143.10	69.94.143.24
62.210.206.218	113.123.64.108	101.108.99.40	222.132.53.42
92.86.10.126	13.233.99.37	27.74.149.230	2a07:5741:0:b3f::1
103.75.101.23	212.241.18.2	183.82.252.147	99.88.52.236