139.99.114.236

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Singapore

运营商(isp): Paas.id

主机名(hostname): unknown

机构(organization): OVH SAS

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	WordPress login Brute force / Web App Attack on client site.	2019-07-20 01:01:16
attack	139.99.114.236 - - \[23/Jun/2019:14:09:15 +0200\] "GET /wp-login.php HTTP/1.1" 200 1237 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 139.99.114.236 - - \[23/Jun/2019:14:09:16 +0200\] "POST /wp-login.php HTTP/1.1" 200 1632 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 139.99.114.236 - - \[23/Jun/2019:14:09:17 +0200\] "GET /wp-login.php HTTP/1.1" 200 1237 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 139.99.114.236 - - \[23/Jun/2019:14:09:17 +0200\] "POST /wp-login.php HTTP/1.1" 200 1607 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 139.99.114.236 - - \[23/Jun/2019:14:09:18 +0200\] "GET /wp-login.php HTTP/1.1" 200 1237 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 139.99.114.236 - - \[23/Jun/2019:14:09:18 +0200\] "POST /wp-login.php HTTP/1.1" 200 1608 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:6	2019-06-23 22:07:38

类型

评论内容

时间

attackspam

WordPress login Brute force / Web App Attack on client site.

2019-07-20 01:01:16

attack

139.99.114.236 - - \[23/Jun/2019:14:09:15 +0200\] "GET /wp-login.php HTTP/1.1" 200 1237 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
139.99.114.236 - - \[23/Jun/2019:14:09:16 +0200\] "POST /wp-login.php HTTP/1.1" 200 1632 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
139.99.114.236 - - \[23/Jun/2019:14:09:17 +0200\] "GET /wp-login.php HTTP/1.1" 200 1237 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
139.99.114.236 - - \[23/Jun/2019:14:09:17 +0200\] "POST /wp-login.php HTTP/1.1" 200 1607 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
139.99.114.236 - - \[23/Jun/2019:14:09:18 +0200\] "GET /wp-login.php HTTP/1.1" 200 1237 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
139.99.114.236 - - \[23/Jun/2019:14:09:18 +0200\] "POST /wp-login.php HTTP/1.1" 200 1608 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:6

2019-06-23 22:07:38

相同子网IP讨论:

IP	类型	评论内容	时间
139.99.114.230	attack	UDP 139.99.114.230:27015 -> port 45394, len 273	2020-09-15 01:36:02
139.99.114.230	attack	SIP/5060 Probe, BF, Hack -	2020-09-14 17:20:03
139.99.114.230	attack	139.99.114.230 was recorded 15 times by 6 hosts attempting to connect to the following ports: 33185,51856,26014,50570. Incident counter (4h, 24h, all-time): 15, 85, 146	2020-05-12 02:15:51
139.99.114.230	attack	139.99.114.230 was recorded 10 times by 4 hosts attempting to connect to the following ports: 26014,33185,51856,50570. Incident counter (4h, 24h, all-time): 10, 25, 38	2020-05-10 08:22:12

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.99.114.236
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 60798
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.99.114.236.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019050700 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Tue May 07 18:40:43 +08 2019
;; MSG SIZE  rcvd: 118

HOST信息:

236.114.99.139.in-addr.arpa domain name pointer sgx8.cloudhost.id.

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
236.114.99.139.in-addr.arpa	name = sgx8.cloudhost.id.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
40.79.25.254	attack	Aug 27 14:24:55 game-panel sshd[7447]: Failed password for root from 40.79.25.254 port 47288 ssh2 Aug 27 14:30:53 game-panel sshd[7877]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.79.25.254 Aug 27 14:30:55 game-panel sshd[7877]: Failed password for invalid user sentry from 40.79.25.254 port 55508 ssh2	2020-08-27 22:38:23
202.88.241.107	attackspam	2020-08-27T21:58:45.386083mx1.h3z.jp sshd[16227]: Invalid user test from 202.88.241.107 port 38376 2020-08-27T22:00:12.588092mx1.h3z.jp sshd[16263]: Invalid user smbguest from 202.88.241.107 port 48384 2020-08-27T22:01:40.094004mx1.h3z.jp sshd[16307]: Invalid user sshd1 from 202.88.241.107 port 58380 ...	2020-08-27 22:54:39
14.189.120.157	attack	Unauthorized connection attempt from IP address 14.189.120.157 on Port 445(SMB)	2020-08-27 22:57:26
131.72.127.39	attackbotsspam	Unauthorized connection attempt from IP address 131.72.127.39 on Port 445(SMB)	2020-08-27 22:39:16
2.218.28.154	attackspambots	Automatic report - Port Scan Attack	2020-08-27 23:06:42
195.206.38.5	attackspam	Unauthorized connection attempt from IP address 195.206.38.5 on Port 445(SMB)	2020-08-27 22:31:31
190.122.185.174	attack	Fail2Ban Ban Triggered HTTP Exploit Attempt	2020-08-27 23:11:53
218.92.0.175	attackspambots	Aug 27 14:16:54 game-panel sshd[6998]: Failed password for root from 218.92.0.175 port 53251 ssh2 Aug 27 14:17:00 game-panel sshd[6998]: Failed password for root from 218.92.0.175 port 53251 ssh2 Aug 27 14:17:03 game-panel sshd[6998]: Failed password for root from 218.92.0.175 port 53251 ssh2 Aug 27 14:17:06 game-panel sshd[6998]: Failed password for root from 218.92.0.175 port 53251 ssh2	2020-08-27 22:31:10
165.22.33.32	attackbotsspam	Aug 27 06:01:59 propaganda sshd[4069]: Connection from 165.22.33.32 port 48206 on 10.0.0.161 port 22 rdomain "" Aug 27 06:01:59 propaganda sshd[4069]: Connection closed by 165.22.33.32 port 48206 [preauth]	2020-08-27 22:30:08
139.59.169.103	attack	$f2bV_matches	2020-08-27 23:02:58
47.88.148.177	attackbotsspam	Aug 27 16:37:40 abendstille sshd\[17905\]: Invalid user bobrien from 47.88.148.177 Aug 27 16:37:40 abendstille sshd\[17905\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=47.88.148.177 Aug 27 16:37:42 abendstille sshd\[17905\]: Failed password for invalid user bobrien from 47.88.148.177 port 54352 ssh2 Aug 27 16:40:14 abendstille sshd\[20535\]: Invalid user deploy from 47.88.148.177 Aug 27 16:40:14 abendstille sshd\[20535\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=47.88.148.177 ...	2020-08-27 22:51:54
153.132.111.57	attack	Automatic report - Port Scan Attack	2020-08-27 23:05:56
20.185.47.152	attack	(sshd) Failed SSH login from 20.185.47.152 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Aug 27 14:36:57 amsweb01 sshd[20810]: Invalid user labuser1 from 20.185.47.152 port 47922 Aug 27 14:36:59 amsweb01 sshd[20810]: Failed password for invalid user labuser1 from 20.185.47.152 port 47922 ssh2 Aug 27 14:52:21 amsweb01 sshd[23011]: Invalid user vnc from 20.185.47.152 port 37076 Aug 27 14:52:23 amsweb01 sshd[23011]: Failed password for invalid user vnc from 20.185.47.152 port 37076 ssh2 Aug 27 15:01:27 amsweb01 sshd[24393]: Invalid user cheryl from 20.185.47.152 port 48012	2020-08-27 23:06:18
117.242.135.122	attackspambots	1598533296 - 08/27/2020 15:01:36 Host: 117.242.135.122/117.242.135.122 Port: 445 TCP Blocked	2020-08-27 22:58:34
106.12.30.236	attack	Aug 27 16:16:22 vpn01 sshd[31006]: Failed password for root from 106.12.30.236 port 38768 ssh2 ...	2020-08-27 22:43:49

最近上报的IP列表

126.185.83.248	106.251.214.30	195.158.92.104	106.120.173.64
118.241.250.66	61.238.22.31	105.235.201.86	104.248.248.88
37.249.69.148	126.56.236.178	185.211.183.142	190.94.217.93
103.94.121.27	109.42.235.152	103.86.187.242	14.177.76.138
165.235.26.70	103.76.137.2	157.135.213.59	95.188.147.106