139.59.5.20 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Singapore

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
139.59.5.179	attack	139.59.5.179 - - [06/Oct/2020:19:11:30 +0100] "POST /wp-login.php HTTP/1.1" 200 2426 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.5.179 - - [06/Oct/2020:19:11:31 +0100] "POST /wp-login.php HTTP/1.1" 200 2407 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.5.179 - - [06/Oct/2020:19:11:33 +0100] "POST /wp-login.php HTTP/1.1" 200 2441 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-07 04:09:06
139.59.59.75	attackbots	139.59.59.75 - - [06/Oct/2020:20:12:56 +0100] "POST /wp-login.php HTTP/1.1" 200 2141 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.59.75 - - [06/Oct/2020:20:12:58 +0100] "POST /wp-login.php HTTP/1.1" 200 2173 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.59.75 - - [06/Oct/2020:20:12:58 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-07 03:56:44
139.59.5.179	attack	CMS (WordPress or Joomla) login attempt.	2020-10-06 20:11:48
139.59.59.75	attackbots	139.59.59.75 is unauthorized and has been banned by fail2ban	2020-10-06 19:57:50
139.59.58.115	attackspam	TCP (SYN) 139.59.58.115:41161 -> port 16666, len 44	2020-10-04 05:48:16
139.59.58.115	attackspam	Port Scan ...	2020-10-03 13:31:50
139.59.59.102	attackspam	Port scan: Attack repeated for 24 hours	2020-10-02 06:56:36
139.59.59.102	attackspambots	Oct 1 17:23:04 localhost sshd\[6134\]: Invalid user mailer from 139.59.59.102 Oct 1 17:23:04 localhost sshd\[6134\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.59.102 Oct 1 17:23:06 localhost sshd\[6134\]: Failed password for invalid user mailer from 139.59.59.102 port 58682 ssh2 Oct 1 17:26:56 localhost sshd\[6532\]: Invalid user Qwer123456 from 139.59.59.102 Oct 1 17:26:56 localhost sshd\[6532\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.59.102 ...	2020-10-01 23:28:05
139.59.57.2	attack	2020-09-30T18:58:27.0319611495-001 sshd[24174]: Invalid user postgres from 139.59.57.2 port 38182 2020-09-30T18:58:28.9923601495-001 sshd[24174]: Failed password for invalid user postgres from 139.59.57.2 port 38182 ssh2 2020-09-30T19:01:48.3197441495-001 sshd[24371]: Invalid user jerry from 139.59.57.2 port 33216 2020-09-30T19:01:48.3238011495-001 sshd[24371]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.57.2 2020-09-30T19:01:48.3197441495-001 sshd[24371]: Invalid user jerry from 139.59.57.2 port 33216 2020-09-30T19:01:50.2062181495-001 sshd[24371]: Failed password for invalid user jerry from 139.59.57.2 port 33216 ssh2 ...	2020-10-01 07:35:24
139.59.59.102	attackspambots	[N3.H3.VM3] Port Scanner Detected Blocked by UFW	2020-09-29 03:29:55
139.59.57.64	attackspambots	139.59.57.64 - - [16/Sep/2020:04:48:19 +0100] "POST /wp-login.php HTTP/1.1" 200 1967 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.57.64 - - [16/Sep/2020:04:48:21 +0100] "POST /wp-login.php HTTP/1.1" 200 1948 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.57.64 - - [16/Sep/2020:04:48:21 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-16 20:27:08
139.59.57.64	attackspam	139.59.57.64 - - [16/Sep/2020:04:48:19 +0100] "POST /wp-login.php HTTP/1.1" 200 1967 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.57.64 - - [16/Sep/2020:04:48:21 +0100] "POST /wp-login.php HTTP/1.1" 200 1948 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.57.64 - - [16/Sep/2020:04:48:21 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-16 12:59:04
139.59.59.102	attack	$f2bV_matches	2020-09-16 12:38:29
139.59.57.64	attackspambots	139.59.57.64 - - [15/Sep/2020:18:01:15 +0100] "POST /wp-login.php HTTP/1.1" 200 1996 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.57.64 - - [15/Sep/2020:18:01:21 +0100] "POST /wp-login.php HTTP/1.1" 200 1929 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.57.64 - - [15/Sep/2020:18:01:22 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-16 04:44:36
139.59.59.102	attackbotsspam	Brute-force attempt banned	2020-09-16 04:25:14

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.59.5.20
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 50511
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;139.59.5.20.			IN	A

;; AUTHORITY SECTION:
.			227	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022701 1800 900 604800 86400

;; Query time: 69 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 28 05:36:19 CST 2022
;; MSG SIZE  rcvd: 104

Host info

Host 20.5.59.139.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 20.5.59.139.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
1.179.182.85	attackspambots	Dec 21 12:08:41 hpm sshd\[6631\]: Invalid user cav from 1.179.182.85 Dec 21 12:08:41 hpm sshd\[6631\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.179.182.85 Dec 21 12:08:43 hpm sshd\[6631\]: Failed password for invalid user cav from 1.179.182.85 port 40836 ssh2 Dec 21 12:14:42 hpm sshd\[7283\]: Invalid user webmaster from 1.179.182.85 Dec 21 12:14:42 hpm sshd\[7283\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.179.182.85	2019-12-22 06:15:06
162.243.158.198	attack	Dec 21 22:45:23 srv01 sshd[19757]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.158.198 user=root Dec 21 22:45:24 srv01 sshd[19757]: Failed password for root from 162.243.158.198 port 47472 ssh2 Dec 21 22:51:38 srv01 sshd[20164]: Invalid user jvb from 162.243.158.198 port 51982 Dec 21 22:51:38 srv01 sshd[20164]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.158.198 Dec 21 22:51:38 srv01 sshd[20164]: Invalid user jvb from 162.243.158.198 port 51982 Dec 21 22:51:39 srv01 sshd[20164]: Failed password for invalid user jvb from 162.243.158.198 port 51982 ssh2 ...	2019-12-22 05:56:12
175.157.45.122	attackspam	Invalid user jemacio from 175.157.45.122 port 65143	2019-12-22 05:40:19
178.63.87.197	attackbotsspam	20 attempts against mh-misbehave-ban on milky.magehost.pro	2019-12-22 06:02:20
89.42.209.7	attackbotsspam	Dec 21 22:13:23 host sshd[8708]: Invalid user admin from 89.42.209.7 port 58672 ...	2019-12-22 05:42:48
73.90.129.233	attackbotsspam	Invalid user mathieson from 73.90.129.233 port 57220	2019-12-22 05:59:15
159.203.201.29	attackspam	Unauthorized connection attempt detected from IP address 159.203.201.29 to port 8443	2019-12-22 06:01:58
181.123.9.3	attackspam	Dec 21 09:22:34 sachi sshd\[2469\]: Invalid user info from 181.123.9.3 Dec 21 09:22:34 sachi sshd\[2469\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.123.9.3 Dec 21 09:22:36 sachi sshd\[2469\]: Failed password for invalid user info from 181.123.9.3 port 47598 ssh2 Dec 21 09:29:47 sachi sshd\[3108\]: Invalid user ankur from 181.123.9.3 Dec 21 09:29:47 sachi sshd\[3108\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.123.9.3	2019-12-22 06:00:41
194.67.195.186	attackspam	Dec 21 12:07:40 hpm sshd\[6555\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=m2.beautifulmind.top user=backup Dec 21 12:07:42 hpm sshd\[6555\]: Failed password for backup from 194.67.195.186 port 37578 ssh2 Dec 21 12:14:48 hpm sshd\[7301\]: Invalid user wwwadmin from 194.67.195.186 Dec 21 12:14:48 hpm sshd\[7301\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=m2.beautifulmind.top Dec 21 12:14:51 hpm sshd\[7301\]: Failed password for invalid user wwwadmin from 194.67.195.186 port 42962 ssh2	2019-12-22 06:18:20
157.55.39.34	attack	[Sat Dec 21 21:48:02.249177 2019] [ssl:info] [pid 31871:tid 139796756297472] [client 157.55.39.34:1858] AH02033: No hostname was provided via SNI for a name based virtual host ...	2019-12-22 05:56:43
49.88.112.55	attackspambots	Dec 21 22:46:21 srv206 sshd[14028]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.55 user=root Dec 21 22:46:23 srv206 sshd[14028]: Failed password for root from 49.88.112.55 port 43129 ssh2 Dec 21 22:46:27 srv206 sshd[14028]: Failed password for root from 49.88.112.55 port 43129 ssh2 Dec 21 22:46:21 srv206 sshd[14028]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.55 user=root Dec 21 22:46:23 srv206 sshd[14028]: Failed password for root from 49.88.112.55 port 43129 ssh2 Dec 21 22:46:27 srv206 sshd[14028]: Failed password for root from 49.88.112.55 port 43129 ssh2 ...	2019-12-22 06:12:51
89.229.128.21	attackbots	Dec 21 22:43:17 localhost sshd[28845]: Invalid user monitor from 89.229.128.21 port 56648 ...	2019-12-22 06:08:10
103.31.109.247	attack	postfix (unknown user, SPF fail or relay access denied)	2019-12-22 05:41:58
167.114.251.107	attackspam	Dec 21 18:57:02 yesfletchmain sshd\[4958\]: Invalid user tar from 167.114.251.107 port 49428 Dec 21 18:57:02 yesfletchmain sshd\[4958\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.114.251.107 Dec 21 18:57:04 yesfletchmain sshd\[4958\]: Failed password for invalid user tar from 167.114.251.107 port 49428 ssh2 Dec 21 19:02:13 yesfletchmain sshd\[5095\]: Invalid user deckard from 167.114.251.107 port 52942 Dec 21 19:02:13 yesfletchmain sshd\[5095\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.114.251.107 ...	2019-12-22 05:49:33
200.71.72.14	attackspambots	Lines containing failures of 200.71.72.14 Dec 18 11:49:08 shared07 postfix/smtpd[27263]: connect from 200-71-72-14.rev.brasillike.com.br[200.71.72.14] Dec 18 11:49:09 shared07 policyd-spf[28476]: prepend Received-SPF: Permerror (mailfrom) identhostnamey=mailfrom; client-ip=200.71.72.14; helo=200-71-72-201.rev.brasillike.com.br; envelope-from=x@x Dec x@x Dec x@x Dec x@x Dec x@x Dec x@x Dec x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=200.71.72.14	2019-12-22 05:52:37

Recently Reported IPs

139.59.40.11	139.59.5.50	139.59.57.22	139.59.58.129
139.59.6.198	139.59.64.98	139.59.64.22	139.59.65.192
139.59.63.213	139.59.60.152	139.59.67.103	139.59.71.86
139.59.77.133	139.59.82.183	139.59.81.229	139.59.82.225
139.59.85.15	139.59.84.9	139.59.83.143	139.59.86.95