City: unknown
Region: unknown
Country: Netherlands
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
| IP | Type | Details | Datetime |
|---|---|---|---|
| 139.162.214.192 | spambotsattack | [N10.H2.VM2] Port Scanner Detected Blocked by UFW |
2023-02-18 16:15:46 |
| 139.162.247.102 | attack | OSSEC HIDS Notification. 2020 Oct 15 19:14:19 Received From: shared->/var/log/secure Rule: 1002 fired (level 2) -> "Unknown problem somewhere in the system." Portion of the log(s): Oct 15 19:14:18 shared sshd[2970433]: ssh_dispatch_run_fatal: Connection from 139.162.247.102 port 41166: bignum is negative [preauth] --END OF NOTIFICATION |
2020-10-20 08:52:36 |
| 139.162.217.250 | attack | WebSpam Attack |
2020-10-07 05:56:21 |
| 139.162.217.250 | attackbots | WebSpam Attack |
2020-10-06 22:09:25 |
| 139.162.217.250 | attack | WebSpam Attack |
2020-10-06 13:52:46 |
| 139.162.247.102 | attack | firewall-block, port(s): 22/tcp |
2020-10-01 03:25:46 |
| 139.162.247.102 | attackspambots | honeypot 22 port |
2020-09-30 01:51:04 |
| 139.162.247.102 | attackspam | Sep 29 12:19:00 baraca inetd[76034]: refused connection from scan003.ampereinnotech.com, service sshd (tcp) Sep 29 12:19:01 baraca inetd[76035]: refused connection from scan003.ampereinnotech.com, service sshd (tcp) Sep 29 12:19:02 baraca inetd[76038]: refused connection from scan003.ampereinnotech.com, service sshd (tcp) ... |
2020-09-29 17:51:13 |
| 139.162.247.102 | attackbotsspam | IP 139.162.247.102 attacked honeypot on port: 22 at 9/26/2020 5:56:09 AM |
2020-09-26 21:09:12 |
| 139.162.247.102 | attackbotsspam | Sep2601:57:57server6sshd[14291]:refusedconnectfrom139.162.247.102\(139.162.247.102\)Sep2601:58:02server6sshd[14327]:refusedconnectfrom139.162.247.102\(139.162.247.102\)Sep2601:58:07server6sshd[14343]:refusedconnectfrom139.162.247.102\(139.162.247.102\)Sep2601:58:12server6sshd[14360]:refusedconnectfrom139.162.247.102\(139.162.247.102\)Sep2601:58:17server6sshd[14374]:refusedconnectfrom139.162.247.102\(139.162.247.102\) |
2020-09-26 12:51:05 |
| 139.162.245.68 | attackspam | Found on Block CINS-badguys / proto=6 . srcport=50055 . dstport=9200 . (3216) |
2020-09-22 23:57:27 |
| 139.162.245.68 | attackspam | Found on Block CINS-badguys / proto=6 . srcport=50055 . dstport=9200 . (3216) |
2020-09-22 16:01:33 |
| 139.162.245.68 | attackbotsspam | Found on Block CINS-badguys / proto=6 . srcport=50055 . dstport=9200 . (3216) |
2020-09-22 08:05:11 |
| 139.162.252.121 | attackspambots | SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: li1537-121.members.linode.com. |
2020-09-06 02:31:22 |
| 139.162.252.121 | attack | SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: li1537-121.members.linode.com. |
2020-09-05 18:06:32 |
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.162.2.4
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 34794
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;139.162.2.4. IN A
;; AUTHORITY SECTION:
. 473 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2022020702 1800 900 604800 86400
;; Query time: 78 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 08 09:49:39 CST 2022
;; MSG SIZE rcvd: 104
4.2.162.139.in-addr.arpa domain name pointer 139-162-2-4.ip.linodeusercontent.com.
Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
4.2.162.139.in-addr.arpa name = 139-162-2-4.ip.linodeusercontent.com.
Authoritative answers can be found from:
| IP | Type | Details | Datetime |
|---|---|---|---|
| 36.255.90.59 | attackbotsspam | [SMB remote code execution attempt: port tcp/445] *(RWIN=8192)(06240931) |
2019-06-25 04:38:01 |
| 118.97.112.74 | attackbotsspam | [SMB remote code execution attempt: port tcp/445] *(RWIN=8192)(06240931) |
2019-06-25 04:27:00 |
| 176.116.164.152 | attack | [portscan] tcp/139 [NetBIOS Session Service] *(RWIN=512)(06240931) |
2019-06-25 04:22:55 |
| 39.106.116.118 | attackspambots | [portscan] tcp/1433 [MsSQL] [scan/connect: 2 time(s)] *(RWIN=29200)(06240931) |
2019-06-25 04:37:35 |
| 117.206.81.73 | attack | [SMB remote code execution attempt: port tcp/445] *(RWIN=8192)(06240931) |
2019-06-25 04:28:24 |
| 80.53.7.213 | attackspam | Jun 24 21:46:00 OPSO sshd\[23010\]: Invalid user shao from 80.53.7.213 port 41366 Jun 24 21:46:00 OPSO sshd\[23010\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.53.7.213 Jun 24 21:46:02 OPSO sshd\[23010\]: Failed password for invalid user shao from 80.53.7.213 port 41366 ssh2 Jun 24 21:48:23 OPSO sshd\[23076\]: Invalid user dev from 80.53.7.213 port 54997 Jun 24 21:48:23 OPSO sshd\[23076\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.53.7.213 |
2019-06-25 03:56:03 |
| 180.182.245.145 | attackbots | [portscan] tcp/23 [TELNET] *(RWIN=44738)(06240931) |
2019-06-25 04:21:01 |
| 109.190.153.178 | attackspam | Jun 24 20:23:17 amit sshd\[27002\]: Invalid user UMEK00Qnr from 109.190.153.178 Jun 24 20:23:17 amit sshd\[27002\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.190.153.178 Jun 24 20:23:18 amit sshd\[27002\]: Failed password for invalid user UMEK00Qnr from 109.190.153.178 port 49126 ssh2 ... |
2019-06-25 03:54:01 |
| 201.234.57.230 | attack | [SMB remote code execution attempt: port tcp/445] *(RWIN=8192)(06240931) |
2019-06-25 04:16:36 |
| 68.183.192.249 | attackbots | Scanning random ports - tries to find possible vulnerable services |
2019-06-25 03:57:00 |
| 144.217.161.78 | attackbots | Invalid user rds from 144.217.161.78 port 56904 |
2019-06-25 03:52:54 |
| 138.68.171.25 | attack | Jun 24 19:27:47 vps65 sshd\[6666\]: Invalid user se from 138.68.171.25 port 43200 Jun 24 19:27:47 vps65 sshd\[6666\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.171.25 ... |
2019-06-25 03:53:11 |
| 125.234.109.236 | attack | [SMB remote code execution attempt: port tcp/445] *(RWIN=8192)(06240931) |
2019-06-25 04:23:56 |
| 24.35.80.137 | attackbotsspam | Jun 24 20:43:30 fr01 sshd[26182]: Invalid user support from 24.35.80.137 Jun 24 20:43:30 fr01 sshd[26182]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=24.35.80.137 Jun 24 20:43:30 fr01 sshd[26182]: Invalid user support from 24.35.80.137 Jun 24 20:43:32 fr01 sshd[26182]: Failed password for invalid user support from 24.35.80.137 port 39806 ssh2 Jun 24 20:46:21 fr01 sshd[26715]: Invalid user lachlan from 24.35.80.137 ... |
2019-06-25 03:58:38 |
| 223.237.22.178 | attackbots | [SMB remote code execution attempt: port tcp/445] *(RWIN=8192)(06240931) |
2019-06-25 04:11:59 |