139.162.247.102

Basic Info

City: unknown

Region: unknown

Country: United Kingdom of Great Britain and Northern Ireland

Internet Service Provider: Linode LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	OSSEC HIDS Notification. 2020 Oct 15 19:14:19 Received From: shared->/var/log/secure Rule: 1002 fired (level 2) -> "Unknown problem somewhere in the system." Portion of the log(s): Oct 15 19:14:18 shared sshd[2970433]: ssh_dispatch_run_fatal: Connection from 139.162.247.102 port 41166: bignum is negative [preauth] --END OF NOTIFICATION	2020-10-20 08:52:36
attack	firewall-block, port(s): 22/tcp	2020-10-01 03:25:46
attackspambots	honeypot 22 port	2020-09-30 01:51:04
attackspam	Sep 29 12:19:00 baraca inetd[76034]: refused connection from scan003.ampereinnotech.com, service sshd (tcp) Sep 29 12:19:01 baraca inetd[76035]: refused connection from scan003.ampereinnotech.com, service sshd (tcp) Sep 29 12:19:02 baraca inetd[76038]: refused connection from scan003.ampereinnotech.com, service sshd (tcp) ...	2020-09-29 17:51:13
attackbotsspam	IP 139.162.247.102 attacked honeypot on port: 22 at 9/26/2020 5:56:09 AM	2020-09-26 21:09:12
attackbotsspam	Sep2601:57:57server6sshd[14291]:refusedconnectfrom139.162.247.102\(139.162.247.102\)Sep2601:58:02server6sshd[14327]:refusedconnectfrom139.162.247.102\(139.162.247.102\)Sep2601:58:07server6sshd[14343]:refusedconnectfrom139.162.247.102\(139.162.247.102\)Sep2601:58:12server6sshd[14360]:refusedconnectfrom139.162.247.102\(139.162.247.102\)Sep2601:58:17server6sshd[14374]:refusedconnectfrom139.162.247.102\(139.162.247.102\)	2020-09-26 12:51:05

Comments on same subnet:

IP	Type	Details	Datetime
139.162.247.56	attackbots	UDP 139.162.247.56:43859 -> port 5353, len 74	2020-07-21 07:26:26
139.162.247.141	attackspam	2020-06-29T23:43:46.057039lavrinenko.info sshd[29353]: Invalid user natanael from 139.162.247.141 port 53110 2020-06-29T23:43:46.061306lavrinenko.info sshd[29353]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.162.247.141 2020-06-29T23:43:46.057039lavrinenko.info sshd[29353]: Invalid user natanael from 139.162.247.141 port 53110 2020-06-29T23:43:47.955905lavrinenko.info sshd[29353]: Failed password for invalid user natanael from 139.162.247.141 port 53110 ssh2 2020-06-29T23:47:07.400609lavrinenko.info sshd[29506]: Invalid user mk from 139.162.247.141 port 54198 ...	2020-06-30 08:33:43

Type

Details

Datetime

139.162.247.56

attackbots

 UDP 139.162.247.56:43859 -> port 5353, len 74

2020-07-21 07:26:26

139.162.247.141

attackspam

2020-06-29T23:43:46.057039lavrinenko.info sshd[29353]: Invalid user natanael from 139.162.247.141 port 53110
2020-06-29T23:43:46.061306lavrinenko.info sshd[29353]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.162.247.141
2020-06-29T23:43:46.057039lavrinenko.info sshd[29353]: Invalid user natanael from 139.162.247.141 port 53110
2020-06-29T23:43:47.955905lavrinenko.info sshd[29353]: Failed password for invalid user natanael from 139.162.247.141 port 53110 ssh2
2020-06-29T23:47:07.400609lavrinenko.info sshd[29506]: Invalid user mk from 139.162.247.141 port 54198
...

2020-06-30 08:33:43

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.162.247.102
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 33367
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.162.247.102.		IN	A

;; AUTHORITY SECTION:
.			365	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020092502 1800 900 604800 86400

;; Query time: 72 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Sep 26 12:51:02 CST 2020
;; MSG SIZE  rcvd: 119

Host info

102.247.162.139.in-addr.arpa domain name pointer scan003.ampereinnotech.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
102.247.162.139.in-addr.arpa	name = scan003.ampereinnotech.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
129.150.112.159	attack	SSH Brute Force, server-1 sshd[1388]: Failed password for invalid user copy from 129.150.112.159 port 58218 ssh2	2019-07-08 06:29:39
183.83.48.95	attackspam	php WP PHPmyadamin ABUSE blocked for 12h	2019-07-08 06:33:16
81.169.179.75	attackspam	xmlrpc attack	2019-07-08 06:24:25
156.67.213.1	attackbotsspam	xmlrpc attack	2019-07-08 06:20:29
124.243.198.190	attackbots	FTP Brute-Force reported by Fail2Ban	2019-07-08 06:06:42
41.191.101.4	attackbots	Jul 7 23:26:53 vps65 sshd\[4991\]: Invalid user ta from 41.191.101.4 port 60112 Jul 7 23:26:53 vps65 sshd\[4991\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.191.101.4 ...	2019-07-08 06:17:50
177.74.182.232	attackspam	Jul 7 08:27:00 mailman postfix/smtpd[2436]: warning: unknown[177.74.182.232]: SASL PLAIN authentication failed: authentication failure	2019-07-08 05:57:42
106.248.41.245	attackspam	Jul 7 15:20:29 eventyay sshd[9011]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.248.41.245 Jul 7 15:20:31 eventyay sshd[9011]: Failed password for invalid user facturacion from 106.248.41.245 port 35972 ssh2 Jul 7 15:24:44 eventyay sshd[9999]: Failed password for root from 106.248.41.245 port 48724 ssh2 ...	2019-07-08 06:38:52
60.168.60.152	attackbotsspam	Jul 7 15:26:33 server sshd[17139]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.168.60.152 ...	2019-07-08 06:04:59
163.179.32.29	attack	Banned for posting to wp-login.php without referer {"redirect_to":"http:\/\/yolandabradfordudoujrealtors.com\/wp-admin\/theme-install.php","pwd":"admin","log":"admin","wp-submit":"Log In","testcookie":"1"}	2019-07-08 05:58:18
79.137.33.20	attack	Jul 7 17:00:03 vps200512 sshd\[19307\]: Invalid user sonar from 79.137.33.20 Jul 7 17:00:03 vps200512 sshd\[19307\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=79.137.33.20 Jul 7 17:00:05 vps200512 sshd\[19307\]: Failed password for invalid user sonar from 79.137.33.20 port 59451 ssh2 Jul 7 17:01:52 vps200512 sshd\[19312\]: Invalid user gas from 79.137.33.20 Jul 7 17:01:52 vps200512 sshd\[19312\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=79.137.33.20	2019-07-08 05:53:58
207.180.218.172	attackbots	5080/udp 5078/udp 5072/udp... [2019-05-25/07-07]36pkt,16pt.(udp)	2019-07-08 06:30:57
186.84.229.167	attackspam	Brute forcing Wordpress login	2019-07-08 06:31:26
106.13.37.207	attack	Jul 7 15:26:45 srv206 sshd[16028]: Invalid user anselmo from 106.13.37.207 ...	2019-07-08 06:02:56
163.172.28.200	attack	2019-07-07T16:56:24.396406abusebot-5.cloudsearch.cf sshd\[9534\]: Invalid user s from 163.172.28.200 port 57024	2019-07-08 06:19:29

Recently Reported IPs

13.92.133.6	1.20.151.60	128.90.181.239	1.2.207.167
168.61.34.21	1.2.197.110	1.2.165.135	103.214.170.86
95.188.70.130	26.231.3.117	99.60.149.242	1.196.238.52
1.2.157.199	220.50.8.88	40.80.146.217	1.194.53.51
33.46.146.233	111.231.213.85	195.97.148.234	102.238.45.184