18.139.108.44 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Singapore

Internet Service Provider: Amazon Data Services Singapore

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt detected from IP address 18.139.108.44 to port 80 [T]	2020-02-01 17:35:18

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 18.139.108.44
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 20978
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;18.139.108.44.			IN	A

;; AUTHORITY SECTION:
.			561	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020020101 1800 900 604800 86400

;; Query time: 66 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Feb 01 17:35:11 CST 2020
;; MSG SIZE  rcvd: 117

Host info

44.108.139.18.in-addr.arpa domain name pointer ec2-18-139-108-44.ap-southeast-1.compute.amazonaws.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
44.108.139.18.in-addr.arpa	name = ec2-18-139-108-44.ap-southeast-1.compute.amazonaws.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
188.234.151.23	attackbots	TCP src-port=39241 dst-port=25 Listed on dnsbl-sorbs abuseat-org barracuda (Project Honey Pot rated Suspicious) (247)	2020-04-26 03:16:28
80.211.245.103	attackspambots	Apr 25 16:10:41 pkdns2 sshd\[29223\]: Invalid user ams from 80.211.245.103Apr 25 16:10:43 pkdns2 sshd\[29223\]: Failed password for invalid user ams from 80.211.245.103 port 48518 ssh2Apr 25 16:15:15 pkdns2 sshd\[29423\]: Invalid user qqq from 80.211.245.103Apr 25 16:15:16 pkdns2 sshd\[29423\]: Failed password for invalid user qqq from 80.211.245.103 port 60922 ssh2Apr 25 16:19:47 pkdns2 sshd\[29566\]: Invalid user nice from 80.211.245.103Apr 25 16:19:49 pkdns2 sshd\[29566\]: Failed password for invalid user nice from 80.211.245.103 port 45096 ssh2 ...	2020-04-26 03:24:17
138.197.163.11	attackspambots	Apr 25 06:55:20 server1 sshd\[13878\]: Failed password for invalid user myftp from 138.197.163.11 port 37422 ssh2 Apr 25 06:57:50 server1 sshd\[3227\]: Invalid user db2inst1 from 138.197.163.11 Apr 25 06:57:50 server1 sshd\[3227\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.163.11 Apr 25 06:57:52 server1 sshd\[3227\]: Failed password for invalid user db2inst1 from 138.197.163.11 port 50906 ssh2 Apr 25 07:00:22 server1 sshd\[19837\]: Invalid user buradrc from 138.197.163.11 ...	2020-04-26 02:59:20
201.190.236.154	attack	port scan and connect, tcp 23 (telnet)	2020-04-26 03:21:59
64.182.177.216	attackspambots	Apr 25 21:16:20 meumeu sshd[31981]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=64.182.177.216 Apr 25 21:16:22 meumeu sshd[31981]: Failed password for invalid user mybotuser from 64.182.177.216 port 43088 ssh2 Apr 25 21:19:31 meumeu sshd[32564]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=64.182.177.216 ...	2020-04-26 03:24:47
106.75.107.146	attackbots	sshd jail - ssh hack attempt	2020-04-26 03:02:54
36.26.95.179	attack	Apr 25 20:07:44 ns382633 sshd\[15854\]: Invalid user fmaster from 36.26.95.179 port 24556 Apr 25 20:07:44 ns382633 sshd\[15854\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.26.95.179 Apr 25 20:07:46 ns382633 sshd\[15854\]: Failed password for invalid user fmaster from 36.26.95.179 port 24556 ssh2 Apr 25 20:20:23 ns382633 sshd\[18516\]: Invalid user nagios from 36.26.95.179 port 24610 Apr 25 20:20:23 ns382633 sshd\[18516\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.26.95.179	2020-04-26 03:22:28
88.99.217.162	attackbotsspam	TCP src-port=50492 dst-port=25 Listed on barracuda spam-sorbs unsubscore (249)	2020-04-26 03:08:21
93.189.217.84	attackspam	SSH auth scanning - multiple failed logins	2020-04-26 03:31:04
170.106.38.190	attackspambots	'Fail2Ban'	2020-04-26 02:57:10
143.255.130.2	attackspambots	2020-04-25T10:37:26.4764851495-001 sshd[45093]: Invalid user webuser from 143.255.130.2 port 46656 2020-04-25T10:37:26.4844911495-001 sshd[45093]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=143.255.130.2 2020-04-25T10:37:26.4764851495-001 sshd[45093]: Invalid user webuser from 143.255.130.2 port 46656 2020-04-25T10:37:28.2522331495-001 sshd[45093]: Failed password for invalid user webuser from 143.255.130.2 port 46656 ssh2 2020-04-25T10:42:01.2652281495-001 sshd[45452]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=143.255.130.2 user=apache 2020-04-25T10:42:02.7872951495-001 sshd[45452]: Failed password for apache from 143.255.130.2 port 52854 ssh2 ...	2020-04-26 03:34:34
192.210.189.161	attackbotsspam	(From eric@talkwithwebvisitor.com) Hey, this is Eric and I ran across rasselfamilychiropractic.com a few minutes ago. Looks great… but now what? By that I mean, when someone like me finds your website – either through Search or just bouncing around – what happens next? Do you get a lot of leads from your site, or at least enough to make you happy? Honestly, most business websites fall a bit short when it comes to generating paying customers. Studies show that 70% of a site’s visitors disappear and are gone forever after just a moment. Here’s an idea… How about making it really EASY for every visitor who shows up to get a personal phone call you as soon as they hit your site… You can – Talk With Web Visitor is a software widget that’s works on your site, ready to capture any visitor’s Name, Email address and Phone Number. It signals you the moment they let you know they’re interested – so that you can talk to that lead while they’re literally looking over your site. CLICK HERE htt	2020-04-26 03:28:15
31.13.127.19	attack	Unauthorized connection attempt, very violent continuous attack! IP address disabled!	2020-04-26 03:22:41
180.76.182.56	attackspam	Brute force SMTP login attempted. ...	2020-04-26 03:29:33
124.29.223.61	attackspam	Email rejected due to spam filtering	2020-04-26 03:21:27

Recently Reported IPs

236.125.196.234	130.26.72.9	1.52.82.110	177.94.181.89
208.32.148.110	1.10.143.145	150.143.55.135	194.13.97.3
14.244.190.48	112.99.161.250	52.61.31.0	223.155.46.157
111.246.143.181	136.255.232.155	198.117.171.14	242.77.111.12
223.149.228.37	173.2.47.182	42.125.120.225	247.201.168.87