城市(city): unknown
省份(region): unknown
国家(country): Singapore
运营商(isp): OVH Singapore Pte. Ltd
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): Data Center/Web Hosting/Transit
| 类型 | 评论内容 | 时间 |
|---|---|---|
| attackspam | Feb 22 15:00:22 hanapaa sshd\[18593\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.ip-139-99-91.net user=root Feb 22 15:00:24 hanapaa sshd\[18593\]: Failed password for root from 139.99.91.35 port 40618 ssh2 Feb 22 15:04:19 hanapaa sshd\[18952\]: Invalid user www from 139.99.91.35 Feb 22 15:04:19 hanapaa sshd\[18952\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.ip-139-99-91.net Feb 22 15:04:20 hanapaa sshd\[18952\]: Failed password for invalid user www from 139.99.91.35 port 35834 ssh2 |
2020-02-23 09:07:39 |
| attackbotsspam | Feb 12 05:45:13 roki sshd[9406]: Invalid user ruhnow from 139.99.91.35 Feb 12 05:45:13 roki sshd[9406]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.91.35 Feb 12 05:45:15 roki sshd[9406]: Failed password for invalid user ruhnow from 139.99.91.35 port 51972 ssh2 Feb 12 05:58:41 roki sshd[11771]: Invalid user goodluck from 139.99.91.35 Feb 12 05:58:41 roki sshd[11771]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.91.35 ... |
2020-02-12 13:13:37 |
| attack | Unauthorized connection attempt detected from IP address 139.99.91.35 to port 2220 [J] |
2020-01-30 00:33:50 |
| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 139.99.91.43 | attackbotsspam | SSH 2020-09-17 06:43:07 139.99.91.43 139.99.182.230 > POST serenevillasbali.indonesiaroom.com /wp-login.php HTTP/1.1 - - 2020-09-17 23:54:08 139.99.91.43 139.99.182.230 > GET shinichisurabaya.com /wp-login.php HTTP/1.1 - - 2020-09-17 23:54:08 139.99.91.43 139.99.182.230 > POST shinichisurabaya.com /wp-login.php HTTP/1.1 - - |
2020-09-19 03:35:21 |
| 139.99.91.43 | attack | SSH 2020-09-17 06:43:07 139.99.91.43 139.99.182.230 > POST serenevillasbali.indonesiaroom.com /wp-login.php HTTP/1.1 - - 2020-09-17 23:54:08 139.99.91.43 139.99.182.230 > GET shinichisurabaya.com /wp-login.php HTTP/1.1 - - 2020-09-17 23:54:08 139.99.91.43 139.99.182.230 > POST shinichisurabaya.com /wp-login.php HTTP/1.1 - - |
2020-09-18 19:38:02 |
| 139.99.91.151 | attackbots | ssh brute force |
2020-08-26 17:04:27 |
| 139.99.91.132 | attackbots | Apr 27 13:46:29 ns392434 sshd[10712]: Invalid user rashmi from 139.99.91.132 port 35618 Apr 27 13:46:29 ns392434 sshd[10712]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.91.132 Apr 27 13:46:29 ns392434 sshd[10712]: Invalid user rashmi from 139.99.91.132 port 35618 Apr 27 13:46:31 ns392434 sshd[10712]: Failed password for invalid user rashmi from 139.99.91.132 port 35618 ssh2 Apr 27 13:53:53 ns392434 sshd[10931]: Invalid user sj from 139.99.91.132 port 56048 Apr 27 13:53:53 ns392434 sshd[10931]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.91.132 Apr 27 13:53:53 ns392434 sshd[10931]: Invalid user sj from 139.99.91.132 port 56048 Apr 27 13:53:55 ns392434 sshd[10931]: Failed password for invalid user sj from 139.99.91.132 port 56048 ssh2 Apr 27 13:58:12 ns392434 sshd[11090]: Invalid user gavin from 139.99.91.132 port 39114 |
2020-04-27 20:33:57 |
| 139.99.91.132 | attackbotsspam | Apr 23 22:10:05 sxvn sshd[417655]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.91.132 |
2020-04-24 04:10:13 |
| 139.99.91.132 | attackspambots | Apr 17 11:55:54 sshgateway sshd\[11379\]: Invalid user oracle from 139.99.91.132 Apr 17 11:55:54 sshgateway sshd\[11379\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.ip-139-99-91.net Apr 17 11:55:57 sshgateway sshd\[11379\]: Failed password for invalid user oracle from 139.99.91.132 port 34736 ssh2 |
2020-04-17 20:43:28 |
| 139.99.91.132 | attackspam | "Unauthorized connection attempt on SSHD detected" |
2020-04-14 01:49:00 |
| 139.99.91.132 | attackspam | Mar 30 02:29:26 XXX sshd[53004]: Invalid user usa from 139.99.91.132 port 46016 |
2020-03-30 09:33:49 |
| 139.99.91.161 | attackbotsspam | Mar 25 13:19:56 localhost sshd[92545]: Invalid user usertest from 139.99.91.161 port 60422 Mar 25 13:19:56 localhost sshd[92545]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=161.ip-139-99-91.net Mar 25 13:19:56 localhost sshd[92545]: Invalid user usertest from 139.99.91.161 port 60422 Mar 25 13:19:57 localhost sshd[92545]: Failed password for invalid user usertest from 139.99.91.161 port 60422 ssh2 Mar 25 13:28:02 localhost sshd[93269]: Invalid user raamatukogu from 139.99.91.161 port 58896 ... |
2020-03-25 21:39:59 |
| 139.99.91.161 | attackspambots | Brute force attempt |
2020-03-25 17:05:50 |
| 139.99.91.161 | attackbotsspam | $f2bV_matches |
2020-03-21 14:24:14 |
| 139.99.91.161 | attackbotsspam | Mar 19 09:18:16 gw1 sshd[496]: Failed password for root from 139.99.91.161 port 53600 ssh2 ... |
2020-03-19 12:47:28 |
| 139.99.91.84 | attack | Feb 7 23:20:56 ovpn sshd\[16557\]: Invalid user pfy from 139.99.91.84 Feb 7 23:20:56 ovpn sshd\[16557\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.91.84 Feb 7 23:20:58 ovpn sshd\[16557\]: Failed password for invalid user pfy from 139.99.91.84 port 39270 ssh2 Feb 7 23:37:29 ovpn sshd\[20700\]: Invalid user ogo from 139.99.91.84 Feb 7 23:37:29 ovpn sshd\[20700\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.91.84 |
2020-02-08 08:55:16 |
| 139.99.91.84 | attackspam | Feb 6 02:45:56 legacy sshd[8820]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.91.84 Feb 6 02:45:59 legacy sshd[8820]: Failed password for invalid user zet from 139.99.91.84 port 38882 ssh2 Feb 6 02:49:11 legacy sshd[9068]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.91.84 ... |
2020-02-06 09:51:18 |
| 139.99.91.84 | attack | Feb 6 01:57:20 legacy sshd[5898]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.91.84 Feb 6 01:57:22 legacy sshd[5898]: Failed password for invalid user mha from 139.99.91.84 port 48966 ssh2 Feb 6 02:00:32 legacy sshd[6132]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.91.84 ... |
2020-02-06 09:11:30 |
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.99.91.35
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 25048
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.99.91.35. IN A
;; AUTHORITY SECTION:
. 404 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2020012900 1800 900 604800 86400
;; Query time: 53 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jan 30 00:33:46 CST 2020
;; MSG SIZE rcvd: 116
35.91.99.139.in-addr.arpa domain name pointer 35.ip-139-99-91.net.
Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
35.91.99.139.in-addr.arpa name = 35.ip-139-99-91.net.
Authoritative answers can be found from:
| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 159.203.66.199 | attackbotsspam | 27486/tcp 31985/tcp 6063/tcp... [2020-03-15/25]47pkt,16pt.(tcp) |
2020-03-25 18:47:50 |
| 185.244.39.90 | attackbots | Port 389 scan denied |
2020-03-25 18:38:13 |
| 159.65.149.139 | attackbotsspam | $f2bV_matches |
2020-03-25 18:12:02 |
| 87.251.74.8 | attackspam | 03/25/2020-05:21:12.021171 87.251.74.8 Protocol: 6 ET SCAN NMAP -sS window 1024 |
2020-03-25 18:55:56 |
| 188.246.224.126 | attack | 342 packets to ports 1000 1111 2000 2222 3000 3333 4000 4444 5000 5555 6000 6666 7000 7777 8000 8888 9000 9999 10000 11111 20000 22222 30000 33333 33900 33911 33922 33933 33944 33955 33966 33977 33999 40000 44444 50000 55555 60000 |
2020-03-25 18:37:15 |
| 206.72.195.84 | attackspam | 53413/udp 53413/udp 53413/udp... [2020-03-23/25]78pkt,1pt.(udp) |
2020-03-25 18:30:14 |
| 45.184.24.5 | attackbotsspam | Mar 25 06:58:55 SilenceServices sshd[24192]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.184.24.5 Mar 25 06:58:57 SilenceServices sshd[24192]: Failed password for invalid user router from 45.184.24.5 port 49938 ssh2 Mar 25 07:03:21 SilenceServices sshd[6361]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.184.24.5 |
2020-03-25 18:23:19 |
| 36.234.201.70 | attackbotsspam | Tried sshing with brute force. |
2020-03-25 18:14:43 |
| 87.251.74.13 | attackspam | 03/25/2020-05:28:38.004845 87.251.74.13 Protocol: 6 ET SCAN NMAP -sS window 1024 |
2020-03-25 18:54:03 |
| 93.181.207.62 | attackspam | Port probing on unauthorized port 5555 |
2020-03-25 18:02:47 |
| 87.251.74.11 | attackspambots | firewall-block, port(s): 6340/tcp, 44449/tcp |
2020-03-25 18:54:33 |
| 195.231.0.193 | attack | " " |
2020-03-25 18:31:20 |
| 185.175.93.100 | attackspam | Mar 25 09:51:52 debian-2gb-nbg1-2 kernel: \[7385393.415539\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=185.175.93.100 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=41882 PROTO=TCP SPT=51379 DPT=5992 WINDOW=1024 RES=0x00 SYN URGP=0 |
2020-03-25 18:38:44 |
| 85.209.3.142 | attack | Port 3814 scan denied |
2020-03-25 18:57:52 |
| 185.53.88.43 | attack | Port 5064 scan denied |
2020-03-25 18:42:34 |