139.162.11.127

Basic Info

City: Singapore

Region: unknown

Country: Singapore

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
139.162.111.98	spamattack	Unauthorized connection attempt detected from IP address 139.162.111.98 to port 8080	2020-11-19 17:15:48
139.162.116.133	attack	Malicious brute force vulnerability hacking attacks	2020-10-14 07:39:12
139.162.112.248	attack	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-10-06 04:15:47
139.162.114.154	attackbots	TCP (SYN) 139.162.114.154:55866 -> port 80, len 40	2020-10-06 03:23:05
139.162.112.248	attackbotsspam	scans 2 times in preceeding hours on the ports (in chronological order) 8080 8080	2020-10-05 20:15:14
139.162.114.154	attackbots	Blocked by Sophos UTM Network Protection . / / proto=6 . srcport=45266 . dstport=80 HTTP . (890)	2020-10-05 19:16:07
139.162.112.248	attackspambots	TCP (SYN) 139.162.112.248:50227 -> port 8080, len 44	2020-10-05 12:06:17
139.162.116.22	attackbotsspam	TCP (SYN) 139.162.116.22:35955 -> port 1755, len 44	2020-09-26 06:20:18
139.162.116.22	attackspam	TCP port : 1755	2020-09-25 23:22:16
139.162.116.22	attackspam	Found on Alienvault / proto=6 . srcport=45465 . dstport=1755 . (3629)	2020-09-25 15:00:43
139.162.116.133	attackspambots	Automatic report - Banned IP Access	2020-09-08 04:27:28
139.162.116.133	attackspam	srvr2: (mod_security) mod_security (id:920350) triggered by 139.162.116.133 (JP/-/scan-66.security.ipip.net): 1 in the last 600 secs; Ports: ; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/09/06 18:45:21 [error] 75202#0: 153186 [client 139.162.116.133] ModSecurity: Access denied with code 406 (phase 2). Matched "Operator `Rx' with parameter `^[\d.:]+$' against variable `REQUEST_HEADERS:Host' [redacted] [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "718"] [id "920350"] [rev ""] [msg "Host header is a numeric IP address"] [redacted] [severity "4"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [redacted] [uri "/"] [unique_id "159941072171.478932"] [ref "o0,14v21,14"], client: 139.162.116.133, [redacted] request: "GET / HTTP/1.1" [redacted]	2020-09-07 20:06:17
139.162.118.185	attackspam	Auto Detect Rule! proto TCP (SYN), 139.162.118.185:48116->gjan.info:22, len 40	2020-09-06 03:37:48
139.162.118.185	attack	[portscan] tcp/22 [SSH] *(RWIN=65535)(09051147)	2020-09-05 19:16:50
139.162.116.133	attack	srvr1: (mod_security) mod_security (id:920350) triggered by 139.162.116.133 (JP/-/scan-66.security.ipip.net): 1 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/08/29 15:49:44 [error] 27704#0: 112472 [client 139.162.116.133] ModSecurity: Access denied with code 406 (phase 2). Matched "Operator `Rx' with parameter `^[\d.:]+$' against variable `REQUEST_HEADERS:Host' [redacted] [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "718"] [id "920350"] [rev ""] [msg "Host header is a numeric IP address"] [redacted] [severity "4"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [redacted] [uri "/"] [unique_id "15987161847.535630"] [ref "o0,13v21,13"], client: 139.162.116.133, [redacted] request: "GET / HTTP/1.1" [redacted]	2020-08-30 03:07:41

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.162.11.127
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 46259
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;139.162.11.127.			IN	A

;; AUTHORITY SECTION:
.			389	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022122301 1800 900 604800 86400

;; Query time: 168 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Dec 24 06:04:37 CST 2022
;; MSG SIZE  rcvd: 107

Host info

127.11.162.139.in-addr.arpa domain name pointer 139-162-11-127.ip.linodeusercontent.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
127.11.162.139.in-addr.arpa	name = 139-162-11-127.ip.linodeusercontent.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
219.136.130.209	attackbots	ssh brute force	2019-11-25 18:11:40
94.177.215.195	attackspam	Nov 25 09:31:54 lnxweb61 sshd[26285]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.177.215.195	2019-11-25 18:06:47
185.236.42.45	attackspambots	185.236.42.45 was recorded 5 times by 1 hosts attempting to connect to the following ports: 51413. Incident counter (4h, 24h, all-time): 5, 5, 5	2019-11-25 18:27:46
124.171.128.150	attackspambots	124.171.128.150 was recorded 5 times by 1 hosts attempting to connect to the following ports: 51413. Incident counter (4h, 24h, all-time): 5, 5, 5	2019-11-25 18:18:22
106.12.211.247	attackspam	2019-11-25T09:54:23.301887abusebot-3.cloudsearch.cf sshd\[17304\]: Invalid user clamav1 from 106.12.211.247 port 45272	2019-11-25 17:56:17
51.68.230.54	attack	Nov 25 10:39:24 mail sshd[7773]: Invalid user phion from 51.68.230.54 ...	2019-11-25 18:20:13
141.226.11.26	attackspambots	141.226.11.26 was recorded 5 times by 1 hosts attempting to connect to the following ports: 51413. Incident counter (4h, 24h, all-time): 5, 5, 5	2019-11-25 18:13:38
103.27.238.107	attackspambots	Lines containing failures of 103.27.238.107 Nov 25 06:04:00 shared05 sshd[31964]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.27.238.107 user=backup Nov 25 06:04:03 shared05 sshd[31964]: Failed password for backup from 103.27.238.107 port 42924 ssh2 Nov 25 06:04:03 shared05 sshd[31964]: Received disconnect from 103.27.238.107 port 42924:11: Bye Bye [preauth] Nov 25 06:04:03 shared05 sshd[31964]: Disconnected from authenticating user backup 103.27.238.107 port 42924 [preauth] Nov 25 06:55:51 shared05 sshd[18391]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.27.238.107 user=nagios Nov 25 06:55:53 shared05 sshd[18391]: Failed password for nagios from 103.27.238.107 port 41816 ssh2 Nov 25 06:55:53 shared05 sshd[18391]: Received disconnect from 103.27.238.107 port 41816:11: Bye Bye [preauth] Nov 25 06:55:53 shared05 sshd[18391]: Disconnected from authenticating user nagios 103.27......... ------------------------------	2019-11-25 18:14:23
139.59.84.111	attackspambots	2019-11-25T06:26:26.247006abusebot-6.cloudsearch.cf sshd\[22041\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.84.111 user=root	2019-11-25 17:58:29
97.87.244.154	attack	Nov 25 10:46:38 hosting sshd[20075]: Invalid user rmsadm from 97.87.244.154 port 41943 ...	2019-11-25 18:28:43
117.50.17.253	attack	Nov 25 07:18:42 vserver sshd\[12630\]: Invalid user mike from 117.50.17.253Nov 25 07:18:44 vserver sshd\[12630\]: Failed password for invalid user mike from 117.50.17.253 port 46570 ssh2Nov 25 07:26:25 vserver sshd\[12695\]: Invalid user kolos from 117.50.17.253Nov 25 07:26:28 vserver sshd\[12695\]: Failed password for invalid user kolos from 117.50.17.253 port 15086 ssh2 ...	2019-11-25 17:55:42
218.94.60.99	attack	port scan and connect, tcp 1433 (ms-sql-s)	2019-11-25 18:34:10
94.191.28.110	attack	Nov 25 08:30:22 meumeu sshd[3720]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.191.28.110 Nov 25 08:30:24 meumeu sshd[3720]: Failed password for invalid user squid from 94.191.28.110 port 56576 ssh2 Nov 25 08:34:52 meumeu sshd[4643]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.191.28.110 ...	2019-11-25 17:59:27
106.13.14.198	attackbots	Nov 25 07:30:11 django sshd[49156]: Invalid user backup from 106.13.14.198 Nov 25 07:30:11 django sshd[49156]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.14.198 Nov 25 07:30:13 django sshd[49156]: Failed password for invalid user backup from 106.13.14.198 port 53170 ssh2 Nov 25 07:30:13 django sshd[49157]: Received disconnect from 106.13.14.198: 11: Bye Bye Nov 25 07:58:08 django sshd[50544]: Invalid user pease from 106.13.14.198 Nov 25 07:58:08 django sshd[50544]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.14.198 Nov 25 07:58:10 django sshd[50544]: Failed password for invalid user pease from 106.13.14.198 port 45206 ssh2 Nov 25 07:58:10 django sshd[50545]: Received disconnect from 106.13.14.198: 11: Bye Bye Nov 25 08:05:42 django sshd[50867]: Invalid user phil from 106.13.14.198 Nov 25 08:05:42 django sshd[50867]: pam_unix(sshd:auth): authentication failure; lognam........ -------------------------------	2019-11-25 18:20:37
167.71.215.72	attackbots	Nov 25 09:54:06 web8 sshd\[8163\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.215.72 user=mysql Nov 25 09:54:09 web8 sshd\[8163\]: Failed password for mysql from 167.71.215.72 port 10358 ssh2 Nov 25 09:57:47 web8 sshd\[9988\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.215.72 user=mysql Nov 25 09:57:49 web8 sshd\[9988\]: Failed password for mysql from 167.71.215.72 port 25985 ssh2 Nov 25 10:01:29 web8 sshd\[11737\]: Invalid user tangene from 167.71.215.72	2019-11-25 18:12:48

Recently Reported IPs

139.162.11.49	186.72.150.239	124.253.206.128	18.97.0.233
83.11.171.18	80.216.204.243	51.49.59.223	41.243.40.13
252.200.249.224	218.110.84.174	196.128.252.215	187.161.116.40
115.223.224.23	65.67.187.45	133.90.24.36	121.245.155.130
62.87.12.15	223.134.56.195	144.251.235.157	170.67.233.82