139.59.130.225

Basic Info

City: Frankfurt am Main

Region: Hesse

Country: Germany

Internet Service Provider: Digital Ocean Inc.

Hostname: unknown

Organization: DigitalOcean, LLC

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Aug 19 22:07:49 mail sshd\[22691\]: Invalid user nano from 139.59.130.225 port 44560 Aug 19 22:07:49 mail sshd\[22691\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.130.225 Aug 19 22:07:50 mail sshd\[22691\]: Failed password for invalid user nano from 139.59.130.225 port 44560 ssh2 Aug 19 22:11:29 mail sshd\[23437\]: Invalid user service from 139.59.130.225 port 39692 Aug 19 22:11:29 mail sshd\[23437\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.130.225	2019-08-20 04:20:40

Type

Details

Datetime

attackbotsspam

Aug 19 22:07:49 mail sshd\[22691\]: Invalid user nano from 139.59.130.225 port 44560
Aug 19 22:07:49 mail sshd\[22691\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.130.225
Aug 19 22:07:50 mail sshd\[22691\]: Failed password for invalid user nano from 139.59.130.225 port 44560 ssh2
Aug 19 22:11:29 mail sshd\[23437\]: Invalid user service from 139.59.130.225 port 39692
Aug 19 22:11:29 mail sshd\[23437\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.130.225

2019-08-20 04:20:40

Comments on same subnet:

IP	Type	Details	Datetime
139.59.130.114	attack	23/tcp 37215/tcp... [2020-08-12/22]4pkt,2pt.(tcp)	2020-08-23 05:24:26
139.59.130.48	attack	langenachtfulda.de 139.59.130.48 \[25/Jun/2019:09:02:41 +0200\] "POST /wp-login.php HTTP/1.1" 200 6029 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" langenachtfulda.de 139.59.130.48 \[25/Jun/2019:09:02:41 +0200\] "POST /wp-login.php HTTP/1.1" 200 6035 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-06-25 17:02:48

Type

Details

Datetime

139.59.130.114

attack

23/tcp 37215/tcp...
[2020-08-12/22]4pkt,2pt.(tcp)

2020-08-23 05:24:26

139.59.130.48

attack

langenachtfulda.de 139.59.130.48 \[25/Jun/2019:09:02:41 +0200\] "POST /wp-login.php HTTP/1.1" 200 6029 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
langenachtfulda.de 139.59.130.48 \[25/Jun/2019:09:02:41 +0200\] "POST /wp-login.php HTTP/1.1" 200 6035 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"

2019-06-25 17:02:48

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.59.130.225
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 750
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.59.130.225.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019040700 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Sun Apr 07 21:39:41 +08 2019
;; MSG SIZE  rcvd: 118

Host info

Host 225.130.59.139.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 225.130.59.139.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
79.219.159.1	attack	SSH/22 MH Probe, BF, Hack -	2019-09-05 20:07:54
85.105.112.134	attack	Unauthorized connection attempt from IP address 85.105.112.134 on Port 445(SMB)	2019-09-05 20:32:59
51.83.69.183	attackbots	Sep 5 01:03:40 auw2 sshd\[30074\]: Invalid user teamspeak from 51.83.69.183 Sep 5 01:03:40 auw2 sshd\[30074\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.ip-51-83-69.eu Sep 5 01:03:42 auw2 sshd\[30074\]: Failed password for invalid user teamspeak from 51.83.69.183 port 41824 ssh2 Sep 5 01:07:25 auw2 sshd\[30427\]: Invalid user demo from 51.83.69.183 Sep 5 01:07:25 auw2 sshd\[30427\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.ip-51-83-69.eu	2019-09-05 20:10:01
117.207.110.66	attackspam	Unauthorized connection attempt from IP address 117.207.110.66 on Port 445(SMB)	2019-09-05 20:11:31
119.53.18.166	attackspam	Sep 5 12:02:05 host proftpd\[49910\]: 0.0.0.0 \(119.53.18.166\[119.53.18.166\]\) - USER anonymous: no such user found from 119.53.18.166 \[119.53.18.166\] to 62.210.146.38:21 ...	2019-09-05 20:16:24
158.69.121.80	attack	Sep 5 13:43:35 nextcloud sshd\[15189\]: Invalid user testing from 158.69.121.80 Sep 5 13:43:35 nextcloud sshd\[15189\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=158.69.121.80 Sep 5 13:43:38 nextcloud sshd\[15189\]: Failed password for invalid user testing from 158.69.121.80 port 46940 ssh2 ...	2019-09-05 20:11:01
195.154.223.226	attackspam	2019-09-05T08:31:49.727357abusebot-7.cloudsearch.cf sshd\[7777\]: Invalid user cactiuser123 from 195.154.223.226 port 57288	2019-09-05 20:24:40
47.63.220.194	attackspambots	05.09.2019 14:10:06 - RDP Login Fail Detected by https://www.elinox.de/RDP-Wächter	2019-09-05 20:20:38
46.44.177.94	attackspam	WPLoginAttempts	2019-09-05 20:06:15
190.116.21.131	attack	Sep 4 22:26:30 hpm sshd\[2271\]: Invalid user gitolite from 190.116.21.131 Sep 4 22:26:30 hpm sshd\[2271\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.116.21.131 Sep 4 22:26:32 hpm sshd\[2271\]: Failed password for invalid user gitolite from 190.116.21.131 port 33162 ssh2 Sep 4 22:31:45 hpm sshd\[2708\]: Invalid user deb from 190.116.21.131 Sep 4 22:31:45 hpm sshd\[2708\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.116.21.131	2019-09-05 20:30:49
120.52.9.102	attackspambots	Sep 5 13:57:36 microserver sshd[20126]: Invalid user xavier from 120.52.9.102 port 24718 Sep 5 13:57:36 microserver sshd[20126]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.52.9.102 Sep 5 13:57:38 microserver sshd[20126]: Failed password for invalid user xavier from 120.52.9.102 port 24718 ssh2 Sep 5 14:01:52 microserver sshd[20809]: Invalid user bdos from 120.52.9.102 port 16460 Sep 5 14:01:52 microserver sshd[20809]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.52.9.102 Sep 5 14:14:38 microserver sshd[22302]: Invalid user raja from 120.52.9.102 port 42409 Sep 5 14:14:38 microserver sshd[22302]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.52.9.102 Sep 5 14:14:41 microserver sshd[22302]: Failed password for invalid user raja from 120.52.9.102 port 42409 ssh2 Sep 5 14:19:04 microserver sshd[22941]: Invalid user opentsp from 120.52.9.102 port 48547 Sep 5 14:19:	2019-09-05 20:44:43
187.32.120.215	attack	Triggered by Fail2Ban at Ares web server	2019-09-05 20:27:52
121.234.37.190	attackspambots	Fail2Ban - FTP Abuse Attempt	2019-09-05 20:18:16
190.90.132.146	attack	Unauthorized connection attempt from IP address 190.90.132.146 on Port 445(SMB)	2019-09-05 20:04:40
67.210.96.22	attackspambots	CloudCIX Reconnaissance Scan Detected, PTR: server.aaaanime.com.	2019-09-05 20:05:15

Recently Reported IPs

213.59.151.73	41.238.80.6	79.2.9.254	213.230.115.99
213.230.113.204	178.128.248.18	78.193.8.166	203.150.84.112
188.143.2.114	77.189.94.25	58.87.88.98	200.59.88.56
192.144.130.87	79.55.60.227	76.121.12.28	211.103.222.149
200.119.204.18	68.183.216.175	149.219.198.200	68.183.229.159