City: Frankfurt am Main
Region: Hessen
Country: Germany
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
| IP | Type | Details | Datetime |
|---|---|---|---|
| 139.59.154.31 | attackspambots | Attempted connection to port 80. |
2020-08-24 21:21:34 |
| 139.59.154.219 | attack | Apr 10 10:44:34 motanud sshd\[22429\]: Invalid user ubuntu from 139.59.154.219 port 49712 Apr 10 10:44:34 motanud sshd\[22429\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.154.219 Apr 10 10:44:36 motanud sshd\[22429\]: Failed password for invalid user ubuntu from 139.59.154.219 port 49712 ssh2 |
2019-08-11 05:23:17 |
| 139.59.154.219 | attack | fire |
2019-08-09 13:44:44 |
| 139.59.154.219 | attackspambots | Apr 10 09:45:41 server sshd\[65960\]: Invalid user ubuntu from 139.59.154.219 Apr 10 09:45:41 server sshd\[65960\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.154.219 Apr 10 09:45:44 server sshd\[65960\]: Failed password for invalid user ubuntu from 139.59.154.219 port 51480 ssh2 ... |
2019-07-12 07:28:47 |
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#
NetRange: 139.59.0.0 - 139.59.255.255
CIDR: 139.59.0.0/16
NetName: APNIC-ERX-139-59-0-0
NetHandle: NET-139-59-0-0-1
Parent: NET139 (NET-139-0-0-0-0)
NetType: Early Registrations, Transferred to APNIC
OriginAS:
Organization: Asia Pacific Network Information Centre (APNIC)
RegDate: 2004-03-03
Updated: 2009-10-08
Comment: This IP address range is not registered in the ARIN database.
Comment: This range was transferred to the APNIC Whois Database as
Comment: part of the ERX (Early Registration Transfer) project.
Comment: For details, refer to the APNIC Whois Database via
Comment: WHOIS.APNIC.NET or http://wq.apnic.net/apnic-bin/whois.pl
Comment:
Comment: ** IMPORTANT NOTE: APNIC is the Regional Internet Registry
Comment: for the Asia Pacific region. APNIC does not operate networks
Comment: using this IP address range and is not able to investigate
Comment: spam or abuse reports relating to these addresses. For more
Comment: help, refer to http://www.apnic.net/apnic-info/whois_search2/abuse-and-spamming
Ref: https://rdap.arin.net/registry/ip/139.59.0.0
ResourceLink: https://apps.db.ripe.net/db-web-ui/query
ResourceLink: whois.apnic.net
OrgName: Asia Pacific Network Information Centre
OrgId: APNIC
Address: PO Box 3646
City: South Brisbane
StateProv: QLD
PostalCode: 4101
Country: AU
RegDate:
Updated: 2012-01-24
Ref: https://rdap.arin.net/registry/entity/APNIC
ReferralServer: whois://whois.apnic.net
ResourceLink: http://wq.apnic.net/whois-search/static/search.html
OrgAbuseHandle: AWC12-ARIN
OrgAbuseName: APNIC Whois Contact
OrgAbusePhone: +61 7 3858 3188
OrgAbuseEmail: search-apnic-not-arin@apnic.net
OrgAbuseRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
OrgTechHandle: AWC12-ARIN
OrgTechName: APNIC Whois Contact
OrgTechPhone: +61 7 3858 3188
OrgTechEmail: search-apnic-not-arin@apnic.net
OrgTechRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#
Found a referral to whois.apnic.net.
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
% Information related to '139.59.128.0 - 139.59.159.255'
% Abuse contact for '139.59.128.0 - 139.59.159.255' is 'abuse@digitalocean.com'
inetnum: 139.59.128.0 - 139.59.159.255
netname: DIGITALOCEAN-AP
descr: DigitalOcean, LLC
country: DE
admin-c: DOIA2-AP
tech-c: DOIA2-AP
abuse-c: AD699-AP
status: ASSIGNED NON-PORTABLE
mnt-by: MAINT-DIGITALOCEAN-AP
mnt-irt: IRT-DIGITALOCEAN-AP
last-modified: 2020-05-31T21:37:28Z
source: APNIC
irt: IRT-DIGITALOCEAN-AP
address: 105 Edgeview Drive, Suite 425, Broomfield, Colorado 80021
e-mail: noc@digitalocean.com
abuse-mailbox: abuse@digitalocean.com
admin-c: DOIA2-AP
tech-c: DOIA2-AP
auth: # Filtered
remarks: abuse@digitalocean.com was validated on 2026-03-19
remarks: noc@digitalocean.com was validated on 2026-03-25
mnt-by: MAINT-DIGITALOCEAN-AP
last-modified: 2026-03-25T17:24:46Z
source: APNIC
role: ABUSE DIGITALOCEANAP
country: ZZ
address: 105 Edgeview Drive, Suite 425, Broomfield, Colorado 80021
phone: +000000000
e-mail: noc@digitalocean.com
admin-c: DOIA2-AP
tech-c: DOIA2-AP
nic-hdl: AD699-AP
remarks: Generated from irt object IRT-DIGITALOCEAN-AP
remarks: abuse@digitalocean.com was validated on 2026-03-19
remarks: noc@digitalocean.com was validated on 2026-03-25
abuse-mailbox: abuse@digitalocean.com
mnt-by: APNIC-ABUSE
last-modified: 2026-03-25T17:25:11Z
source: APNIC
role: Digital Ocean Inc administrator
address: 105 Edgeview Drive, Suite 425, Broomfield, Colorado 80021
country: US
phone: +1 646-827-4366
fax-no: +1 646-827-4366
e-mail: abuse@digitalocean.com
admin-c: DOIA2-AP
tech-c: DOIA2-AP
nic-hdl: DOIA2-AP
mnt-by: MAINT-DIGITALOCEAN-AP
last-modified: 2025-04-11T18:24:27Z
source: APNIC
% This query was served by the APNIC Whois Service version 1.88.48 (WHOIS-AU4)
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.59.154.49
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 9566
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;139.59.154.49. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2026070400 1800 900 604800 86400
;; Query time: 8 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Jul 04 16:30:32 CST 2026
;; MSG SIZE rcvd: 106
Host 49.154.59.139.in-addr.arpa. not found: 3(NXDOMAIN)
Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 49.154.59.139.in-addr.arpa: NXDOMAIN
| IP | Type | Details | Datetime |
|---|---|---|---|
| 178.128.22.249 | attack | Automatic report - Banned IP Access |
2019-11-26 13:49:49 |
| 118.80.175.26 | attackbots | 23/tcp 23/tcp 23/tcp [2019-11-19/26]3pkt |
2019-11-26 14:18:23 |
| 112.85.42.72 | attackspambots | 2019-11-26T06:16:53.585224abusebot-8.cloudsearch.cf sshd\[31788\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.72 user=root |
2019-11-26 14:24:18 |
| 68.183.110.49 | attack | 2019-11-26T06:17:04.539152shield sshd\[1025\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.110.49 user=games 2019-11-26T06:17:06.649756shield sshd\[1025\]: Failed password for games from 68.183.110.49 port 35208 ssh2 2019-11-26T06:22:57.604200shield sshd\[2141\]: Invalid user christy from 68.183.110.49 port 43112 2019-11-26T06:22:57.608468shield sshd\[2141\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.110.49 2019-11-26T06:23:00.180529shield sshd\[2141\]: Failed password for invalid user christy from 68.183.110.49 port 43112 ssh2 |
2019-11-26 14:26:41 |
| 123.232.156.28 | attack | Nov 25 20:01:49 server sshd\[14622\]: Failed password for invalid user oracle from 123.232.156.28 port 43970 ssh2 Nov 26 03:40:25 server sshd\[4003\]: Invalid user zabbix from 123.232.156.28 Nov 26 03:40:25 server sshd\[4003\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.232.156.28 Nov 26 03:40:27 server sshd\[4003\]: Failed password for invalid user zabbix from 123.232.156.28 port 46250 ssh2 Nov 26 07:54:44 server sshd\[1665\]: Invalid user sysadmin from 123.232.156.28 Nov 26 07:54:44 server sshd\[1665\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.232.156.28 ... |
2019-11-26 13:48:37 |
| 121.126.161.117 | attackspam | 2019-11-26T06:03:41.585715shield sshd\[31693\]: Invalid user neddy from 121.126.161.117 port 54992 2019-11-26T06:03:41.590093shield sshd\[31693\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.126.161.117 2019-11-26T06:03:43.128754shield sshd\[31693\]: Failed password for invalid user neddy from 121.126.161.117 port 54992 ssh2 2019-11-26T06:11:17.304134shield sshd\[493\]: Invalid user hung from 121.126.161.117 port 33386 2019-11-26T06:11:17.308282shield sshd\[493\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.126.161.117 |
2019-11-26 14:22:39 |
| 159.203.193.41 | attack | Port scan: Attack repeated for 24 hours |
2019-11-26 13:58:37 |
| 37.187.17.58 | attackbots | Nov 25 23:40:13 dallas01 sshd[27558]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.187.17.58 Nov 25 23:40:15 dallas01 sshd[27558]: Failed password for invalid user admin from 37.187.17.58 port 60546 ssh2 Nov 25 23:49:07 dallas01 sshd[29698]: Failed password for root from 37.187.17.58 port 50612 ssh2 |
2019-11-26 14:04:42 |
| 190.39.34.33 | attack | 445/tcp 445/tcp 445/tcp [2019-10-22/11-26]3pkt |
2019-11-26 14:26:18 |
| 218.92.0.176 | attack | Nov 25 04:26:33 db01 sshd[18870]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.176 user=r.r Nov 25 04:26:35 db01 sshd[18870]: Failed password for r.r from 218.92.0.176 port 15720 ssh2 Nov 25 04:26:38 db01 sshd[18870]: Failed password for r.r from 218.92.0.176 port 15720 ssh2 Nov 25 04:26:42 db01 sshd[18870]: Failed password for r.r from 218.92.0.176 port 15720 ssh2 Nov 25 04:26:45 db01 sshd[18870]: Failed password for r.r from 218.92.0.176 port 15720 ssh2 Nov 25 04:26:48 db01 sshd[18870]: Failed password for r.r from 218.92.0.176 port 15720 ssh2 Nov 25 04:26:48 db01 sshd[18870]: PAM 4 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.176 user=r.r Nov 25 04:26:52 db01 sshd[18882]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.176 user=r.r Nov 25 04:26:54 db01 sshd[18882]: Failed password for r.r from 218.92.0.176 port 37497 ssh2 ........ ----------------------------------- |
2019-11-26 14:10:29 |
| 111.230.209.21 | attack | Nov 26 00:41:40 TORMINT sshd\[22380\]: Invalid user noacco from 111.230.209.21 Nov 26 00:41:40 TORMINT sshd\[22380\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.230.209.21 Nov 26 00:41:42 TORMINT sshd\[22380\]: Failed password for invalid user noacco from 111.230.209.21 port 51424 ssh2 ... |
2019-11-26 13:48:06 |
| 184.105.139.67 | attack | Portscan or hack attempt detected by psad/fwsnort |
2019-11-26 13:52:21 |
| 185.173.35.29 | attack | 88/tcp 3389/tcp 111/tcp... [2019-09-26/11-26]44pkt,31pt.(tcp),4pt.(udp) |
2019-11-26 14:05:41 |
| 106.52.52.230 | attackbotsspam | Nov 26 06:41:24 mail sshd[11592]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.52.230 Nov 26 06:41:26 mail sshd[11592]: Failed password for invalid user satis from 106.52.52.230 port 46802 ssh2 Nov 26 06:49:02 mail sshd[13138]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.52.230 |
2019-11-26 14:08:01 |
| 51.38.37.128 | attackbotsspam | Nov 26 06:13:51 localhost sshd\[113237\]: Invalid user webmaster from 51.38.37.128 port 52426 Nov 26 06:13:51 localhost sshd\[113237\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.37.128 Nov 26 06:13:54 localhost sshd\[113237\]: Failed password for invalid user webmaster from 51.38.37.128 port 52426 ssh2 Nov 26 06:17:02 localhost sshd\[113364\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.37.128 user=root Nov 26 06:17:05 localhost sshd\[113364\]: Failed password for root from 51.38.37.128 port 42278 ssh2 ... |
2019-11-26 14:20:22 |