City: Slough
Region: England
Country: United Kingdom
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#
NetRange: 139.59.0.0 - 139.59.255.255
CIDR: 139.59.0.0/16
NetName: APNIC-ERX-139-59-0-0
NetHandle: NET-139-59-0-0-1
Parent: NET139 (NET-139-0-0-0-0)
NetType: Early Registrations, Transferred to APNIC
OriginAS:
Organization: Asia Pacific Network Information Centre (APNIC)
RegDate: 2004-03-03
Updated: 2009-10-08
Comment: This IP address range is not registered in the ARIN database.
Comment: This range was transferred to the APNIC Whois Database as
Comment: part of the ERX (Early Registration Transfer) project.
Comment: For details, refer to the APNIC Whois Database via
Comment: WHOIS.APNIC.NET or http://wq.apnic.net/apnic-bin/whois.pl
Comment:
Comment: ** IMPORTANT NOTE: APNIC is the Regional Internet Registry
Comment: for the Asia Pacific region. APNIC does not operate networks
Comment: using this IP address range and is not able to investigate
Comment: spam or abuse reports relating to these addresses. For more
Comment: help, refer to http://www.apnic.net/apnic-info/whois_search2/abuse-and-spamming
Ref: https://rdap.arin.net/registry/ip/139.59.0.0
ResourceLink: https://apps.db.ripe.net/db-web-ui/query
ResourceLink: whois.apnic.net
OrgName: Asia Pacific Network Information Centre
OrgId: APNIC
Address: PO Box 3646
City: South Brisbane
StateProv: QLD
PostalCode: 4101
Country: AU
RegDate:
Updated: 2012-01-24
Ref: https://rdap.arin.net/registry/entity/APNIC
ReferralServer: whois://whois.apnic.net
ResourceLink: http://wq.apnic.net/whois-search/static/search.html
OrgAbuseHandle: AWC12-ARIN
OrgAbuseName: APNIC Whois Contact
OrgAbusePhone: +61 7 3858 3188
OrgAbuseEmail: search-apnic-not-arin@apnic.net
OrgAbuseRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
OrgTechHandle: AWC12-ARIN
OrgTechName: APNIC Whois Contact
OrgTechPhone: +61 7 3858 3188
OrgTechEmail: search-apnic-not-arin@apnic.net
OrgTechRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#
Found a referral to whois.apnic.net.
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
% Information related to '139.59.160.0 - 139.59.175.255'
% Abuse contact for '139.59.160.0 - 139.59.175.255' is 'abuse@digitalocean.com'
inetnum: 139.59.160.0 - 139.59.175.255
netname: DIGITALOCEAN-AP
descr: DigitalOcean, LLC
country: GB
admin-c: DOIA2-AP
tech-c: DOIA2-AP
abuse-c: AD699-AP
status: ASSIGNED NON-PORTABLE
mnt-by: MAINT-DIGITALOCEAN-AP
mnt-irt: IRT-DIGITALOCEAN-AP
last-modified: 2020-05-31T21:38:29Z
source: APNIC
irt: IRT-DIGITALOCEAN-AP
address: 105 Edgeview Drive, Suite 425, Broomfield, Colorado 80021
e-mail: noc@digitalocean.com
abuse-mailbox: abuse@digitalocean.com
admin-c: DOIA2-AP
tech-c: DOIA2-AP
auth: # Filtered
remarks: abuse@digitalocean.com was validated on 2026-03-19
remarks: noc@digitalocean.com was validated on 2026-03-25
mnt-by: MAINT-DIGITALOCEAN-AP
last-modified: 2026-03-25T17:24:46Z
source: APNIC
role: ABUSE DIGITALOCEANAP
country: ZZ
address: 105 Edgeview Drive, Suite 425, Broomfield, Colorado 80021
phone: +000000000
e-mail: noc@digitalocean.com
admin-c: DOIA2-AP
tech-c: DOIA2-AP
nic-hdl: AD699-AP
remarks: Generated from irt object IRT-DIGITALOCEAN-AP
remarks: abuse@digitalocean.com was validated on 2026-03-19
remarks: noc@digitalocean.com was validated on 2026-03-25
abuse-mailbox: abuse@digitalocean.com
mnt-by: APNIC-ABUSE
last-modified: 2026-03-25T17:25:11Z
source: APNIC
role: Digital Ocean Inc administrator
address: 105 Edgeview Drive, Suite 425, Broomfield, Colorado 80021
country: US
phone: +1 646-827-4366
fax-no: +1 646-827-4366
e-mail: abuse@digitalocean.com
admin-c: DOIA2-AP
tech-c: DOIA2-AP
nic-hdl: DOIA2-AP
mnt-by: MAINT-DIGITALOCEAN-AP
last-modified: 2025-04-11T18:24:27Z
source: APNIC
% This query was served by the APNIC Whois Service version 1.88.48 (WHOIS-AU4); <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.59.166.51
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 52286
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;139.59.166.51. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2026053101 1800 900 604800 86400
;; Query time: 26 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jun 01 11:30:21 CST 2026
;; MSG SIZE rcvd: 106Host 51.166.59.139.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 51.166.59.139.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 113.178.33.94 | attackbotsspam | 2020-02-0901:44:591j0aiZ-0004mj-3q\<=verena@rs-solution.chH=static-170-246-152-4.ideay.net.ni\(localhost\)[170.246.152.4]:39920P=esmtpsaX=TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:verena@rs-solution.chS=2305id=CACF792A21F5DB68B4B1F840B4EFCA03@rs-solution.chT="Ihopeyouareadecentperson"forlabanwillymwaijibe2015@gmail.com2020-02-0901:45:331j0aj6-00052T-H1\<=verena@rs-solution.chH=\(localhost\)[113.172.132.138]:48870P=esmtpsaX=TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:verena@rs-solution.chS=2095id=7E7BCD9E95416FDC00054CF400D04DB4@rs-solution.chT="Ihopeyouareadecentperson"forguruprasad.gym@gmail.com2020-02-0901:46:151j0ajn-00054V-0g\<=verena@rs-solution.chH=\(localhost\)[113.172.230.198]:51953P=esmtpsaX=TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:verena@rs-solution.chS=2179id=FDF84E1D16C2EC5F8386CF7783F3990C@rs-solution.chT="curiositysake"forhuntercogar9@gmail.com2020-02-0901:45:541j0ajR-00053O-2H\<=verena@rs-solution.chH=\(localhost\)[113.178.33.94]:34233P |
2020-02-09 10:15:31 |
| fe80::42:acff:fe11:2b | attack | Port scan |
2020-02-09 10:38:24 |
| 37.59.48.181 | attackspam | Feb 2 23:35:31 HOST sshd[11421]: Failed password for invalid user clamav from 37.59.48.181 port 33714 ssh2 Feb 2 23:35:31 HOST sshd[11421]: Received disconnect from 37.59.48.181: 11: Bye Bye [preauth] Feb 2 23:40:11 HOST sshd[11724]: Failed password for invalid user teamspeak1 from 37.59.48.181 port 41004 ssh2 Feb 2 23:40:11 HOST sshd[11724]: Received disconnect from 37.59.48.181: 11: Bye Bye [preauth] Feb 2 23:41:46 HOST sshd[11790]: Failed password for invalid user saverio from 37.59.48.181 port 58668 ssh2 Feb 2 23:41:46 HOST sshd[11790]: Received disconnect from 37.59.48.181: 11: Bye Bye [preauth] Feb 3 00:43:53 HOST sshd[15202]: Failed password for invalid user rtrichardson from 37.59.48.181 port 39794 ssh2 Feb 3 00:43:53 HOST sshd[15202]: Received disconnect from 37.59.48.181: 11: Bye Bye [preauth] Feb 3 00:45:40 HOST sshd[15243]: Failed password for invalid user kong from 37.59.48.181 port 57630 ssh2 Feb 3 00:45:40 HOST sshd[15243]: Received disconnect f........ ------------------------------- |
2020-02-09 10:11:00 |
| 112.85.42.174 | attackspambots | Feb 9 03:18:29 MK-Soft-Root2 sshd[18483]: Failed password for root from 112.85.42.174 port 29729 ssh2 Feb 9 03:18:34 MK-Soft-Root2 sshd[18483]: Failed password for root from 112.85.42.174 port 29729 ssh2 ... |
2020-02-09 10:24:22 |
| 112.5.172.26 | attack | Feb 3 02:19:00 cumulus sshd[3943]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.5.172.26 user=r.r Feb 3 02:19:02 cumulus sshd[3943]: Failed password for r.r from 112.5.172.26 port 55892 ssh2 Feb 3 02:19:02 cumulus sshd[3943]: Received disconnect from 112.5.172.26 port 55892:11: Bye Bye [preauth] Feb 3 02:19:02 cumulus sshd[3943]: Disconnected from 112.5.172.26 port 55892 [preauth] Feb 3 02:47:16 cumulus sshd[4888]: Invalid user spierson from 112.5.172.26 port 34063 Feb 3 02:47:16 cumulus sshd[4888]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.5.172.26 Feb 3 02:47:19 cumulus sshd[4888]: Failed password for invalid user spierson from 112.5.172.26 port 34063 ssh2 Feb 3 02:47:20 cumulus sshd[4888]: Received disconnect from 112.5.172.26 port 34063:11: Bye Bye [preauth] Feb 3 02:47:20 cumulus sshd[4888]: Disconnected from 112.5.172.26 port 34063 [preauth] Feb 3 02:57:31 c........ ------------------------------- |
2020-02-09 10:23:51 |
| 49.233.148.2 | attackspam | Feb 9 01:46:05 serwer sshd\[22967\]: Invalid user fez from 49.233.148.2 port 45828 Feb 9 01:46:05 serwer sshd\[22967\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.148.2 Feb 9 01:46:07 serwer sshd\[22967\]: Failed password for invalid user fez from 49.233.148.2 port 45828 ssh2 ... |
2020-02-09 10:05:12 |
| 202.108.140.114 | attackbotsspam | Port probing on unauthorized port 1433 |
2020-02-09 10:20:23 |
| 191.252.177.60 | attackspam | Feb 8 15:35:19 auw2 sshd\[28477\]: Invalid user teamspeackserver from 191.252.177.60 Feb 8 15:35:19 auw2 sshd\[28477\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=vps14574.publiccloud.com.br Feb 8 15:35:21 auw2 sshd\[28477\]: Failed password for invalid user teamspeackserver from 191.252.177.60 port 45486 ssh2 Feb 8 15:36:23 auw2 sshd\[28576\]: Invalid user teamspeackserver from 191.252.177.60 Feb 8 15:36:23 auw2 sshd\[28576\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=vps14574.publiccloud.com.br |
2020-02-09 10:38:40 |
| 111.12.90.43 | attackbotsspam | Feb 8 22:52:04 firewall sshd[19787]: Invalid user tia from 111.12.90.43 Feb 8 22:52:06 firewall sshd[19787]: Failed password for invalid user tia from 111.12.90.43 port 47388 ssh2 Feb 8 22:56:06 firewall sshd[19936]: Invalid user fae from 111.12.90.43 ... |
2020-02-09 09:59:38 |
| 181.48.139.118 | attack | Feb 9 01:46:11 MK-Soft-VM6 sshd[11493]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.48.139.118 Feb 9 01:46:13 MK-Soft-VM6 sshd[11493]: Failed password for invalid user rrm from 181.48.139.118 port 58258 ssh2 ... |
2020-02-09 10:19:10 |
| 218.92.0.178 | attack | Feb 8 23:01:02 firewall sshd[20118]: Failed password for root from 218.92.0.178 port 27860 ssh2 Feb 8 23:01:12 firewall sshd[20118]: error: maximum authentication attempts exceeded for root from 218.92.0.178 port 27860 ssh2 [preauth] Feb 8 23:01:12 firewall sshd[20118]: Disconnecting: Too many authentication failures [preauth] ... |
2020-02-09 10:09:03 |
| 80.82.77.243 | attackspam | Feb 9 02:53:34 debian-2gb-nbg1-2 kernel: \[3472452.496323\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=80.82.77.243 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=27826 PROTO=TCP SPT=56286 DPT=25538 WINDOW=1024 RES=0x00 SYN URGP=0 |
2020-02-09 10:02:38 |
| 118.70.117.156 | attackspam | detected by Fail2Ban |
2020-02-09 10:25:16 |
| 49.233.189.161 | attackspam | Automatic report - SSH Brute-Force Attack |
2020-02-09 10:11:29 |
| 90.84.244.157 | attack | Feb 9 02:25:28 haigwepa sshd[21337]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=90.84.244.157 Feb 9 02:25:30 haigwepa sshd[21337]: Failed password for invalid user puj from 90.84.244.157 port 59914 ssh2 ... |
2020-02-09 10:22:18 |