139.99.125.196

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Canada

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
139.99.125.58	attackspam	Blocked by Sophos UTM Network Protection . / / proto=6 . srcport=10001 . dstport=32936 . (1089)	2020-09-17 19:04:12
139.99.125.230	attack	TCP (SYN) 139.99.125.230:51409 -> port 22, len 48	2020-09-01 21:06:56
139.99.125.231	attackspambots	TCP (SYN) 139.99.125.231:50637 -> port 22, len 48	2020-09-01 19:04:17
139.99.125.230	attack	SmallBizIT.US 1 packets to tcp(22)	2020-09-01 18:25:28
139.99.125.230	attackspambots	2020-08-31T19:25:50.598331abusebot-2.cloudsearch.cf sshd[11620]: Invalid user ubnt from 139.99.125.230 port 59752 2020-08-31T19:25:50.645193abusebot-2.cloudsearch.cf sshd[11622]: Invalid user admin from 139.99.125.230 port 35698 2020-08-31T19:25:50.647160abusebot-2.cloudsearch.cf sshd[11626]: Invalid user 1234 from 139.99.125.230 port 43918 2020-08-31T19:25:51.722996abusebot-2.cloudsearch.cf sshd[11628]: Invalid user usuario from 139.99.125.230 port 49656 ...	2020-09-01 03:42:24
139.99.125.84	attackspambots	Port probing on unauthorized port 22	2020-08-29 02:11:39
139.99.125.86	attack	Attempted connection to port 64129.	2020-08-24 21:24:56
139.99.125.191	attackspam	139.99.125.191 was recorded 6 times by 4 hosts attempting to connect to the following ports: 26014,50570,39019,51856. Incident counter (4h, 24h, all-time): 6, 31, 1174	2020-04-28 21:33:58
139.99.125.191	attackbotsspam	139.99.125.191 was recorded 11 times by 7 hosts attempting to connect to the following ports: 26014,51856,39019,20269,50570,60429. Incident counter (4h, 24h, all-time): 11, 19, 1146	2020-04-27 23:12:32
139.99.125.191	attack	139.99.125.191 was recorded 28 times by 9 hosts attempting to connect to the following ports: 50570,51856,39019,54434,56610,52084,20269,60429,51142. Incident counter (4h, 24h, all-time): 28, 86, 1123	2020-04-25 21:06:30
139.99.125.191	attack	Port 27034 scan denied	2020-03-28 19:23:50
139.99.125.191	attackbots	139.99.125.191 was recorded 13 times by 8 hosts attempting to connect to the following ports: 39019,54434,20269,51856,56610,52084,60429,51142. Incident counter (4h, 24h, all-time): 13, 112, 855	2020-03-28 06:26:16
139.99.125.191	attackbotsspam	139.99.125.191 was recorded 8 times by 5 hosts attempting to connect to the following ports: 60429,54434,50570,52084,51142. Incident counter (4h, 24h, all-time): 8, 116, 846	2020-03-28 04:19:40
139.99.125.191	attackspam	probes 16 times on the port 34928 59003 62781	2020-03-27 18:25:06
139.99.125.191	attackspambots	139.99.125.191 was recorded 20 times by 9 hosts attempting to connect to the following ports: 51856,39019,50570,52084,54434,56610,51142,60429,26014. Incident counter (4h, 24h, all-time): 20, 82, 683	2020-03-26 16:58:49

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.99.125.196
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 27562
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;139.99.125.196.			IN	A

;; AUTHORITY SECTION:
.			311	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022601 1800 900 604800 86400

;; Query time: 90 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 27 12:41:56 CST 2022
;; MSG SIZE  rcvd: 107

HOST信息:

196.125.99.139.in-addr.arpa domain name pointer ns5000012.ip-139-99-125.net.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
196.125.99.139.in-addr.arpa	name = ns5000012.ip-139-99-125.net.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
162.247.74.201	attack	$lgm	2020-08-26 15:03:23
41.224.59.242	attack	2020-08-26T06:58:52.133903ionos.janbro.de sshd[73409]: Invalid user tsbot from 41.224.59.242 port 52570 2020-08-26T06:58:54.108225ionos.janbro.de sshd[73409]: Failed password for invalid user tsbot from 41.224.59.242 port 52570 ssh2 2020-08-26T07:02:52.216727ionos.janbro.de sshd[73452]: Invalid user yum from 41.224.59.242 port 56437 2020-08-26T07:02:52.511805ionos.janbro.de sshd[73452]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.224.59.242 2020-08-26T07:02:52.216727ionos.janbro.de sshd[73452]: Invalid user yum from 41.224.59.242 port 56437 2020-08-26T07:02:54.323342ionos.janbro.de sshd[73452]: Failed password for invalid user yum from 41.224.59.242 port 56437 ssh2 2020-08-26T07:06:40.144751ionos.janbro.de sshd[73456]: Invalid user m1 from 41.224.59.242 port 60299 2020-08-26T07:06:40.308717ionos.janbro.de sshd[73456]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.224.59.242 2020-08-26T07:06:40.1 ...	2020-08-26 15:07:48
45.4.0.100	attack	Aug 26 04:38:39 shivevps sshd[21191]: Bad protocol version identification '\024' from 45.4.0.100 port 50779 Aug 26 04:40:04 shivevps sshd[23592]: Bad protocol version identification '\024' from 45.4.0.100 port 57237 Aug 26 04:42:25 shivevps sshd[26942]: Bad protocol version identification '\024' from 45.4.0.100 port 35016 ...	2020-08-26 15:19:25
47.33.161.231	attackspam	Aug 25 23:53:33 aragorn sshd[28267]: Invalid user admin from 47.33.161.231 Aug 25 23:53:34 aragorn sshd[28269]: Invalid user admin from 47.33.161.231 Aug 25 23:53:35 aragorn sshd[28273]: Invalid user admin from 47.33.161.231 Aug 25 23:53:36 aragorn sshd[28275]: Invalid user admin from 47.33.161.231 ...	2020-08-26 15:13:38
185.220.102.243	attackspam	Time: Wed Aug 26 06:19:23 2020 +0000 IP: 185.220.102.243 (DE/Germany/185-220-102-243.torservers.net) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Aug 26 06:19:09 ca-37-ams1 sshd[7989]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.220.102.243 user=root Aug 26 06:19:11 ca-37-ams1 sshd[7989]: Failed password for root from 185.220.102.243 port 22142 ssh2 Aug 26 06:19:13 ca-37-ams1 sshd[7989]: Failed password for root from 185.220.102.243 port 22142 ssh2 Aug 26 06:19:15 ca-37-ams1 sshd[7989]: Failed password for root from 185.220.102.243 port 22142 ssh2 Aug 26 06:19:18 ca-37-ams1 sshd[7989]: Failed password for root from 185.220.102.243 port 22142 ssh2	2020-08-26 15:22:48
182.253.115.90	attack	Aug 26 04:39:18 shivevps sshd[22378]: Bad protocol version identification '\024' from 182.253.115.90 port 35738 Aug 26 04:40:22 shivevps sshd[24076]: Bad protocol version identification '\024' from 182.253.115.90 port 59515 Aug 26 04:44:18 shivevps sshd[30961]: Bad protocol version identification '\024' from 182.253.115.90 port 36814 ...	2020-08-26 14:50:08
23.94.57.111	attackspam	Aug 26 13:53:53 NG-HHDC-SVS-001 sshd[9451]: Invalid user joaquin from 23.94.57.111 ...	2020-08-26 14:41:08
94.247.16.29	attackspam	spam	2020-08-26 15:06:50
117.239.149.94	attackbots	[Wed Aug 26 10:53:34.803560 2020] [:error] [pid 30543:tid 139707031746304] [client 117.239.149.94:63017] [client 117.239.149.94] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197:80"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/manager/html"] [unique_id "X0XcviXBG@3tAFpdD8koaAAAAnY"] ...	2020-08-26 15:14:11
222.186.30.112	attack	Aug 26 06:57:39 localhost sshd[45860]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.112 user=root Aug 26 06:57:41 localhost sshd[45860]: Failed password for root from 222.186.30.112 port 64006 ssh2 Aug 26 06:57:44 localhost sshd[45860]: Failed password for root from 222.186.30.112 port 64006 ssh2 Aug 26 06:57:39 localhost sshd[45860]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.112 user=root Aug 26 06:57:41 localhost sshd[45860]: Failed password for root from 222.186.30.112 port 64006 ssh2 Aug 26 06:57:44 localhost sshd[45860]: Failed password for root from 222.186.30.112 port 64006 ssh2 Aug 26 06:57:39 localhost sshd[45860]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.112 user=root Aug 26 06:57:41 localhost sshd[45860]: Failed password for root from 222.186.30.112 port 64006 ssh2 Aug 26 06:57:44 localhost sshd[45860]: Fa ...	2020-08-26 15:00:18
200.7.197.50	attackspam	Aug 26 04:37:48 shivevps sshd[19333]: Bad protocol version identification '\024' from 200.7.197.50 port 36123 Aug 26 04:38:32 shivevps sshd[20981]: Bad protocol version identification '\024' from 200.7.197.50 port 36615 Aug 26 04:39:16 shivevps sshd[22333]: Bad protocol version identification '\024' from 200.7.197.50 port 36999 Aug 26 04:41:30 shivevps sshd[25708]: Bad protocol version identification '\024' from 200.7.197.50 port 38353 ...	2020-08-26 15:18:20
180.183.246.110	attack	Aug 26 04:44:25 shivevps sshd[31272]: Bad protocol version identification '\024' from 180.183.246.110 port 32941 Aug 26 04:44:40 shivevps sshd[31698]: Bad protocol version identification '\024' from 180.183.246.110 port 33411 Aug 26 04:45:55 shivevps sshd[32453]: Bad protocol version identification '\024' from 180.183.246.110 port 35120 ...	2020-08-26 14:58:37
107.189.10.101	attack	Aug 25 18:50:36 hanapaa sshd\[14848\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.189.10.101 user=root Aug 25 18:50:38 hanapaa sshd\[14848\]: Failed password for root from 107.189.10.101 port 54560 ssh2 Aug 25 18:50:40 hanapaa sshd\[14848\]: Failed password for root from 107.189.10.101 port 54560 ssh2 Aug 25 18:50:42 hanapaa sshd\[14848\]: Failed password for root from 107.189.10.101 port 54560 ssh2 Aug 25 18:50:44 hanapaa sshd\[14848\]: Failed password for root from 107.189.10.101 port 54560 ssh2	2020-08-26 15:13:16
51.81.32.205	attackspam	(sshd) Failed SSH login from 51.81.32.205 (US/United States/vps-58f98804.vps.ovh.us): 5 in the last 3600 secs	2020-08-26 14:50:51
103.208.70.46	attack	20/8/25@23:53:39: FAIL: Alarm-Network address from=103.208.70.46 ...	2020-08-26 15:06:26

最近上报的IP列表

139.99.126.148	139.99.153.235	139.99.144.25	139.99.145.17
139.99.185.212	139.99.186.63	139.99.208.153	139.99.223.242
139.99.200.40	139.99.203.235	139.99.212.119	139.99.20.28
139.99.210.97	139.99.173.148	139.99.178.146	139.99.208.81
139.99.24.157	139.99.236.161	139.99.24.229	139.99.239.135

基本信息:

用户上报:

相同子网IP讨论:

WHOIS信息:

DIG信息:

HOST信息:

NSLOOKUP信息:

相关IP信息:

最新评论:

最近上报的IP列表