139.162.2.70 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Singapore

Internet Service Provider: Linode LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	none	2019-10-22 23:34:55

Comments on same subnet:

IP	Type	Details	Datetime
139.162.214.192	spambotsattack	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2023-02-18 16:15:46
139.162.247.102	attack	OSSEC HIDS Notification. 2020 Oct 15 19:14:19 Received From: shared->/var/log/secure Rule: 1002 fired (level 2) -> "Unknown problem somewhere in the system." Portion of the log(s): Oct 15 19:14:18 shared sshd[2970433]: ssh_dispatch_run_fatal: Connection from 139.162.247.102 port 41166: bignum is negative [preauth] --END OF NOTIFICATION	2020-10-20 08:52:36
139.162.217.250	attack	WebSpam Attack	2020-10-07 05:56:21
139.162.217.250	attackbots	WebSpam Attack	2020-10-06 22:09:25
139.162.217.250	attack	WebSpam Attack	2020-10-06 13:52:46
139.162.247.102	attack	firewall-block, port(s): 22/tcp	2020-10-01 03:25:46
139.162.247.102	attackspambots	honeypot 22 port	2020-09-30 01:51:04
139.162.247.102	attackspam	Sep 29 12:19:00 baraca inetd[76034]: refused connection from scan003.ampereinnotech.com, service sshd (tcp) Sep 29 12:19:01 baraca inetd[76035]: refused connection from scan003.ampereinnotech.com, service sshd (tcp) Sep 29 12:19:02 baraca inetd[76038]: refused connection from scan003.ampereinnotech.com, service sshd (tcp) ...	2020-09-29 17:51:13
139.162.247.102	attackbotsspam	IP 139.162.247.102 attacked honeypot on port: 22 at 9/26/2020 5:56:09 AM	2020-09-26 21:09:12
139.162.247.102	attackbotsspam	Sep2601:57:57server6sshd[14291]:refusedconnectfrom139.162.247.102\(139.162.247.102\)Sep2601:58:02server6sshd[14327]:refusedconnectfrom139.162.247.102\(139.162.247.102\)Sep2601:58:07server6sshd[14343]:refusedconnectfrom139.162.247.102\(139.162.247.102\)Sep2601:58:12server6sshd[14360]:refusedconnectfrom139.162.247.102\(139.162.247.102\)Sep2601:58:17server6sshd[14374]:refusedconnectfrom139.162.247.102\(139.162.247.102\)	2020-09-26 12:51:05
139.162.245.68	attackspam	Found on Block CINS-badguys / proto=6 . srcport=50055 . dstport=9200 . (3216)	2020-09-22 23:57:27
139.162.245.68	attackspam	Found on Block CINS-badguys / proto=6 . srcport=50055 . dstport=9200 . (3216)	2020-09-22 16:01:33
139.162.245.68	attackbotsspam	Found on Block CINS-badguys / proto=6 . srcport=50055 . dstport=9200 . (3216)	2020-09-22 08:05:11
139.162.252.121	attackspambots	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: li1537-121.members.linode.com.	2020-09-06 02:31:22
139.162.252.121	attack	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: li1537-121.members.linode.com.	2020-09-05 18:06:32

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.162.2.70
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 47247
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.162.2.70.			IN	A

;; AUTHORITY SECTION:
.			540	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019102200 1800 900 604800 86400

;; Query time: 112 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Oct 22 23:34:43 CST 2019
;; MSG SIZE  rcvd: 116

Host info

70.2.162.139.in-addr.arpa domain name pointer min-li-sg-10-07-92674-v-prod.binaryedge.ninja.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
70.2.162.139.in-addr.arpa	name = min-li-sg-10-07-92674-v-prod.binaryedge.ninja.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
102.65.153.110	attackbotsspam	Aug 30 14:14:59 debian sshd\[8389\]: Invalid user mahdi from 102.65.153.110 port 60994 Aug 30 14:14:59 debian sshd\[8389\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=102.65.153.110 ...	2019-08-30 21:19:38
58.175.144.110	attackspam	Aug 30 13:25:58 MK-Soft-VM6 sshd\[26708\]: Invalid user sales from 58.175.144.110 port 40648 Aug 30 13:25:58 MK-Soft-VM6 sshd\[26708\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.175.144.110 Aug 30 13:26:00 MK-Soft-VM6 sshd\[26708\]: Failed password for invalid user sales from 58.175.144.110 port 40648 ssh2 ...	2019-08-30 21:49:01
116.31.120.209	attackbots	Unauthorized connection attempt from IP address 116.31.120.209 on Port 445(SMB)	2019-08-30 21:04:54
92.88.7.37	attack	SSH/22 MH Probe, BF, Hack -	2019-08-30 21:27:30
138.68.212.170	attack	Automated reporting of bulk port scanning	2019-08-30 21:36:32
190.202.109.244	attackbots	Automatic report - Banned IP Access	2019-08-30 21:22:18
77.120.113.64	attackbots	Aug 30 07:22:10 plusreed sshd[21226]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=77.120.113.64 user=root Aug 30 07:22:12 plusreed sshd[21226]: Failed password for root from 77.120.113.64 port 37621 ssh2 Aug 30 07:22:14 plusreed sshd[21226]: Failed password for root from 77.120.113.64 port 37621 ssh2 Aug 30 07:22:10 plusreed sshd[21226]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=77.120.113.64 user=root Aug 30 07:22:12 plusreed sshd[21226]: Failed password for root from 77.120.113.64 port 37621 ssh2 Aug 30 07:22:14 plusreed sshd[21226]: Failed password for root from 77.120.113.64 port 37621 ssh2 Aug 30 07:22:10 plusreed sshd[21226]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=77.120.113.64 user=root Aug 30 07:22:12 plusreed sshd[21226]: Failed password for root from 77.120.113.64 port 37621 ssh2 Aug 30 07:22:14 plusreed sshd[21226]: Failed password for root from 77.120.113.64	2019-08-30 21:14:06
5.54.45.59	attack	Telnet Server BruteForce Attack	2019-08-30 20:45:49
139.255.74.130	attackspambots	Unauthorized connection attempt from IP address 139.255.74.130 on Port 445(SMB)	2019-08-30 21:02:30
177.190.89.6	attack	Excessive failed login attempts on port 587	2019-08-30 21:44:10
220.167.234.218	attackspambots	Scanning random ports - tries to find possible vulnerable services	2019-08-30 20:46:46
106.203.97.191	attackspam	Unauthorized connection attempt from IP address 106.203.97.191 on Port 445(SMB)	2019-08-30 20:56:02
154.211.99.187	attack	Aug 30 14:00:00 host proftpd\[63281\]: 0.0.0.0 \(154.211.99.187\[154.211.99.187\]\) - USER anonymous: no such user found from 154.211.99.187 \[154.211.99.187\] to 62.210.146.38:21 ...	2019-08-30 20:58:11
151.73.45.104	attackspam	Automatic report - Port Scan Attack	2019-08-30 21:31:34
218.92.0.192	attackspam	Aug 30 14:36:29 dcd-gentoo sshd[30814]: User root from 218.92.0.192 not allowed because none of user's groups are listed in AllowGroups Aug 30 14:36:31 dcd-gentoo sshd[30814]: error: PAM: Authentication failure for illegal user root from 218.92.0.192 Aug 30 14:36:29 dcd-gentoo sshd[30814]: User root from 218.92.0.192 not allowed because none of user's groups are listed in AllowGroups Aug 30 14:36:31 dcd-gentoo sshd[30814]: error: PAM: Authentication failure for illegal user root from 218.92.0.192 Aug 30 14:36:29 dcd-gentoo sshd[30814]: User root from 218.92.0.192 not allowed because none of user's groups are listed in AllowGroups Aug 30 14:36:31 dcd-gentoo sshd[30814]: error: PAM: Authentication failure for illegal user root from 218.92.0.192 Aug 30 14:36:31 dcd-gentoo sshd[30814]: Failed keyboard-interactive/pam for invalid user root from 218.92.0.192 port 42941 ssh2 ...	2019-08-30 21:21:21

Recently Reported IPs

51.223.116.108	168.134.96.101	238.216.231.246	162.38.205.224
26.111.252.28	52.172.211.23	7.245.113.232	37.72.175.124
109.14.143.246	42.111.4.226	178.19.105.242	54.39.144.195
50.63.166.232	103.141.138.130	145.255.180.214	106.75.122.202
171.122.94.75	166.182.248.245	2401:2500:102:1a03:133:242:177:135	45.32.193.200