139.59.149.75 - IPInfo

Basic Info

City: Frankfurt am Main

Region: Hesse

Country: Germany

Internet Service Provider: Digital Ocean Inc.

Hostname: unknown

Organization: DigitalOcean, LLC

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	SSH Brute Force, server-1 sshd[9147]: Failed password for invalid user if from 139.59.149.75 port 40160 ssh2	2019-08-21 09:29:26
attackbotsspam	Splunk® : Brute-Force login attempt on SSH: Aug 13 05:33:31 testbed sshd[26765]: Disconnected from 139.59.149.75 port 42940 [preauth]	2019-08-13 17:37:06
attackspambots	Jul 18 05:01:17 mout sshd[3135]: Invalid user wn from 139.59.149.75 port 47636	2019-07-18 11:12:40
attackspambots	Jul 14 03:31:55 OPSO sshd\[808\]: Invalid user supervisor from 139.59.149.75 port 46696 Jul 14 03:31:55 OPSO sshd\[808\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.149.75 Jul 14 03:31:57 OPSO sshd\[808\]: Failed password for invalid user supervisor from 139.59.149.75 port 46696 ssh2 Jul 14 03:36:35 OPSO sshd\[1609\]: Invalid user cynthia from 139.59.149.75 port 47464 Jul 14 03:36:35 OPSO sshd\[1609\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.149.75	2019-07-14 10:09:04
attack	frenzy	2019-07-11 08:53:35

Comments on same subnet:

IP	Type	Details	Datetime
139.59.149.183	attackbotsspam	Sep 30 11:40:09 tdfoods sshd\[27586\]: Invalid user ts3musicbot from 139.59.149.183 Sep 30 11:40:09 tdfoods sshd\[27586\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.149.183 Sep 30 11:40:12 tdfoods sshd\[27586\]: Failed password for invalid user ts3musicbot from 139.59.149.183 port 44237 ssh2 Sep 30 11:44:12 tdfoods sshd\[27958\]: Invalid user user from 139.59.149.183 Sep 30 11:44:12 tdfoods sshd\[27958\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.149.183	2019-10-01 07:43:50
139.59.149.183	attack	2019-09-24T19:53:46.709815abusebot-8.cloudsearch.cf sshd\[23577\]: Invalid user herbert from 139.59.149.183 port 48980	2019-09-25 03:55:39
139.59.149.183	attackbotsspam	detected by Fail2Ban	2019-09-24 14:51:48
139.59.149.183	attack	Sep 22 22:05:16 web9 sshd\[4297\]: Invalid user user from 139.59.149.183 Sep 22 22:05:16 web9 sshd\[4297\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.149.183 Sep 22 22:05:18 web9 sshd\[4297\]: Failed password for invalid user user from 139.59.149.183 port 37815 ssh2 Sep 22 22:09:29 web9 sshd\[5154\]: Invalid user yh from 139.59.149.183 Sep 22 22:09:29 web9 sshd\[5154\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.149.183	2019-09-23 17:00:01
139.59.149.183	attack	Sep 20 15:34:44 ny01 sshd[15295]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.149.183 Sep 20 15:34:47 ny01 sshd[15295]: Failed password for invalid user leoay from 139.59.149.183 port 57793 ssh2 Sep 20 15:38:46 ny01 sshd[16001]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.149.183	2019-09-21 03:52:37
139.59.149.183	attack	Sep 13 21:22:54 ArkNodeAT sshd\[2329\]: Invalid user advagrant from 139.59.149.183 Sep 13 21:22:54 ArkNodeAT sshd\[2329\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.149.183 Sep 13 21:22:56 ArkNodeAT sshd\[2329\]: Failed password for invalid user advagrant from 139.59.149.183 port 37100 ssh2	2019-09-14 04:05:36
139.59.149.183	attackbotsspam	F2B jail: sshd. Time: 2019-09-09 02:35:45, Reported by: VKReport	2019-09-09 09:49:55
139.59.149.183	attackbots	Sep 4 17:52:29 [host] sshd[18940]: Invalid user fcosta from 139.59.149.183 Sep 4 17:52:29 [host] sshd[18940]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.149.183 Sep 4 17:52:32 [host] sshd[18940]: Failed password for invalid user fcosta from 139.59.149.183 port 33370 ssh2	2019-09-05 03:22:37
139.59.149.183	attackbotsspam	Sep 1 18:42:49 mail sshd\[26964\]: Failed password for invalid user myl from 139.59.149.183 port 59122 ssh2 Sep 1 18:59:01 mail sshd\[27264\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.149.183 user=root ...	2019-09-02 10:00:31
139.59.149.183	attackspam	Aug 25 01:12:28 itv-usvr-01 sshd[17316]: Invalid user wz from 139.59.149.183 Aug 25 01:12:28 itv-usvr-01 sshd[17316]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.149.183 Aug 25 01:12:28 itv-usvr-01 sshd[17316]: Invalid user wz from 139.59.149.183 Aug 25 01:12:30 itv-usvr-01 sshd[17316]: Failed password for invalid user wz from 139.59.149.183 port 54726 ssh2 Aug 25 01:16:05 itv-usvr-01 sshd[17462]: Invalid user angela from 139.59.149.183	2019-08-28 17:22:21
139.59.149.183	attack	Aug 26 23:42:38 MK-Soft-VM3 sshd\[29139\]: Invalid user ftpuser from 139.59.149.183 port 34805 Aug 26 23:42:38 MK-Soft-VM3 sshd\[29139\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.149.183 Aug 26 23:42:40 MK-Soft-VM3 sshd\[29139\]: Failed password for invalid user ftpuser from 139.59.149.183 port 34805 ssh2 ...	2019-08-27 08:09:28
139.59.149.183	attack	Aug 25 18:53:31 MK-Soft-VM7 sshd\[8905\]: Invalid user bot from 139.59.149.183 port 33549 Aug 25 18:53:31 MK-Soft-VM7 sshd\[8905\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.149.183 Aug 25 18:53:33 MK-Soft-VM7 sshd\[8905\]: Failed password for invalid user bot from 139.59.149.183 port 33549 ssh2 ...	2019-08-26 03:05:50
139.59.149.183	attack	Aug 22 13:25:45 hiderm sshd\[31293\]: Invalid user rf from 139.59.149.183 Aug 22 13:25:45 hiderm sshd\[31293\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.149.183 Aug 22 13:25:47 hiderm sshd\[31293\]: Failed password for invalid user rf from 139.59.149.183 port 59441 ssh2 Aug 22 13:29:51 hiderm sshd\[31680\]: Invalid user manuela from 139.59.149.183 Aug 22 13:29:51 hiderm sshd\[31680\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.149.183	2019-08-23 08:02:45
139.59.149.183	attack	Fail2Ban Ban Triggered	2019-08-19 05:55:59
139.59.149.183	attackspam	Aug 18 06:51:25 aat-srv002 sshd[16679]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.149.183 Aug 18 06:51:26 aat-srv002 sshd[16679]: Failed password for invalid user tester from 139.59.149.183 port 42403 ssh2 Aug 18 06:55:23 aat-srv002 sshd[16812]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.149.183 Aug 18 06:55:25 aat-srv002 sshd[16812]: Failed password for invalid user lfc from 139.59.149.183 port 37398 ssh2 ...	2019-08-18 20:14:37

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.59.149.75
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 39779
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.59.149.75.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019050500 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Mon May 06 00:53:47 +08 2019
;; MSG SIZE  rcvd: 117

Host info

Host 75.149.59.139.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 75.149.59.139.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
218.111.88.185	attack	Aug 26 14:27:41 hiderm sshd\[10304\]: Invalid user sh from 218.111.88.185 Aug 26 14:27:41 hiderm sshd\[10304\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.111.88.185 Aug 26 14:27:44 hiderm sshd\[10304\]: Failed password for invalid user sh from 218.111.88.185 port 33458 ssh2 Aug 26 14:33:09 hiderm sshd\[10798\]: Invalid user rpm from 218.111.88.185 Aug 26 14:33:09 hiderm sshd\[10798\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.111.88.185	2019-08-27 08:46:08
23.129.64.212	attackspambots	Aug 27 02:12:32 mout sshd[22954]: Failed password for sshd from 23.129.64.212 port 57570 ssh2 Aug 27 02:12:35 mout sshd[22954]: Failed password for sshd from 23.129.64.212 port 57570 ssh2 Aug 27 02:12:37 mout sshd[22954]: Failed password for sshd from 23.129.64.212 port 57570 ssh2	2019-08-27 08:27:55
134.175.59.235	attackspambots	Aug 27 02:47:25 eventyay sshd[11766]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.59.235 Aug 27 02:47:27 eventyay sshd[11766]: Failed password for invalid user apps from 134.175.59.235 port 49977 ssh2 Aug 27 02:52:02 eventyay sshd[11862]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.59.235 ...	2019-08-27 09:03:09
176.214.81.217	attackbots	Aug 27 00:25:42 hcbbdb sshd\[4466\]: Invalid user ttest from 176.214.81.217 Aug 27 00:25:42 hcbbdb sshd\[4466\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=176.214.81.217 Aug 27 00:25:44 hcbbdb sshd\[4466\]: Failed password for invalid user ttest from 176.214.81.217 port 40619 ssh2 Aug 27 00:29:42 hcbbdb sshd\[4869\]: Invalid user vnc from 176.214.81.217 Aug 27 00:29:42 hcbbdb sshd\[4869\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=176.214.81.217	2019-08-27 08:32:26
113.69.26.72	attackspambots	Unauthorised access (Aug 27) SRC=113.69.26.72 LEN=40 TTL=49 ID=39445 TCP DPT=23 WINDOW=41384 SYN	2019-08-27 08:26:28
173.239.37.152	attackbots	Aug 27 02:44:23 minden010 sshd[22692]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=173.239.37.152 Aug 27 02:44:25 minden010 sshd[22692]: Failed password for invalid user karika from 173.239.37.152 port 38958 ssh2 Aug 27 02:48:25 minden010 sshd[24294]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=173.239.37.152 ...	2019-08-27 08:54:12
111.122.181.250	attackspambots	Aug 26 19:34:03 aat-srv002 sshd[30332]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.122.181.250 Aug 26 19:34:04 aat-srv002 sshd[30332]: Failed password for invalid user odoo from 111.122.181.250 port 2091 ssh2 Aug 26 19:37:12 aat-srv002 sshd[30420]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.122.181.250 Aug 26 19:37:13 aat-srv002 sshd[30420]: Failed password for invalid user testserver from 111.122.181.250 port 2092 ssh2 ...	2019-08-27 08:46:47
164.132.205.21	attackspam	Aug 27 02:24:47 vps691689 sshd[17282]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.132.205.21 Aug 27 02:24:49 vps691689 sshd[17282]: Failed password for invalid user at from 164.132.205.21 port 51088 ssh2 Aug 27 02:28:41 vps691689 sshd[17357]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.132.205.21 ...	2019-08-27 08:39:31
112.196.181.68	attackspam	2019-08-27 00:24:09 H=([112.196.181.68]) [112.196.181.68]:14551 I=[10.100.18.21]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=112.196.181.68) 2019-08-27 00:24:13 unexpected disconnection while reading SMTP command from ([112.196.181.68]) [112.196.181.68]:14551 I=[10.100.18.21]:25 (error: Connection reset by peer) 2019-08-27 01:29:25 H=([112.196.181.68]) [112.196.181.68]:13560 I=[10.100.18.21]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=112.196.181.68) ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=112.196.181.68	2019-08-27 08:38:04
177.23.90.10	attackbotsspam	Aug 27 01:41:09 debian sshd\[17638\]: Invalid user jason from 177.23.90.10 port 53938 Aug 27 01:41:09 debian sshd\[17638\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.23.90.10 ...	2019-08-27 08:43:06
114.43.29.46	attackspam	Telnet Server BruteForce Attack	2019-08-27 09:10:12
119.29.58.239	attack	Aug 27 02:44:26 MK-Soft-Root2 sshd\[1762\]: Invalid user helpdesk from 119.29.58.239 port 59031 Aug 27 02:44:26 MK-Soft-Root2 sshd\[1762\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.58.239 Aug 27 02:44:29 MK-Soft-Root2 sshd\[1762\]: Failed password for invalid user helpdesk from 119.29.58.239 port 59031 ssh2 ...	2019-08-27 09:03:31
77.247.181.162	attack	Aug 27 00:29:35 thevastnessof sshd[15652]: Failed password for sshd from 77.247.181.162 port 52088 ssh2 ...	2019-08-27 08:37:18
194.165.31.30	attackbots	[portscan] Port scan	2019-08-27 08:30:36
106.12.15.230	attackbots	2019-08-27T00:43:13.101412abusebot.cloudsearch.cf sshd\[15858\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.15.230 user=root	2019-08-27 09:08:33

Recently Reported IPs

104.111.119.81	77.221.146.10	49.206.112.238	126.67.134.73
77.8.120.122	156.219.88.32	35.171.103.139	45.232.77.175
182.180.77.185	186.201.214.162	183.21.186.242	210.227.21.44
181.88.178.218	38.216.229.100	123.16.155.54	126.171.143.108
41.55.16.45	117.79.80.90	102.165.36.185	68.57.170.28