139.59.11.31 - IPInfo

Basic Info

City: Bengaluru

Region: Karnataka

Country: India

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackproxy	, e.g. 127.0.0.1 or 2001:DB8:0:0:8:800:200C:417A	2023-01-16 21:48:53

Comments on same subnet:

IP	Type	Details	Datetime
139.59.116.115	attackspam	Oct 9 19:17:58 vps-51d81928 sshd[692298]: Failed password for root from 139.59.116.115 port 36468 ssh2 Oct 9 19:22:22 vps-51d81928 sshd[692415]: Invalid user mysql from 139.59.116.115 port 41912 Oct 9 19:22:22 vps-51d81928 sshd[692415]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.116.115 Oct 9 19:22:22 vps-51d81928 sshd[692415]: Invalid user mysql from 139.59.116.115 port 41912 Oct 9 19:22:25 vps-51d81928 sshd[692415]: Failed password for invalid user mysql from 139.59.116.115 port 41912 ssh2 ...	2020-10-10 06:05:43
139.59.116.115	attackbots	2020-10-09T15:36:12.025346ks3355764 sshd[13005]: Invalid user tf2 from 139.59.116.115 port 35304 2020-10-09T15:36:14.038962ks3355764 sshd[13005]: Failed password for invalid user tf2 from 139.59.116.115 port 35304 ssh2 ...	2020-10-09 22:12:25
139.59.116.115	attackbotsspam	Port scan denied	2020-10-09 14:02:44
139.59.116.115	attackbotsspam	[N3.H3.VM3] Port Scanner Detected Blocked by UFW	2020-10-04 05:42:11
139.59.11.66	attackspambots	Scanned 67 times in the last 24 hours on port 22	2020-10-01 08:07:44
139.59.11.66	attack	Invalid user admin from 139.59.11.66 port 48246	2020-10-01 00:39:37
139.59.11.66	attackbots	TCP (SYN) 139.59.11.66:47123 -> port 22, len 48	2020-09-30 09:50:50
139.59.11.66	attackspambots	TCP (SYN) 139.59.11.66:29278 -> port 22, len 48	2020-09-30 02:42:17
139.59.11.66	attackspambots	[N1.H1.VM1] Port Scanner Detected Blocked by UFW	2020-09-29 18:45:14
139.59.116.243	attack	Fail2Ban Ban Triggered	2020-09-29 03:03:54
139.59.11.66	attackbotsspam	Time: Mon Sep 28 18:48:41 2020 +0000 IP: 139.59.11.66 (IN/India/-) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Sep 28 18:47:48 29-1 sshd[18366]: Did not receive identification string from 139.59.11.66 port 37284 Sep 28 18:48:12 29-1 sshd[18444]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.11.66 user=root Sep 28 18:48:14 29-1 sshd[18444]: Failed password for root from 139.59.11.66 port 58320 ssh2 Sep 28 18:48:36 29-1 sshd[18481]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.11.66 user=root Sep 28 18:48:37 29-1 sshd[18481]: Failed password for root from 139.59.11.66 port 51980 ssh2	2020-09-29 02:53:19
139.59.116.243	attack	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-09-28 19:13:00
139.59.11.66	attack	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-09-28 19:00:55
139.59.116.243	attackbots	TCP (SYN) 139.59.116.243:59711 -> port 22790, len 44	2020-09-10 12:23:41
139.59.116.243	attack	firewall-block, port(s): 11517/tcp	2020-09-01 20:14:50

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.59.11.31
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 27011
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;139.59.11.31.			IN	A

;; AUTHORITY SECTION:
.			410	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2023011600 1800 900 604800 86400

;; Query time: 20 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jan 16 21:45:29 CST 2023
;; MSG SIZE  rcvd: 105

Host info

31.11.59.139.in-addr.arpa domain name pointer playsmart.centos7.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
31.11.59.139.in-addr.arpa	name = playsmart.centos7.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
37.49.230.95	attack	37.49.230.95 was recorded 5 times by 5 hosts attempting to connect to the following ports: 5060. Incident counter (4h, 24h, all-time): 5, 15, 558	2020-03-29 04:16:44
49.37.143.195	attack	ET SCAN Suspicious inbound to MSSQL port 1433 - port: 1433 proto: TCP cat: Potentially Bad Traffic	2020-03-29 04:23:33
78.128.112.58	attackbotsspam	ET CINS Active Threat Intelligence Poor Reputation IP group 63 - port: 3399 proto: TCP cat: Misc Attack	2020-03-29 04:09:52
119.249.54.162	attackspambots	firewall-block, port(s): 1433/tcp	2020-03-29 04:21:26
89.248.172.101	attack	03/28/2020-15:42:51.798800 89.248.172.101 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2020-03-29 04:02:55
51.68.174.177	attack	Mar 28 23:17:53 itv-usvr-02 sshd[7161]: Invalid user igor from 51.68.174.177 port 34708 Mar 28 23:17:53 itv-usvr-02 sshd[7161]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.174.177 Mar 28 23:17:53 itv-usvr-02 sshd[7161]: Invalid user igor from 51.68.174.177 port 34708 Mar 28 23:17:55 itv-usvr-02 sshd[7161]: Failed password for invalid user igor from 51.68.174.177 port 34708 ssh2 Mar 28 23:22:27 itv-usvr-02 sshd[7311]: Invalid user rhb from 51.68.174.177 port 47000	2020-03-29 04:27:50
87.251.74.15	attackbots	ET CINS Active Threat Intelligence Poor Reputation IP group 78 - port: 2303 proto: TCP cat: Misc Attack	2020-03-29 04:22:46
93.174.93.72	attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2020-03-29 04:00:26
85.185.200.161	attackbots	ET CINS Active Threat Intelligence Poor Reputation IP group 75 - port: 1433 proto: TCP cat: Misc Attack	2020-03-29 04:05:37
5.135.161.7	attack	Mar 28 16:11:56 ns382633 sshd\[28393\]: Invalid user ctc from 5.135.161.7 port 50266 Mar 28 16:11:56 ns382633 sshd\[28393\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.135.161.7 Mar 28 16:11:58 ns382633 sshd\[28393\]: Failed password for invalid user ctc from 5.135.161.7 port 50266 ssh2 Mar 28 16:23:34 ns382633 sshd\[30527\]: Invalid user lcz from 5.135.161.7 port 44381 Mar 28 16:23:34 ns382633 sshd\[30527\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.135.161.7	2020-03-29 04:28:02
185.175.93.6	attackbots	ET DROP Dshield Block Listed Source group 1 - port: 3424 proto: TCP cat: Misc Attack	2020-03-29 03:51:15
12.36.54.66	attackbots	Unauthorized connection attempt detected from IP address 12.36.54.66 to port 23	2020-03-29 04:18:58
212.81.180.201	attackspam	Mar 28 21:23:40 ns381471 sshd[1408]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.81.180.201 Mar 28 21:23:42 ns381471 sshd[1408]: Failed password for invalid user cdn from 212.81.180.201 port 48716 ssh2	2020-03-29 04:29:10
188.166.145.179	attack	2020-03-28T14:06:00.848587linuxbox-skyline sshd[47689]: Invalid user lxe from 188.166.145.179 port 49630 ...	2020-03-29 04:20:25
87.251.74.10	attackspam	03/28/2020-15:28:40.691678 87.251.74.10 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-03-29 04:04:19

Recently Reported IPs

224.66.65.241	77.8.128.8	18.212.184.192	151.195.153.100
140.176.47.18	136.48.19.140	109.168.111.185	116.228.145.70
109.168.111.186	114.76.87.5	111.1.87.51	136.236.163.65
97.183.181.251	121.222.78.6	92.70.174.45	63.137.211.51
77.22.98.1	108.170.237.237	209.85.143.119	80.66.173.196