139.99.9.2 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Singapore

运营商(isp): OVH Singapore Pte. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	190 attacks over the last 10 minutes. Below is a sample of these recent attacks: July 15, 2019 1:21am 139.99.9.2 (Singapore) Blocked for Newspaper Premium Theme <= 6.7.1 - Privilege Escalation July 15, 2019 1:21am 139.99.9.2 (Singapore) Blocked for Yellow Pencil Visual Theme Customizer <= 7.1.9 Arbitrary Options Update in query string: yp_remote_get=test July 15, 2019 1:21am 139.99.9.2 (Singapore) Blocked for Yellow Pencil Visual Theme Customizer <= 7.1.9 Arbitrary Options Update in query string: yp_remote_get=test July 15, 2019 1:21am 139.99.9.2 (Singapore) Blocked for WP GDPR Compliance <= 1.4.2 - Update Any Option / Call Any Action in POST body: action=wpgdprc_process_action	2019-07-15 22:00:37

类型

评论内容

时间

attack

190 attacks over the last 10 minutes. Below is a sample of these recent attacks:

July 15, 2019 1:21am  139.99.9.2 (Singapore)     Blocked for Newspaper Premium Theme <= 6.7.1 - Privilege Escalation
July 15, 2019 1:21am  139.99.9.2 (Singapore)     Blocked for Yellow Pencil Visual Theme Customizer <= 7.1.9 Arbitrary Options Update in query string: yp_remote_get=test
July 15, 2019 1:21am  139.99.9.2 (Singapore)     Blocked for Yellow Pencil Visual Theme Customizer <= 7.1.9 Arbitrary Options Update in query string: yp_remote_get=test
July 15, 2019 1:21am  139.99.9.2 (Singapore)     Blocked for WP GDPR Compliance <= 1.4.2 - Update Any Option / Call Any Action in POST body: action=wpgdprc_process_action

2019-07-15 22:00:37

相同子网IP讨论:

IP	类型	评论内容	时间
139.99.91.43	attackbotsspam	SSH 2020-09-17 06:43:07 139.99.91.43 139.99.182.230 > POST serenevillasbali.indonesiaroom.com /wp-login.php HTTP/1.1 - - 2020-09-17 23:54:08 139.99.91.43 139.99.182.230 > GET shinichisurabaya.com /wp-login.php HTTP/1.1 - - 2020-09-17 23:54:08 139.99.91.43 139.99.182.230 > POST shinichisurabaya.com /wp-login.php HTTP/1.1 - -	2020-09-19 03:35:21
139.99.91.43	attack	SSH 2020-09-17 06:43:07 139.99.91.43 139.99.182.230 > POST serenevillasbali.indonesiaroom.com /wp-login.php HTTP/1.1 - - 2020-09-17 23:54:08 139.99.91.43 139.99.182.230 > GET shinichisurabaya.com /wp-login.php HTTP/1.1 - - 2020-09-17 23:54:08 139.99.91.43 139.99.182.230 > POST shinichisurabaya.com /wp-login.php HTTP/1.1 - -	2020-09-18 19:38:02
139.99.98.248	attack	Sep 15 02:29:45 pixelmemory sshd[3244134]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.98.248 Sep 15 02:29:45 pixelmemory sshd[3244134]: Invalid user ftpuser from 139.99.98.248 port 36638 Sep 15 02:29:48 pixelmemory sshd[3244134]: Failed password for invalid user ftpuser from 139.99.98.248 port 36638 ssh2 Sep 15 02:34:23 pixelmemory sshd[3263707]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.98.248 user=root Sep 15 02:34:25 pixelmemory sshd[3263707]: Failed password for root from 139.99.98.248 port 48038 ssh2 ...	2020-09-15 23:43:34
139.99.98.248	attack	<6 unauthorized SSH connections	2020-09-15 15:35:43
139.99.98.248	attackbots	2020-09-14T14:03:39.9058751495-001 sshd[4066]: Failed password for root from 139.99.98.248 port 52108 ssh2 2020-09-14T14:08:06.9147731495-001 sshd[4393]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.98.248 user=root 2020-09-14T14:08:08.8283481495-001 sshd[4393]: Failed password for root from 139.99.98.248 port 36120 ssh2 2020-09-14T14:12:30.1052501495-001 sshd[4741]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.98.248 user=root 2020-09-14T14:12:31.9281851495-001 sshd[4741]: Failed password for root from 139.99.98.248 port 48364 ssh2 2020-09-14T14:16:52.0759361495-001 sshd[5011]: Invalid user anne from 139.99.98.248 port 60634 ...	2020-09-15 07:41:11
139.99.98.248	attackspam	Aug 29 08:08:35 abendstille sshd\[1938\]: Invalid user izt from 139.99.98.248 Aug 29 08:08:35 abendstille sshd\[1938\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.98.248 Aug 29 08:08:38 abendstille sshd\[1938\]: Failed password for invalid user izt from 139.99.98.248 port 56444 ssh2 Aug 29 08:13:07 abendstille sshd\[6155\]: Invalid user testftp from 139.99.98.248 Aug 29 08:13:07 abendstille sshd\[6155\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.98.248 ...	2020-08-29 18:49:01
139.99.98.248	attackspambots	Invalid user ftpuser from 139.99.98.248 port 45004	2020-08-28 14:46:52
139.99.98.248	attack	2020-08-26T17:55:03.136961ks3355764 sshd[22117]: Failed password for invalid user joshua from 139.99.98.248 port 37534 ssh2 2020-08-26T19:55:48.057031ks3355764 sshd[23954]: Invalid user dante from 139.99.98.248 port 56122 ...	2020-08-27 03:54:57
139.99.91.151	attackbots	ssh brute force	2020-08-26 17:04:27
139.99.98.248	attackbotsspam	Aug 21 08:37:33 ny01 sshd[6616]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.98.248 Aug 21 08:37:34 ny01 sshd[6616]: Failed password for invalid user esq from 139.99.98.248 port 38196 ssh2 Aug 21 08:42:01 ny01 sshd[7226]: Failed password for root from 139.99.98.248 port 45748 ssh2	2020-08-21 21:28:36
139.99.98.248	attack	Aug 19 03:53:55 marvibiene sshd[7312]: Invalid user usuarios from 139.99.98.248 port 44524 Aug 19 03:53:55 marvibiene sshd[7312]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.98.248 Aug 19 03:53:55 marvibiene sshd[7312]: Invalid user usuarios from 139.99.98.248 port 44524 Aug 19 03:53:58 marvibiene sshd[7312]: Failed password for invalid user usuarios from 139.99.98.248 port 44524 ssh2	2020-08-19 14:23:50
139.99.98.248	attackbotsspam	Aug 14 12:20:29 webhost01 sshd[15384]: Failed password for root from 139.99.98.248 port 48842 ssh2 ...	2020-08-14 16:44:52
139.99.98.248	attack	leo_www	2020-08-09 17:30:57
139.99.98.248	attackspambots	SSH Brute Force	2020-07-29 23:12:21
139.99.98.248	attackspambots	Jul 25 01:45:37 Ubuntu-1404-trusty-64-minimal sshd\[11209\]: Invalid user gzp from 139.99.98.248 Jul 25 01:45:37 Ubuntu-1404-trusty-64-minimal sshd\[11209\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.98.248 Jul 25 01:45:39 Ubuntu-1404-trusty-64-minimal sshd\[11209\]: Failed password for invalid user gzp from 139.99.98.248 port 35414 ssh2 Jul 25 02:00:17 Ubuntu-1404-trusty-64-minimal sshd\[22705\]: Invalid user guohanning from 139.99.98.248 Jul 25 02:00:17 Ubuntu-1404-trusty-64-minimal sshd\[22705\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.98.248	2020-07-25 08:35:48

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.99.9.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 61281
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.99.9.2.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019071500 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Jul 15 22:00:23 CST 2019
;; MSG SIZE  rcvd: 114

HOST信息:

2.9.99.139.in-addr.arpa domain name pointer sg1.xanh.org.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
2.9.99.139.in-addr.arpa	name = sg1.xanh.org.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
177.69.26.97	attack	Aug 4 00:53:09 MK-Soft-VM3 sshd\[8281\]: Invalid user plano from 177.69.26.97 port 53086 Aug 4 00:53:09 MK-Soft-VM3 sshd\[8281\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.69.26.97 Aug 4 00:53:12 MK-Soft-VM3 sshd\[8281\]: Failed password for invalid user plano from 177.69.26.97 port 53086 ssh2 ...	2019-08-04 09:32:36
117.198.164.174	attackbotsspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-08-04 00:41:45,259 INFO [amun_request_handler] PortScan Detected on Port: 445 (117.198.164.174)	2019-08-04 09:47:17
167.114.227.94	attackbots	SS1,DEF GET /w00tw00t.at.ISC.SANS.DFind:)	2019-08-04 09:33:46
112.133.207.242	attackbots	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-08-04 00:40:03,877 INFO [amun_request_handler] PortScan Detected on Port: 445 (112.133.207.242)	2019-08-04 09:57:08
159.65.127.70	attackbotsspam	2019-08-04T02:47:00.456942wiz-ks3 sshd[20249]: Invalid user a from 159.65.127.70 port 57282 2019-08-04T02:47:00.458987wiz-ks3 sshd[20249]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.127.70 2019-08-04T02:47:00.456942wiz-ks3 sshd[20249]: Invalid user a from 159.65.127.70 port 57282 2019-08-04T02:47:02.624952wiz-ks3 sshd[20249]: Failed password for invalid user a from 159.65.127.70 port 57282 ssh2 2019-08-04T02:51:12.300771wiz-ks3 sshd[20275]: Invalid user a from 159.65.127.70 port 38098 2019-08-04T02:51:12.302710wiz-ks3 sshd[20275]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.127.70 2019-08-04T02:51:12.300771wiz-ks3 sshd[20275]: Invalid user a from 159.65.127.70 port 38098 2019-08-04T02:51:13.730873wiz-ks3 sshd[20275]: Failed password for invalid user a from 159.65.127.70 port 38098 ssh2 2019-08-04T02:51:47.704895wiz-ks3 sshd[20283]: Invalid user a from 159.65.127.70 port 40538 2019-08-04T02:51:47.706817wiz-ks	2019-08-04 09:45:12
118.24.212.41	attackspam	Automatic report - SSH Brute-Force Attack	2019-08-04 10:23:22
132.232.42.181	attack	2019-08-04T01:55:44.195170abusebot-6.cloudsearch.cf sshd\[4471\]: Invalid user apache2 from 132.232.42.181 port 49710	2019-08-04 10:12:14
115.231.163.85	attackbotsspam	Aug 3 22:03:38 xtremcommunity sshd\[23334\]: Invalid user ts1 from 115.231.163.85 port 34486 Aug 3 22:03:38 xtremcommunity sshd\[23334\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.231.163.85 Aug 3 22:03:39 xtremcommunity sshd\[23334\]: Failed password for invalid user ts1 from 115.231.163.85 port 34486 ssh2 Aug 3 22:09:01 xtremcommunity sshd\[23477\]: Invalid user jenniferm from 115.231.163.85 port 56212 Aug 3 22:09:01 xtremcommunity sshd\[23477\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.231.163.85 ...	2019-08-04 10:15:04
65.51.216.95	attackbotsspam	Aug 1 07:15:23 josie sshd[9144]: Bad protocol version identification '' from 65.51.216.95 Aug 1 07:15:37 josie sshd[9224]: Invalid user pi from 65.51.216.95 Aug 1 07:15:37 josie sshd[9224]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=65.51.216.95 Aug 1 07:15:40 josie sshd[9224]: Failed password for invalid user pi from 65.51.216.95 port 43338 ssh2 Aug 1 07:15:40 josie sshd[9225]: Connection closed by 65.51.216.95 Aug 1 07:16:14 josie sshd[9453]: Invalid user openhabian from 65.51.216.95 Aug 1 07:16:14 josie sshd[9453]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=65.51.216.95 Aug 1 07:16:16 josie sshd[9453]: Failed password for invalid user openhabian from 65.51.216.95 port 47434 ssh2 Aug 1 07:16:16 josie sshd[9454]: Connection closed by 65.51.216.95 Aug 1 07:16:41 josie sshd[9745]: Invalid user netscreen from 65.51.216.95 Aug 1 07:16:41 josie sshd[9745]: pam_unix(sshd:au........ -------------------------------	2019-08-04 09:38:42
37.83.5.78	attackspambots	21 attempts against mh-ssh on grass.magehost.pro	2019-08-04 10:09:38
200.107.154.3	attackbotsspam	Aug 4 03:43:18 pkdns2 sshd\[33114\]: Invalid user bob3297 from 200.107.154.3Aug 4 03:43:19 pkdns2 sshd\[33114\]: Failed password for invalid user bob3297 from 200.107.154.3 port 61273 ssh2Aug 4 03:48:08 pkdns2 sshd\[33307\]: Invalid user qwerty from 200.107.154.3Aug 4 03:48:10 pkdns2 sshd\[33307\]: Failed password for invalid user qwerty from 200.107.154.3 port 30545 ssh2Aug 4 03:53:01 pkdns2 sshd\[33499\]: Invalid user humberto from 200.107.154.3Aug 4 03:53:03 pkdns2 sshd\[33499\]: Failed password for invalid user humberto from 200.107.154.3 port 56259 ssh2 ...	2019-08-04 09:36:39
211.104.171.239	attack	Aug 4 02:10:05 www_kotimaassa_fi sshd[26148]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.104.171.239 Aug 4 02:10:07 www_kotimaassa_fi sshd[26148]: Failed password for invalid user gate from 211.104.171.239 port 50875 ssh2 ...	2019-08-04 10:10:11
51.255.192.217	attackbots	Automatic report - Banned IP Access	2019-08-04 09:39:32
192.162.35.177	attack	Automatic report - Port Scan Attack	2019-08-04 10:15:56
189.109.203.222	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-08-04 00:36:50,551 INFO [amun_request_handler] PortScan Detected on Port: 445 (189.109.203.222)	2019-08-04 10:11:12

最近上报的IP列表

114.41.0.6	66.254.137.254	201.248.129.91	185.104.185.96
78.252.37.98	117.28.135.49	98.251.239.91	14.248.180.145
14.231.154.171	155.101.125.105	115.220.37.169	74.3.135.116
122.216.104.140	112.64.76.171	79.107.179.124	31.28.70.174
126.6.113.141	121.144.32.0	177.23.65.40	213.221.252.21