139.162.106.1 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Japan

Internet Service Provider: Linode LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	web Attack on Website at 2020-02-05.	2020-02-06 17:05:17
attackbotsspam	web Attack on Wordpress site at 2020-01-02.	2020-01-03 02:46:08
attackbots	web Attack on Wordpress site	2019-11-18 23:51:03

Comments on same subnet:

IP	Type	Details	Datetime
139.162.106.178	attack	Auto Detect Rule! proto TCP (SYN), 139.162.106.178:45138->gjan.info:23, len 40	2020-10-02 03:26:11
139.162.106.178	attackbots	TCP (SYN) 139.162.106.178:57555 -> port 23, len 44	2020-10-01 19:38:32
139.162.106.181	attackbotsspam	srvr3: (mod_security) mod_security (id:920350) triggered by 139.162.106.181 (US/United States/scan-67.security.ipip.net): 1 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/09/10 02:24:05 [error] 277189#0: 1327 [client 139.162.106.181] ModSecurity: Access denied with code 406 (phase 2). Matched "Operator `Rx' with parameter `^[\d.:]+$' against variable `REQUEST_HEADERS:Host' [redacted] [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "718"] [id "920350"] [rev ""] [msg "Host header is a numeric IP address"] [redacted] [severity "4"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [redacted] [uri "/"] [unique_id "159969744587.159482"] [ref "o0,11v21,11"], client: 139.162.106.181, [redacted] request: "GET / HTTP/1.1" [redacted]	2020-09-10 14:07:53
139.162.106.181	attackbotsspam	139.162.106.181 - - [09/Sep/2020:19:35:24 +0200] "GET / HTTP/1.1" 301 670 "-" "HTTP Banner Detection (https://security.ipip.net)" ...	2020-09-10 04:49:14
139.162.106.181	attack	port scan and connect, tcp 80 (http)	2020-08-19 19:56:14
139.162.106.181	attackbotsspam	Unauthorized connection attempt detected from IP address 139.162.106.181 to port 80	2020-08-08 12:28:32
139.162.106.178	attackspambots	TCP (SYN) 139.162.106.178:38448 -> port 23, len 40	2020-08-05 18:04:34
139.162.106.178	attack	TCP (SYN) 139.162.106.178:51392 -> port 23, len 44	2020-07-20 04:56:52
139.162.106.178	attackspam	TCP (SYN) 139.162.106.178:56212 -> port 23, len 44	2020-07-18 19:23:26
139.162.106.181	attackspam	[04/Jun/2020:05:04:04 -0400] "GET / HTTP/1.1" "HTTP Banner Detection (https://security.ipip.net)"	2020-06-06 04:28:24
139.162.106.178	attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-05-21 07:17:58
139.162.106.178	attack	SmallBizIT.US 1 packets to tcp(23)	2020-05-15 07:56:50
139.162.106.178	attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2020-05-02 22:58:33
139.162.106.178	attack	[portscan] tcp/23 [TELNET] *(RWIN=65535)(04301449)	2020-05-01 01:34:04
139.162.106.181	attackspam	Unauthorized connection attempt detected from IP address 139.162.106.181 to port 80	2020-04-12 08:52:59

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.162.106.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 64494
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.162.106.1.			IN	A

;; AUTHORITY SECTION:
.			487	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019111800 1800 900 604800 86400

;; Query time: 108 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Nov 18 23:50:55 CST 2019
;; MSG SIZE  rcvd: 117

Host info

1.106.162.139.in-addr.arpa domain name pointer gw-li1590.linode.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
1.106.162.139.in-addr.arpa	name = gw-li1590.linode.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
45.148.10.87	attack	Brute forcing email accounts	2020-08-01 23:39:00
51.140.93.143	attackbots	Aug 1 14:20:05 debian-2gb-nbg1-2 kernel: \[18542886.076940\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=51.140.93.143 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=237 ID=27953 PROTO=TCP SPT=44189 DPT=3389 WINDOW=1024 RES=0x00 SYN URGP=0	2020-08-01 23:51:52
113.226.198.167	attackbots	port 23	2020-08-02 00:18:45
1.34.213.46	attack	HTTP/80/443/8080 Probe, BF, WP, Hack -	2020-08-01 23:51:12
101.200.49.206	attackspam	Aug 1 13:21:28 ip-172-31-61-156 sshd[30533]: Invalid user ynnad from 101.200.49.206 ...	2020-08-02 00:20:03
45.129.33.22	attackspambots	TCP (SYN) 45.129.33.22:55588 -> port 3322, len 44	2020-08-01 23:49:37
139.99.105.138	attack	Aug 1 16:22:39 marvibiene sshd[32323]: Failed password for root from 139.99.105.138 port 49706 ssh2 Aug 1 16:27:09 marvibiene sshd[304]: Failed password for root from 139.99.105.138 port 59352 ssh2	2020-08-01 23:41:41
51.83.131.209	attackbots	2020-08-01T06:12:57.097042perso.[domain] sshd[1295105]: Failed password for root from 51.83.131.209 port 49626 ssh2 2020-08-01T06:17:29.822392perso.[domain] sshd[1297231]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.83.131.209 user=root 2020-08-01T06:17:31.846889perso.[domain] sshd[1297231]: Failed password for root from 51.83.131.209 port 33884 ssh2 ...	2020-08-02 00:19:25
112.85.42.89	attack	Aug 1 17:24:20 piServer sshd[16122]: Failed password for root from 112.85.42.89 port 49793 ssh2 Aug 1 17:24:24 piServer sshd[16122]: Failed password for root from 112.85.42.89 port 49793 ssh2 Aug 1 17:24:27 piServer sshd[16122]: Failed password for root from 112.85.42.89 port 49793 ssh2 ...	2020-08-01 23:36:20
87.247.102.142	attackspam	Automatic report - Banned IP Access	2020-08-01 23:36:56
31.14.139.129	attackbotsspam	2020-08-01T10:37:42.4497171495-001 sshd[40900]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=31.14.139.129 user=root 2020-08-01T10:37:44.1730981495-001 sshd[40900]: Failed password for root from 31.14.139.129 port 60458 ssh2 2020-08-01T10:41:44.3049691495-001 sshd[41063]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=31.14.139.129 user=root 2020-08-01T10:41:46.2492591495-001 sshd[41063]: Failed password for root from 31.14.139.129 port 43886 ssh2 2020-08-01T10:45:39.3727491495-001 sshd[41238]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=31.14.139.129 user=root 2020-08-01T10:45:41.9139281495-001 sshd[41238]: Failed password for root from 31.14.139.129 port 55550 ssh2 ...	2020-08-01 23:34:28
117.67.225.124	attackbots	Telnet/23 MH Probe, Scan, BF, Hack -	2020-08-02 00:20:56
1.54.34.55	attack	Telnet/23 MH Probe, Scan, BF, Hack -	2020-08-01 23:58:42
49.232.101.33	attack	Aug 1 15:17:35 ip-172-31-62-245 sshd\[2790\]: Failed password for root from 49.232.101.33 port 52616 ssh2\ Aug 1 15:20:03 ip-172-31-62-245 sshd\[2814\]: Failed password for root from 49.232.101.33 port 47470 ssh2\ Aug 1 15:22:30 ip-172-31-62-245 sshd\[2832\]: Failed password for root from 49.232.101.33 port 42314 ssh2\ Aug 1 15:24:53 ip-172-31-62-245 sshd\[2853\]: Failed password for root from 49.232.101.33 port 37160 ssh2\ Aug 1 15:27:15 ip-172-31-62-245 sshd\[2876\]: Failed password for root from 49.232.101.33 port 60228 ssh2\	2020-08-02 00:17:02
95.42.138.58	attack	Telnet/23 MH Probe, Scan, BF, Hack -	2020-08-01 23:43:17

Recently Reported IPs

5.38.216.2	200.194.30.8	186.216.81.2	178.93.58.1
193.112.197.1	150.136.201.2	94.102.124.1	62.141.103.146
198.20.103.2	101.128.72.4	51.15.75.6	41.136.155.1
195.154.56.5	111.203.197.1	87.117.8.2	142.105.13.1
114.5.81.6	110.235.251.1	165.16.37.1	139.255.101.2