162.241.139.106

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: Unified Layer

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Mar 16 06:07:33 exim[12684]: [1\103] 1jDhyN-0003Ia-KF H=kle.klezcar.com [162.241.139.106] X=TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256 CV=no F= rejected after DATA: This message scored 18.5 spam points.	2020-03-16 22:27:27
attack	Dec 23 01:13:32 debian sshd[17554]: Unable to negotiate with 162.241.139.106 port 44060: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth] Dec 23 01:27:24 debian sshd[18130]: Unable to negotiate with 162.241.139.106 port 39978: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth] ...	2019-12-23 18:23:43

Type

Details

Datetime

attackspam

Mar 16 06:07:33  exim[12684]: [1\103] 1jDhyN-0003Ia-KF H=kle.klezcar.com [162.241.139.106] X=TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256 CV=no F= rejected after DATA: This message scored 18.5 spam points.

2020-03-16 22:27:27

attack

Dec 23 01:13:32 debian sshd[17554]: Unable to negotiate with 162.241.139.106 port 44060: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth]
Dec 23 01:27:24 debian sshd[18130]: Unable to negotiate with 162.241.139.106 port 39978: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth]
...

2019-12-23 18:23:43

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 162.241.139.106
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 33075
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;162.241.139.106.		IN	A

;; AUTHORITY SECTION:
.			443	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019122300 1800 900 604800 86400

;; Query time: 29 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Dec 23 18:23:38 CST 2019
;; MSG SIZE  rcvd: 119

Host info

106.139.241.162.in-addr.arpa domain name pointer kle.klezcar.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
106.139.241.162.in-addr.arpa	name = kle.klezcar.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
42.57.203.243	attack	Unauthorised access (Jul 14) SRC=42.57.203.243 LEN=40 TTL=49 ID=27441 TCP DPT=23 WINDOW=43325 SYN	2019-07-14 23:21:02
78.128.113.67	attackspam	smtp attack	2019-07-14 23:06:47
168.167.36.253	attack	Jul 14 16:29:57 rpi sshd[25733]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.167.36.253 Jul 14 16:29:58 rpi sshd[25733]: Failed password for invalid user cesar from 168.167.36.253 port 52690 ssh2	2019-07-14 22:58:35
108.61.202.67	attack	firewall-block, port(s): 11035/tcp, 15299/tcp, 15757/tcp	2019-07-14 22:51:15
189.135.153.229	attack	Automatic report - Port Scan Attack	2019-07-14 23:08:39
138.97.233.92	attackspam	Automatic report - Port Scan Attack	2019-07-14 23:11:43
103.236.253.45	attackspambots	Jul 14 17:41:03 dev sshd\[18856\]: Invalid user dw from 103.236.253.45 port 48821 Jul 14 17:41:03 dev sshd\[18856\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.236.253.45 ...	2019-07-14 23:53:36
188.166.72.215	attack	WordPress XMLRPC scan :: 188.166.72.215 0.348 BYPASS [14/Jul/2019:20:29:02 1000] [censored_1] "POST /xmlrpc.php HTTP/1.1" 503 21360 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-07-15 00:07:07
188.162.40.171	attackbots	Unauthorized connection attempt from IP address 188.162.40.171 on Port 445(SMB)	2019-07-14 22:42:12
36.67.165.58	attackspam	Automatic report - Port Scan Attack	2019-07-14 23:21:45
42.202.34.140	attackspam	Automatic report generated by Wazuh	2019-07-15 00:02:36
153.36.240.126	attackspambots	Bruteforce on SSH Honeypot	2019-07-14 23:05:30
35.155.214.214	attack	RDP Bruteforce	2019-07-14 23:06:21
35.137.135.252	attackspam	Jul 14 16:44:30 MainVPS sshd[10415]: Invalid user rsyncd from 35.137.135.252 port 51722 Jul 14 16:44:30 MainVPS sshd[10415]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.137.135.252 Jul 14 16:44:30 MainVPS sshd[10415]: Invalid user rsyncd from 35.137.135.252 port 51722 Jul 14 16:44:32 MainVPS sshd[10415]: Failed password for invalid user rsyncd from 35.137.135.252 port 51722 ssh2 Jul 14 16:50:05 MainVPS sshd[10846]: Invalid user elastic from 35.137.135.252 port 49614 ...	2019-07-15 00:09:43
189.145.105.218	attack	firewall-block, port(s): 445/tcp	2019-07-14 22:42:42

Recently Reported IPs

41.47.202.132	197.60.246.77	197.42.153.134	156.207.129.238
197.48.111.90	197.36.245.82	118.254.166.191	156.218.126.173
156.209.196.150	119.163.155.211	197.214.10.229	180.254.137.178
41.237.33.100	156.206.89.247	197.61.124.203	185.24.233.60
123.24.2.72	36.75.65.145	41.239.181.72	153.126.151.55