139.5.159.117 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Lao People's Democratic Republic

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
139.5.159.162	attackbotsspam	Unauthorized connection attempt detected from IP address 139.5.159.162 to port 445 [T]	2020-06-24 01:49:37
139.5.159.162	attackbotsspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-04-01 04:21:54
139.5.159.62	attackspambots	(sshd) Failed SSH login from 139.5.159.62 (LA/Laos/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Mar 6 00:32:57 amsweb01 sshd[20717]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.5.159.62 user=root Mar 6 00:33:00 amsweb01 sshd[20717]: Failed password for root from 139.5.159.62 port 46198 ssh2 Mar 6 00:40:47 amsweb01 sshd[21515]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.5.159.62 user=root Mar 6 00:40:49 amsweb01 sshd[21515]: Failed password for root from 139.5.159.62 port 41492 ssh2 Mar 6 00:44:46 amsweb01 sshd[21935]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.5.159.62 user=root	2020-03-06 09:31:49
139.5.159.62	attack	SSH brutforce	2020-02-15 05:50:09
139.5.159.62	attackbotsspam	Feb 4 20:04:54 nbi-636 sshd[11501]: Invalid user fcteclipserver from 139.5.159.62 port 47400 Feb 4 20:04:54 nbi-636 sshd[11501]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.5.159.62 Feb 4 20:04:56 nbi-636 sshd[11501]: Failed password for invalid user fcteclipserver from 139.5.159.62 port 47400 ssh2 Feb 4 20:04:58 nbi-636 sshd[11501]: Received disconnect from 139.5.159.62 port 47400:11: Bye Bye [preauth] Feb 4 20:04:58 nbi-636 sshd[11501]: Disconnected from invalid user fcteclipserver 139.5.159.62 port 47400 [preauth] Feb 4 20:13:53 nbi-636 sshd[14732]: Invalid user steam from 139.5.159.62 port 40958 Feb 4 20:13:53 nbi-636 sshd[14732]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.5.159.62 Feb 4 20:13:56 nbi-636 sshd[14732]: Failed password for invalid user steam from 139.5.159.62 port 40958 ssh2 Feb 4 20:13:57 nbi-636 sshd[14732]: Received disconnect from 139.5.159.6........ -------------------------------	2020-02-07 22:43:16
139.5.159.167	attackbotsspam	Unauthorized IMAP connection attempt	2019-12-01 05:58:18
139.5.159.150	attackbotsspam	port scan and connect, tcp 8000 (http-alt)	2019-09-08 14:01:32
139.5.159.162	attackbots	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-08-31 19:58:53,117 INFO [amun_request_handler] PortScan Detected on Port: 445 (139.5.159.162)	2019-09-01 09:24:22
139.5.159.162	attackbots	Sun, 21 Jul 2019 07:37:54 +0000 likely compromised host or open proxy. ddos rate spidering	2019-07-21 17:42:39

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.5.159.117
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 48073
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;139.5.159.117.			IN	A

;; AUTHORITY SECTION:
.			270	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022020702 1800 900 604800 86400

;; Query time: 65 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 08 11:49:40 CST 2022
;; MSG SIZE  rcvd: 106

Host info

Host 117.159.5.139.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 117.159.5.139.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
125.91.124.125	attackbotsspam	2020-05-25T05:47:52.960476vps751288.ovh.net sshd\[2904\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.91.124.125 user=root 2020-05-25T05:47:55.067737vps751288.ovh.net sshd\[2904\]: Failed password for root from 125.91.124.125 port 54866 ssh2 2020-05-25T05:51:51.218429vps751288.ovh.net sshd\[2932\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.91.124.125 user=root 2020-05-25T05:51:52.803557vps751288.ovh.net sshd\[2932\]: Failed password for root from 125.91.124.125 port 48297 ssh2 2020-05-25T05:56:02.264988vps751288.ovh.net sshd\[2958\]: Invalid user user from 125.91.124.125 port 41729	2020-05-25 12:18:07
94.129.80.224	attackspambots	May 25 05:53:45 xxx sshd[15898]: Failed password for r.r from 94.129.80.224 port 44096 ssh2 May 25 06:01:08 xxx sshd[17161]: Failed password for r.r from 94.129.80.224 port 12886 ssh2 May 25 06:03:39 xxx sshd[17237]: Failed password for r.r from 94.129.80.224 port 44097 ssh2 May 25 06:06:18 xxx sshd[17416]: Failed password for r.r from 94.129.80.224 port 12887 ssh2 May 25 06:08:46 xxx sshd[17488]: Invalid user sdtdserver from 94.129.80.224 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=94.129.80.224	2020-05-25 12:37:50
62.94.206.57	attackbots	2020-05-25T05:47:04.703659vps751288.ovh.net sshd\[2896\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip-206-57.sn1.clouditalia.com user=root 2020-05-25T05:47:06.558350vps751288.ovh.net sshd\[2896\]: Failed password for root from 62.94.206.57 port 48155 ssh2 2020-05-25T05:51:45.418582vps751288.ovh.net sshd\[2930\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip-206-57.sn1.clouditalia.com user=root 2020-05-25T05:51:47.183360vps751288.ovh.net sshd\[2930\]: Failed password for root from 62.94.206.57 port 50998 ssh2 2020-05-25T05:56:19.432812vps751288.ovh.net sshd\[2968\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip-206-57.sn1.clouditalia.com user=root	2020-05-25 12:05:55
221.225.81.86	attackspam	May 25 09:19:01 gw1 sshd[17529]: Failed password for root from 221.225.81.86 port 48052 ssh2 ...	2020-05-25 12:22:45
45.142.195.7	attackbots	May 25 05:57:25 relay postfix/smtpd\[26412\]: warning: unknown\[45.142.195.7\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 25 05:57:43 relay postfix/smtpd\[4921\]: warning: unknown\[45.142.195.7\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 25 05:58:17 relay postfix/smtpd\[26412\]: warning: unknown\[45.142.195.7\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 25 05:58:35 relay postfix/smtpd\[4910\]: warning: unknown\[45.142.195.7\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 25 05:59:11 relay postfix/smtpd\[3895\]: warning: unknown\[45.142.195.7\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-05-25 12:04:52
49.233.192.22	attackspam	May 25 10:51:12 webhost01 sshd[18929]: Failed password for root from 49.233.192.22 port 46198 ssh2 ...	2020-05-25 12:05:24
49.232.4.147	attackbotsspam	2020-05-25T06:53:22.092918afi-git.jinr.ru sshd[4050]: Failed password for root from 49.232.4.147 port 38030 ssh2 2020-05-25T06:55:49.801068afi-git.jinr.ru sshd[4611]: Invalid user geremk from 49.232.4.147 port 40016 2020-05-25T06:55:49.804331afi-git.jinr.ru sshd[4611]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.232.4.147 2020-05-25T06:55:49.801068afi-git.jinr.ru sshd[4611]: Invalid user geremk from 49.232.4.147 port 40016 2020-05-25T06:55:52.061892afi-git.jinr.ru sshd[4611]: Failed password for invalid user geremk from 49.232.4.147 port 40016 ssh2 ...	2020-05-25 12:30:11
167.172.139.65	attack	Auto reported by IDS	2020-05-25 12:42:39
113.99.163.135	attackbotsspam	3389BruteforceStormFW21	2020-05-25 12:31:07
136.243.37.219	attackspam	20 attempts against mh-misbehave-ban on ice	2020-05-25 12:20:28
222.186.175.154	attack	$f2bV_matches	2020-05-25 12:17:39
117.91.186.55	attackspam	DATE:2020-05-25 05:55:37, IP:117.91.186.55, PORT:ssh SSH brute force auth (docker-dc)	2020-05-25 12:41:20
82.240.54.37	attack	May 25 05:46:56 vps687878 sshd\[3056\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.240.54.37 user=root May 25 05:46:58 vps687878 sshd\[3056\]: Failed password for root from 82.240.54.37 port 10332 ssh2 May 25 05:55:16 vps687878 sshd\[3864\]: Invalid user tw from 82.240.54.37 port 17319 May 25 05:55:16 vps687878 sshd\[3864\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.240.54.37 May 25 05:55:18 vps687878 sshd\[3864\]: Failed password for invalid user tw from 82.240.54.37 port 17319 ssh2 ...	2020-05-25 12:25:05
159.65.41.159	attackspam	2020-05-25T03:48:36.325041abusebot-5.cloudsearch.cf sshd[18747]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.41.159 user=root 2020-05-25T03:48:38.472500abusebot-5.cloudsearch.cf sshd[18747]: Failed password for root from 159.65.41.159 port 38860 ssh2 2020-05-25T03:52:36.920751abusebot-5.cloudsearch.cf sshd[18805]: Invalid user sir from 159.65.41.159 port 51858 2020-05-25T03:52:36.926840abusebot-5.cloudsearch.cf sshd[18805]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.41.159 2020-05-25T03:52:36.920751abusebot-5.cloudsearch.cf sshd[18805]: Invalid user sir from 159.65.41.159 port 51858 2020-05-25T03:52:39.023680abusebot-5.cloudsearch.cf sshd[18805]: Failed password for invalid user sir from 159.65.41.159 port 51858 ssh2 2020-05-25T03:55:51.713978abusebot-5.cloudsearch.cf sshd[18816]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.41.159 u ...	2020-05-25 12:28:52
87.251.74.48	attack	IP blocked	2020-05-25 12:24:39

Recently Reported IPs

122.32.137.175	175.139.168.201	42.2.165.237	105.234.150.45
191.253.90.13	92.26.58.192	218.65.236.3	36.230.182.65
23.128.248.15	181.41.236.153	62.234.4.228	104.237.142.243
68.225.145.106	92.38.128.170	45.33.78.118	200.30.214.121
190.185.162.28	177.249.170.32	200.222.96.202	182.53.201.95