139.59.140.252

Basic Info

City: unknown

Region: unknown

Country: unknown

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
139.59.140.133	attackbots	139.59.140.133 - - [20/Aug/2020:05:26:43 +0100] "POST /wp-login.php HTTP/1.1" 200 2604 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.140.133 - - [20/Aug/2020:05:26:44 +0100] "POST /wp-login.php HTTP/1.1" 200 2580 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.140.133 - - [20/Aug/2020:05:26:45 +0100] "POST /wp-login.php HTTP/1.1" 200 2577 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-20 13:12:31
139.59.140.44	attack	Automatic report - XMLRPC Attack	2020-07-04 14:32:11
139.59.140.44	attackbotsspam	Automatic report - XMLRPC Attack	2020-04-03 08:57:07
139.59.140.44	attackbots	WordPress login Brute force / Web App Attack on client site.	2020-03-20 02:55:48
139.59.140.199	attackbots	port scan and connect, tcp 80 (http)	2020-02-18 07:20:51
139.59.140.199	attackbots	(mod_security) mod_security (id:949110) triggered by 139.59.140.199 (DE/Germany/-): 5 in the last 3600 secs (CF_ENABLE)	2020-02-10 13:59:41
139.59.140.65	attack	detected by Fail2Ban	2019-11-15 01:57:47
139.59.140.65	attackbots	Nov 8 18:00:07 vpn01 sshd[11516]: Failed password for root from 139.59.140.65 port 52657 ssh2 ...	2019-11-09 03:24:47
139.59.140.65	attackbots	Nov 2 21:17:46 vpn01 sshd[13800]: Failed password for root from 139.59.140.65 port 60800 ssh2 ...	2019-11-03 05:53:55
139.59.140.65	attack	Oct 25 14:08:46 vpn01 sshd[2039]: Failed password for root from 139.59.140.65 port 46571 ssh2 Oct 25 14:08:46 vpn01 sshd[2038]: Failed password for root from 139.59.140.65 port 46555 ssh2 ...	2019-10-25 22:16:09
139.59.140.65	attackspambots	...	2019-10-20 15:54:30
139.59.140.55	attackbotsspam	Sep 7 04:10:21 dedicated sshd[9154]: Invalid user test from 139.59.140.55 port 57918	2019-09-07 10:32:09
139.59.140.55	attackbots	Jan 23 00:58:59 vtv3 sshd\[32428\]: Invalid user openerp from 139.59.140.55 port 43880 Jan 23 00:58:59 vtv3 sshd\[32428\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.140.55 Jan 23 00:59:01 vtv3 sshd\[32428\]: Failed password for invalid user openerp from 139.59.140.55 port 43880 ssh2 Jan 23 01:02:46 vtv3 sshd\[1300\]: Invalid user angela from 139.59.140.55 port 46186 Jan 23 01:02:46 vtv3 sshd\[1300\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.140.55 Feb 13 12:16:23 vtv3 sshd\[6878\]: Invalid user test from 139.59.140.55 port 50592 Feb 13 12:16:23 vtv3 sshd\[6878\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.140.55 Feb 13 12:16:25 vtv3 sshd\[6878\]: Failed password for invalid user test from 139.59.140.55 port 50592 ssh2 Feb 13 12:21:07 vtv3 sshd\[8214\]: Invalid user ubuntu from 139.59.140.55 port 40658 Feb 13 12:21:07 vtv3 sshd\[8214\]: pam_unix	2019-08-31 12:18:38
139.59.140.55	attack	Automatic report - Banned IP Access	2019-08-28 18:06:12
139.59.140.55	attackbots	Aug 22 09:39:30 vps200512 sshd\[24057\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.140.55 user=ubuntu Aug 22 09:39:32 vps200512 sshd\[24057\]: Failed password for ubuntu from 139.59.140.55 port 59768 ssh2 Aug 22 09:43:55 vps200512 sshd\[24175\]: Invalid user customer from 139.59.140.55 Aug 22 09:43:55 vps200512 sshd\[24175\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.140.55 Aug 22 09:43:57 vps200512 sshd\[24175\]: Failed password for invalid user customer from 139.59.140.55 port 48168 ssh2	2019-08-23 01:39:16

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.59.140.252
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 6768
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;139.59.140.252.			IN	A

;; AUTHORITY SECTION:
.			477	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022030803 1800 900 604800 86400

;; Query time: 18 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Mar 09 08:34:50 CST 2022
;; MSG SIZE  rcvd: 107

Host info

Host 252.140.59.139.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 252.140.59.139.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
37.49.229.207	attack	[2020-07-21 17:49:43] NOTICE[1277][C-00001af6] chan_sip.c: Call from '' (37.49.229.207:5811) to extension '00148323395006' rejected because extension not found in context 'public'. [2020-07-21 17:49:43] SECURITY[1295] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-07-21T17:49:43.307-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="00148323395006",SessionID="0x7f1754188e58",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/37.49.229.207/5811",ACLName="no_extension_match" [2020-07-21 17:58:35] NOTICE[1277][C-00001afe] chan_sip.c: Call from '' (37.49.229.207:6046) to extension '00048323395006' rejected because extension not found in context 'public'. [2020-07-21 17:58:35] SECURITY[1295] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-07-21T17:58:35.600-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="00048323395006",SessionID="0x7f1754188e58",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/37.49.2 ...	2020-07-22 07:33:01
194.180.224.130	attackspambots	TCP (SYN) 194.180.224.130:39581 -> port 23, len 44	2020-07-22 07:20:23
203.77.201.83	attack	Jul 22 01:07:50 minden010 sshd[14353]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.77.201.83 Jul 22 01:07:52 minden010 sshd[14353]: Failed password for invalid user fidelis from 203.77.201.83 port 50894 ssh2 Jul 22 01:09:43 minden010 sshd[15075]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.77.201.83 ...	2020-07-22 07:37:03
24.138.248.202	attackspam	Honeypot attack, port: 81, PTR: PTR record not found	2020-07-22 07:33:25
154.8.193.99	attack	IP reached maximum auth failures	2020-07-22 07:16:23
60.199.131.62	attack	SSH Invalid Login	2020-07-22 07:29:59
3.7.240.68	attackspam	Jul 22 00:15:27 vmd36147 sshd[7123]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=3.7.240.68 Jul 22 00:15:29 vmd36147 sshd[7123]: Failed password for invalid user znc-admin from 3.7.240.68 port 55224 ssh2 Jul 22 00:20:42 vmd36147 sshd[18849]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=3.7.240.68 ...	2020-07-22 07:31:22
204.93.169.220	attack	Jul 22 01:02:32 vpn01 sshd[14541]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=204.93.169.220 Jul 22 01:02:34 vpn01 sshd[14541]: Failed password for invalid user baby from 204.93.169.220 port 47138 ssh2 ...	2020-07-22 07:13:13
204.93.183.55	attackbotsspam	SS1,DEF GET /home/wp-includes/wlwmanifest.xml	2020-07-22 07:32:17
89.248.168.2	attackspambots	Jul 22 01:12:41 srv01 postfix/smtpd\[29836\]: warning: unknown\[89.248.168.2\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 22 01:14:08 srv01 postfix/smtpd\[29490\]: warning: unknown\[89.248.168.2\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 22 01:20:51 srv01 postfix/smtpd\[29490\]: warning: unknown\[89.248.168.2\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 22 01:21:05 srv01 postfix/smtpd\[3934\]: warning: unknown\[89.248.168.2\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 22 01:28:08 srv01 postfix/smtpd\[3934\]: warning: unknown\[89.248.168.2\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-07-22 07:34:23
79.33.130.179	attack	Automatic report - Port Scan Attack	2020-07-22 06:59:25
220.135.130.28	attackbotsspam	Honeypot attack, port: 81, PTR: 220-135-130-28.HINET-IP.hinet.net.	2020-07-22 07:21:35
220.134.231.194	attack	Honeypot attack, port: 81, PTR: 220-134-231-194.HINET-IP.hinet.net.	2020-07-22 07:12:39
182.61.177.68	attack	Attack to wordpress xmlrpc	2020-07-22 07:15:25
94.180.58.238	attackbots	Invalid user zwg from 94.180.58.238 port 43386	2020-07-22 07:12:15

Recently Reported IPs

118.254.157.216	139.59.141.115	139.59.140.180	139.59.140.236
139.59.140.234	139.59.140.116	139.59.140.209	139.59.141.126
139.59.14.85	139.59.14.97	139.59.141.186	118.254.157.223
139.59.141.228	139.59.141.235	139.59.142.43	139.59.142.167
139.59.141.31	139.59.141.246	118.254.157.228	139.59.142.77