18.208.139.207

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: Amazon Technologies Inc.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	404 NOT FOUND	2019-09-07 16:44:30

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 18.208.139.207
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10087
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;18.208.139.207.			IN	A

;; AUTHORITY SECTION:
.			1436	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019090700 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Sep 07 16:44:22 CST 2019
;; MSG SIZE  rcvd: 118

Host info

207.139.208.18.in-addr.arpa domain name pointer ec2-18-208-139-207.compute-1.amazonaws.com.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
207.139.208.18.in-addr.arpa	name = ec2-18-208-139-207.compute-1.amazonaws.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
213.120.170.33	attackspambots	Oct 28 04:50:58 vps691689 sshd[17818]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.120.170.33 Oct 28 04:51:00 vps691689 sshd[17818]: Failed password for invalid user support from 213.120.170.33 port 41113 ssh2 ...	2019-10-28 12:11:07
118.24.101.182	attack	Oct 27 17:51:07 auw2 sshd\[18891\]: Invalid user goole from 118.24.101.182 Oct 27 17:51:07 auw2 sshd\[18891\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.101.182 Oct 27 17:51:09 auw2 sshd\[18891\]: Failed password for invalid user goole from 118.24.101.182 port 45496 ssh2 Oct 27 17:55:52 auw2 sshd\[19290\]: Invalid user alaimo from 118.24.101.182 Oct 27 17:55:52 auw2 sshd\[19290\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.101.182	2019-10-28 12:06:44
45.136.109.15	attack	Portscan or hack attempt detected by psad/fwsnort	2019-10-28 08:31:00
165.227.15.124	attack	165.227.15.124 - - [28/Oct/2019:05:02:38 +0100] "GET /wp-login.php HTTP/1.1" 200 1237 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 165.227.15.124 - - [28/Oct/2019:05:02:39 +0100] "POST /wp-login.php HTTP/1.1" 200 1632 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 165.227.15.124 - - [28/Oct/2019:05:02:39 +0100] "GET /wp-login.php HTTP/1.1" 200 1237 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 165.227.15.124 - - [28/Oct/2019:05:02:40 +0100] "POST /wp-login.php HTTP/1.1" 200 1607 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 165.227.15.124 - - [28/Oct/2019:05:02:41 +0100] "GET /wp-login.php HTTP/1.1" 200 1237 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 165.227.15.124 - - [28/Oct/2019:05:02:42 +0100] "POST /wp-login.php HTTP/1.1" 200 1608 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-10-28 12:13:53
81.22.45.49	attack	10/27/2019-20:24:01.537471 81.22.45.49 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-10-28 08:27:39
45.136.111.109	attack	Oct 28 04:38:44 h2177944 kernel: \[5109705.666344\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.111.109 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=15625 PROTO=TCP SPT=56825 DPT=8590 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 28 04:49:49 h2177944 kernel: \[5110369.825228\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.111.109 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=37787 PROTO=TCP SPT=56825 DPT=2990 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 28 04:56:26 h2177944 kernel: \[5110766.870854\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.111.109 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=46546 PROTO=TCP SPT=56825 DPT=1190 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 28 05:08:30 h2177944 kernel: \[5111491.363266\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.111.109 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=12668 PROTO=TCP SPT=56825 DPT=2090 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 28 05:17:08 h2177944 kernel: \[5112008.812410\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.111.109 DST=85.214.	2019-10-28 12:34:45
80.82.78.100	attack	27.10.2019 23:39:58 Connection to port 1060 blocked by firewall	2019-10-28 08:28:20
183.129.150.2	attackspambots	Oct 28 05:50:55 www sshd\[106864\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.129.150.2 user=root Oct 28 05:50:58 www sshd\[106864\]: Failed password for root from 183.129.150.2 port 51450 ssh2 Oct 28 05:55:34 www sshd\[106907\]: Invalid user lam from 183.129.150.2 Oct 28 05:55:34 www sshd\[106907\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.129.150.2 ...	2019-10-28 12:22:23
140.143.22.200	attackbots	Oct 27 23:51:19 ny01 sshd[6845]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.22.200 Oct 27 23:51:21 ny01 sshd[6845]: Failed password for invalid user rsync1111 from 140.143.22.200 port 53374 ssh2 Oct 27 23:55:44 ny01 sshd[7598]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.22.200	2019-10-28 12:12:46
92.53.65.123	attackbotsspam	7777/tcp 7773/tcp 7780/tcp... [2019-08-27/10-27]306pkt,257pt.(tcp)	2019-10-28 12:07:40
176.59.112.230	attackbotsspam	Attempt to attack host OS, exploiting network vulnerabilities, on 28-10-2019 03:55:27.	2019-10-28 12:34:06
222.186.175.161	attackbotsspam	Oct 28 05:13:06 h2177944 sshd\[29789\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.161 user=root Oct 28 05:13:08 h2177944 sshd\[29789\]: Failed password for root from 222.186.175.161 port 64418 ssh2 Oct 28 05:13:12 h2177944 sshd\[29789\]: Failed password for root from 222.186.175.161 port 64418 ssh2 Oct 28 05:13:16 h2177944 sshd\[29789\]: Failed password for root from 222.186.175.161 port 64418 ssh2 ...	2019-10-28 12:17:02
118.25.122.20	attackbots	Oct 28 03:50:40 www_kotimaassa_fi sshd[3761]: Failed password for root from 118.25.122.20 port 56250 ssh2 ...	2019-10-28 12:26:29
199.195.252.213	attack	Oct 28 04:52:14 srv01 sshd[16030]: Invalid user repos from 199.195.252.213 Oct 28 04:52:14 srv01 sshd[16030]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=199.195.252.213 Oct 28 04:52:14 srv01 sshd[16030]: Invalid user repos from 199.195.252.213 Oct 28 04:52:16 srv01 sshd[16030]: Failed password for invalid user repos from 199.195.252.213 port 36462 ssh2 Oct 28 04:55:44 srv01 sshd[16367]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=199.195.252.213 user=root Oct 28 04:55:46 srv01 sshd[16367]: Failed password for root from 199.195.252.213 port 47730 ssh2 ...	2019-10-28 12:11:35
36.74.114.9	attackspambots	Attempt to attack host OS, exploiting network vulnerabilities, on 28-10-2019 03:55:30.	2019-10-28 12:29:46

Recently Reported IPs

49.235.91.152	117.93.81.75	150.81.77.134	186.0.136.202
89.91.236.60	125.163.119.115	88.225.220.181	2.183.214.236
244.128.140.57	168.232.5.133	115.236.72.27	54.36.149.48
54.36.148.110	14.127.200.160	195.231.4.4	27.74.151.240
219.78.146.122	220.175.61.137	167.71.215.111	157.215.82.42