139.59.20.13 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: India

Internet Service Provider: Digital Ocean Inc.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Detected by Synology server trying to access the inactive 'admin' account	2019-08-09 05:29:56
attackbotsspam	WordPress wp-login brute force :: 139.59.20.13 0.056 BYPASS [03/Aug/2019:06:34:45 1000] [censored_2] "POST /wp-login.php HTTP/1.1" 200 4630 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-08-03 07:55:30

Type

Details

Datetime

attackbots

Detected by Synology server trying to access the inactive 'admin' account

2019-08-09 05:29:56

attackbotsspam

WordPress wp-login brute force :: 139.59.20.13 0.056 BYPASS [03/Aug/2019:06:34:45  1000] [censored_2] "POST /wp-login.php HTTP/1.1" 200 4630 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"

2019-08-03 07:55:30

Comments on same subnet:

IP	Type	Details	Datetime
139.59.20.176	attackbotsspam	Automatic report - Banned IP Access	2020-10-06 05:49:46
139.59.20.176	attackspam	Automatic report - Banned IP Access	2020-10-05 21:54:43
139.59.20.176	attackbots	Automatic report - Banned IP Access	2020-10-05 13:48:31
139.59.208.39	attackbotsspam	Port scan denied	2020-09-13 20:07:50
139.59.208.39	attack	TCP (SYN) 139.59.208.39:49233 -> port 80, len 40	2020-09-13 12:00:38
139.59.208.39	attackbotsspam	TCP (SYN) 139.59.208.39:49233 -> port 80, len 40	2020-09-13 03:49:55
139.59.20.249	attackbots	Jun 8 12:14:21 scivo sshd[10972]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.20.249 user=r.r Jun 8 12:14:23 scivo sshd[10972]: Failed password for r.r from 139.59.20.249 port 36510 ssh2 Jun 8 12:14:23 scivo sshd[10972]: Connection closed by 139.59.20.249 [preauth] Jun 8 12:17:11 scivo sshd[11153]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.20.249 user=r.r Jun 8 12:17:13 scivo sshd[11153]: Failed password for r.r from 139.59.20.249 port 47062 ssh2 Jun 8 12:17:13 scivo sshd[11153]: Connection closed by 139.59.20.249 [preauth] Jun 8 12:19:57 scivo sshd[11265]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.20.249 user=r.r Jun 8 12:19:59 scivo sshd[11265]: Failed password for r.r from 139.59.20.249 port 57210 ssh2 Jun 8 12:19:59 scivo sshd[11265]: Connection closed by 139.59.20.249 [preauth] Jun 8 12:22:38 scivo........ -------------------------------	2020-06-08 17:23:26
139.59.20.197	attackbotsspam	Jun 3 15:02:21 journals sshd\[63600\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.20.197 user=root Jun 3 15:02:23 journals sshd\[63600\]: Failed password for root from 139.59.20.197 port 58006 ssh2 Jun 3 15:05:01 journals sshd\[63951\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.20.197 user=root Jun 3 15:05:04 journals sshd\[63951\]: Failed password for root from 139.59.20.197 port 40132 ssh2 Jun 3 15:10:22 journals sshd\[2215\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.20.197 user=root ...	2020-06-04 00:41:16
139.59.20.246	attackspambots	Automatic report - Banned IP Access	2020-05-23 03:49:26
139.59.20.246	attackbotsspam	AbusiveCrawling	2020-05-20 04:13:29
139.59.209.97	attack	Attempt to hack Wordpress Login, XMLRPC or other login	2020-04-05 07:19:09
139.59.20.94	attackspambots	Jan 27 03:53:49 eddieflores sshd\[18195\]: Invalid user 6 from 139.59.20.94 Jan 27 03:53:49 eddieflores sshd\[18195\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.20.94 Jan 27 03:53:51 eddieflores sshd\[18195\]: Failed password for invalid user 6 from 139.59.20.94 port 34026 ssh2 Jan 27 03:57:34 eddieflores sshd\[18653\]: Invalid user afe from 139.59.20.94 Jan 27 03:57:34 eddieflores sshd\[18653\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.20.94	2020-01-27 22:06:15
139.59.20.248	attackspam	Dec 29 13:12:44 MK-Soft-Root1 sshd[27214]: Failed password for root from 139.59.20.248 port 46414 ssh2 ...	2019-12-29 21:56:08
139.59.20.248	attackspam	Dec 28 08:50:00 minden010 sshd[20500]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.20.248 Dec 28 08:50:02 minden010 sshd[20500]: Failed password for invalid user Milja from 139.59.20.248 port 60054 ssh2 Dec 28 08:53:34 minden010 sshd[21702]: Failed password for root from 139.59.20.248 port 34900 ssh2 ...	2019-12-28 21:30:49
139.59.20.248	attack	Dec 13 05:49:47 icinga sshd[26818]: Failed password for mysql from 139.59.20.248 port 50904 ssh2 Dec 13 05:56:09 icinga sshd[27470]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.20.248 ...	2019-12-13 13:14:31

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.59.20.13
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 26250
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.59.20.13.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019080202 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Aug 03 07:55:25 CST 2019
;; MSG SIZE  rcvd: 116

Host info

13.20.59.139.in-addr.arpa domain name pointer 276232.cloudwaysapps.com.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
13.20.59.139.in-addr.arpa	name = 276232.cloudwaysapps.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
188.254.0.113	attack	5x Failed Password	2019-10-19 05:39:53
119.29.243.100	attackbotsspam	Oct 18 23:13:11 v22018076622670303 sshd\[18683\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.243.100 user=root Oct 18 23:13:13 v22018076622670303 sshd\[18683\]: Failed password for root from 119.29.243.100 port 37794 ssh2 Oct 18 23:19:33 v22018076622670303 sshd\[18721\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.243.100 user=root ...	2019-10-19 05:43:18
27.22.86.72	attackbotsspam	[munged]::443 27.22.86.72 - - [18/Oct/2019:21:57:21 +0200] "POST /[munged]: HTTP/1.1" 200 8165 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::443 27.22.86.72 - - [18/Oct/2019:21:57:22 +0200] "POST /[munged]: HTTP/1.1" 200 4388 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::443 27.22.86.72 - - [18/Oct/2019:21:57:23 +0200] "POST /[munged]: HTTP/1.1" 200 4388 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::443 27.22.86.72 - - [18/Oct/2019:21:57:24 +0200] "POST /[munged]: HTTP/1.1" 200 4388 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::443 27.22.86.72 - - [18/Oct/2019:21:57:25 +0200] "POST /[munged]: HTTP/1.1" 200 4388 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::443 27.22.86.72 - - [18/Oct/2019:21:57:26 +0200] "POST	2019-10-19 05:19:47
218.249.69.210	attackspambots	2019-10-18T20:12:10.379729abusebot-6.cloudsearch.cf sshd\[2888\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.249.69.210 user=root	2019-10-19 05:23:50
134.175.62.14	attackspam	Invalid user export from 134.175.62.14 port 58924	2019-10-19 05:22:11
121.142.111.86	attack	SSH bruteforce (Triggered fail2ban)	2019-10-19 05:40:24
185.99.212.23	attack	Fail2Ban Ban Triggered	2019-10-19 05:47:49
124.239.191.101	attackbotsspam	Failed password for invalid user 1qaz2wsx1234 from 124.239.191.101 port 39764 ssh2 Invalid user 14 from 124.239.191.101 port 49854 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.239.191.101 Failed password for invalid user 14 from 124.239.191.101 port 49854 ssh2 Invalid user romanova from 124.239.191.101 port 59950	2019-10-19 05:12:07
193.32.160.153	attackspambots	Oct 18 23:33:48 relay postfix/smtpd\[5356\]: NOQUEUE: reject: RCPT from unknown\[193.32.160.153\]: 554 5.7.1 \: Relay access denied\; from=\ to=\ proto=ESMTP helo=\<\[193.32.160.146\]\> Oct 18 23:33:48 relay postfix/smtpd\[5356\]: NOQUEUE: reject: RCPT from unknown\[193.32.160.153\]: 554 5.7.1 \: Relay access denied\; from=\ to=\ proto=ESMTP helo=\<\[193.32.160.146\]\> Oct 18 23:33:48 relay postfix/smtpd\[5356\]: NOQUEUE: reject: RCPT from unknown\[193.32.160.153\]: 554 5.7.1 \: Relay access denied\; from=\ to=\ proto=ESMTP helo=\<\[193.32.160.146\]\> Oct 18 23:33:48 relay postfix/smtpd\[5356\]: NOQUEUE: reject: RCPT from unknown\[193.32.160.153\]: 554 5.7.1 \: Relay access denied\; from=\	2019-10-19 05:39:14
182.253.196.66	attackspambots	Oct 18 09:47:25 hanapaa sshd\[22014\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.253.196.66 user=root Oct 18 09:47:27 hanapaa sshd\[22014\]: Failed password for root from 182.253.196.66 port 44980 ssh2 Oct 18 09:51:46 hanapaa sshd\[22337\]: Invalid user vp from 182.253.196.66 Oct 18 09:51:46 hanapaa sshd\[22337\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.253.196.66 Oct 18 09:51:47 hanapaa sshd\[22337\]: Failed password for invalid user vp from 182.253.196.66 port 56626 ssh2	2019-10-19 05:27:14
188.165.242.200	attackbots	Oct 18 23:37:26 [host] sshd[17814]: Invalid user mantis from 188.165.242.200 Oct 18 23:37:26 [host] sshd[17814]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.165.242.200 Oct 18 23:37:28 [host] sshd[17814]: Failed password for invalid user mantis from 188.165.242.200 port 46404 ssh2	2019-10-19 05:45:06
91.121.29.29	attackspam	k+ssh-bruteforce	2019-10-19 05:37:58
202.151.30.141	attack	Oct 18 22:55:21 OPSO sshd\[9121\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.151.30.141 user=root Oct 18 22:55:23 OPSO sshd\[9121\]: Failed password for root from 202.151.30.141 port 54864 ssh2 Oct 18 22:59:37 OPSO sshd\[9540\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.151.30.141 user=root Oct 18 22:59:39 OPSO sshd\[9540\]: Failed password for root from 202.151.30.141 port 34716 ssh2 Oct 18 23:03:58 OPSO sshd\[10336\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.151.30.141 user=root	2019-10-19 05:23:10
121.183.203.60	attack	Oct 18 22:51:57 vmanager6029 sshd\[7693\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.183.203.60 user=root Oct 18 22:51:59 vmanager6029 sshd\[7693\]: Failed password for root from 121.183.203.60 port 55308 ssh2 Oct 18 22:56:17 vmanager6029 sshd\[7762\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.183.203.60 user=root	2019-10-19 05:37:41
188.254.0.112	attackbotsspam	Oct 18 23:10:20 localhost sshd\[6897\]: Invalid user contasys from 188.254.0.112 port 45382 Oct 18 23:10:20 localhost sshd\[6897\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.254.0.112 Oct 18 23:10:22 localhost sshd\[6897\]: Failed password for invalid user contasys from 188.254.0.112 port 45382 ssh2	2019-10-19 05:30:26

Recently Reported IPs

27.124.7.71	134.209.174.76	1.170.7.6	178.17.171.102
191.32.100.8	79.77.20.172	46.176.82.157	113.103.136.118
179.56.218.172	190.246.175.156	179.109.60.106	178.128.74.234
177.91.87.100	75.142.174.178	114.92.226.151	179.60.197.25
35.173.35.11	178.46.210.107	177.158.84.124	128.199.176.34