139.59.154.31 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Germany

Internet Service Provider: Digital Ocean Inc.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Attempted connection to port 80.	2020-08-24 21:21:34

Comments on same subnet:

IP	Type	Details	Datetime
139.59.154.219	attack	Apr 10 10:44:34 motanud sshd\[22429\]: Invalid user ubuntu from 139.59.154.219 port 49712 Apr 10 10:44:34 motanud sshd\[22429\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.154.219 Apr 10 10:44:36 motanud sshd\[22429\]: Failed password for invalid user ubuntu from 139.59.154.219 port 49712 ssh2	2019-08-11 05:23:17
139.59.154.219	attack	fire	2019-08-09 13:44:44
139.59.154.219	attackspambots	Apr 10 09:45:41 server sshd\[65960\]: Invalid user ubuntu from 139.59.154.219 Apr 10 09:45:41 server sshd\[65960\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.154.219 Apr 10 09:45:44 server sshd\[65960\]: Failed password for invalid user ubuntu from 139.59.154.219 port 51480 ssh2 ...	2019-07-12 07:28:47

Type

Details

Datetime

139.59.154.219

attack

Apr 10 10:44:34 motanud sshd\[22429\]: Invalid user ubuntu from 139.59.154.219 port 49712
Apr 10 10:44:34 motanud sshd\[22429\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.154.219
Apr 10 10:44:36 motanud sshd\[22429\]: Failed password for invalid user ubuntu from 139.59.154.219 port 49712 ssh2

2019-08-11 05:23:17

139.59.154.219

attack

fire

2019-08-09 13:44:44

139.59.154.219

attackspambots

Apr 10 09:45:41 server sshd\[65960\]: Invalid user ubuntu from 139.59.154.219
Apr 10 09:45:41 server sshd\[65960\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.154.219
Apr 10 09:45:44 server sshd\[65960\]: Failed password for invalid user ubuntu from 139.59.154.219 port 51480 ssh2
...

2019-07-12 07:28:47

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.59.154.31
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 14635
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.59.154.31.			IN	A

;; AUTHORITY SECTION:
.			429	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020082400 1800 900 604800 86400

;; Query time: 70 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Aug 24 21:21:29 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 31.154.59.139.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 31.154.59.139.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
188.166.215.46	attackbotsspam	WordPress login Brute force / Web App Attack on client site.	2019-07-04 20:47:13
67.21.36.5	attack	04.07.2019 13:17:58 Connection to port 11211 blocked by firewall	2019-07-04 21:22:49
108.161.131.203	attackspam	$f2bV_matches	2019-07-04 21:09:54
157.230.235.233	attackspambots	Jul 4 13:53:29 mail sshd\[7814\]: Invalid user ftpuser from 157.230.235.233 port 47938 Jul 4 13:53:29 mail sshd\[7814\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.235.233 ...	2019-07-04 21:09:02
31.145.96.94	attackbotsspam	Absender hat Spam-Falle ausgel?st	2019-07-04 20:43:31
186.31.37.202	attack	Jul 4 15:14:32 dedicated sshd[30091]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.31.37.202 user=root Jul 4 15:14:34 dedicated sshd[30091]: Failed password for root from 186.31.37.202 port 45819 ssh2 Jul 4 15:17:44 dedicated sshd[30394]: Invalid user marketing from 186.31.37.202 port 45715 Jul 4 15:17:44 dedicated sshd[30394]: Invalid user marketing from 186.31.37.202 port 45715	2019-07-04 21:27:29
157.39.214.143	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-03 09:03:22,857 INFO [shellcode_manager] (157.39.214.143) no match, writing hexdump (d2e242e3fc1d667529dd89b330593dbb :2207130) - MS17010 (EternalBlue)	2019-07-04 21:18:38
188.140.113.118	attackbotsspam	2019-07-04 06:52:25 unexpected disconnection while reading SMTP command from ([188.140.113.118]) [188.140.113.118]:23350 I=[10.100.18.25]:25 (error: Connection reset by peer) 2019-07-04 06:53:51 unexpected disconnection while reading SMTP command from ([188.140.113.118]) [188.140.113.118]:38831 I=[10.100.18.25]:25 (error: Connection reset by peer) 2019-07-04 07:53:51 unexpected disconnection while reading SMTP command from ([188.140.113.118]) [188.140.113.118]:5185 I=[10.100.18.25]:25 (error: Connection reset by peer) ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=188.140.113.118	2019-07-04 21:05:09
46.101.126.38	attackspam	04.07.2019 08:06:54 - Wordpress fail Detected by ELinOX-ALM	2019-07-04 20:53:48
89.244.121.154	attackspambots	Jul 4 01:53:24 eola sshd[8003]: Invalid user pi from 89.244.121.154 port 33546 Jul 4 01:53:25 eola sshd[8003]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.244.121.154 Jul 4 01:53:25 eola sshd[8005]: Invalid user pi from 89.244.121.154 port 33550 Jul 4 01:53:25 eola sshd[8005]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.244.121.154 Jul 4 01:53:26 eola sshd[8003]: Failed password for invalid user pi from 89.244.121.154 port 33546 ssh2 Jul 4 01:53:27 eola sshd[8003]: Connection closed by 89.244.121.154 port 33546 [preauth] Jul 4 01:53:27 eola sshd[8005]: Failed password for invalid user pi from 89.244.121.154 port 33550 ssh2 Jul 4 01:53:27 eola sshd[8005]: Connection closed by 89.244.121.154 port 33550 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=89.244.121.154	2019-07-04 21:01:59
103.75.166.121	attackbotsspam	TCP port 8080 (HTTP) attempt blocked by firewall. [2019-07-04 15:16:55]	2019-07-04 21:21:09
46.180.95.98	attackbots	Absender hat Spam-Falle ausgel?st	2019-07-04 20:39:34
128.199.205.52	attackbotsspam	www.handydirektreparatur.de 128.199.205.52 \[04/Jul/2019:15:18:00 +0200\] "POST /wp-login.php HTTP/1.1" 200 5667 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" www.handydirektreparatur.de 128.199.205.52 \[04/Jul/2019:15:18:01 +0200\] "POST /xmlrpc.php HTTP/1.1" 200 4116 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2019-07-04 21:20:00
189.164.185.190	attackspam	3389BruteforceFW22	2019-07-04 21:29:37
213.148.213.99	attackspam	Jul 4 12:55:52 minden010 sshd[13802]: Failed password for nagios from 213.148.213.99 port 38062 ssh2 Jul 4 12:58:10 minden010 sshd[14582]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.148.213.99 Jul 4 12:58:12 minden010 sshd[14582]: Failed password for invalid user admin from 213.148.213.99 port 35212 ssh2 ...	2019-07-04 21:06:50

Recently Reported IPs

188.166.2.68	190.199.33.226	161.35.24.85	14.163.57.102
134.209.89.139	212.98.190.145	101.20.124.183	175.7.196.228
179.43.160.234	61.144.20.193	29.95.101.92	195.246.46.124
188.113.141.70	106.53.30.222	195.181.166.140	161.47.70.199
173.246.86.52	103.136.66.31	103.114.208.198	24.235.156.11