139.99.9.2 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Singapore

运营商(isp): OVH Singapore Pte. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	190 attacks over the last 10 minutes. Below is a sample of these recent attacks: July 15, 2019 1:21am 139.99.9.2 (Singapore) Blocked for Newspaper Premium Theme <= 6.7.1 - Privilege Escalation July 15, 2019 1:21am 139.99.9.2 (Singapore) Blocked for Yellow Pencil Visual Theme Customizer <= 7.1.9 Arbitrary Options Update in query string: yp_remote_get=test July 15, 2019 1:21am 139.99.9.2 (Singapore) Blocked for Yellow Pencil Visual Theme Customizer <= 7.1.9 Arbitrary Options Update in query string: yp_remote_get=test July 15, 2019 1:21am 139.99.9.2 (Singapore) Blocked for WP GDPR Compliance <= 1.4.2 - Update Any Option / Call Any Action in POST body: action=wpgdprc_process_action	2019-07-15 22:00:37

类型

评论内容

时间

attack

190 attacks over the last 10 minutes. Below is a sample of these recent attacks:

July 15, 2019 1:21am  139.99.9.2 (Singapore)     Blocked for Newspaper Premium Theme <= 6.7.1 - Privilege Escalation
July 15, 2019 1:21am  139.99.9.2 (Singapore)     Blocked for Yellow Pencil Visual Theme Customizer <= 7.1.9 Arbitrary Options Update in query string: yp_remote_get=test
July 15, 2019 1:21am  139.99.9.2 (Singapore)     Blocked for Yellow Pencil Visual Theme Customizer <= 7.1.9 Arbitrary Options Update in query string: yp_remote_get=test
July 15, 2019 1:21am  139.99.9.2 (Singapore)     Blocked for WP GDPR Compliance <= 1.4.2 - Update Any Option / Call Any Action in POST body: action=wpgdprc_process_action

2019-07-15 22:00:37

相同子网IP讨论:

IP	类型	评论内容	时间
139.99.91.43	attackbotsspam	SSH 2020-09-17 06:43:07 139.99.91.43 139.99.182.230 > POST serenevillasbali.indonesiaroom.com /wp-login.php HTTP/1.1 - - 2020-09-17 23:54:08 139.99.91.43 139.99.182.230 > GET shinichisurabaya.com /wp-login.php HTTP/1.1 - - 2020-09-17 23:54:08 139.99.91.43 139.99.182.230 > POST shinichisurabaya.com /wp-login.php HTTP/1.1 - -	2020-09-19 03:35:21
139.99.91.43	attack	SSH 2020-09-17 06:43:07 139.99.91.43 139.99.182.230 > POST serenevillasbali.indonesiaroom.com /wp-login.php HTTP/1.1 - - 2020-09-17 23:54:08 139.99.91.43 139.99.182.230 > GET shinichisurabaya.com /wp-login.php HTTP/1.1 - - 2020-09-17 23:54:08 139.99.91.43 139.99.182.230 > POST shinichisurabaya.com /wp-login.php HTTP/1.1 - -	2020-09-18 19:38:02
139.99.98.248	attack	Sep 15 02:29:45 pixelmemory sshd[3244134]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.98.248 Sep 15 02:29:45 pixelmemory sshd[3244134]: Invalid user ftpuser from 139.99.98.248 port 36638 Sep 15 02:29:48 pixelmemory sshd[3244134]: Failed password for invalid user ftpuser from 139.99.98.248 port 36638 ssh2 Sep 15 02:34:23 pixelmemory sshd[3263707]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.98.248 user=root Sep 15 02:34:25 pixelmemory sshd[3263707]: Failed password for root from 139.99.98.248 port 48038 ssh2 ...	2020-09-15 23:43:34
139.99.98.248	attack	<6 unauthorized SSH connections	2020-09-15 15:35:43
139.99.98.248	attackbots	2020-09-14T14:03:39.9058751495-001 sshd[4066]: Failed password for root from 139.99.98.248 port 52108 ssh2 2020-09-14T14:08:06.9147731495-001 sshd[4393]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.98.248 user=root 2020-09-14T14:08:08.8283481495-001 sshd[4393]: Failed password for root from 139.99.98.248 port 36120 ssh2 2020-09-14T14:12:30.1052501495-001 sshd[4741]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.98.248 user=root 2020-09-14T14:12:31.9281851495-001 sshd[4741]: Failed password for root from 139.99.98.248 port 48364 ssh2 2020-09-14T14:16:52.0759361495-001 sshd[5011]: Invalid user anne from 139.99.98.248 port 60634 ...	2020-09-15 07:41:11
139.99.98.248	attackspam	Aug 29 08:08:35 abendstille sshd\[1938\]: Invalid user izt from 139.99.98.248 Aug 29 08:08:35 abendstille sshd\[1938\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.98.248 Aug 29 08:08:38 abendstille sshd\[1938\]: Failed password for invalid user izt from 139.99.98.248 port 56444 ssh2 Aug 29 08:13:07 abendstille sshd\[6155\]: Invalid user testftp from 139.99.98.248 Aug 29 08:13:07 abendstille sshd\[6155\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.98.248 ...	2020-08-29 18:49:01
139.99.98.248	attackspambots	Invalid user ftpuser from 139.99.98.248 port 45004	2020-08-28 14:46:52
139.99.98.248	attack	2020-08-26T17:55:03.136961ks3355764 sshd[22117]: Failed password for invalid user joshua from 139.99.98.248 port 37534 ssh2 2020-08-26T19:55:48.057031ks3355764 sshd[23954]: Invalid user dante from 139.99.98.248 port 56122 ...	2020-08-27 03:54:57
139.99.91.151	attackbots	ssh brute force	2020-08-26 17:04:27
139.99.98.248	attackbotsspam	Aug 21 08:37:33 ny01 sshd[6616]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.98.248 Aug 21 08:37:34 ny01 sshd[6616]: Failed password for invalid user esq from 139.99.98.248 port 38196 ssh2 Aug 21 08:42:01 ny01 sshd[7226]: Failed password for root from 139.99.98.248 port 45748 ssh2	2020-08-21 21:28:36
139.99.98.248	attack	Aug 19 03:53:55 marvibiene sshd[7312]: Invalid user usuarios from 139.99.98.248 port 44524 Aug 19 03:53:55 marvibiene sshd[7312]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.98.248 Aug 19 03:53:55 marvibiene sshd[7312]: Invalid user usuarios from 139.99.98.248 port 44524 Aug 19 03:53:58 marvibiene sshd[7312]: Failed password for invalid user usuarios from 139.99.98.248 port 44524 ssh2	2020-08-19 14:23:50
139.99.98.248	attackbotsspam	Aug 14 12:20:29 webhost01 sshd[15384]: Failed password for root from 139.99.98.248 port 48842 ssh2 ...	2020-08-14 16:44:52
139.99.98.248	attack	leo_www	2020-08-09 17:30:57
139.99.98.248	attackspambots	SSH Brute Force	2020-07-29 23:12:21
139.99.98.248	attackspambots	Jul 25 01:45:37 Ubuntu-1404-trusty-64-minimal sshd\[11209\]: Invalid user gzp from 139.99.98.248 Jul 25 01:45:37 Ubuntu-1404-trusty-64-minimal sshd\[11209\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.98.248 Jul 25 01:45:39 Ubuntu-1404-trusty-64-minimal sshd\[11209\]: Failed password for invalid user gzp from 139.99.98.248 port 35414 ssh2 Jul 25 02:00:17 Ubuntu-1404-trusty-64-minimal sshd\[22705\]: Invalid user guohanning from 139.99.98.248 Jul 25 02:00:17 Ubuntu-1404-trusty-64-minimal sshd\[22705\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.98.248	2020-07-25 08:35:48

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.99.9.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 61281
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.99.9.2.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019071500 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Jul 15 22:00:23 CST 2019
;; MSG SIZE  rcvd: 114

HOST信息:

2.9.99.139.in-addr.arpa domain name pointer sg1.xanh.org.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
2.9.99.139.in-addr.arpa	name = sg1.xanh.org.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
185.94.111.1	attack	17.10.2019 15:06:55 Connection to port 123 blocked by firewall	2019-10-18 00:13:29
123.206.17.141	attackspam	2019-10-17T16:07:10.906653shield sshd\[16041\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.206.17.141 user=root 2019-10-17T16:07:12.703702shield sshd\[16041\]: Failed password for root from 123.206.17.141 port 45008 ssh2 2019-10-17T16:07:15.355453shield sshd\[16041\]: Failed password for root from 123.206.17.141 port 45008 ssh2 2019-10-17T16:07:17.082598shield sshd\[16041\]: Failed password for root from 123.206.17.141 port 45008 ssh2 2019-10-17T16:07:19.082585shield sshd\[16041\]: Failed password for root from 123.206.17.141 port 45008 ssh2	2019-10-18 00:09:57
178.122.248.27	attack	Oct 17 13:40:39 [munged] sshd[18229]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.122.248.27	2019-10-17 23:52:32
222.186.175.202	attackbots	Triggered by Fail2Ban at Vostok web server	2019-10-17 23:39:21
222.186.175.215	attackspam	Oct 17 18:10:37 nextcloud sshd\[3720\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.215 user=root Oct 17 18:10:39 nextcloud sshd\[3720\]: Failed password for root from 222.186.175.215 port 30152 ssh2 Oct 17 18:11:06 nextcloud sshd\[4523\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.215 user=root ...	2019-10-18 00:13:11
187.162.39.226	attackbots	MultiHost/MultiPort Probe, Scan, Hack -	2019-10-17 23:58:27
18.27.197.252	attackspambots	Oct 17 17:02:34 rotator sshd\[24011\]: Invalid user nodeserver from 18.27.197.252Oct 17 17:02:35 rotator sshd\[24011\]: Failed password for invalid user nodeserver from 18.27.197.252 port 60144 ssh2Oct 17 17:02:39 rotator sshd\[24014\]: Invalid user noel from 18.27.197.252Oct 17 17:02:41 rotator sshd\[24014\]: Failed password for invalid user noel from 18.27.197.252 port 49632 ssh2Oct 17 17:02:44 rotator sshd\[24016\]: Invalid user nologin from 18.27.197.252Oct 17 17:02:46 rotator sshd\[24016\]: Failed password for invalid user nologin from 18.27.197.252 port 35210 ssh2 ...	2019-10-17 23:40:06
187.162.75.89	attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-10-18 00:12:09
187.162.41.233	attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-10-18 00:06:44
122.116.198.65	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/122.116.198.65/ TW - 1H : (217) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : TW NAME ASN : ASN3462 IP : 122.116.198.65 CIDR : 122.116.0.0/16 PREFIX COUNT : 390 UNIQUE IP COUNT : 12267520 WYKRYTE ATAKI Z ASN3462 : 1H - 6 3H - 23 6H - 45 12H - 97 24H - 199 DateTime : 2019-10-17 13:40:41 INFO : Server 403 - Looking for resource vulnerabilities Detected and Blocked by ADMIN - data recovery	2019-10-17 23:47:34
77.247.110.27	attackbotsspam	UDP 5073-5077	2019-10-17 23:47:00
182.162.143.236	attack	2019-10-17T15:33:54.214763abusebot-5.cloudsearch.cf sshd\[6527\]: Invalid user cen from 182.162.143.236 port 37000	2019-10-17 23:51:31
198.55.103.151	attackbots	MultiHost/MultiPort Probe, Scan, Hack -	2019-10-17 23:56:36
115.88.25.178	attackbotsspam	Oct 17 04:47:09 hpm sshd\[26213\]: Invalid user stone from 115.88.25.178 Oct 17 04:47:09 hpm sshd\[26213\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.88.25.178 Oct 17 04:47:10 hpm sshd\[26213\]: Failed password for invalid user stone from 115.88.25.178 port 35916 ssh2 Oct 17 04:52:05 hpm sshd\[26631\]: Invalid user alemany from 115.88.25.178 Oct 17 04:52:05 hpm sshd\[26631\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.88.25.178	2019-10-17 23:43:47
211.239.121.27	attackspambots	ssh failed login	2019-10-17 23:51:10

最近上报的IP列表

114.41.0.6	66.254.137.254	201.248.129.91	185.104.185.96
78.252.37.98	117.28.135.49	98.251.239.91	14.248.180.145
14.231.154.171	155.101.125.105	115.220.37.169	74.3.135.116
122.216.104.140	112.64.76.171	79.107.179.124	31.28.70.174
126.6.113.141	121.144.32.0	177.23.65.40	213.221.252.21