139.162.2.70 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Singapore

Internet Service Provider: Linode LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	none	2019-10-22 23:34:55

Comments on same subnet:

IP	Type	Details	Datetime
139.162.214.192	spambotsattack	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2023-02-18 16:15:46
139.162.247.102	attack	OSSEC HIDS Notification. 2020 Oct 15 19:14:19 Received From: shared->/var/log/secure Rule: 1002 fired (level 2) -> "Unknown problem somewhere in the system." Portion of the log(s): Oct 15 19:14:18 shared sshd[2970433]: ssh_dispatch_run_fatal: Connection from 139.162.247.102 port 41166: bignum is negative [preauth] --END OF NOTIFICATION	2020-10-20 08:52:36
139.162.217.250	attack	WebSpam Attack	2020-10-07 05:56:21
139.162.217.250	attackbots	WebSpam Attack	2020-10-06 22:09:25
139.162.217.250	attack	WebSpam Attack	2020-10-06 13:52:46
139.162.247.102	attack	firewall-block, port(s): 22/tcp	2020-10-01 03:25:46
139.162.247.102	attackspambots	honeypot 22 port	2020-09-30 01:51:04
139.162.247.102	attackspam	Sep 29 12:19:00 baraca inetd[76034]: refused connection from scan003.ampereinnotech.com, service sshd (tcp) Sep 29 12:19:01 baraca inetd[76035]: refused connection from scan003.ampereinnotech.com, service sshd (tcp) Sep 29 12:19:02 baraca inetd[76038]: refused connection from scan003.ampereinnotech.com, service sshd (tcp) ...	2020-09-29 17:51:13
139.162.247.102	attackbotsspam	IP 139.162.247.102 attacked honeypot on port: 22 at 9/26/2020 5:56:09 AM	2020-09-26 21:09:12
139.162.247.102	attackbotsspam	Sep2601:57:57server6sshd[14291]:refusedconnectfrom139.162.247.102\(139.162.247.102\)Sep2601:58:02server6sshd[14327]:refusedconnectfrom139.162.247.102\(139.162.247.102\)Sep2601:58:07server6sshd[14343]:refusedconnectfrom139.162.247.102\(139.162.247.102\)Sep2601:58:12server6sshd[14360]:refusedconnectfrom139.162.247.102\(139.162.247.102\)Sep2601:58:17server6sshd[14374]:refusedconnectfrom139.162.247.102\(139.162.247.102\)	2020-09-26 12:51:05
139.162.245.68	attackspam	Found on Block CINS-badguys / proto=6 . srcport=50055 . dstport=9200 . (3216)	2020-09-22 23:57:27
139.162.245.68	attackspam	Found on Block CINS-badguys / proto=6 . srcport=50055 . dstport=9200 . (3216)	2020-09-22 16:01:33
139.162.245.68	attackbotsspam	Found on Block CINS-badguys / proto=6 . srcport=50055 . dstport=9200 . (3216)	2020-09-22 08:05:11
139.162.252.121	attackspambots	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: li1537-121.members.linode.com.	2020-09-06 02:31:22
139.162.252.121	attack	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: li1537-121.members.linode.com.	2020-09-05 18:06:32

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.162.2.70
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 47247
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.162.2.70.			IN	A

;; AUTHORITY SECTION:
.			540	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019102200 1800 900 604800 86400

;; Query time: 112 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Oct 22 23:34:43 CST 2019
;; MSG SIZE  rcvd: 116

Host info

70.2.162.139.in-addr.arpa domain name pointer min-li-sg-10-07-92674-v-prod.binaryedge.ninja.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
70.2.162.139.in-addr.arpa	name = min-li-sg-10-07-92674-v-prod.binaryedge.ninja.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
104.248.174.126	attack	Jul 5 17:32:20 itv-usvr-02 sshd[14370]: Invalid user fo from 104.248.174.126 port 52556 Jul 5 17:32:20 itv-usvr-02 sshd[14370]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.174.126 Jul 5 17:32:20 itv-usvr-02 sshd[14370]: Invalid user fo from 104.248.174.126 port 52556 Jul 5 17:32:22 itv-usvr-02 sshd[14370]: Failed password for invalid user fo from 104.248.174.126 port 52556 ssh2 Jul 5 17:38:57 itv-usvr-02 sshd[14405]: Invalid user stream from 104.248.174.126 port 51180	2019-07-05 23:16:58
103.91.94.237	attack	Automatic report - Web App Attack	2019-07-05 23:22:01
204.48.31.143	attack	Jul 5 09:45:35 localhost sshd\[13988\]: Invalid user deployer from 204.48.31.143 port 53606 Jul 5 09:45:35 localhost sshd\[13988\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=204.48.31.143 Jul 5 09:45:37 localhost sshd\[13988\]: Failed password for invalid user deployer from 204.48.31.143 port 53606 ssh2 ...	2019-07-05 23:25:13
105.112.96.22	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-03 18:43:43,725 INFO [shellcode_manager] (105.112.96.22) no match, writing hexdump (693df5215b87095b873fc3e16fd59056 :2080395) - MS17010 (EternalBlue)	2019-07-05 23:10:19
79.174.248.224	attackbotsspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-05 13:31:16,058 INFO [amun_request_handler] PortScan Detected on Port: 445 (79.174.248.224)	2019-07-06 00:16:18
87.10.205.207	attackbots	Jul 5 14:49:25 animalibera sshd[9787]: Invalid user simon from 87.10.205.207 port 62914 ...	2019-07-05 23:14:08
198.245.61.119	attack	WordPress wp-login brute force :: 198.245.61.119 0.128 BYPASS [05/Jul/2019:21:24:14 1000] [censored_1] "POST /wp-login.php HTTP/1.1" 200 3972 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-07-05 23:12:06
159.65.175.37	attackbots	Jul 5 17:20:22 v22018076622670303 sshd\[13926\]: Invalid user alessandra from 159.65.175.37 port 56218 Jul 5 17:20:22 v22018076622670303 sshd\[13926\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.175.37 Jul 5 17:20:24 v22018076622670303 sshd\[13926\]: Failed password for invalid user alessandra from 159.65.175.37 port 56218 ssh2 ...	2019-07-06 00:12:53
177.130.160.173	attack	failed_logins	2019-07-05 23:28:10
159.65.255.153	attack	detected by Fail2Ban	2019-07-05 23:29:26
192.99.12.35	attack	192.99.12.35 - - [05/Jul/2019:16:05:24 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 192.99.12.35 - - [05/Jul/2019:16:05:25 +0200] "POST /wp-login.php HTTP/1.1" 200 1503 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 192.99.12.35 - - [05/Jul/2019:16:05:26 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 192.99.12.35 - - [05/Jul/2019:16:05:26 +0200] "POST /wp-login.php HTTP/1.1" 200 1489 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 192.99.12.35 - - [05/Jul/2019:16:05:27 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 192.99.12.35 - - [05/Jul/2019:16:05:27 +0200] "POST /wp-login.php HTTP/1.1" 200 1491 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-07-05 23:40:01
195.171.28.9	attack	Scanning and Vuln Attempts	2019-07-05 23:25:50
196.159.11.143	attackbots	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-05 06:24:24,986 INFO [amun_request_handler] PortScan Detected on Port: 445 (196.159.11.143)	2019-07-05 23:54:41
185.234.216.219	attackspambots	[portscan] Port scan	2019-07-06 00:09:48
104.236.28.167	attackspam	Jul 5 11:54:47 dedicated sshd[12070]: Invalid user test from 104.236.28.167 port 41762	2019-07-05 23:31:03

Recently Reported IPs

51.223.116.108	168.134.96.101	238.216.231.246	162.38.205.224
26.111.252.28	52.172.211.23	7.245.113.232	37.72.175.124
109.14.143.246	42.111.4.226	178.19.105.242	54.39.144.195
50.63.166.232	103.141.138.130	145.255.180.214	106.75.122.202
171.122.94.75	166.182.248.245	2401:2500:102:1a03:133:242:177:135	45.32.193.200