139.59.154.219

Basic Info

City: Frankfurt am Main

Region: Hesse

Country: Germany

Internet Service Provider: Digital Ocean Inc.

Hostname: unknown

Organization: DigitalOcean, LLC

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Apr 10 10:44:34 motanud sshd\[22429\]: Invalid user ubuntu from 139.59.154.219 port 49712 Apr 10 10:44:34 motanud sshd\[22429\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.154.219 Apr 10 10:44:36 motanud sshd\[22429\]: Failed password for invalid user ubuntu from 139.59.154.219 port 49712 ssh2	2019-08-11 05:23:17
attack	fire	2019-08-09 13:44:44
attackspambots	Apr 10 09:45:41 server sshd\[65960\]: Invalid user ubuntu from 139.59.154.219 Apr 10 09:45:41 server sshd\[65960\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.154.219 Apr 10 09:45:44 server sshd\[65960\]: Failed password for invalid user ubuntu from 139.59.154.219 port 51480 ssh2 ...	2019-07-12 07:28:47

Type

Details

Datetime

attack

Apr 10 10:44:34 motanud sshd\[22429\]: Invalid user ubuntu from 139.59.154.219 port 49712
Apr 10 10:44:34 motanud sshd\[22429\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.154.219
Apr 10 10:44:36 motanud sshd\[22429\]: Failed password for invalid user ubuntu from 139.59.154.219 port 49712 ssh2

2019-08-11 05:23:17

attack

fire

2019-08-09 13:44:44

attackspambots

Apr 10 09:45:41 server sshd\[65960\]: Invalid user ubuntu from 139.59.154.219
Apr 10 09:45:41 server sshd\[65960\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.154.219
Apr 10 09:45:44 server sshd\[65960\]: Failed password for invalid user ubuntu from 139.59.154.219 port 51480 ssh2
...

2019-07-12 07:28:47

Comments on same subnet:

IP	Type	Details	Datetime
139.59.154.31	attackspambots	Attempted connection to port 80.	2020-08-24 21:21:34

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.59.154.219
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 39029
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.59.154.219.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019040201 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Wed Apr 03 12:22:00 +08 2019
;; MSG SIZE  rcvd: 118

Host info

Host 219.154.59.139.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 219.154.59.139.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
113.173.213.73	attackspam	2020-04-2914:03:371jTlRB-0005Ec-5u\<=info@whatsup2013.chH=$localhost$[123.21.193.65]:51976P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=3051id=228137646f446e66faff49e502f6dcc07327ff@whatsup2013.chT="Youarefine"forchasejgamer1216@gmail.comzakariyemaxamuud316@gmail.com2020-04-2913:59:411jTlNK-0004jv-90\<=info@whatsup2013.chH=$localhost$[115.84.92.50]:35216P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=3215id=08ea5c0f042f050d9194228e699db7abd9d3b0@whatsup2013.chT="Angerlhereseekingwings."fordjnynasert@gmail.comemirebowen@gmail.com2020-04-2913:59:161jTlMx-0004hM-Pp\<=info@whatsup2013.chH=$localhost$[113.173.213.73]:41760P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=3199id=2781db8883a87d715613a5f602c5cfc3f03e9089@whatsup2013.chT="YouhavenewlikefromHiram"forsteve1966nce@gmail.comchiefnat68@gmail.com2020-04-2914:00:061jTlNl-0004mm-St\<=info@whatsup2013.chH=$localhost$[14	2020-04-29 21:00:30
222.252.22.228	attackspam	'IP reached maximum auth failures for a one day block'	2020-04-29 21:24:03
212.161.76.140	attack	[ssh] SSH attack	2020-04-29 21:32:32
123.21.193.65	attackbots	2020-04-2914:03:371jTlRB-0005Ec-5u\<=info@whatsup2013.chH=$localhost$[123.21.193.65]:51976P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=3051id=228137646f446e66faff49e502f6dcc07327ff@whatsup2013.chT="Youarefine"forchasejgamer1216@gmail.comzakariyemaxamuud316@gmail.com2020-04-2913:59:411jTlNK-0004jv-90\<=info@whatsup2013.chH=$localhost$[115.84.92.50]:35216P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=3215id=08ea5c0f042f050d9194228e699db7abd9d3b0@whatsup2013.chT="Angerlhereseekingwings."fordjnynasert@gmail.comemirebowen@gmail.com2020-04-2913:59:161jTlMx-0004hM-Pp\<=info@whatsup2013.chH=$localhost$[113.173.213.73]:41760P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=3199id=2781db8883a87d715613a5f602c5cfc3f03e9089@whatsup2013.chT="YouhavenewlikefromHiram"forsteve1966nce@gmail.comchiefnat68@gmail.com2020-04-2914:00:061jTlNl-0004mm-St\<=info@whatsup2013.chH=$localhost$[14	2020-04-29 21:04:45
222.186.31.83	attackbots	Apr 29 15:25:48 markkoudstaal sshd[24970]: Failed password for root from 222.186.31.83 port 32007 ssh2 Apr 29 15:25:56 markkoudstaal sshd[24992]: Failed password for root from 222.186.31.83 port 51170 ssh2	2020-04-29 21:28:44
112.85.42.188	attack	04/29/2020-09:08:47.924868 112.85.42.188 Protocol: 6 ET SCAN Potential SSH Scan	2020-04-29 21:11:10
58.87.66.249	attackspam	" "	2020-04-29 21:23:27
36.49.159.183	attackbots	$f2bV_matches	2020-04-29 21:18:14
70.113.11.186	attackbotsspam	diesunddas.net 70.113.11.186 [29/Apr/2020:14:03:05 +0200] "POST /wp-login.php HTTP/1.1" 200 8378 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" diesunddas.net 70.113.11.186 [29/Apr/2020:14:03:06 +0200] "POST /wp-login.php HTTP/1.1" 200 8378 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-04-29 21:36:42
176.9.4.106	attackspambots	20 attempts against mh-misbehave-ban on creek	2020-04-29 21:06:57
198.27.80.123	attack	198.27.80.123 - - [29/Apr/2020:15:24:44 +0200] "POST /wp-login.php HTTP/1.1" 200 5379 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" 198.27.80.123 - - [29/Apr/2020:15:25:13 +0200] "POST /wp-login.php HTTP/1.1" 200 5379 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" 198.27.80.123 - - [29/Apr/2020:15:25:35 +0200] "POST /wp-login.php HTTP/1.1" 200 5379 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" 198.27.80.123 - - [29/Apr/2020:15:25:39 +0200] "POST /wp-login.php HTTP/1.1" 200 5379 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" 198.27.80.123 - - [29/Apr/2020:15:25:56 +0200] "POST /wp-login.php HTTP/1.1" 200 5379 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safar ...	2020-04-29 21:37:29
103.248.116.58	attack	Apr 29 12:25:11 localhost sshd[128430]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.248.116.58 user=root Apr 29 12:25:13 localhost sshd[128430]: Failed password for root from 103.248.116.58 port 49632 ssh2 Apr 29 12:30:05 localhost sshd[129061]: Invalid user support1 from 103.248.116.58 port 32962 Apr 29 12:30:05 localhost sshd[129061]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.248.116.58 Apr 29 12:30:05 localhost sshd[129061]: Invalid user support1 from 103.248.116.58 port 32962 Apr 29 12:30:07 localhost sshd[129061]: Failed password for invalid user support1 from 103.248.116.58 port 32962 ssh2 ...	2020-04-29 21:11:49
112.172.147.34	attack	Apr 29 15:13:03 ns392434 sshd[13427]: Invalid user resolve from 112.172.147.34 port 30025 Apr 29 15:13:03 ns392434 sshd[13427]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.172.147.34 Apr 29 15:13:03 ns392434 sshd[13427]: Invalid user resolve from 112.172.147.34 port 30025 Apr 29 15:13:04 ns392434 sshd[13427]: Failed password for invalid user resolve from 112.172.147.34 port 30025 ssh2 Apr 29 15:19:58 ns392434 sshd[13605]: Invalid user gpu from 112.172.147.34 port 17117 Apr 29 15:19:58 ns392434 sshd[13605]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.172.147.34 Apr 29 15:19:58 ns392434 sshd[13605]: Invalid user gpu from 112.172.147.34 port 17117 Apr 29 15:20:00 ns392434 sshd[13605]: Failed password for invalid user gpu from 112.172.147.34 port 17117 ssh2 Apr 29 15:24:34 ns392434 sshd[13845]: Invalid user remote from 112.172.147.34 port 29150	2020-04-29 21:41:41
106.12.55.131	attackspambots	$f2bV_matches	2020-04-29 21:40:48
132.145.163.127	attackspam	[Aegis] @ 2019-07-26 02:40:51 0100 -> Attempted Administrator Privilege Gain: ET SCAN LibSSH Based Frequent SSH Connections Likely BruteForce Attack	2020-04-29 21:31:42

Recently Reported IPs

139.162.123.29	125.164.133.87	51.38.238.237	118.213.8.197
91.140.242.1	139.162.212.214	92.118.161.9	52.196.227.95
182.253.8.131	78.101.86.240	58.187.66.136	206.189.222.38
139.5.85.26	35.193.213.203	150.109.52.125	200.74.119.211
13.229.252.149	118.34.37.145	54.66.254.39	42.117.215.132