JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 139.59.99.247

139.59.99.247 was found in our database!

This IP was reported 64 times. Confidence of Abuse is 87%: ?

87%

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 139.59.99.247

Whois 139.59.99.247

IP Abuse Reports for 139.59.99.247:

This IP address has been reported a total of 64 times from 46 distinct sources. 139.59.99.247 was first reported on August 13th 2023, and the most recent report was 7 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-24 18:07:52 (7 hours ago)	(mod_security) mod_security (id:225170) triggered by 139.59.99.247 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 139.59.99.247 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 14:07:46.099998 2026] [security2:error] [pid 14149:tid 14149] [client 139.59.99.247:55024] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|renjunews.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "renjunews.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "ajwc8lVB4EZW0Pek1il5wAAAACU"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 tilellit.pro	2026-06-24 15:13:36 (10 hours ago)	Fail2Ban banned 139.59.99.247 for security violations in jail wp-armour. Log: 2026/06/24 15:13:36 [e ... show more Fail2Ban banned 139.59.99.247 for security violations in jail wp-armour. Log: 2026/06/24 15:13:36 [error] FastCGI sent in stderr: "PHP message: [WP_ARMOUR_BAN] IP: 139.59.99.247 \| Target: wplogin" , client: 139.59.99.247, server: [REDACTED], request: "POST /wp-login.php HTTP/1.1", upstream: [REDACTED], host: [REDACTED], referrer: "https://comerciogallego.es/wp-admin/" ... show less	Web Spam
🇧🇪 taivas.nl	2026-06-24 14:02:12 (11 hours ago)	Wordpress_xmlrpc_attack	Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-24 13:30:28 (12 hours ago)	(mod_security) mod_security (id:225170) triggered by 139.59.99.247 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 139.59.99.247 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 09:30:21.917754 2026] [security2:error] [pid 31138:tid 31138] [client 139.59.99.247:49676] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.veneerdent.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.veneerdent.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "ajvb7QNwHCV0rUlLzREz6QAAAAQ"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-24 11:43:38 (14 hours ago)	(mod_security) mod_security (id:225170) triggered by 139.59.99.247 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 139.59.99.247 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 07:43:32.720854 2026] [security2:error] [pid 1152:tid 1210] [client 139.59.99.247:56401] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|myrtlebeachdiet.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "myrtlebeachdiet.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "ajvC5GnxKLiNG9fBuFtRLQAAAE0"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇧🇪 Saec	2026-06-24 10:45:01 (15 hours ago)	Cloudflare WAF blocked 24 requests in 1h from SG. Top paths probed: /, /wp-login.php, /xmlrpc.php. P ... show more Cloudflare WAF blocked 24 requests in 1h from SG. Top paths probed: /, /wp-login.php, /xmlrpc.php. Pattern: bot/scanner abuse. Auto-reported by Jarvis CF monitor. show less	Brute-Force Web App Attack
🇹🇭 MWA SOC	2026-06-24 10:43:49 (15 hours ago)		Hacking
🇳🇱 i-turnradio.nl	2026-06-24 10:17:19 (15 hours ago)	2026-06-24 @ 12:17:18 (CET) ~ Blocked for trying to access: /wp-login.php	Web App Attack
🇩🇪 stinpriza	2026-06-24 09:59:13 (16 hours ago)	Web App Attack	Web App Attack
🇩🇪 LRob.fr	2026-06-24 09:45:07 (16 hours ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-24 08:40:57 (17 hours ago)	(mod_security) mod_security (id:225170) triggered by 139.59.99.247 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 139.59.99.247 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 04:40:51.342743 2026] [security2:error] [pid 21356:tid 21356] [client 139.59.99.247:50359] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|livingwaterresortandspa.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "livingwaterresortandspa.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "ajuYE5E0zRHwCPiJ4P4WKAAAABo"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-24 08:20:45 (17 hours ago)	(mod_security) mod_security (id:225170) triggered by 139.59.99.247 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 139.59.99.247 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 04:20:41.077026 2026] [security2:error] [pid 30351:tid 30351] [client 139.59.99.247:49378] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|heartshapedboy.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "heartshapedboy.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "ajuTWRon2TSXVp-sJeIcjgAAAAc"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-24 07:42:10 (18 hours ago)	(mod_security) mod_security (id:225170) triggered by 139.59.99.247 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 139.59.99.247 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 03:42:05.361370 2026] [security2:error] [pid 29059:tid 29059] [client 139.59.99.247:50219] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|804web.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "804web.net"] [uri "/wp-json/wp/v2/users/me"] [unique_id "ajuKTQAR7TpGEtT3WQROfwAAABY"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 oralunal	2026-06-24 07:37:35 (18 hours ago)	IP banned by Fail2Ban in jail ente-suss ente.com-ssl_log mvfnds ...	Bad Web Bot Web App Attack
🇺🇸 agenciahypelab.com.br	2026-06-24 06:59:28 (19 hours ago)	WordPress login brute-force detectado e bloqueado pelo CSF/LFD. Trigger: LF_TRIGGER	Brute-Force SSH

Showing 1 to 15 of 64 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2a04:c300:400::19b

🇬🇭 197.251.151.45

🇺🇸 162.216.149.247

🇺🇸 137.184.130.236

🇨🇳 118.145.247.242

🇰🇷 112.216.129.27

🇺🇸 107.167.34.125

🇺🇸 38.248.90.153

🇬🇧 185.216.145.183

🇺🇸 165.227.15.212

🇸🇬 152.32.220.188

🇧🇷 118.26.105.52

🇨🇳 116.62.131.106

🇱🇹 91.224.92.17

🇩🇪 69.5.169.76

🇺🇸 65.49.1.222

🇸🇬 47.236.188.152

🇸🇬 43.134.22.249

🇬🇧 35.203.211.99

🇷🇺 217.168.240.63