139.162.11.19 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Netherlands

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
139.162.111.98	spamattack	Unauthorized connection attempt detected from IP address 139.162.111.98 to port 8080	2020-11-19 17:15:48
139.162.116.133	attack	Malicious brute force vulnerability hacking attacks	2020-10-14 07:39:12
139.162.112.248	attack	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-10-06 04:15:47
139.162.114.154	attackbots	TCP (SYN) 139.162.114.154:55866 -> port 80, len 40	2020-10-06 03:23:05
139.162.112.248	attackbotsspam	scans 2 times in preceeding hours on the ports (in chronological order) 8080 8080	2020-10-05 20:15:14
139.162.114.154	attackbots	Blocked by Sophos UTM Network Protection . / / proto=6 . srcport=45266 . dstport=80 HTTP . (890)	2020-10-05 19:16:07
139.162.112.248	attackspambots	TCP (SYN) 139.162.112.248:50227 -> port 8080, len 44	2020-10-05 12:06:17
139.162.116.22	attackbotsspam	TCP (SYN) 139.162.116.22:35955 -> port 1755, len 44	2020-09-26 06:20:18
139.162.116.22	attackspam	TCP port : 1755	2020-09-25 23:22:16
139.162.116.22	attackspam	Found on Alienvault / proto=6 . srcport=45465 . dstport=1755 . (3629)	2020-09-25 15:00:43
139.162.116.133	attackspambots	Automatic report - Banned IP Access	2020-09-08 04:27:28
139.162.116.133	attackspam	srvr2: (mod_security) mod_security (id:920350) triggered by 139.162.116.133 (JP/-/scan-66.security.ipip.net): 1 in the last 600 secs; Ports: ; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/09/06 18:45:21 [error] 75202#0: 153186 [client 139.162.116.133] ModSecurity: Access denied with code 406 (phase 2). Matched "Operator `Rx' with parameter `^[\d.:]+$' against variable `REQUEST_HEADERS:Host' [redacted] [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "718"] [id "920350"] [rev ""] [msg "Host header is a numeric IP address"] [redacted] [severity "4"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [redacted] [uri "/"] [unique_id "159941072171.478932"] [ref "o0,14v21,14"], client: 139.162.116.133, [redacted] request: "GET / HTTP/1.1" [redacted]	2020-09-07 20:06:17
139.162.118.185	attackspam	Auto Detect Rule! proto TCP (SYN), 139.162.118.185:48116->gjan.info:22, len 40	2020-09-06 03:37:48
139.162.118.185	attack	[portscan] tcp/22 [SSH] *(RWIN=65535)(09051147)	2020-09-05 19:16:50
139.162.116.133	attack	srvr1: (mod_security) mod_security (id:920350) triggered by 139.162.116.133 (JP/-/scan-66.security.ipip.net): 1 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/08/29 15:49:44 [error] 27704#0: 112472 [client 139.162.116.133] ModSecurity: Access denied with code 406 (phase 2). Matched "Operator `Rx' with parameter `^[\d.:]+$' against variable `REQUEST_HEADERS:Host' [redacted] [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "718"] [id "920350"] [rev ""] [msg "Host header is a numeric IP address"] [redacted] [severity "4"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [redacted] [uri "/"] [unique_id "15987161847.535630"] [ref "o0,13v21,13"], client: 139.162.116.133, [redacted] request: "GET / HTTP/1.1" [redacted]	2020-08-30 03:07:41

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.162.11.19
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 51193
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;139.162.11.19.			IN	A

;; AUTHORITY SECTION:
.			362	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021702 1800 900 604800 86400

;; Query time: 47 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 18 12:00:11 CST 2022
;; MSG SIZE  rcvd: 106

Host info

19.11.162.139.in-addr.arpa domain name pointer glaceon.rapidplex.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
19.11.162.139.in-addr.arpa	name = glaceon.rapidplex.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
125.165.197.125	attackspam	Unauthorized connection attempt from IP address 125.165.197.125 on Port 445(SMB)	2020-04-03 20:35:02
27.114.145.84	attack	Automatic report - Port Scan Attack	2020-04-03 21:14:13
51.75.125.222	attackspam	ssh intrusion attempt	2020-04-03 20:35:56
218.78.187.130	attackbotsspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-04-03 20:50:42
14.249.235.50	attackbotsspam	Unauthorized connection attempt from IP address 14.249.235.50 on Port 445(SMB)	2020-04-03 20:40:27
109.75.45.34	attackspam	Invalid user akr from 109.75.45.34 port 55740	2020-04-03 20:34:07
77.40.62.107	attack	abuse-sasl	2020-04-03 21:03:40
124.115.173.234	attack	2020-04-03T13:00:27.447058shield sshd\[31709\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.115.173.234 user=root 2020-04-03T13:00:28.966693shield sshd\[31709\]: Failed password for root from 124.115.173.234 port 5318 ssh2 2020-04-03T13:03:11.200450shield sshd\[32556\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.115.173.234 user=root 2020-04-03T13:03:13.236678shield sshd\[32556\]: Failed password for root from 124.115.173.234 port 2885 ssh2 2020-04-03T13:06:01.272778shield sshd\[759\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.115.173.234 user=root	2020-04-03 21:20:20
103.147.10.222	attackspambots	Auto reported by IDS	2020-04-03 21:07:34
77.40.62.173	attackspam	abuse-sasl	2020-04-03 20:57:51
119.192.55.100	attack	Invalid user timson from 119.192.55.100 port 52109	2020-04-03 21:00:55
103.145.12.44	attackspambots	[2020-04-03 08:59:56] NOTICE[12114][C-00000a53] chan_sip.c: Call from '' (103.145.12.44:62154) to extension '6814301148413828003' rejected because extension not found in context 'public'. [2020-04-03 08:59:56] SECURITY[12128] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-04-03T08:59:56.734-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="6814301148413828003",SessionID="0x7f020c088288",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/103.145.12.44/62154",ACLName="no_extension_match" [2020-04-03 09:01:02] NOTICE[12114][C-00000a54] chan_sip.c: Call from '' (103.145.12.44:58573) to extension '4804501148893076002' rejected because extension not found in context 'public'. [2020-04-03 09:01:02] SECURITY[12128] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-04-03T09:01:02.162-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="4804501148893076002",SessionID="0x7f020c033c08",LocalAddress="IPV4/UDP/192.168.244.6/5060",Remo ...	2020-04-03 21:06:36
182.52.210.47	attackbotsspam	Unauthorized connection attempt from IP address 182.52.210.47 on Port 445(SMB)	2020-04-03 20:47:09
187.174.151.98	attackspam	Unauthorized connection attempt from IP address 187.174.151.98 on Port 445(SMB)	2020-04-03 21:04:36
77.40.62.239	attack	abuse-sasl	2020-04-03 20:51:58

Recently Reported IPs

139.162.113.36	139.162.11.157	139.162.115.30	139.162.11.141
139.162.115.161	139.162.114.145	139.162.115.42	139.162.118.195
139.162.12.196	139.162.120.50	139.162.122.136	139.162.122.203
139.162.120.97	139.162.123.134	139.162.124.240	139.162.126.42
139.162.125.80	139.162.127.166	139.162.124.8	139.162.13.84