139.162.119.94

Basic Info

City: Tokyo

Region: Tokyo

Country: Japan

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
139.162.119.197	attackbotsspam	Unauthorized connection attempt, Score > 90 , Ban for 1 month	2020-07-14 15:11:03
139.162.119.197	attackspam	W 31101,/var/log/nginx/access.log,-,-	2020-03-23 05:08:39
139.162.119.197	attack	Unauthorized connection attempt detected from IP address 139.162.119.197 to port 80 [J]	2020-01-27 21:12:02
139.162.119.197	attackspam	W 31101,/var/log/nginx/access.log,-,-	2020-01-04 14:21:22
139.162.119.1	attackbots	web Attack on Website at 2020-01-02.	2020-01-03 02:44:50
139.162.119.248	attack	fire	2019-08-09 13:50:46
139.162.119.197	attack	port scan and connect, tcp 80 (http)	2019-08-04 20:10:27
139.162.119.197	attack	[Mon Jul 29 04:34:10.629241 2019] [:error] [pid 25097:tid 140491492337408] [client 139.162.119.197:59818] [client 139.162.119.197] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.1.1/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "792"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.1.1"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "XT4U0g-h1iRiDVhW3KhyXAAAABU"] ...	2019-07-29 06:19:00
139.162.119.197	attackspambots	Port scan and direct access per IP instead of hostname	2019-07-28 16:18:44
139.162.119.197	attackspambots	Port scan and direct access per IP instead of hostname	2019-07-05 06:09:18
139.162.119.197	attackspam	[20/Jun/2019:05:20:58 -0400] "GET / HTTP/1.1" "HTTP Banner Detection (https://security.ipip.net)"	2019-06-21 19:14:11

Whois info:

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#


NetRange:       139.162.0.0 - 139.162.255.255
CIDR:           139.162.0.0/16
NetName:        RIPE-ERX-139-162-0-0
NetHandle:      NET-139-162-0-0-1
Parent:         NET139 (NET-139-0-0-0-0)
NetType:        Early Registrations, Transferred to RIPE NCC
OriginAS:       
Organization:   RIPE Network Coordination Centre (RIPE)
RegDate:        2004-03-03
Updated:        2025-02-10
Comment:        These addresses have been further assigned to users in the RIPE NCC region. Please note that the organization and point of contact details listed below are those of the RIPE NCC not the current address holder. ** You can find user contact information for the current address holder in the RIPE database at http://www.ripe.net/whois.
Ref:            https://rdap.arin.net/registry/ip/139.162.0.0

ResourceLink:  https://apps.db.ripe.net/db-web-ui/query
ResourceLink:  whois.ripe.net


OrgName:        RIPE Network Coordination Centre
OrgId:          RIPE
Address:        P.O. Box 10096
City:           Amsterdam
StateProv:      
PostalCode:     1001EB
Country:        NL
RegDate:        
Updated:        2013-07-29
Ref:            https://rdap.arin.net/registry/entity/RIPE

ReferralServer:  whois.ripe.net
ResourceLink:  https://apps.db.ripe.net/db-web-ui/query

OrgAbuseHandle: ABUSE3850-ARIN
OrgAbuseName:   Abuse Contact
OrgAbusePhone:  +31205354444 
OrgAbuseEmail:  abuse@ripe.net
OrgAbuseRef:    https://rdap.arin.net/registry/entity/ABUSE3850-ARIN

OrgTechHandle: RNO29-ARIN
OrgTechName:   RIPE NCC Operations
OrgTechPhone:  +31 20 535 4444 
OrgTechEmail:  hostmaster@ripe.net
OrgTechRef:    https://rdap.arin.net/registry/entity/RNO29-ARIN


#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.162.119.94
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 48433
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;139.162.119.94.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2026033100 1800 900 604800 86400

;; Query time: 7 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Mar 31 15:30:03 CST 2026
;; MSG SIZE  rcvd: 107

Host info

94.119.162.139.in-addr.arpa domain name pointer prod57client01.academyforinternetresearch.org.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
94.119.162.139.in-addr.arpa	name = prod57client01.academyforinternetresearch.org.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
121.204.185.106	attack	Sep 1 19:34:15 tux-35-217 sshd\[18337\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.204.185.106 user=root Sep 1 19:34:17 tux-35-217 sshd\[18337\]: Failed password for root from 121.204.185.106 port 50233 ssh2 Sep 1 19:37:24 tux-35-217 sshd\[18344\]: Invalid user teamspeak3 from 121.204.185.106 port 36316 Sep 1 19:37:24 tux-35-217 sshd\[18344\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.204.185.106 ...	2019-09-02 02:05:04
212.83.141.79	attack	\[2019-09-01 13:58:25\] NOTICE\[1829\] chan_sip.c: Registration from '\' failed for '212.83.141.79:2321' - Wrong password \[2019-09-01 13:58:25\] SECURITY\[1837\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-09-01T13:58:25.860-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="82768276",SessionID="0x7f7b30db7498",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/212.83.141.79/60406",Challenge="7b290e60",ReceivedChallenge="7b290e60",ReceivedHash="9910e2a6274a9051f278a7c33a50fa6b" \[2019-09-01 13:59:09\] NOTICE\[1829\] chan_sip.c: Registration from '\' failed for '212.83.141.79:2303' - Wrong password \[2019-09-01 13:59:09\] SECURITY\[1837\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-09-01T13:59:09.223-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="18941894",SessionID="0x7f7b30db7498",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4	2019-09-02 02:01:01
159.89.194.103	attackspam	Sep 1 19:37:34 MK-Soft-Root2 sshd\[9214\]: Invalid user eclipse from 159.89.194.103 port 58642 Sep 1 19:37:34 MK-Soft-Root2 sshd\[9214\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.194.103 Sep 1 19:37:36 MK-Soft-Root2 sshd\[9214\]: Failed password for invalid user eclipse from 159.89.194.103 port 58642 ssh2 ...	2019-09-02 01:53:55
51.38.128.200	attackbotsspam	Sep 1 19:28:59 SilenceServices sshd[10461]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.128.200 Sep 1 19:29:01 SilenceServices sshd[10461]: Failed password for invalid user ubuntu from 51.38.128.200 port 50050 ssh2 Sep 1 19:37:53 SilenceServices sshd[13919]: Failed password for proxy from 51.38.128.200 port 49578 ssh2	2019-09-02 01:43:50
181.48.29.35	attack	Sep 1 18:37:18 mail sshd\[26802\]: Failed password for invalid user popd from 181.48.29.35 port 42098 ssh2 Sep 1 18:54:23 mail sshd\[27185\]: Invalid user pdey from 181.48.29.35 port 42538 ...	2019-09-02 02:11:22
50.73.127.109	attack	$f2bV_matches	2019-09-02 01:47:29
80.88.88.181	attack	Sep 1 08:57:18 apollo sshd\[14025\]: Invalid user prashant from 80.88.88.181Sep 1 08:57:20 apollo sshd\[14025\]: Failed password for invalid user prashant from 80.88.88.181 port 57051 ssh2Sep 1 09:03:50 apollo sshd\[14036\]: Invalid user git from 80.88.88.181 ...	2019-09-02 01:25:07
140.148.225.225	attackbotsspam	REQUESTED PAGE: ../../mnt/custom/ProductDefinition	2019-09-02 01:20:06
212.87.9.141	attackbots	Sep 1 07:33:34 hiderm sshd\[4303\]: Invalid user yx from 212.87.9.141 Sep 1 07:33:34 hiderm sshd\[4303\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.87.9.141 Sep 1 07:33:36 hiderm sshd\[4303\]: Failed password for invalid user yx from 212.87.9.141 port 20734 ssh2 Sep 1 07:37:48 hiderm sshd\[4644\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.87.9.141 user=root Sep 1 07:37:51 hiderm sshd\[4644\]: Failed password for root from 212.87.9.141 port 65486 ssh2	2019-09-02 01:44:34
165.22.228.242	attack	postfix/smtpd\[26293\]: NOQUEUE: reject: RCPT from mx.expede.naturelike.xyz\[165.22.228.242\]: 554 5.7.1 Service Client host \[165.22.228.242\] blocked using sbl-xbl.spamhaus.org\;	2019-09-02 01:24:12
116.52.9.220	attackspambots	[Aegis] @ 2019-09-01 15:01:31 0100 -> SSH insecure connection attempt (scan).	2019-09-02 01:16:02
163.172.187.30	attackspam	Fail2Ban Ban Triggered	2019-09-02 01:37:45
85.206.36.166	attackbotsspam	Automatic report - Port Scan Attack	2019-09-02 01:49:43
178.254.0.120	attackspam	Forged login request.	2019-09-02 02:00:23
176.31.253.55	attackspambots	Sep 1 19:33:56 SilenceServices sshd[12370]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=176.31.253.55 Sep 1 19:33:58 SilenceServices sshd[12370]: Failed password for invalid user ftpadmin from 176.31.253.55 port 33154 ssh2 Sep 1 19:37:44 SilenceServices sshd[13863]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=176.31.253.55	2019-09-02 01:51:29

Recently Reported IPs

119.38.117.228	138.197.87.148	2606:4700:10::6814:5184	2606:4700:10::6814:9754
2606:4700:10::ac43:601	2606:4700:10::6814:9437	2606:4700:10::6816:2002	2606:4700:10::6816:4704
2606:4700:10::6816:3062	2606:4700:10::ac43:1918	110.78.154.148	2606:4700:10::6814:7971
81.109.38.131	95.196.203.250	79.134.196.146	89.139.173.226
21.216.119.102	2606:4700:10::ac43:1004	2606:4700:10::6816:4863	2606:4700:10::6814:5292