139.59.72.160 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Singapore

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
139.59.72.161	attackbots	Unauthorized connection attempt detected from IP address 139.59.72.161 to port 2220 [J]	2020-02-03 20:09:15
139.59.72.161	attack	Jan 12 21:08:06 mx01 sshd[22255]: reveeclipse mapping checking getaddrinfo for cloud.imedihub.com [139.59.72.161] failed - POSSIBLE BREAK-IN ATTEMPT! Jan 12 21:08:06 mx01 sshd[22255]: Invalid user uftp from 139.59.72.161 Jan 12 21:08:06 mx01 sshd[22255]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.72.161 Jan 12 21:08:09 mx01 sshd[22255]: Failed password for invalid user uftp from 139.59.72.161 port 44900 ssh2 Jan 12 21:08:09 mx01 sshd[22255]: Received disconnect from 139.59.72.161: 11: Bye Bye [preauth] Jan 12 21:15:25 mx01 sshd[23493]: reveeclipse mapping checking getaddrinfo for cloud.imedihub.com [139.59.72.161] failed - POSSIBLE BREAK-IN ATTEMPT! Jan 12 21:15:25 mx01 sshd[23493]: Invalid user deploy from 139.59.72.161 Jan 12 21:15:25 mx01 sshd[23493]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.72.161 Jan 12 21:15:27 mx01 sshd[23493]: Failed password for invalid u........ -------------------------------	2020-01-13 08:14:38
139.59.72.135	attack	POST /index.php?option=com_jce&task=plugin&plugin=imgmanager&file=imgmanager&method=form GET /XxX.php?XxX POST /index.php?option=com_fabrik&format=raw&task=plugin.pluginAjax&plugin=fileupload&method=ajax_upload GET /raiz0.html GET /miNuS.php POST /modules/mod_simplefileuploadv1.3/elements/udd.php	2019-10-29 19:38:25

Type

Details

Datetime

139.59.72.161

attackbots

Unauthorized connection attempt detected from IP address 139.59.72.161 to port 2220 [J]

2020-02-03 20:09:15

139.59.72.161

attack

Jan 12 21:08:06 mx01 sshd[22255]: reveeclipse mapping checking getaddrinfo for cloud.imedihub.com [139.59.72.161] failed - POSSIBLE BREAK-IN ATTEMPT!
Jan 12 21:08:06 mx01 sshd[22255]: Invalid user uftp from 139.59.72.161
Jan 12 21:08:06 mx01 sshd[22255]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.72.161 
Jan 12 21:08:09 mx01 sshd[22255]: Failed password for invalid user uftp from 139.59.72.161 port 44900 ssh2
Jan 12 21:08:09 mx01 sshd[22255]: Received disconnect from 139.59.72.161: 11: Bye Bye [preauth]
Jan 12 21:15:25 mx01 sshd[23493]: reveeclipse mapping checking getaddrinfo for cloud.imedihub.com [139.59.72.161] failed - POSSIBLE BREAK-IN ATTEMPT!
Jan 12 21:15:25 mx01 sshd[23493]: Invalid user deploy from 139.59.72.161
Jan 12 21:15:25 mx01 sshd[23493]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.72.161 
Jan 12 21:15:27 mx01 sshd[23493]: Failed password for invalid u........
-------------------------------

2020-01-13 08:14:38

139.59.72.135

attack

POST /index.php?option=com_jce&task=plugin&plugin=imgmanager&file=imgmanager&method=form
GET /XxX.php?XxX
POST /index.php?option=com_fabrik&format=raw&task=plugin.pluginAjax&plugin=fileupload&method=ajax_upload
GET /raiz0.html
GET /miNuS.php
POST /modules/mod_simplefileuploadv1.3/elements/udd.php

2019-10-29 19:38:25

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.59.72.160
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44353
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;139.59.72.160.			IN	A

;; AUTHORITY SECTION:
.			528	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021702 1800 900 604800 86400

;; Query time: 18 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 18 12:06:14 CST 2022
;; MSG SIZE  rcvd: 106

Host info

Host 160.72.59.139.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 160.72.59.139.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
160.153.156.135	attack	[Sat Oct 10 22:45:29.006646 2020] [access_compat:error] [pid 4008] [client 160.153.156.135:57692] AH01797: client denied by server configuration: /var/www/plzenskypruvodce.cz/www/xmlrpc.php [Sat Oct 10 22:45:29.023943 2020] [access_compat:error] [pid 4009] [client 160.153.156.135:57698] AH01797: client denied by server configuration: /var/www/plzenskypruvodce.cz/www/xmlrpc.php ...	2020-10-11 09:53:24
223.247.133.19	attack	Unauthorized connection attempt from IP address 223.247.133.19 on Port 3389(RDP)	2020-10-11 09:52:56
60.100.10.195	attackbots	Port Scan: TCP/443	2020-10-11 09:52:24
207.46.13.79	attack	Automatic report - Banned IP Access	2020-10-11 09:59:56
179.144.140.183	attack	prod6 ...	2020-10-11 10:03:38
49.234.84.213	attack	$f2bV_matches	2020-10-11 10:22:22
112.85.42.96	attackbotsspam	Oct 11 01:44:00 124388 sshd[28964]: Failed password for root from 112.85.42.96 port 41214 ssh2 Oct 11 01:44:03 124388 sshd[28964]: Failed password for root from 112.85.42.96 port 41214 ssh2 Oct 11 01:44:06 124388 sshd[28964]: Failed password for root from 112.85.42.96 port 41214 ssh2 Oct 11 01:44:10 124388 sshd[28964]: Failed password for root from 112.85.42.96 port 41214 ssh2 Oct 11 01:44:10 124388 sshd[28964]: error: maximum authentication attempts exceeded for root from 112.85.42.96 port 41214 ssh2 [preauth]	2020-10-11 10:11:27
42.117.57.45	attack	Unauthorised access (Oct 10) SRC=42.117.57.45 LEN=40 TOS=0x10 PREC=0x40 TTL=51 ID=45740 TCP DPT=23 WINDOW=44133 SYN	2020-10-11 10:19:03
112.85.42.230	attack	Oct 11 01:47:40 ip-172-31-61-156 sshd[11632]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.230 user=root Oct 11 01:47:41 ip-172-31-61-156 sshd[11632]: Failed password for root from 112.85.42.230 port 37082 ssh2 ...	2020-10-11 09:54:53
49.88.112.116	attackbotsspam	Oct 11 03:57:02 dcd-gentoo sshd[852]: User root from 49.88.112.116 not allowed because none of user's groups are listed in AllowGroups Oct 11 03:57:05 dcd-gentoo sshd[852]: error: PAM: Authentication failure for illegal user root from 49.88.112.116 Oct 11 03:57:05 dcd-gentoo sshd[852]: Failed keyboard-interactive/pam for invalid user root from 49.88.112.116 port 46696 ssh2 ...	2020-10-11 10:07:16
45.143.221.103	attackbots	[2020-10-10 21:56:50] NOTICE[1182] chan_sip.c: Registration from '"8000" ' failed for '45.143.221.103:5595' - Wrong password [2020-10-10 21:56:50] SECURITY[1204] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-10-10T21:56:50.946-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="8000",SessionID="0x7f22f854d238",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/45.143.221.103/5595",Challenge="3a378ee5",ReceivedChallenge="3a378ee5",ReceivedHash="3d041a32cb8c63031a074ccf9aa093e3" [2020-10-10 21:56:51] NOTICE[1182] chan_sip.c: Registration from '"8000" ' failed for '45.143.221.103:5595' - Wrong password [2020-10-10 21:56:51] SECURITY[1204] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-10-10T21:56:51.087-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="8000",SessionID="0x7f22f80f48e8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP ...	2020-10-11 10:14:24
122.61.62.26	attackbotsspam	SSH Bruteforce Attempt on Honeypot	2020-10-11 09:45:49
42.112.26.30	attack	Oct 11 01:12:57 django-0 sshd[25776]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.112.26.30 user=root Oct 11 01:12:59 django-0 sshd[25776]: Failed password for root from 42.112.26.30 port 33070 ssh2 ...	2020-10-11 09:55:40
200.158.188.144	attackspam	Unauthorized connection attempt from IP address 200.158.188.144 on Port 445(SMB)	2020-10-11 10:17:23
193.112.93.94	attackbotsspam	$f2bV_matches	2020-10-11 10:01:03

Recently Reported IPs

139.59.72.175	139.59.72.216	139.59.72.194	139.59.72.68
139.59.73.122	139.59.72.7	139.59.74.146	139.59.73.11
139.59.74.163	139.59.74.193	139.59.73.56	139.59.73.98
139.59.74.217	139.59.74.218	139.59.76.112	139.59.75.187
139.59.77.185	139.59.76.175	139.59.79.57	139.59.79.22