139.59.130.75 - IPInfo

Basic Info

City: Frankfurt am Main

Region: Hessen

Country: Germany

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
139.59.130.114	attack	23/tcp 37215/tcp... [2020-08-12/22]4pkt,2pt.(tcp)	2020-08-23 05:24:26
139.59.130.225	attackbotsspam	Aug 19 22:07:49 mail sshd\[22691\]: Invalid user nano from 139.59.130.225 port 44560 Aug 19 22:07:49 mail sshd\[22691\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.130.225 Aug 19 22:07:50 mail sshd\[22691\]: Failed password for invalid user nano from 139.59.130.225 port 44560 ssh2 Aug 19 22:11:29 mail sshd\[23437\]: Invalid user service from 139.59.130.225 port 39692 Aug 19 22:11:29 mail sshd\[23437\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.130.225	2019-08-20 04:20:40
139.59.130.48	attack	langenachtfulda.de 139.59.130.48 \[25/Jun/2019:09:02:41 +0200\] "POST /wp-login.php HTTP/1.1" 200 6029 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" langenachtfulda.de 139.59.130.48 \[25/Jun/2019:09:02:41 +0200\] "POST /wp-login.php HTTP/1.1" 200 6035 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-06-25 17:02:48

Type

Details

Datetime

139.59.130.114

attack

23/tcp 37215/tcp...
[2020-08-12/22]4pkt,2pt.(tcp)

2020-08-23 05:24:26

139.59.130.225

attackbotsspam

Aug 19 22:07:49 mail sshd\[22691\]: Invalid user nano from 139.59.130.225 port 44560
Aug 19 22:07:49 mail sshd\[22691\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.130.225
Aug 19 22:07:50 mail sshd\[22691\]: Failed password for invalid user nano from 139.59.130.225 port 44560 ssh2
Aug 19 22:11:29 mail sshd\[23437\]: Invalid user service from 139.59.130.225 port 39692
Aug 19 22:11:29 mail sshd\[23437\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.130.225

2019-08-20 04:20:40

139.59.130.48

attack

langenachtfulda.de 139.59.130.48 \[25/Jun/2019:09:02:41 +0200\] "POST /wp-login.php HTTP/1.1" 200 6029 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
langenachtfulda.de 139.59.130.48 \[25/Jun/2019:09:02:41 +0200\] "POST /wp-login.php HTTP/1.1" 200 6035 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"

2019-06-25 17:02:48

Whois info:

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#


NetRange:       139.59.0.0 - 139.59.255.255
CIDR:           139.59.0.0/16
NetName:        APNIC-ERX-139-59-0-0
NetHandle:      NET-139-59-0-0-1
Parent:         NET139 (NET-139-0-0-0-0)
NetType:        Early Registrations, Transferred to APNIC
OriginAS:       
Organization:   Asia Pacific Network Information Centre (APNIC)
RegDate:        2004-03-03
Updated:        2009-10-08
Comment:        This IP address range is not registered in the ARIN database.
Comment:        This range was transferred to the APNIC Whois Database as
Comment:        part of the ERX (Early Registration Transfer) project.
Comment:        For details, refer to the APNIC Whois Database via
Comment:        WHOIS.APNIC.NET or http://wq.apnic.net/apnic-bin/whois.pl
Comment:        
Comment:        ** IMPORTANT NOTE: APNIC is the Regional Internet Registry
Comment:        for the Asia Pacific region.  APNIC does not operate networks
Comment:        using this IP address range and is not able to investigate
Comment:        spam or abuse reports relating to these addresses.  For more
Comment:        help, refer to http://www.apnic.net/apnic-info/whois_search2/abuse-and-spamming
Ref:            https://rdap.arin.net/registry/ip/139.59.0.0

ResourceLink:  https://apps.db.ripe.net/db-web-ui/query
ResourceLink:  whois.apnic.net


OrgName:        Asia Pacific Network Information Centre
OrgId:          APNIC
Address:        PO Box 3646
City:           South Brisbane
StateProv:      QLD
PostalCode:     4101
Country:        AU
RegDate:        
Updated:        2012-01-24
Ref:            https://rdap.arin.net/registry/entity/APNIC

ReferralServer:  whois://whois.apnic.net
ResourceLink:  http://wq.apnic.net/whois-search/static/search.html

OrgAbuseHandle: AWC12-ARIN
OrgAbuseName:   APNIC Whois Contact
OrgAbusePhone:  +61 7 3858 3188 
OrgAbuseEmail:  search-apnic-not-arin@apnic.net
OrgAbuseRef:    https://rdap.arin.net/registry/entity/AWC12-ARIN

OrgTechHandle: AWC12-ARIN
OrgTechName:   APNIC Whois Contact
OrgTechPhone:  +61 7 3858 3188 
OrgTechEmail:  search-apnic-not-arin@apnic.net
OrgTechRef:    https://rdap.arin.net/registry/entity/AWC12-ARIN


#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#



Found a referral to whois.apnic.net.

% [whois.apnic.net]
% Whois data copyright terms    http://www.apnic.net/db/dbcopyright.html

% Information related to '139.59.128.0 - 139.59.159.255'

% Abuse contact for '139.59.128.0 - 139.59.159.255' is 'abuse@digitalocean.com'

inetnum:        139.59.128.0 - 139.59.159.255
netname:        DIGITALOCEAN-AP
descr:          DigitalOcean, LLC
country:        DE
admin-c:        DOIA2-AP
tech-c:         DOIA2-AP
abuse-c:        AD699-AP
status:         ASSIGNED NON-PORTABLE
mnt-by:         MAINT-DIGITALOCEAN-AP
mnt-irt:        IRT-DIGITALOCEAN-AP
last-modified:  2020-05-31T21:37:28Z
source:         APNIC

irt:            IRT-DIGITALOCEAN-AP
address:        105 Edgeview Drive, Suite 425, Broomfield, Colorado 80021
e-mail:         noc@digitalocean.com
abuse-mailbox:  abuse@digitalocean.com
admin-c:        DOIA2-AP
tech-c:         DOIA2-AP
auth:           # Filtered
remarks:        abuse@digitalocean.com was validated on 2026-03-19
remarks:        noc@digitalocean.com was validated on 2026-03-25
mnt-by:         MAINT-DIGITALOCEAN-AP
last-modified:  2026-03-25T17:24:46Z
source:         APNIC

role:           ABUSE DIGITALOCEANAP
country:        ZZ
address:        105 Edgeview Drive, Suite 425, Broomfield, Colorado 80021
phone:          +000000000
e-mail:         noc@digitalocean.com
admin-c:        DOIA2-AP
tech-c:         DOIA2-AP
nic-hdl:        AD699-AP
remarks:        Generated from irt object IRT-DIGITALOCEAN-AP
remarks:        abuse@digitalocean.com was validated on 2026-03-19
remarks:        noc@digitalocean.com was validated on 2026-03-25
abuse-mailbox:  abuse@digitalocean.com
mnt-by:         APNIC-ABUSE
last-modified:  2026-03-25T17:25:11Z
source:         APNIC

role:           Digital Ocean Inc administrator
address:        105 Edgeview Drive, Suite 425, Broomfield, Colorado 80021
country:        US
phone:          +1 646-827-4366
fax-no:         +1 646-827-4366
e-mail:         abuse@digitalocean.com
admin-c:        DOIA2-AP
tech-c:         DOIA2-AP
nic-hdl:        DOIA2-AP
mnt-by:         MAINT-DIGITALOCEAN-AP
last-modified:  2025-04-11T18:24:27Z
source:         APNIC

% This query was served by the APNIC Whois Service version 1.88.48 (WHOIS-AU4)

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.59.130.75
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 61321
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;139.59.130.75.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2026061401 1800 900 604800 86400

;; Query time: 8 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jun 15 11:30:22 CST 2026
;; MSG SIZE  rcvd: 106

Host info

Host 75.130.59.139.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 75.130.59.139.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
89.248.168.217	attackbotsspam	89.248.168.217 was recorded 50 times by 30 hosts attempting to connect to the following ports: 593,514,996. Incident counter (4h, 24h, all-time): 50, 287, 12821	2019-12-18 19:20:12
154.8.209.64	attackspam	Dec 18 09:58:21 sauna sshd[20447]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.8.209.64 Dec 18 09:58:24 sauna sshd[20447]: Failed password for invalid user sa123344 from 154.8.209.64 port 42454 ssh2 ...	2019-12-18 19:21:59
132.248.96.3	attackbots	Dec 18 09:33:59 ns41 sshd[7522]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.248.96.3	2019-12-18 19:28:49
194.170.189.226	attackspam	Honeypot attack, port: 445, PTR: PTR record not found	2019-12-18 19:31:11
223.71.139.97	attackbotsspam	Dec 18 11:33:52 MK-Soft-VM5 sshd[14042]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.71.139.97 Dec 18 11:33:54 MK-Soft-VM5 sshd[14042]: Failed password for invalid user ftp from 223.71.139.97 port 49746 ssh2 ...	2019-12-18 19:19:37
158.69.63.244	attackspambots	Dec 18 11:59:09 [host] sshd[970]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=158.69.63.244 user=root Dec 18 11:59:10 [host] sshd[970]: Failed password for root from 158.69.63.244 port 36612 ssh2 Dec 18 12:04:14 [host] sshd[1123]: Invalid user Elsi from 158.69.63.244 Dec 18 12:04:14 [host] sshd[1123]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=158.69.63.244	2019-12-18 19:14:44
128.199.253.133	attack	Dec 18 07:26:05 ns41 sshd[713]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.253.133	2019-12-18 19:49:14
190.202.54.12	attackbots	Dec 18 01:30:23 auw2 sshd\[12998\]: Invalid user govindasa from 190.202.54.12 Dec 18 01:30:23 auw2 sshd\[12998\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.202.54.12 Dec 18 01:30:25 auw2 sshd\[12998\]: Failed password for invalid user govindasa from 190.202.54.12 port 19213 ssh2 Dec 18 01:36:50 auw2 sshd\[13674\]: Invalid user danial from 190.202.54.12 Dec 18 01:36:50 auw2 sshd\[13674\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.202.54.12	2019-12-18 19:41:21
200.165.167.10	attackspam	Dec 17 20:47:10 web9 sshd\[25248\]: Invalid user brynildsen from 200.165.167.10 Dec 17 20:47:10 web9 sshd\[25248\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.165.167.10 Dec 17 20:47:13 web9 sshd\[25248\]: Failed password for invalid user brynildsen from 200.165.167.10 port 39531 ssh2 Dec 17 20:54:17 web9 sshd\[26473\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.165.167.10 user=root Dec 17 20:54:19 web9 sshd\[26473\]: Failed password for root from 200.165.167.10 port 42411 ssh2	2019-12-18 19:27:04
91.121.7.155	attackspam	Dec 18 09:35:34 ArkNodeAT sshd\[19602\]: Invalid user audelia from 91.121.7.155 Dec 18 09:35:34 ArkNodeAT sshd\[19602\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.121.7.155 Dec 18 09:35:36 ArkNodeAT sshd\[19602\]: Failed password for invalid user audelia from 91.121.7.155 port 34317 ssh2	2019-12-18 19:23:33
201.235.19.122	attack	Invalid user download from 201.235.19.122 port 47452 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.235.19.122 Failed password for invalid user download from 201.235.19.122 port 47452 ssh2 Invalid user maravena from 201.235.19.122 port 51899 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.235.19.122	2019-12-18 19:51:38
40.92.73.44	attackspambots	Dec 18 13:43:44 debian-2gb-vpn-nbg1-1 kernel: [1044189.198909] [UFW BLOCK] IN=eth0 OUT= MAC=96:00:00:38:96:44:d2:74:7f:6e:37:e3:08:00 SRC=40.92.73.44 DST=78.46.192.101 LEN=40 TOS=0x00 PREC=0x00 TTL=239 ID=51049 DF PROTO=TCP SPT=7699 DPT=25 WINDOW=0 RES=0x00 ACK RST URGP=0	2019-12-18 19:29:17
81.28.107.12	attack	Dec 18 07:25:55 exim[28247]: [1\52] 1ihSmP-0007Lb-Tw H=(earthy.wpmarks.co) [81.28.107.12] F= rejected after DATA: This message scored 102.4 spam points.	2019-12-18 19:52:50
85.113.210.58	attack	Invalid user berkay from 85.113.210.58 port 34113	2019-12-18 19:44:10
72.221.196.137	attackspam	IMAP brute force ...	2019-12-18 19:31:55

Recently Reported IPs

2606:4700:10::6814:9963	42.81.205.75	183.198.241.96	2606:4700:10::6816:2921
2606:4700:10::6816:686	2606:4700:10::6814:4973	198.105.121.200	39.100.71.169
47.110.149.159	157.238.252.115	43.152.67.197	109.162.246.235
2606:4700:10::ac43:1477	3.168.86.125	209.141.46.48	43.173.114.188
2606:4700:10::6814:8892	49.86.252.155	69.5.20.93	223.100.45.137