139.59.4.57 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Singapore

Internet Service Provider: Digital Ocean Inc.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Aug 31 09:48:50 TORMINT sshd\[1986\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.4.57 user=root Aug 31 09:48:53 TORMINT sshd\[1986\]: Failed password for root from 139.59.4.57 port 54433 ssh2 Aug 31 09:53:35 TORMINT sshd\[2558\]: Invalid user king from 139.59.4.57 Aug 31 09:53:35 TORMINT sshd\[2558\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.4.57 ...	2019-08-31 22:18:12
attack	Aug 20 19:37:06 vpn01 sshd\[27402\]: Invalid user vic from 139.59.4.57 Aug 20 19:37:06 vpn01 sshd\[27402\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.4.57 Aug 20 19:37:08 vpn01 sshd\[27402\]: Failed password for invalid user vic from 139.59.4.57 port 33690 ssh2	2019-08-21 04:58:04
attackspam	Aug 16 07:00:39 eventyay sshd[3761]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.4.57 Aug 16 07:00:42 eventyay sshd[3761]: Failed password for invalid user nikhil from 139.59.4.57 port 55312 ssh2 Aug 16 07:05:41 eventyay sshd[5093]: Failed password for root from 139.59.4.57 port 51093 ssh2 ...	2019-08-16 13:23:07
attackbotsspam	SSH/22 MH Probe, BF, Hack -	2019-08-08 16:13:31
attack	Aug 3 13:54:59 www sshd\[59949\]: Invalid user rabbit from 139.59.4.57Aug 3 13:55:01 www sshd\[59949\]: Failed password for invalid user rabbit from 139.59.4.57 port 55265 ssh2Aug 3 14:00:11 www sshd\[59986\]: Failed password for root from 139.59.4.57 port 52477 ssh2 ...	2019-08-03 19:22:42
attack	Aug 2 22:39:57 debian sshd\[1568\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.4.57 user=root Aug 2 22:39:59 debian sshd\[1568\]: Failed password for root from 139.59.4.57 port 58352 ssh2 ...	2019-08-03 06:03:34

Comments on same subnet:

IP	Type	Details	Datetime
139.59.41.222	attack	Fraud connect	2024-05-17 13:22:44
139.59.40.233	attackspambots	139.59.40.233 - - [12/Oct/2020:13:00:34 +0000] "POST /wp-login.php HTTP/1.1" 200 2077 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 139.59.40.233 - - [12/Oct/2020:13:00:37 +0000] "POST /wp-login.php HTTP/1.1" 200 2055 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 139.59.40.233 - - [12/Oct/2020:13:00:41 +0000] "POST /wp-login.php HTTP/1.1" 200 2052 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 139.59.40.233 - - [12/Oct/2020:13:00:44 +0000] "POST /wp-login.php HTTP/1.1" 200 2052 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 139.59.40.233 - - [12/Oct/2020:13:00:45 +0000] "POST /xmlrpc.php HTTP/1.1" 200 236 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-"	2020-10-13 00:00:47
139.59.40.233	attack	139.59.40.233 - - [12/Oct/2020:04:39:08 +0100] "POST /wp-login.php HTTP/1.1" 200 2141 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.40.233 - - [12/Oct/2020:04:39:11 +0100] "POST /wp-login.php HTTP/1.1" 200 2125 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.40.233 - - [12/Oct/2020:04:39:11 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-12 15:24:37
139.59.43.196	attackspambots	139.59.43.196 is unauthorized and has been banned by fail2ban	2020-10-10 04:25:38
139.59.46.167	attackspam	Oct 9 18:04:57 cho sshd[306173]: Failed password for root from 139.59.46.167 port 47238 ssh2 Oct 9 18:09:02 cho sshd[306376]: Invalid user vagrant from 139.59.46.167 port 51624 Oct 9 18:09:02 cho sshd[306376]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.46.167 Oct 9 18:09:02 cho sshd[306376]: Invalid user vagrant from 139.59.46.167 port 51624 Oct 9 18:09:03 cho sshd[306376]: Failed password for invalid user vagrant from 139.59.46.167 port 51624 ssh2 ...	2020-10-10 02:06:29
139.59.43.196	attack	probing for vulnerabilities, found a honeypot	2020-10-09 20:23:36
139.59.46.167	attackbots	5x Failed Password	2020-10-09 17:51:12
139.59.43.196	attack	Automatic report - XMLRPC Attack	2020-10-09 12:11:21
139.59.42.174	attackbotsspam	non-SMTP command used ...	2020-10-09 02:13:07
139.59.42.174	attackspambots	non-SMTP command used ...	2020-10-08 18:11:01
139.59.40.240	attackbotsspam	Oct 6 00:07:06 rancher-0 sshd[488183]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.40.240 user=root Oct 6 00:07:08 rancher-0 sshd[488183]: Failed password for root from 139.59.40.240 port 56898 ssh2 ...	2020-10-06 06:15:31
139.59.40.240	attackbots	$f2bV_matches	2020-10-05 22:20:50
139.59.40.240	attackbots	2020-10-05T05:20:09.281796randservbullet-proofcloud-66.localdomain sshd[29534]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.40.240 user=root 2020-10-05T05:20:11.144033randservbullet-proofcloud-66.localdomain sshd[29534]: Failed password for root from 139.59.40.240 port 49718 ssh2 2020-10-05T05:24:42.393105randservbullet-proofcloud-66.localdomain sshd[29566]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.40.240 user=root 2020-10-05T05:24:44.064917randservbullet-proofcloud-66.localdomain sshd[29566]: Failed password for root from 139.59.40.240 port 46138 ssh2 ...	2020-10-05 14:14:28
139.59.46.226	attackspam	[N3.H3.VM3] Port Scanner Detected Blocked by UFW	2020-10-05 05:52:34
139.59.4.145	attackspam	139.59.4.145 - - [04/Oct/2020:17:02:07 +0100] "POST /wp-login.php HTTP/1.1" 200 2463 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.4.145 - - [04/Oct/2020:17:02:10 +0100] "POST /wp-login.php HTTP/1.1" 200 2407 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.4.145 - - [04/Oct/2020:17:02:11 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-05 03:38:34

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.59.4.57
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 11685
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.59.4.57.			IN	A

;; AUTHORITY SECTION:
.			2912	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019080202 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Aug 03 06:03:29 CST 2019
;; MSG SIZE  rcvd: 115

Host info

57.4.59.139.in-addr.arpa domain name pointer mycrackers.com.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
57.4.59.139.in-addr.arpa	name = mycrackers.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
159.203.73.181	attackbotsspam	Brute force attempt	2020-06-12 04:37:06
185.189.14.91	attackspam	Jun 11 11:15:14 propaganda sshd[7530]: Connection from 185.189.14.91 port 60118 on 10.0.0.160 port 22 rdomain "" Jun 11 11:15:14 propaganda sshd[7530]: Connection closed by 185.189.14.91 port 60118 [preauth]	2020-06-12 04:39:20
42.115.14.59	attack	88/tcp [2020-06-11]1pkt	2020-06-12 04:47:14
167.172.36.176	attackbotsspam	[11/Jun/2020:22:40:02 +0200] Web-Request: "GET /wp-content/plugins/apikey/apikey.php", User-Agent: "python-requests/2.23.0"	2020-06-12 04:49:24
87.27.214.5	attack	Automatic report - Banned IP Access	2020-06-12 04:35:05
40.78.60.112	attack	Fail2Ban Ban Triggered (2)	2020-06-12 04:14:08
202.185.199.64	attackbots	Jun 11 20:11:24 melroy-server sshd[23895]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.185.199.64 Jun 11 20:11:26 melroy-server sshd[23895]: Failed password for invalid user monitor from 202.185.199.64 port 57598 ssh2 ...	2020-06-12 04:31:21
187.174.219.142	attack	Jun 11 21:42:25 sip sshd[616000]: Failed password for invalid user xq from 187.174.219.142 port 43998 ssh2 Jun 11 21:44:27 sip sshd[616018]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.174.219.142 user=root Jun 11 21:44:29 sip sshd[616018]: Failed password for root from 187.174.219.142 port 48798 ssh2 ...	2020-06-12 04:27:10
222.186.30.35	attackbotsspam	Jun 11 16:43:51 NPSTNNYC01T sshd[7684]: Failed password for root from 222.186.30.35 port 19667 ssh2 Jun 11 16:43:59 NPSTNNYC01T sshd[7688]: Failed password for root from 222.186.30.35 port 54592 ssh2 ...	2020-06-12 04:44:52
61.177.172.128	attack	Jun 11 22:32:14 abendstille sshd\[6463\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.177.172.128 user=root Jun 11 22:32:15 abendstille sshd\[6430\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.177.172.128 user=root Jun 11 22:32:16 abendstille sshd\[6463\]: Failed password for root from 61.177.172.128 port 16541 ssh2 Jun 11 22:32:17 abendstille sshd\[6430\]: Failed password for root from 61.177.172.128 port 36585 ssh2 Jun 11 22:32:19 abendstille sshd\[6463\]: Failed password for root from 61.177.172.128 port 16541 ssh2 ...	2020-06-12 04:42:45
88.214.26.93	attackspam	Cowrie Honeypot: 10 unauthorised SSH/Telnet login attempts between 2020-06-11T14:07:12Z and 2020-06-11T15:54:03Z	2020-06-12 04:37:28
110.185.104.186	attack	Unauthorised connection attempt detected at AUO FR1 NODE2. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-06-12 04:45:22
46.38.145.6	attack	Jun 11 17:59:49 web01.agentur-b-2.de postfix/smtpd[1183341]: warning: unknown[46.38.145.6]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 11 18:01:26 web01.agentur-b-2.de postfix/smtpd[1183341]: warning: unknown[46.38.145.6]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 11 18:02:53 web01.agentur-b-2.de postfix/smtpd[1182003]: warning: unknown[46.38.145.6]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 11 18:04:27 web01.agentur-b-2.de postfix/smtpd[1182003]: warning: unknown[46.38.145.6]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 11 18:06:03 web01.agentur-b-2.de postfix/smtpd[1182003]: warning: unknown[46.38.145.6]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2020-06-12 04:49:10
115.29.5.153	attack	SSH Honeypot -> SSH Bruteforce / Login	2020-06-12 04:26:00
113.88.81.75	attackspam	1591908004 - 06/11/2020 22:40:04 Host: 113.88.81.75/113.88.81.75 Port: 445 TCP Blocked	2020-06-12 04:48:40

Recently Reported IPs

150.95.112.100	39.79.59.12	119.49.19.113	176.115.104.12
203.211.215.167	46.99.251.112	136.186.222.92	90.5.71.205
115.86.87.168	27.101.101.57	28.17.3.69	177.135.43.32
121.190.27.233	109.88.72.226	94.191.6.244	180.121.72.119
111.61.100.67	58.218.201.47	178.94.61.29	77.142.3.92