139.59.80.189 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: India

Internet Service Provider: Digital Ocean Inc.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	WordPress login Brute force / Web App Attack on client site.	2019-09-20 18:58:01

Comments on same subnet:

IP	Type	Details	Datetime
139.59.80.88	attackbotsspam	Invalid user ubnt from 139.59.80.88 port 47538	2020-09-04 03:10:16
139.59.80.88	attackbotsspam	Sep 3 11:31:56 kh-dev-server sshd[11445]: Failed password for root from 139.59.80.88 port 36448 ssh2 ...	2020-09-03 18:41:58
139.59.80.88	attack	Invalid user hao from 139.59.80.88 port 33910	2020-08-21 01:20:10
139.59.80.88	attackbots	Aug 18 20:25:44 cosmoit sshd[29019]: Failed password for root from 139.59.80.88 port 42998 ssh2	2020-08-19 04:14:07
139.59.80.88	attack	Aug 10 15:34:01 vps639187 sshd\[19285\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.80.88 user=root Aug 10 15:34:03 vps639187 sshd\[19285\]: Failed password for root from 139.59.80.88 port 45854 ssh2 Aug 10 15:38:22 vps639187 sshd\[19332\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.80.88 user=root ...	2020-08-10 21:51:54
139.59.80.88	attack	Too many connections or unauthorized access detected from Arctic banned ip	2020-08-08 03:37:19
139.59.80.88	attackbotsspam	Aug 2 14:00:24 ns382633 sshd\[5533\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.80.88 user=root Aug 2 14:00:25 ns382633 sshd\[5533\]: Failed password for root from 139.59.80.88 port 57360 ssh2 Aug 2 14:06:06 ns382633 sshd\[6496\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.80.88 user=root Aug 2 14:06:08 ns382633 sshd\[6496\]: Failed password for root from 139.59.80.88 port 41488 ssh2 Aug 2 14:10:33 ns382633 sshd\[7327\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.80.88 user=root	2020-08-02 23:23:31
139.59.80.88	attackbotsspam	Invalid user ttest from 139.59.80.88 port 43572	2020-07-21 17:06:32
139.59.80.88	attackbots	Automatic Fail2ban report - Trying login SSH	2020-07-21 03:54:31
139.59.80.88	attackbots	Jul 18 15:49:23 ws12vmsma01 sshd[62966]: Invalid user ela from 139.59.80.88 Jul 18 15:49:25 ws12vmsma01 sshd[62966]: Failed password for invalid user ela from 139.59.80.88 port 36106 ssh2 Jul 18 15:53:23 ws12vmsma01 sshd[63504]: Invalid user tiina from 139.59.80.88 ...	2020-07-19 03:30:12
139.59.80.88	attack	$f2bV_matches	2020-06-30 22:37:51
139.59.80.88	attackspambots	DATE:2020-06-29 15:18:28, IP:139.59.80.88, PORT:ssh SSH brute force auth (docker-dc)	2020-06-29 21:29:07
139.59.80.88	attackspambots	SSH Brute-Forcing (server1)	2020-06-29 19:06:43
139.59.80.88	attackspambots	Jun 26 08:59:19: Invalid user server from 139.59.80.88 port 43548	2020-06-27 07:19:49
139.59.80.88	attack	Jun 19 08:25:20 pbkit sshd[62081]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.80.88 Jun 19 08:25:20 pbkit sshd[62081]: Invalid user myuser1 from 139.59.80.88 port 35128 Jun 19 08:25:22 pbkit sshd[62081]: Failed password for invalid user myuser1 from 139.59.80.88 port 35128 ssh2 ...	2020-06-19 17:03:08

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.59.80.189
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 11521
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.59.80.189.			IN	A

;; AUTHORITY SECTION:
.			487	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019092000 1800 900 604800 86400

;; Query time: 133 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Sep 20 18:57:45 CST 2019
;; MSG SIZE  rcvd: 117

Host info

Host 189.80.59.139.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 189.80.59.139.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
139.99.62.10	attackspam	Aug 17 21:57:43 marvibiene sshd[61609]: Invalid user zheng from 139.99.62.10 port 35648 Aug 17 21:57:43 marvibiene sshd[61609]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.62.10 Aug 17 21:57:43 marvibiene sshd[61609]: Invalid user zheng from 139.99.62.10 port 35648 Aug 17 21:57:44 marvibiene sshd[61609]: Failed password for invalid user zheng from 139.99.62.10 port 35648 ssh2 ...	2019-08-18 09:52:41
222.232.29.235	attackbotsspam	Aug 18 00:12:02 root sshd[11905]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.232.29.235 Aug 18 00:12:04 root sshd[11905]: Failed password for invalid user billy from 222.232.29.235 port 57336 ssh2 Aug 18 00:16:45 root sshd[12008]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.232.29.235 ...	2019-08-18 09:39:12
66.7.148.40	attackspam	Aug 18 01:49:11 mail postfix/smtpd\[21874\]: warning: unknown\[66.7.148.40\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Aug 18 02:03:10 mail postfix/smtpd\[22470\]: warning: unknown\[66.7.148.40\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Aug 18 02:46:31 mail postfix/smtpd\[23092\]: warning: unknown\[66.7.148.40\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Aug 18 03:44:09 mail postfix/smtpd\[24617\]: warning: unknown\[66.7.148.40\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\	2019-08-18 09:56:31
103.253.1.158	attackbots	Aug 18 03:24:13 vps691689 sshd[10109]: Failed password for root from 103.253.1.158 port 32982 ssh2 Aug 18 03:28:55 vps691689 sshd[10209]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.253.1.158 ...	2019-08-18 09:31:30
49.88.112.80	attackspam	Aug 18 06:53:57 areeb-Workstation sshd\[26581\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.80 user=root Aug 18 06:53:59 areeb-Workstation sshd\[26581\]: Failed password for root from 49.88.112.80 port 35952 ssh2 Aug 18 06:54:09 areeb-Workstation sshd\[26629\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.80 user=root ...	2019-08-18 09:24:41
59.63.208.191	attackbots	Aug 17 15:44:06 sachi sshd\[11560\]: Invalid user export from 59.63.208.191 Aug 17 15:44:06 sachi sshd\[11560\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.63.208.191 Aug 17 15:44:09 sachi sshd\[11560\]: Failed password for invalid user export from 59.63.208.191 port 45416 ssh2 Aug 17 15:49:19 sachi sshd\[12002\]: Invalid user p@ssw0rd from 59.63.208.191 Aug 17 15:49:19 sachi sshd\[12002\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.63.208.191	2019-08-18 09:50:36
162.243.137.229	attackbotsspam	Portscan or hack attempt detected by psad/fwsnort	2019-08-18 09:22:39
188.166.237.191	attack	" "	2019-08-18 09:46:22
115.159.185.71	attackspambots	Invalid user bscw from 115.159.185.71 port 43678	2019-08-18 09:44:57
34.85.97.254	attackspambots	Aug 17 11:55:52 hanapaa sshd\[11817\]: Invalid user test from 34.85.97.254 Aug 17 11:55:52 hanapaa sshd\[11817\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=254.97.85.34.bc.googleusercontent.com Aug 17 11:55:55 hanapaa sshd\[11817\]: Failed password for invalid user test from 34.85.97.254 port 15494 ssh2 Aug 17 12:05:01 hanapaa sshd\[12673\]: Invalid user java from 34.85.97.254 Aug 17 12:05:01 hanapaa sshd\[12673\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=254.97.85.34.bc.googleusercontent.com	2019-08-18 09:38:51
125.45.177.201	attack	Aug 17 08:40:10 auw2 sshd\[10531\]: Invalid user csserver from 125.45.177.201 Aug 17 08:40:10 auw2 sshd\[10531\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.45.177.201 Aug 17 08:40:12 auw2 sshd\[10531\]: Failed password for invalid user csserver from 125.45.177.201 port 47024 ssh2 Aug 17 08:42:42 auw2 sshd\[10749\]: Invalid user logmaster from 125.45.177.201 Aug 17 08:42:42 auw2 sshd\[10749\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.45.177.201	2019-08-18 09:23:17
24.7.159.76	attackspam	Aug 18 01:21:19 ns315508 sshd[17265]: Invalid user docker from 24.7.159.76 port 43186 Aug 18 01:21:19 ns315508 sshd[17265]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=24.7.159.76 Aug 18 01:21:19 ns315508 sshd[17265]: Invalid user docker from 24.7.159.76 port 43186 Aug 18 01:21:21 ns315508 sshd[17265]: Failed password for invalid user docker from 24.7.159.76 port 43186 ssh2 Aug 18 01:25:41 ns315508 sshd[17287]: Invalid user mnm from 24.7.159.76 port 33728 ...	2019-08-18 09:28:46
186.251.169.198	attackspam	Aug 17 15:56:37 hpm sshd\[8573\]: Invalid user denied from 186.251.169.198 Aug 17 15:56:37 hpm sshd\[8573\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.251.169.198 Aug 17 15:56:39 hpm sshd\[8573\]: Failed password for invalid user denied from 186.251.169.198 port 50594 ssh2 Aug 17 16:02:06 hpm sshd\[8955\]: Invalid user yellow from 186.251.169.198 Aug 17 16:02:06 hpm sshd\[8955\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.251.169.198	2019-08-18 10:02:11
51.68.123.192	attack	Aug 17 15:59:14 dallas01 sshd[22064]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.123.192 Aug 17 15:59:16 dallas01 sshd[22064]: Failed password for invalid user minecraft from 51.68.123.192 port 39050 ssh2 Aug 17 16:07:05 dallas01 sshd[25045]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.123.192	2019-08-18 09:36:35
93.69.40.153	attack	Automatic report - Port Scan Attack	2019-08-18 09:34:29

Recently Reported IPs

34.243.235.56	182.82.63.255	197.34.252.254	196.218.124.81
221.216.99.26	177.10.162.235	156.209.205.123	173.210.27.182
138.99.207.27	128.74.203.48	203.81.74.62	121.139.96.147
123.234.40.50	97.48.82.28	122.53.75.135	203.188.38.120
91.240.42.83	210.33.91.39	121.141.146.123	115.62.46.30