139.162.126.103

Basic Info

City: Tokyo

Region: Tokyo

Country: Japan

Internet Service Provider: Linode LLC

Hostname: unknown

Organization: Linode, LLC

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	UDP 139.162.126.103:33662 -> port 53, len 57	2020-08-07 16:20:50
attackspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/139.162.126.103/ US - 1H : (30) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : US NAME ASN : ASN63949 IP : 139.162.126.103 CIDR : 139.162.96.0/19 PREFIX COUNT : 361 UNIQUE IP COUNT : 488192 ATTACKS DETECTED ASN63949 : 1H - 2 3H - 2 6H - 2 12H - 2 24H - 2 DateTime : 2020-04-22 14:01:16 INFO : DNS DENIED Scan Detected and Blocked by ADMIN - data recovery	2020-04-23 00:43:25

Type

Details

Datetime

attackbots

 UDP 139.162.126.103:33662 -> port 53, len 57

2020-08-07 16:20:50

attackspam

IP Ban Report :  
 https://help-dysk.pl/wordpress-firewall-plugins/ip/139.162.126.103/ 
 
 US - 1H : (30)  
 Protection Against DDoS WordPress plugin :  
 "odzyskiwanie danych help-dysk" 
 IP Address Ranges by Country : US 
 NAME ASN : ASN63949 
 
 IP : 139.162.126.103 
 
 CIDR : 139.162.96.0/19 
 
 PREFIX COUNT : 361 
 
 UNIQUE IP COUNT : 488192 
 
 
 ATTACKS DETECTED ASN63949 :  
  1H - 2 
  3H - 2 
  6H - 2 
 12H - 2 
 24H - 2 
 
 DateTime : 2020-04-22 14:01:16 
 
 INFO : DNS DENIED Scan Detected and Blocked by ADMIN  - data recovery

2020-04-23 00:43:25

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.162.126.103
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 46117
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.162.126.103.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019041000 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Wed Apr 10 17:28:02 +08 2019
;; MSG SIZE  rcvd: 119

Host info

103.126.162.139.in-addr.arpa domain name pointer scan-29.security.ipip.net.

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
103.126.162.139.in-addr.arpa	name = scan-29.security.ipip.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
49.88.112.115	attackbotsspam	Nov 1 09:30:52 minden010 sshd[10990]: Failed password for root from 49.88.112.115 port 30323 ssh2 Nov 1 09:31:38 minden010 sshd[11227]: Failed password for root from 49.88.112.115 port 48040 ssh2 ...	2019-11-01 16:39:38
59.57.78.90	attackbotsspam	23/tcp [2019-11-01]1pkt	2019-11-01 16:40:41
49.128.181.163	attack	445/tcp [2019-11-01]1pkt	2019-11-01 16:15:46
61.178.149.40	attack	1433/tcp [2019-11-01]1pkt	2019-11-01 16:39:06
202.175.46.170	attackspam	Automatic report - Banned IP Access	2019-11-01 16:06:52
124.156.245.248	attackbotsspam	3389BruteforceFW21	2019-11-01 16:23:05
165.22.246.63	attackbots	Oct 31 23:47:10 debian sshd\[3451\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.246.63 user=root Oct 31 23:47:12 debian sshd\[3451\]: Failed password for root from 165.22.246.63 port 41340 ssh2 Oct 31 23:51:47 debian sshd\[3484\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.246.63 user=root ...	2019-11-01 16:25:07
49.234.18.158	attackspambots	Sep 16 13:19:24 vtv3 sshd\[2701\]: Invalid user user from 49.234.18.158 port 48046 Sep 16 13:19:24 vtv3 sshd\[2701\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.18.158 Sep 16 13:19:27 vtv3 sshd\[2701\]: Failed password for invalid user user from 49.234.18.158 port 48046 ssh2 Sep 16 13:26:19 vtv3 sshd\[6347\]: Invalid user beeidigung from 49.234.18.158 port 51682 Sep 16 13:26:19 vtv3 sshd\[6347\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.18.158 Sep 16 13:36:42 vtv3 sshd\[11426\]: Invalid user ftpuser from 49.234.18.158 port 39188 Sep 16 13:36:42 vtv3 sshd\[11426\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.18.158 Sep 16 13:36:44 vtv3 sshd\[11426\]: Failed password for invalid user ftpuser from 49.234.18.158 port 39188 ssh2 Sep 16 13:40:27 vtv3 sshd\[13299\]: Invalid user ankur from 49.234.18.158 port 44538 Sep 16 13:40:27 vtv3 sshd\[13299\]: pam	2019-11-01 16:27:32
92.118.38.38	attack	Nov 1 09:02:58 webserver postfix/smtpd\[23437\]: warning: unknown\[92.118.38.38\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 1 09:03:34 webserver postfix/smtpd\[23733\]: warning: unknown\[92.118.38.38\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 1 09:04:11 webserver postfix/smtpd\[23437\]: warning: unknown\[92.118.38.38\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 1 09:04:47 webserver postfix/smtpd\[23733\]: warning: unknown\[92.118.38.38\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 1 09:05:23 webserver postfix/smtpd\[23437\]: warning: unknown\[92.118.38.38\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-11-01 16:08:02
49.7.58.243	attackbots	1433/tcp [2019-11-01]1pkt	2019-11-01 16:14:06
200.89.178.66	attackbots	Nov 1 02:36:45 ny01 sshd[2808]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.89.178.66 Nov 1 02:36:47 ny01 sshd[2808]: Failed password for invalid user cde34rfv from 200.89.178.66 port 43468 ssh2 Nov 1 02:41:30 ny01 sshd[3273]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.89.178.66	2019-11-01 16:46:47
162.247.74.202	attackbotsspam	11/01/2019-08:45:10.674752 162.247.74.202 Protocol: 6 ET TOR Known Tor Exit Node Traffic group 14	2019-11-01 16:25:45
168.255.251.126	attackbotsspam	$f2bV_matches	2019-11-01 16:07:47
123.31.45.49	attackbots	2019-11-01 05:31:41,528 ncomp.co.za proftpd[25570] mail.ncomp.co.za (123.31.45.49[123.31.45.49]): USER forms: no such user found from 123.31.45.49 [123.31.45.49] to ::ffff:172.31.1.100:21 2019-11-01 05:31:43,482 ncomp.co.za proftpd[25571] mail.ncomp.co.za (123.31.45.49[123.31.45.49]): USER forms: no such user found from 123.31.45.49 [123.31.45.49] to ::ffff:172.31.1.100:21 2019-11-01 05:51:42,069 ncomp.co.za proftpd[26012] mail.ncomp.co.za (123.31.45.49[123.31.45.49]): USER forms: no such user found from 123.31.45.49 [123.31.45.49] to ::ffff:172.31.1.100:21	2019-11-01 16:31:52
172.105.66.34	attackspam	Lines containing failures of 172.105.66.34 Nov 1 04:42:19 shared11 postfix/smtpd[16086]: connect from kwl.shibai.wang[172.105.66.34] Nov 1 04:42:20 shared11 policyd-spf[20150]: prepend Received-SPF: Permerror (mailfrom) identhostnamey=mailfrom; client-ip=172.105.66.34; helo=kwl.shibai.wang; envelope-from=x@x Nov x@x Nov 1 04:42:21 shared11 postfix/smtpd[16086]: disconnect from kwl.shibai.wang[172.105.66.34] ehlo=1 mail=1 rcpt=0/1 data=0/1 quhostname=1 commands=3/5 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=172.105.66.34	2019-11-01 16:31:41

Recently Reported IPs

203.195.205.204	106.13.34.174	240e:344:7000:e67b:2006:7162:aa7f:db59	128.110.153.65
45.4.255.5	115.62.12.255	45.252.189.121	5.189.224.188
194.33.20.170	190.217.168.206	109.230.182.24	196.52.43.66
47.104.228.20	104.236.27.161	196.52.43.90	198.108.67.106
109.205.18.192	106.12.86.63	198.108.67.37	84.224.201.132