JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 139.162.57.249

139.162.57.249 was found in our database!

This IP was reported 57 times. Confidence of Abuse is 83%: ?

83%

ISP	139.162.0.0/16
Usage Type	Data Center/Web Hosting/Transit
ASN	AS63949
Hostname(s)	139-162-57-249.ip.linodeusercontent.com
Domain Name	linode.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 139.162.57.249

Whois 139.162.57.249

IP Abuse Reports for 139.162.57.249:

This IP address has been reported a total of 57 times from 16 distinct sources. 139.162.57.249 was first reported on January 29th 2024, and the most recent report was 23 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-18 03:25:28 (23 minutes ago)	(mod_security) mod_security (id:210492) triggered by 139.162.57.249 (139-162-57-249.ip.linodeusercon ... show more (mod_security) mod_security (id:210492) triggered by 139.162.57.249 (139-162-57-249.ip.linodeusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 23:25:24.854210 2026] [security2:error] [pid 21657:tid 21657] [client 139.162.57.249:53455] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "creekside.biz"] [uri "/sftp-config.json"] [unique_id "ajNlJBg4EvQhLHhNx551LAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-18 03:04:44 (43 minutes ago)	(mod_security) mod_security (id:210492) triggered by 139.162.57.249 (139-162-57-249.ip.linodeusercon ... show more (mod_security) mod_security (id:210492) triggered by 139.162.57.249 (139-162-57-249.ip.linodeusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 23:04:41.224916 2026] [security2:error] [pid 5408:tid 5429] [client 139.162.57.249:55513] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "conceptsinammunition.com"] [uri "/sftp-config.json"] [unique_id "ajNgSaFbO_zfX5KBdTegwgAAAVE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-18 01:26:52 (2 hours ago)	(mod_security) mod_security (id:210492) triggered by 139.162.57.249 (139-162-57-249.ip.linodeusercon ... show more (mod_security) mod_security (id:210492) triggered by 139.162.57.249 (139-162-57-249.ip.linodeusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 21:26:47.372858 2026] [security2:error] [pid 14405:tid 14405] [client 139.162.57.249:63427] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "creektech.com"] [uri "/sftp-config.json"] [unique_id "ajNJVx97_9Br0Ty9b0fShAAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-06-18 01:07:00 (2 hours ago)	Too many Status 40X (17)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-17 22:06:48 (5 hours ago)	(mod_security) mod_security (id:210492) triggered by 139.162.57.249 (139-162-57-249.ip.linodeusercon ... show more (mod_security) mod_security (id:210492) triggered by 139.162.57.249 (139-162-57-249.ip.linodeusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 18:06:42.693306 2026] [security2:error] [pid 22199:tid 22199] [client 139.162.57.249:63235] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.colorwize.com"] [uri "/sftp-config.json"] [unique_id "ajMacsEyoJB4YYSGh_uVLQAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-17 19:57:24 (7 hours ago)	(mod_security) mod_security (id:210492) triggered by 139.162.57.249 (139-162-57-249.ip.linodeusercon ... show more (mod_security) mod_security (id:210492) triggered by 139.162.57.249 (139-162-57-249.ip.linodeusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 15:57:19.774622 2026] [security2:error] [pid 21498:tid 21498] [client 139.162.57.249:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "colonybet.com"] [uri "/sftp-config.json"] [unique_id "ajL8H7DyFdmDCtRh891vIAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-17 18:57:44 (8 hours ago)	(mod_security) mod_security (id:210492) triggered by 139.162.57.249 (139-162-57-249.ip.linodeusercon ... show more (mod_security) mod_security (id:210492) triggered by 139.162.57.249 (139-162-57-249.ip.linodeusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 14:57:36.888206 2026] [security2:error] [pid 15782:tid 15782] [client 139.162.57.249:50521] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "craftammie.com"] [uri "/sftp-config.json"] [unique_id "ajLuIEb4JaaT2dILtaL6wAAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-17 14:34:46 (13 hours ago)	(mod_security) mod_security (id:210492) triggered by 139.162.57.249 (139-162-57-249.ip.linodeusercon ... show more (mod_security) mod_security (id:210492) triggered by 139.162.57.249 (139-162-57-249.ip.linodeusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 10:34:40.925365 2026] [security2:error] [pid 4202:tid 4202] [client 139.162.57.249:59603] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "corstratinc.com"] [uri "/sftp-config.json"] [unique_id "ajKwgHyLNaLEEi_Fd2AHyAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 OptimusGO	2026-06-17 14:29:29 (13 hours ago)	Malicious activity detected: web_attack Server: commstackbc (185.127.18.66) Attack: web_attack Time ... show more Malicious activity detected: web_attack Server: commstackbc (185.127.18.66) Attack: web_attack Timestamp: 2026-06-17 15:29:29 UTC Log evidence: 06/17/2026-15:29:27.820987 [] [1:2015940:5] ET SCAN SFTP/FTP Password Exposure via sftp-config.json [] [Classification: Attempted Information Leak] [Priority: 2] {TCP} 139.162.57.249:59105 -> 185.127.18.66:80 06/17/2026-15:29:28.490653 [] [1:2044504:1] ET INFO Request for Visual Studio Code sftp.json - Possible Information Leak [] [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 139.162.57.249:55172 -> 185.127.18.66:80 show less	Port Scan Brute-Force
🇺🇸 TPI-Abuse	2026-06-17 13:34:16 (14 hours ago)	(mod_security) mod_security (id:210492) triggered by 139.162.57.249 (139-162-57-249.ip.linodeusercon ... show more (mod_security) mod_security (id:210492) triggered by 139.162.57.249 (139-162-57-249.ip.linodeusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 09:34:10.373814 2026] [security2:error] [pid 20434:tid 20457] [client 139.162.57.249:51474] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "credit-card-cap.com"] [uri "/sftp-config.json"] [unique_id "ajKiUjCHp_dd27OqdkTcwwAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-17 12:57:05 (14 hours ago)	(mod_security) mod_security (id:210492) triggered by 139.162.57.249 (139-162-57-249.ip.linodeusercon ... show more (mod_security) mod_security (id:210492) triggered by 139.162.57.249 (139-162-57-249.ip.linodeusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 08:57:02.517632 2026] [security2:error] [pid 17237:tid 17237] [client 139.162.57.249:56069] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "computersraleigh.com"] [uri "/sftp-config.json"] [unique_id "ajKZnmg4B6EvrgJupy8iOgAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 consul.to	2026-06-17 10:59:13 (16 hours ago)	Web attack/malicious scanning detected	Web App Attack
🇬🇧 thetomtaylor.co.uk	2026-06-17 10:07:03 (17 hours ago)	Fail2Ban - [WEB]Custom exploit pattern detected on customexploits ... [ice01,wa01,wa02]	Hacking Brute-Force Bad Web Bot Web App Attack
🇨🇭 4server	2026-06-17 04:56:22 (22 hours ago)	[WedJun1706:56:18.2772172026][security2:error][pid3512456:tid3512633][client139.162.57.249:0]ModSecu ... show more [WedJun1706:56:18.2772172026][security2:error][pid3512456:tid3512633][client139.162.57.249:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"creazione-siti-ticino.ch\"][uri\"/sftp-config.json\"][unique_id\"ajIo8t21I4CvZSr6OWBZkQAAAFM\"] show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-17 04:20:52 (23 hours ago)	(mod_security) mod_security (id:210492) triggered by 139.162.57.249 (139-162-57-249.ip.linodeusercon ... show more (mod_security) mod_security (id:210492) triggered by 139.162.57.249 (139-162-57-249.ip.linodeusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 00:20:49.358512 2026] [security2:error] [pid 16940:tid 16940] [client 139.162.57.249:58127] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "coroneta.com"] [uri "/sftp-config.json"] [unique_id "ajIgodkR_NBYRfJB6cCG0AAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 57 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 185.223.235.21

🇩🇪 185.201.138.253

🇭🇰 103.52.153.215

🇫🇷 91.231.89.81

🇱🇹 81.30.98.44

🇺🇸 54.70.103.169

🇺🇸 208.72.154.124

🇮🇳 202.141.94.121

🇹🇳 196.235.142.40

🇷🇺 195.206.38.234

🇷🇴 194.102.73.93

🇪🇸 193.46.192.20

🇲🇽 187.191.48.4

🇸🇪 170.168.240.164

🇺🇸 152.32.234.97

🇺🇸 142.93.243.170

🇺🇸 98.121.205.251

🇸🇪 94.255.255.26

🇫🇷 91.231.89.68

🇺🇦 82.24.224.198