139.59.43.125 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Singapore

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
139.59.43.196	attackspambots	139.59.43.196 is unauthorized and has been banned by fail2ban	2020-10-10 04:25:38
139.59.43.196	attack	probing for vulnerabilities, found a honeypot	2020-10-09 20:23:36
139.59.43.196	attack	Automatic report - XMLRPC Attack	2020-10-09 12:11:21
139.59.43.196	attackspambots	139.59.43.196 - - [10/Sep/2020:15:15:08 +0200] "POST /xmlrpc.php HTTP/1.1" 403 15712 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.43.196 - - [10/Sep/2020:15:40:12 +0200] "POST /xmlrpc.php HTTP/1.1" 403 11292 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-10 22:35:36
139.59.43.196	attackspam	139.59.43.196 - - [10/Sep/2020:08:07:42 +0200] "GET /wp-login.php HTTP/1.1" 200 9061 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.43.196 - - [10/Sep/2020:08:07:45 +0200] "POST /wp-login.php HTTP/1.1" 200 9312 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.43.196 - - [10/Sep/2020:08:07:47 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-09-10 14:13:26
139.59.43.196	attackbots	139.59.43.196 - - [09/Sep/2020:18:55:51 +0200] "GET /wp-login.php HTTP/1.1" 200 8712 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.43.196 - - [09/Sep/2020:18:55:54 +0200] "POST /wp-login.php HTTP/1.1" 200 8942 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.43.196 - - [09/Sep/2020:18:55:56 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-09-10 04:54:57
139.59.43.196	attackspam	139.59.43.196 - - [25/Aug/2020:14:38:03 +0200] "GET /wp-login.php HTTP/1.1" 200 8537 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.43.196 - - [25/Aug/2020:14:38:05 +0200] "POST /wp-login.php HTTP/1.1" 200 8788 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.43.196 - - [25/Aug/2020:14:38:06 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-08-25 21:31:22
139.59.43.75	attackbotsspam	139.59.43.75 - - [23/Aug/2020:07:44:52 +0100] "POST /wp-login.php HTTP/1.1" 200 2448 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.43.75 - - [23/Aug/2020:07:44:54 +0100] "POST /wp-login.php HTTP/1.1" 200 2428 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.43.75 - - [23/Aug/2020:07:44:56 +0100] "POST /wp-login.php HTTP/1.1" 200 2470 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-23 14:56:33
139.59.43.75	attackbotsspam	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-08-20 13:15:55
139.59.43.29	attackspam	Attempted connection to port 445.	2020-08-16 06:22:13
139.59.43.75	attackbotsspam	139.59.43.75 - - [12/Aug/2020:22:04:10 +0100] "POST /wp-login.php HTTP/1.1" 200 1927 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.43.75 - - [12/Aug/2020:22:04:12 +0100] "POST /wp-login.php HTTP/1.1" 200 1868 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.43.75 - - [12/Aug/2020:22:04:13 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-13 05:11:41
139.59.43.71	attack	139.59.43.71 - - [12/Aug/2020:07:46:30 +0200] "POST /xmlrpc.php HTTP/1.1" 403 15216 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.43.71 - - [12/Aug/2020:07:46:38 +0200] "POST /xmlrpc.php HTTP/1.1" 403 15192 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-12 15:08:28
139.59.43.75	attackbotsspam	139.59.43.75 - - [11/Aug/2020:15:08:46 +0200] "GET /wp-login.php HTTP/1.1" 200 6060 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.43.75 - - [11/Aug/2020:15:08:47 +0200] "POST /wp-login.php HTTP/1.1" 200 6311 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.43.75 - - [11/Aug/2020:15:08:49 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-08-12 03:57:25
139.59.43.71	attackbots	Unauthorised WordPress login attempt	2020-08-10 00:48:27
139.59.43.71	attackspambots	Automatic report - XMLRPC Attack	2020-07-31 14:40:10

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.59.43.125
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24589
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;139.59.43.125.			IN	A

;; AUTHORITY SECTION:
.			497	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021702 1800 900 604800 86400

;; Query time: 20 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 18 12:05:44 CST 2022
;; MSG SIZE  rcvd: 106

Host info

Host 125.43.59.139.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 125.43.59.139.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
103.109.52.39	attackbots	Aug 24 01:39:20 php2 sshd\[18128\]: Invalid user black from 103.109.52.39 Aug 24 01:39:20 php2 sshd\[18128\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.109.52.39 Aug 24 01:39:22 php2 sshd\[18128\]: Failed password for invalid user black from 103.109.52.39 port 44994 ssh2 Aug 24 01:44:18 php2 sshd\[18896\]: Invalid user od from 103.109.52.39 Aug 24 01:44:18 php2 sshd\[18896\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.109.52.39	2019-08-25 04:45:09
121.67.246.141	attackspambots	Aug 24 04:49:47 web9 sshd\[28993\]: Invalid user office from 121.67.246.141 Aug 24 04:49:47 web9 sshd\[28993\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.67.246.141 Aug 24 04:49:50 web9 sshd\[28993\]: Failed password for invalid user office from 121.67.246.141 port 56676 ssh2 Aug 24 04:54:53 web9 sshd\[30060\]: Invalid user mj from 121.67.246.141 Aug 24 04:54:53 web9 sshd\[30060\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.67.246.141	2019-08-25 04:44:16
139.170.149.161	attackspambots	Aug 24 15:47:24 localhost sshd\[19725\]: Invalid user Jewel from 139.170.149.161 port 44796 Aug 24 15:47:24 localhost sshd\[19725\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.170.149.161 Aug 24 15:47:26 localhost sshd\[19725\]: Failed password for invalid user Jewel from 139.170.149.161 port 44796 ssh2	2019-08-25 04:50:07
153.35.123.27	attack	Aug 24 21:14:37 srv206 sshd[6777]: Invalid user support from 153.35.123.27 ...	2019-08-25 04:49:28
49.232.6.214	attack	Port Scan detected from 49.232.6.214 (CN/China/-). 4 hits in the last 45 seconds	2019-08-25 04:23:51
197.234.132.115	attackspambots	Aug 24 10:33:08 eddieflores sshd\[6515\]: Invalid user samba from 197.234.132.115 Aug 24 10:33:08 eddieflores sshd\[6515\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.234.132.115 Aug 24 10:33:09 eddieflores sshd\[6515\]: Failed password for invalid user samba from 197.234.132.115 port 60556 ssh2 Aug 24 10:40:05 eddieflores sshd\[7223\]: Invalid user pico from 197.234.132.115 Aug 24 10:40:05 eddieflores sshd\[7223\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.234.132.115	2019-08-25 04:51:46
112.217.225.61	attackspam	Aug 24 15:51:04 [munged] sshd[12968]: Invalid user test from 112.217.225.61 port 49668 Aug 24 15:51:04 [munged] sshd[12968]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.217.225.61	2019-08-25 04:39:36
115.84.121.80	attackbots	Aug 24 23:34:09 server sshd\[20983\]: Invalid user rf from 115.84.121.80 port 36450 Aug 24 23:34:09 server sshd\[20983\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.84.121.80 Aug 24 23:34:11 server sshd\[20983\]: Failed password for invalid user rf from 115.84.121.80 port 36450 ssh2 Aug 24 23:38:29 server sshd\[24585\]: Invalid user devops from 115.84.121.80 port 46176 Aug 24 23:38:29 server sshd\[24585\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.84.121.80	2019-08-25 04:51:22
116.49.86.12	attackbots	firewall-block, port(s): 60001/tcp	2019-08-25 04:41:09
216.244.66.237	attackspambots	20 attempts against mh-misbehave-ban on sand.magehost.pro	2019-08-25 04:10:42
103.218.241.91	attackspambots	Aug 24 16:14:37 web8 sshd\[12307\]: Invalid user johnny from 103.218.241.91 Aug 24 16:14:37 web8 sshd\[12307\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.218.241.91 Aug 24 16:14:39 web8 sshd\[12307\]: Failed password for invalid user johnny from 103.218.241.91 port 48166 ssh2 Aug 24 16:19:27 web8 sshd\[14507\]: Invalid user artin from 103.218.241.91 Aug 24 16:19:27 web8 sshd\[14507\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.218.241.91	2019-08-25 04:17:51
181.49.219.114	attackbotsspam	SSH Brute-Force reported by Fail2Ban	2019-08-25 04:38:04
85.24.185.163	attackbotsspam	Invalid user test from 85.24.185.163 port 48511	2019-08-25 04:12:57
51.38.36.213	attackbotsspam	firewall-block, port(s): 8000/tcp	2019-08-25 04:47:01
60.191.206.110	attackspam	Aug 24 15:06:23 xeon cyrus/imap[45584]: badlogin: [60.191.206.110] plain [SASL(-13): authentication failure: Password verification failed]	2019-08-25 04:34:16

Recently Reported IPs

139.59.42.56	139.59.43.122	139.59.42.86	139.59.43.165
139.59.43.156	139.59.43.195	139.59.43.25	139.59.43.222
139.59.43.255	139.59.43.93	139.59.45.145	139.59.46.121
139.59.46.246	139.59.47.142	139.59.48.181	139.59.46.53
139.59.49.164	139.59.48.74	139.59.49.211	139.59.5.201