JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 139.162.68.249

139.162.68.249 was found in our database!

This IP was reported 16 times. Confidence of Abuse is 49%: ?

49%

ISP	139.162.0.0/16
Usage Type	Data Center/Web Hosting/Transit
ASN	AS63949
Hostname(s)	139-162-68-249.ip.linodeusercontent.com
Domain Name	linode.com
Country	🇯🇵 Japan
City	Tokyo, Tokyo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 139.162.68.249

Whois 139.162.68.249

IP Abuse Reports for 139.162.68.249:

This IP address has been reported a total of 16 times from 14 distinct sources. 139.162.68.249 was first reported on December 20th 2020, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 andreighitan	2026-06-25 13:57:06 (4 days ago)	Automated exploit scanner — credential harvesting (.env, wp-config, GitLab secrets, Drupal config), ... show more Automated exploit scanner — credential harvesting (.env, wp-config, GitLab secrets, Drupal config), webshell probing against WordPress hosting server. Sustained attack campaign since April 2026. show less	Web App Attack
🇳🇱 bazter.pro	2026-06-22 18:24:29 (1 week ago)	139.162.68.249 - - [22/Jun/2026:18:24:28 +0000] "GET /.git/credentials HTTP/1.1" 404 306 "-" "Mozill ... show more 139.162.68.249 - - [22/Jun/2026:18:24:28 +0000] "GET /.git/credentials HTTP/1.1" 404 306 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" ... show less	Port Scan Brute-Force Bad Web Bot Web App Attack SSH
🇫🇷 dynamix	2026-06-22 16:01:53 (1 week ago)	Multiple WAF Violations	Web App Attack
🇳🇱 ConsulHosting	2026-06-22 16:00:21 (1 week ago)	Excessive failed CAPTCHA attempts (CAPTCHA DoS)	Web App Attack
🇺🇸 juguemosalacarioca.com	2026-06-21 15:23:52 (1 week ago)	Multiple HTTP calls attempting to GET resources using common/malformed API calls or formats on port ... show more Multiple HTTP calls attempting to GET resources using common/malformed API calls or formats on port 8080 show less	Web App Attack
🇩🇪 Enno	2026-06-21 06:51:17 (1 week ago)	P04::Fail2Ban: automated bot scanning / credential probing detected.	Web App Attack Bad Web Bot
Anonymous	2026-06-21 04:20:15 (1 week ago)	Fuzzing/Looking for credentials files.	Brute-Force Web App Attack
🇫🇮 Kimmo Rieskaniemi	2026-06-21 02:55:50 (1 week ago)	CrowdSec triggered crowdsecurity/http-probing	Web App Attack Hacking
🇫🇮 payincog	2026-06-20 22:05:19 (1 week ago)	Date: Jun 21 00:07:58 2026 EAT \| Reported IP: 139.162.68.249 mod_security \| id: 920350 930130 949110 ... show more Date: Jun 21 00:07:58 2026 EAT \| Reported IP: 139.162.68.249 mod_security \| id: 920350 930130 949110 920440 \| JP/pay.my_domain/- \| Connections: 1 \| Blocked: Permanent Block: [LF_MODSEC] \| Logs: ; Host header is a numeric IP address; Host header is a numeric IP address; Host header is a numeric IP address; Host header is a numeric IP address; Host header is a numeric IP address; Restricted File Access Attempt; Inbound Anomaly Score Exceeded (Total Score: 8); Host header is a numeric IP address; Host header is a numeric IP address; Host header is a numeric IP address; Host header is a numeric IP address; Host header is a numeric IP address; URL file extension is restricted by policy; Restricted File Access Attempt; Inbound Anomaly Score Exceeded (Total Score: 8); Host header is a numeric IP address; Host header is a numeric IP address; Host header is a numeric IP address; Host header is a numeric IP address; Host header is a numeric IP ad show less	SQL Injection Brute-Force Bad Web Bot
Anonymous	2020-12-25 06:26:00 (5 years ago)	srcport=50427 dstport=4971 attackid=16777324 severity=critical proto=6 logid=0720018432 service=tcp/ ... show more srcport=50427 dstport=4971 attackid=16777324 severity=critical proto=6 logid=0720018432 service=tcp/4971 eventtime=1608855974518770401 count=35 policyid=1 crscore=50 craction=4096 crlevel=critical srcintfrole=wan policytype=DoS-policy srcintf=wan1 ref=http://www.fortinet.com/ids/VID16777324 attack=ip_dst_session eventtype=anomaly srccountry=Japan msg=anomaly: ip_dst_session 501 > threshold 500 repeats 35 times threatlevel=4 threat=ip_dst_session threattype=ips tz=+0100 devid=FGT60FTK19000275 vd=root csf=RDTFABRIC dtime=2020-12-25 01:26:14 itime_t=1608855974 devname=FGT60FTK19000275 show less	Port Scan
🇳🇴 sverre26	2020-12-25 01:09:10 (5 years ago)	Port scan	Port Scan
🇳🇴 sverre26	2020-12-23 23:03:06 (5 years ago)	Port scan	Port Scan
🇮🇪 RoboSOC	2020-12-23 21:47:05 (5 years ago)	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: li1548-249.members.linode.com.	Port Scan
🇸🇪 Clanwarz	2020-12-23 20:11:46 (5 years ago)	[Wed Dec 23 20:07:36 2020] - DDoS Attack From IP: 139.162.68.249 Port: 50427	DDoS Attack Exploited Host
🇨🇿 0x44	2020-12-20 21:59:35 (5 years ago)	Dec 21 02:43:31 [496270.914153] [UFW BLOCK] OUT= MAC=00:01:e8:d8:95:35:08:00 SRC=139.162.68.249 DS ... show more Dec 21 02:43:31 [496270.914153] [UFW BLOCK] OUT= MAC=00:01:e8:d8:95:35:08:00 SRC=139.162.68.249 DST=IP hidden LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=8356 PROTO=TCP SPT=49516 DPT=6868 WINDOW=1024 RES=0x00 SYN URGP=0 Dec 21 02:43:58 [496298.316608] [UFW BLOCK] OUT= MAC=00:01:e8:d8:95:35:08:00 SRC=139.162.68.249 DST=IP hidden LEN=40 TOS=0x00 PREC=0x00 TTL=240 ID=16497 PROTO=TCP SPT=49516 DPT=2250 WINDOW=1024 RES=0x00 SYN URGP=0 D ... show less	Port Scan

Showing 1 to 15 of 16 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 191.102.179.197

🇺🇸 191.102.179.39

🇺🇸 191.102.174.89

🇧🇷 187.34.66.141

🇰🇷 175.207.254.233

🇻🇳 171.231.182.115

🇺🇸 162.216.149.194

🇺🇸 146.88.240.136

🇨🇳 122.230.51.88

🇨🇳 121.89.86.241

🇳🇱 91.92.40.10

🇧🇬 79.124.49.174

🇺🇸 71.27.86.44

🇺🇸 64.62.197.100

🇧🇷 45.205.1.206

🇺🇸 45.194.67.29

🇻🇳 14.226.219.176

🇺🇸 2a03:2880:f806:4c::

🇬🇧 217.146.80.114

🇺🇸 191.102.174.221