139.162.10.94 - IPInfo

Basic Info

City: Singapore

Region: unknown

Country: Singapore

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
139.162.106.178	attack	Auto Detect Rule! proto TCP (SYN), 139.162.106.178:45138->gjan.info:23, len 40	2020-10-02 03:26:11
139.162.106.178	attackbots	TCP (SYN) 139.162.106.178:57555 -> port 23, len 44	2020-10-01 19:38:32
139.162.106.181	attackbotsspam	srvr3: (mod_security) mod_security (id:920350) triggered by 139.162.106.181 (US/United States/scan-67.security.ipip.net): 1 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/09/10 02:24:05 [error] 277189#0: 1327 [client 139.162.106.181] ModSecurity: Access denied with code 406 (phase 2). Matched "Operator `Rx' with parameter `^[\d.:]+$' against variable `REQUEST_HEADERS:Host' [redacted] [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "718"] [id "920350"] [rev ""] [msg "Host header is a numeric IP address"] [redacted] [severity "4"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [redacted] [uri "/"] [unique_id "159969744587.159482"] [ref "o0,11v21,11"], client: 139.162.106.181, [redacted] request: "GET / HTTP/1.1" [redacted]	2020-09-10 14:07:53
139.162.106.181	attackbotsspam	139.162.106.181 - - [09/Sep/2020:19:35:24 +0200] "GET / HTTP/1.1" 301 670 "-" "HTTP Banner Detection (https://security.ipip.net)" ...	2020-09-10 04:49:14
139.162.109.43	attackbotsspam	Port scan denied	2020-09-04 21:11:34
139.162.109.43	attackspam	TCP (SYN) 139.162.109.43:58886 -> port 111, len 44	2020-09-04 12:51:14
139.162.109.43	attackspambots	firewall-block, port(s): 111/tcp	2020-09-04 05:21:16
139.162.108.129	attackbots	Icarus honeypot on github	2020-09-01 07:48:04
139.162.108.62	attack	Port scan denied	2020-08-31 18:04:19
139.162.102.46	attackspambots	Unauthorized connection attempt detected from IP address 139.162.102.46 to port 1755 [T]	2020-08-29 20:23:51
139.162.108.129	attackbotsspam	Tried our host z.	2020-08-29 08:30:25
139.162.108.53	attackspam	firewall-block, port(s): 80/tcp	2020-08-20 01:45:23
139.162.106.181	attack	port scan and connect, tcp 80 (http)	2020-08-19 19:56:14
139.162.102.46	attackbotsspam	Unauthorized connection attempt detected from IP address 139.162.102.46 to port 1723 [T]	2020-08-16 01:39:57
139.162.104.208	attack	TCP (SYN) 139.162.104.208:46074 -> port 21, len 44	2020-08-13 17:28:33

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.162.10.94
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 9591
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;139.162.10.94.			IN	A

;; AUTHORITY SECTION:
.			386	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022030803 1800 900 604800 86400

;; Query time: 29 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Mar 09 08:05:57 CST 2022
;; MSG SIZE  rcvd: 106

Host info

94.10.162.139.in-addr.arpa domain name pointer li852-94.members.linode.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
94.10.162.139.in-addr.arpa	name = li852-94.members.linode.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
5.88.155.130	attack	Invalid user lshields from 5.88.155.130 port 36366	2019-07-18 08:02:28
134.73.129.253	attack	Jul 17 18:24:20 [munged] sshd[3638]: Invalid user min from 134.73.129.253 port 33720 Jul 17 18:24:20 [munged] sshd[3638]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.73.129.253	2019-07-18 07:25:01
95.173.186.148	attackspam	2019-07-17T23:14:22.158640abusebot.cloudsearch.cf sshd\[27022\]: Invalid user mpiuser from 95.173.186.148 port 53464	2019-07-18 07:34:41
80.73.13.219	attackspam	Wordpress brute force /wp-login.php	2019-07-18 07:50:13
130.61.72.90	attackspambots	Jul 18 01:12:48 eventyay sshd[16555]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=130.61.72.90 Jul 18 01:12:49 eventyay sshd[16555]: Failed password for invalid user mongo from 130.61.72.90 port 48786 ssh2 Jul 18 01:17:29 eventyay sshd[17613]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=130.61.72.90 ...	2019-07-18 07:28:16
183.185.254.159	attackspam	Honeypot attack, port: 23, PTR: 159.254.185.183.adsl-pool.sx.cn.	2019-07-18 07:48:46
118.70.182.185	attackspam	Jul 18 01:12:48 rpi sshd[29076]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.70.182.185 Jul 18 01:12:49 rpi sshd[29076]: Failed password for invalid user skan from 118.70.182.185 port 35448 ssh2	2019-07-18 07:25:22
159.89.231.161	attackbots	2019-07-17T16:59:01.546411Z 5b647e8bc805 New connection: 159.89.231.161:54126 (172.17.0.4:2222) [session: 5b647e8bc805] 2019-07-17T16:59:21.549011Z 03d9e59e3f58 New connection: 159.89.231.161:49352 (172.17.0.4:2222) [session: 03d9e59e3f58]	2019-07-18 07:45:53
77.245.35.170	attackbotsspam	Jul 18 03:56:26 localhost sshd[24320]: Invalid user kara from 77.245.35.170 port 44800 Jul 18 03:56:26 localhost sshd[24320]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=77.245.35.170 Jul 18 03:56:26 localhost sshd[24320]: Invalid user kara from 77.245.35.170 port 44800 Jul 18 03:56:28 localhost sshd[24320]: Failed password for invalid user kara from 77.245.35.170 port 44800 ssh2 ...	2019-07-18 07:42:19
206.189.132.204	attackspam	Jul 17 17:13:48 mailman sshd[29075]: Invalid user leroy from 206.189.132.204 Jul 17 17:13:48 mailman sshd[29075]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.132.204 Jul 17 17:13:50 mailman sshd[29075]: Failed password for invalid user leroy from 206.189.132.204 port 49386 ssh2	2019-07-18 07:17:31
167.71.192.131	attack	Jul 17 19:24:12 server2 sshd\[27705\]: User root from 167.71.192.131 not allowed because not listed in AllowUsers Jul 17 19:24:14 server2 sshd\[27707\]: Invalid user admin from 167.71.192.131 Jul 17 19:24:17 server2 sshd\[27709\]: Invalid user admin from 167.71.192.131 Jul 17 19:24:20 server2 sshd\[27711\]: Invalid user user from 167.71.192.131 Jul 17 19:24:30 server2 sshd\[27713\]: Invalid user ubnt from 167.71.192.131 Jul 17 19:24:33 server2 sshd\[27715\]: Invalid user admin from 167.71.192.131	2019-07-18 07:19:41
91.106.193.72	attackspambots	Jul 18 01:11:28 tux-35-217 sshd\[19789\]: Invalid user copier from 91.106.193.72 port 50876 Jul 18 01:11:28 tux-35-217 sshd\[19789\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.106.193.72 Jul 18 01:11:30 tux-35-217 sshd\[19789\]: Failed password for invalid user copier from 91.106.193.72 port 50876 ssh2 Jul 18 01:16:22 tux-35-217 sshd\[19814\]: Invalid user edu from 91.106.193.72 port 50236 Jul 18 01:16:22 tux-35-217 sshd\[19814\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.106.193.72 ...	2019-07-18 07:43:25
114.223.51.131	attackspam	22/tcp [2019-07-17]1pkt	2019-07-18 07:17:56
182.73.220.18	attack	Jul 18 02:32:50 yabzik sshd[4383]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.73.220.18 Jul 18 02:32:52 yabzik sshd[4383]: Failed password for invalid user transfer from 182.73.220.18 port 14981 ssh2 Jul 18 02:37:23 yabzik sshd[5870]: Failed password for root from 182.73.220.18 port 31225 ssh2	2019-07-18 07:47:52
189.91.192.195	attackbots	Honeypot attack, port: 23, PTR: 189-91-192-195.interline.net.br.	2019-07-18 07:54:17

Recently Reported IPs

139.162.101.34	139.162.102.192	139.162.102.44	139.162.102.88
139.162.102.62	139.162.103.221	139.162.103.20	118.212.105.97
139.162.103.42	139.162.103.239	139.162.104.13	139.162.104.158
139.162.103.77	139.162.104.11	139.162.104.204	139.162.104.168
139.162.104.169	139.162.104.174	118.212.106.1	139.162.105.116