139.59.248.53 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: None

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
139.59.248.5	attack	Mar 18 02:24:27 163-172-32-151 sshd[17571]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.248.5 user=root Mar 18 02:24:28 163-172-32-151 sshd[17571]: Failed password for root from 139.59.248.5 port 36078 ssh2 ...	2020-03-18 09:47:08
139.59.248.5	attackbots	Port 22 Scan, PTR: None	2020-02-14 09:28:50
139.59.248.5	attack	$f2bV_matches	2020-02-02 13:36:06
139.59.248.5	attackspam	ssh failed login	2020-01-12 00:01:51
139.59.248.5	attack	Jan 7 17:49:13 SilenceServices sshd[6362]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.248.5 Jan 7 17:49:15 SilenceServices sshd[6362]: Failed password for invalid user walter from 139.59.248.5 port 47772 ssh2 Jan 7 17:51:58 SilenceServices sshd[8267]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.248.5	2020-01-08 01:53:03
139.59.248.5	attackspambots	leo_www	2020-01-04 19:08:21
139.59.248.5	attackbots	Jan 3 14:08:59 plex sshd[4748]: Invalid user 1234 from 139.59.248.5 port 58938	2020-01-03 21:10:07
139.59.248.5	attackspambots	SSH/22 MH Probe, BF, Hack -	2019-12-24 18:29:27
139.59.248.5	attackspambots	Dec 22 14:43:38 MK-Soft-Root2 sshd[19589]: Failed password for root from 139.59.248.5 port 43544 ssh2 Dec 22 14:49:39 MK-Soft-Root2 sshd[20686]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.248.5 ...	2019-12-22 22:17:45
139.59.248.5	attack	2019-12-21T17:35:30.697394centos sshd\[30834\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.248.5 user=mysql 2019-12-21T17:35:32.529253centos sshd\[30834\]: Failed password for mysql from 139.59.248.5 port 56420 ssh2 2019-12-21T17:44:22.987359centos sshd\[31287\]: Invalid user harborg from 139.59.248.5 port 60532 2019-12-21T17:44:22.993495centos sshd\[31287\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.248.5	2019-12-22 03:24:27
139.59.248.5	attackbots	Dec 16 07:59:55 eddieflores sshd\[317\]: Invalid user monssen from 139.59.248.5 Dec 16 07:59:55 eddieflores sshd\[317\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.248.5 Dec 16 07:59:57 eddieflores sshd\[317\]: Failed password for invalid user monssen from 139.59.248.5 port 51154 ssh2 Dec 16 08:06:16 eddieflores sshd\[995\]: Invalid user brorson from 139.59.248.5 Dec 16 08:06:16 eddieflores sshd\[995\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.248.5	2019-12-17 02:22:55
139.59.248.5	attackbots	Dec 15 09:41:31 php1 sshd\[15787\]: Invalid user 123 from 139.59.248.5 Dec 15 09:41:31 php1 sshd\[15787\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.248.5 Dec 15 09:41:33 php1 sshd\[15787\]: Failed password for invalid user 123 from 139.59.248.5 port 43002 ssh2 Dec 15 09:47:41 php1 sshd\[16578\]: Invalid user melon from 139.59.248.5 Dec 15 09:47:41 php1 sshd\[16578\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.248.5	2019-12-16 03:48:54
139.59.248.5	attack	Dec 9 22:39:06 webhost01 sshd[7193]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.248.5 Dec 9 22:39:07 webhost01 sshd[7193]: Failed password for invalid user Password99 from 139.59.248.5 port 44568 ssh2 ...	2019-12-10 01:36:15
139.59.248.5	attackbotsspam	Dec 5 11:34:51 kapalua sshd\[18584\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.248.5 user=root Dec 5 11:34:53 kapalua sshd\[18584\]: Failed password for root from 139.59.248.5 port 59210 ssh2 Dec 5 11:41:03 kapalua sshd\[19348\]: Invalid user victoria from 139.59.248.5 Dec 5 11:41:03 kapalua sshd\[19348\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.248.5 Dec 5 11:41:05 kapalua sshd\[19348\]: Failed password for invalid user victoria from 139.59.248.5 port 42244 ssh2	2019-12-06 05:44:40
139.59.248.5	attackbots	Dec 1 01:27:37 plusreed sshd[8672]: Invalid user olia from 139.59.248.5 ...	2019-12-01 17:18:54

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.59.248.53
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 34055
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;139.59.248.53.			IN	A

;; AUTHORITY SECTION:
.			547	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022701 1800 900 604800 86400

;; Query time: 120 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 28 04:07:53 CST 2022
;; MSG SIZE  rcvd: 106

Host info

53.248.59.139.in-addr.arpa domain name pointer pgbb.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
53.248.59.139.in-addr.arpa	name = pgbb.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
51.77.140.36	attackbots	Apr 12 10:33:39 web8 sshd\[4735\]: Invalid user nagios from 51.77.140.36 Apr 12 10:33:39 web8 sshd\[4735\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.140.36 Apr 12 10:33:40 web8 sshd\[4735\]: Failed password for invalid user nagios from 51.77.140.36 port 54972 ssh2 Apr 12 10:37:25 web8 sshd\[6650\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.140.36 user=root Apr 12 10:37:28 web8 sshd\[6650\]: Failed password for root from 51.77.140.36 port 34264 ssh2	2020-04-12 18:38:01
106.12.3.28	attackbots	Apr 12 08:31:28 sshd[4393]: Failed password for invalid user oracle from 106.12.3.28 port 50254 ssh2	2020-04-12 18:26:10
134.209.148.107	attackspam	Apr 12 08:58:51 vlre-nyc-1 sshd\[3924\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.148.107 user=root Apr 12 08:58:52 vlre-nyc-1 sshd\[3924\]: Failed password for root from 134.209.148.107 port 45412 ssh2 Apr 12 09:02:58 vlre-nyc-1 sshd\[4039\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.148.107 user=root Apr 12 09:03:01 vlre-nyc-1 sshd\[4039\]: Failed password for root from 134.209.148.107 port 53790 ssh2 Apr 12 09:07:00 vlre-nyc-1 sshd\[4149\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.148.107 user=root ...	2020-04-12 18:37:05
5.135.16.95	attack	$f2bV_matches	2020-04-12 17:58:14
207.237.133.27	attack	Apr 12 06:32:23 h2829583 sshd[10981]: Failed password for root from 207.237.133.27 port 2168 ssh2	2020-04-12 18:28:42
173.252.87.45	attackbots	[Sun Apr 12 10:50:14.537271 2020] [:error] [pid 3610:tid 140294988015360] [client 173.252.87.45:34642] [client 173.252.87.45] ModSecurity: Access denied with code 403 (phase 2). Match of "eq 0" against "&REQUEST_HEADERS:Transfer-Encoding" required. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "202"] [id "920171"] [msg "GET or HEAD Request with Transfer-Encoding."] [data "1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [tag "CAPEC-272"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/TableFilter/system-v98.css"] [unique_id "XpKP9seJ7QLCrtS-d9zLuQAAAAE"] ...	2020-04-12 18:08:22
185.132.53.152	attack	"SERVER-WEBAPP MVPower DVR Shell arbitrary command execution attempt"	2020-04-12 18:16:39
190.202.32.2	attackspambots	SSH Brute-Force reported by Fail2Ban	2020-04-12 18:03:16
116.196.107.128	attack	Found by fail2ban	2020-04-12 18:32:48
45.143.220.52	attackbotsspam	[2020-04-12 06:06:48] NOTICE[12114] chan_sip.c: Registration from '' failed for '45.143.220.52:40988' - Wrong password [2020-04-12 06:06:48] SECURITY[12128] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-04-12T06:06:48.472-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="9706",SessionID="0x7f020c088288",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/45.143.220.52/40988",Challenge="14d1fa81",ReceivedChallenge="14d1fa81",ReceivedHash="67fea1ad7d28fa25a9a982024bc471ff" [2020-04-12 06:06:56] NOTICE[12114] chan_sip.c: Registration from '' failed for '45.143.220.52:51776' - Wrong password [2020-04-12 06:06:56] SECURITY[12128] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-04-12T06:06:56.879-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="101101",SessionID="0x7f020c167898",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/45.14 ...	2020-04-12 18:09:32
173.252.87.39	attack	[Sun Apr 12 10:50:12.075241 2020] [:error] [pid 3625:tid 140295004800768] [client 173.252.87.39:49662] [client 173.252.87.39] ModSecurity: Access denied with code 403 (phase 2). Match of "eq 0" against "&REQUEST_HEADERS:Transfer-Encoding" required. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "202"] [id "920171"] [msg "GET or HEAD Request with Transfer-Encoding."] [data "1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [tag "CAPEC-272"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/index.php/prakiraan-iklim/prakiraan-dasarian/prakiraan-dasarian-daerah-potensi-banjir/555557973-prakiraan-dasarian-daerah-potensi-banjir-di-provinsi-jawa-timur-untuk-bulan-april-dasarian-iii-tanggal-21-30-tahun-2020-update-10-april-2020"] [unique_id "XpKP9KLL@8cf6BWsPUlIZgAAAAE"] ...	2020-04-12 18:11:43
70.17.10.231	attackspam	SSH invalid-user multiple login try	2020-04-12 18:17:30
103.145.12.46	attackbots	[2020-04-12 00:10:17] NOTICE[12114][C-00004b66] chan_sip.c: Call from '' (103.145.12.46:57812) to extension '388001148914258002' rejected because extension not found in context 'public'. [2020-04-12 00:10:17] SECURITY[12128] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-04-12T00:10:17.033-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="388001148914258002",SessionID="0x7f020c088288",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/103.145.12.46/57812",ACLName="no_extension_match" [2020-04-12 00:10:34] NOTICE[12114][C-00004b69] chan_sip.c: Call from '' (103.145.12.46:60655) to extension '2199801148566101003' rejected because extension not found in context 'public'. [2020-04-12 00:10:34] SECURITY[12128] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-04-12T00:10:34.384-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="2199801148566101003",SessionID="0x7f020c0f0ff8",LocalAddress="IPV4/UDP/192.168.244.6/5060",Remote ...	2020-04-12 18:33:44
69.28.235.203	attackbotsspam	Apr 12 11:08:44 sshd[27837]: Failed password for invalid user admin from 69.28.235.203 port 59515 ssh2	2020-04-12 18:28:13
101.108.189.241	attack	Honeypot attack, port: 445, PTR: node-11ip.pool-101-108.dynamic.totinternet.net.	2020-04-12 18:35:50

Recently Reported IPs

139.59.27.57	139.59.28.137	139.59.28.51	139.59.29.147
139.59.3.161	139.59.30.117	139.59.31.164	139.59.31.78
139.59.31.228	139.59.30.123	139.59.32.148	139.59.32.251
139.59.33.237	139.59.35.180	139.59.36.50	139.59.35.198
139.60.100.56	139.95.4.50	139.99.102.159	139.99.103.57