139.99.89.72 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Singapore

Internet Service Provider: OVH Singapore Pte. Ltd

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/139.99.89.72/ FR - 1H : (21) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : FR NAME ASN : ASN16276 IP : 139.99.89.72 CIDR : 139.99.0.0/17 PREFIX COUNT : 132 UNIQUE IP COUNT : 3052544 ATTACKS DETECTED ASN16276 : 1H - 2 3H - 4 6H - 4 12H - 5 24H - 23 DateTime : 2020-02-28 22:55:43 INFO : Potentially Bad Traffic Scan Detected and Blocked by ADMIN - data recovery	2020-02-29 08:48:44

Type

Details

Datetime

attackspambots

IP Ban Report :  
 https://help-dysk.pl/wordpress-firewall-plugins/ip/139.99.89.72/ 
 
 FR - 1H : (21)  
 Protection Against DDoS WordPress plugin :  
 "odzyskiwanie danych help-dysk" 
 IP Address Ranges by Country : FR 
 NAME ASN : ASN16276 
 
 IP : 139.99.89.72 
 
 CIDR : 139.99.0.0/17 
 
 PREFIX COUNT : 132 
 
 UNIQUE IP COUNT : 3052544 
 
 
 ATTACKS DETECTED ASN16276 :  
  1H - 2 
  3H - 4 
  6H - 4 
 12H - 5 
 24H - 23 
 
 DateTime : 2020-02-28 22:55:43 
 
 INFO : Potentially Bad Traffic Scan Detected and Blocked by ADMIN  - data recovery

2020-02-29 08:48:44

Comments on same subnet:

IP	Type	Details	Datetime
139.99.89.202	attackspam	Oct 12 09:47:12 dignus sshd[25365]: Failed password for invalid user wayne from 139.99.89.202 port 48464 ssh2 Oct 12 09:50:00 dignus sshd[25446]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.89.202 user=root Oct 12 09:50:01 dignus sshd[25446]: Failed password for root from 139.99.89.202 port 58828 ssh2 Oct 12 09:52:43 dignus sshd[25490]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.89.202 user=root Oct 12 09:52:45 dignus sshd[25490]: Failed password for root from 139.99.89.202 port 40958 ssh2 ...	2020-10-12 16:14:39
139.99.89.202	attackspam	Oct 4 23:23:02 minden010 sshd[1736]: Failed password for root from 139.99.89.202 port 59064 ssh2 Oct 4 23:26:51 minden010 sshd[3133]: Failed password for root from 139.99.89.202 port 35980 ssh2 ...	2020-10-05 07:15:17
139.99.89.202	attackbotsspam	2020-10-04T08:54:59.276426linuxbox-skyline sshd[272342]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.89.202 user=root 2020-10-04T08:55:00.799884linuxbox-skyline sshd[272342]: Failed password for root from 139.99.89.202 port 46682 ssh2 ...	2020-10-04 23:27:39
139.99.89.202	attackspambots	Invalid user sid from 139.99.89.202 port 35196	2020-10-04 15:11:08
139.99.89.202	attack	SSH Invalid Login	2020-10-04 06:20:57
139.99.89.202	attackspam	Invalid user sid from 139.99.89.202 port 35196	2020-10-03 22:25:18
139.99.89.202	attack	Invalid user sid from 139.99.89.202 port 35196	2020-10-03 14:07:49
139.99.89.202	attack	Brute-force attempt banned	2020-09-27 04:37:23
139.99.89.202	attackspam	Sep 26 12:27:44 plex-server sshd[2523457]: Invalid user tomcat from 139.99.89.202 port 34340 Sep 26 12:27:44 plex-server sshd[2523457]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.89.202 Sep 26 12:27:44 plex-server sshd[2523457]: Invalid user tomcat from 139.99.89.202 port 34340 Sep 26 12:27:46 plex-server sshd[2523457]: Failed password for invalid user tomcat from 139.99.89.202 port 34340 ssh2 Sep 26 12:31:57 plex-server sshd[2525180]: Invalid user deploy from 139.99.89.202 port 42486 ...	2020-09-26 20:45:28
139.99.89.202	attackspam	Sep 25 22:39:41 mout sshd[4405]: Invalid user 1234 from 139.99.89.202 port 48182 Sep 25 22:39:44 mout sshd[4405]: Failed password for invalid user 1234 from 139.99.89.202 port 48182 ssh2 Sep 25 22:39:46 mout sshd[4405]: Disconnected from invalid user 1234 139.99.89.202 port 48182 [preauth]	2020-09-26 12:28:27
139.99.89.91	attackbots	2020-08-25 07:25:27.848293-0500 localhost sshd[1492]: Failed password for root from 139.99.89.91 port 34132 ssh2	2020-08-25 20:38:26
139.99.89.91	attackbotsspam	20 attempts against mh-ssh on echoip	2020-08-20 20:56:01
139.99.89.91	attackbotsspam	SSH bruteforce	2020-08-12 15:21:46
139.99.89.91	attack	Aug 5 16:01:42 abendstille sshd\[20037\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.89.91 user=root Aug 5 16:01:45 abendstille sshd\[20037\]: Failed password for root from 139.99.89.91 port 47100 ssh2 Aug 5 16:06:27 abendstille sshd\[24215\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.89.91 user=root Aug 5 16:06:29 abendstille sshd\[24215\]: Failed password for root from 139.99.89.91 port 59104 ssh2 Aug 5 16:11:06 abendstille sshd\[29007\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.89.91 user=root ...	2020-08-05 23:54:34
139.99.89.91	attackbotsspam	2020-07-25T23:03:44.670000shield sshd\[616\]: Invalid user ftp1 from 139.99.89.91 port 58960 2020-07-25T23:03:44.679361shield sshd\[616\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.ip-139-99-89.net 2020-07-25T23:03:47.077856shield sshd\[616\]: Failed password for invalid user ftp1 from 139.99.89.91 port 58960 ssh2 2020-07-25T23:09:19.305132shield sshd\[1726\]: Invalid user build from 139.99.89.91 port 46880 2020-07-25T23:09:19.311868shield sshd\[1726\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.ip-139-99-89.net	2020-07-26 07:20:44

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.99.89.72
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 53751
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.99.89.72.			IN	A

;; AUTHORITY SECTION:
.			514	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020022802 1800 900 604800 86400

;; Query time: 37 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Feb 29 08:48:41 CST 2020
;; MSG SIZE  rcvd: 116

Host info

72.89.99.139.in-addr.arpa domain name pointer 72.ip-139-99-89.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
72.89.99.139.in-addr.arpa	name = 72.ip-139-99-89.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
183.107.196.132	attackspambots	Mar 17 00:14:50 Ubuntu-1404-trusty-64-minimal sshd\[14867\]: Invalid user jira from 183.107.196.132 Mar 17 00:14:50 Ubuntu-1404-trusty-64-minimal sshd\[14867\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.107.196.132 Mar 17 00:14:52 Ubuntu-1404-trusty-64-minimal sshd\[14867\]: Failed password for invalid user jira from 183.107.196.132 port 59814 ssh2 Mar 17 00:35:46 Ubuntu-1404-trusty-64-minimal sshd\[29041\]: Invalid user qtss from 183.107.196.132 Mar 17 00:35:46 Ubuntu-1404-trusty-64-minimal sshd\[29041\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.107.196.132	2020-03-17 09:57:38
162.243.129.98	attackspambots	953/tcp 60001/tcp 22/tcp... [2020-02-01/03-16]15pkt,12pt.(tcp),1pt.(udp)	2020-03-17 10:18:53
198.144.149.163	attack	2020-03-16 18:35:23 H=event1.event2strategy.info [198.144.149.163]:58636 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.3, 127.0.0.2) (https://www.spamhaus.org/sbl/query/SBLCSS) 2020-03-16 18:35:23 H=event1.event2strategy.info [198.144.149.163]:58636 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.3, 127.0.0.2) (https://www.spamhaus.org/sbl/query/SBLCSS) 2020-03-16 18:35:24 H=event1.event2strategy.info [198.144.149.163]:58636 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.2, 127.0.0.3) (https://www.spamhaus.org/sbl/query/SBLCSS) ...	2020-03-17 10:17:52
54.88.74.128	attack	Hacked into my credit union account and for 4 days they logged in every hour. They never had my permission to login to my account.	2020-03-17 09:50:52
116.108.134.185	attack	23/tcp 23/tcp 23/tcp... [2020-02-28/03-16]10pkt,1pt.(tcp)	2020-03-17 09:58:36
162.243.131.94	attackspam	9030/tcp 5269/tcp 9200/tcp... [2020-02-01/03-16]17pkt,17pt.(tcp)	2020-03-17 09:51:57
138.219.244.110	attack	Attempt to attack host OS, exploiting network vulnerabilities, on 16-03-2020 23:35:16.	2020-03-17 10:26:48
2.44.168.59	attackbots	23/tcp 81/tcp [2020-02-11/03-16]2pkt	2020-03-17 10:11:57
95.12.33.141	attack	Automatic report - Port Scan Attack	2020-03-17 10:22:58
196.204.6.119	attackspambots	EG_RAYA-MNT_<177>1584408063 [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2]: {TCP} 196.204.6.119:42865	2020-03-17 10:00:53
195.231.3.208	attackbots	Mar 17 02:58:50 mail.srvfarm.net postfix/smtpd[611478]: warning: unknown[195.231.3.208]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Mar 17 02:58:50 mail.srvfarm.net postfix/smtpd[611478]: lost connection after AUTH from unknown[195.231.3.208] Mar 17 03:02:55 mail.srvfarm.net postfix/smtpd[609991]: warning: unknown[195.231.3.208]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Mar 17 03:02:55 mail.srvfarm.net postfix/smtpd[609991]: lost connection after AUTH from unknown[195.231.3.208] Mar 17 03:06:24 mail.srvfarm.net postfix/smtpd[625523]: warning: unknown[195.231.3.208]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2020-03-17 10:27:48
218.92.0.210	attack	Mar 17 02:35:46 SilenceServices sshd[9246]: Failed password for root from 218.92.0.210 port 44194 ssh2 Mar 17 02:35:54 SilenceServices sshd[9280]: Failed password for root from 218.92.0.210 port 53037 ssh2	2020-03-17 10:05:55
122.226.32.114	attack	445/tcp [2020-03-16]1pkt	2020-03-17 10:27:12
94.230.135.230	attackspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/94.230.135.230/ RU - 1H : (63) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : RU NAME ASN : ASN48642 IP : 94.230.135.230 CIDR : 94.230.128.0/21 PREFIX COUNT : 31 UNIQUE IP COUNT : 79872 ATTACKS DETECTED ASN48642 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 1 DateTime : 2020-03-17 00:35:19 INFO : HACK ! - Looking for resource vulnerabilities Scan Detected and Blocked by ADMIN - data recovery	2020-03-17 10:20:43
190.13.173.67	attackspam	Mar 17 02:59:34 meumeu sshd[16371]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.13.173.67 Mar 17 02:59:35 meumeu sshd[16371]: Failed password for invalid user dba from 190.13.173.67 port 52014 ssh2 Mar 17 03:04:38 meumeu sshd[17013]: Failed password for root from 190.13.173.67 port 33820 ssh2 ...	2020-03-17 10:22:03

Recently Reported IPs

172.195.140.200	181.229.230.238	103.14.237.85	217.51.109.9
90.200.151.197	136.100.94.79	95.65.255.88	117.30.204.63
185.224.66.150	62.109.244.146	38.208.14.242	192.49.128.221
121.196.179.13	95.237.167.116	136.161.125.168	249.245.200.75
70.95.199.120	193.31.65.239	172.177.20.139	188.193.35.168