139.59.213.137

Basic Info

City: unknown

Region: unknown

Country: Germany

Internet Service Provider: Digital Ocean Inc.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	139.59.213.137 - - [13/Oct/2019:13:52:54 +0200] "GET /wp-login.php HTTP/1.1" 200 1129 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.213.137 - - [13/Oct/2019:13:52:55 +0200] "POST /wp-login.php HTTP/1.1" 200 1524 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.213.137 - - [13/Oct/2019:13:52:55 +0200] "GET /wp-login.php HTTP/1.1" 200 1129 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.213.137 - - [13/Oct/2019:13:52:56 +0200] "POST /wp-login.php HTTP/1.1" 200 1507 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.213.137 - - [13/Oct/2019:13:52:56 +0200] "GET /wp-login.php HTTP/1.1" 200 1129 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.213.137 - - [13/Oct/2019:13:52:56 +0200] "POST /wp-login.php HTTP/1.1" 200 1501 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-10-13 23:00:16

Type

Details

Datetime

attackbots

139.59.213.137 - - [13/Oct/2019:13:52:54 +0200] "GET /wp-login.php HTTP/1.1" 200 1129 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
139.59.213.137 - - [13/Oct/2019:13:52:55 +0200] "POST /wp-login.php HTTP/1.1" 200 1524 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
139.59.213.137 - - [13/Oct/2019:13:52:55 +0200] "GET /wp-login.php HTTP/1.1" 200 1129 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
139.59.213.137 - - [13/Oct/2019:13:52:56 +0200] "POST /wp-login.php HTTP/1.1" 200 1507 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
139.59.213.137 - - [13/Oct/2019:13:52:56 +0200] "GET /wp-login.php HTTP/1.1" 200 1129 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
139.59.213.137 - - [13/Oct/2019:13:52:56 +0200] "POST /wp-login.php HTTP/1.1" 200 1501 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
...

2019-10-13 23:00:16

Comments on same subnet:

IP	Type	Details	Datetime
139.59.213.125	attackspambots	Dec 18 18:25:44 reporting6 sshd[23557]: Did not receive identification string from 139.59.213.125 Dec 18 18:28:04 reporting6 sshd[24755]: reveeclipse mapping checking getaddrinfo for 353897.cloudwaysapps.com [139.59.213.125] failed - POSSIBLE BREAK-IN ATTEMPT! Dec 18 18:28:04 reporting6 sshd[24755]: User r.r from 139.59.213.125 not allowed because not listed in AllowUsers Dec 18 18:28:04 reporting6 sshd[24755]: Failed password for invalid user r.r from 139.59.213.125 port 37836 ssh2 Dec 18 18:28:10 reporting6 sshd[24814]: reveeclipse mapping checking getaddrinfo for 353897.cloudwaysapps.com [139.59.213.125] failed - POSSIBLE BREAK-IN ATTEMPT! Dec 18 18:28:10 reporting6 sshd[24814]: User r.r from 139.59.213.125 not allowed because not listed in AllowUsers Dec 18 18:28:10 reporting6 sshd[24814]: Failed password for invalid user r.r from 139.59.213.125 port 42598 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=139.59.213.125	2019-12-19 05:36:47
139.59.213.27	attackspam	Aug 19 02:08:58 vpn01 sshd\[13555\]: Invalid user gregory from 139.59.213.27 Aug 19 02:08:58 vpn01 sshd\[13555\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.213.27 Aug 19 02:09:00 vpn01 sshd\[13555\]: Failed password for invalid user gregory from 139.59.213.27 port 45156 ssh2	2019-08-19 10:55:46
139.59.213.27	attack	Aug 11 21:32:34 ns37 sshd[14472]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.213.27	2019-08-12 04:42:26
139.59.213.27	attack	Aug 6 10:45:22 hosting sshd[25951]: Invalid user anuchaw from 139.59.213.27 port 40276 ...	2019-08-06 17:20:34
139.59.213.237	attack	Jun 26 13:33:24 server sshd\[27476\]: Invalid user ftpadmin from 139.59.213.237 Jun 26 13:33:24 server sshd\[27476\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.213.237 Jun 26 13:33:26 server sshd\[27476\]: Failed password for invalid user ftpadmin from 139.59.213.237 port 43338 ssh2 ...	2019-07-12 07:18:38

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.59.213.137
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 39929
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.59.213.137.			IN	A

;; AUTHORITY SECTION:
.			592	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019101300 1800 900 604800 86400

;; Query time: 596 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Oct 13 23:00:10 CST 2019
;; MSG SIZE  rcvd: 118

Host info

137.213.59.139.in-addr.arpa domain name pointer vamp1.drakoulas.gr.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
137.213.59.139.in-addr.arpa	name = vamp1.drakoulas.gr.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
37.59.55.14	attackbotsspam	2020-05-23T09:33:22.174601vps773228.ovh.net sshd[9189]: Failed password for invalid user trp from 37.59.55.14 port 58115 ssh2 2020-05-23T09:36:43.624800vps773228.ovh.net sshd[9244]: Invalid user gws from 37.59.55.14 port 60342 2020-05-23T09:36:43.635047vps773228.ovh.net sshd[9244]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns3267977.ip-37-59-55.eu 2020-05-23T09:36:43.624800vps773228.ovh.net sshd[9244]: Invalid user gws from 37.59.55.14 port 60342 2020-05-23T09:36:45.681274vps773228.ovh.net sshd[9244]: Failed password for invalid user gws from 37.59.55.14 port 60342 ssh2 ...	2020-05-23 15:46:02
47.30.203.134	attackspam	Invalid user r00t from 47.30.203.134 port 45908	2020-05-23 15:42:36
81.200.30.151	attack	Invalid user fnh from 81.200.30.151 port 50628	2020-05-23 15:35:39
49.49.235.52	attackspam	Invalid user admin from 49.49.235.52 port 52025	2020-05-23 15:41:58
14.29.239.215	attackspambots	SSH invalid-user multiple login try	2020-05-23 15:50:37
220.132.245.196	attackspam	SmallBizIT.US 1 packets to tcp(23)	2020-05-23 15:56:42
35.164.216.97	attackspambots	Invalid user eoc from 35.164.216.97 port 58568	2020-05-23 15:48:16
220.143.29.175	attack	SmallBizIT.US 1 packets to tcp(23)	2020-05-23 15:55:27
40.132.4.75	attackspambots	Invalid user wsq from 40.132.4.75 port 44478	2020-05-23 15:43:59
220.137.44.237	attack	SmallBizIT.US 1 packets to tcp(23)	2020-05-23 15:55:55
195.54.161.41	attackbotsspam	TCP ports : 5311 / 5314 / 5326 / 5331 / 5348	2020-05-23 16:10:19
54.37.149.233	attackbotsspam	Invalid user kfa from 54.37.149.233 port 45022	2020-05-23 15:38:55
201.48.192.60	attackspam	"fail2ban match"	2020-05-23 16:04:28
58.35.104.107	attack	Invalid user r00t from 58.35.104.107 port 55662	2020-05-23 15:38:07
49.228.50.197	attackbots	Invalid user administrator from 49.228.50.197 port 59879	2020-05-23 15:41:04

Recently Reported IPs

37.215.172.92	36.72.151.69	139.59.253.132	188.166.68.8
176.113.56.5	142.54.168.174	223.102.24.64	185.94.97.58
213.27.187.94	80.211.9.207	225.97.232.191	18.139.76.45
215.32.2.92	255.150.66.105	61.77.34.77	35.180.12.240
231.199.127.195	162.213.253.31	103.17.102.223	59.12.148.221