City: unknown
Region: unknown
Country: United Kingdom
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See https://docs.db.ripe.net/terms-conditions.html
% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.
% Information related to '195.96.139.0 - 195.96.139.255'
% Abuse contact for '195.96.139.0 - 195.96.139.255' is 'network-abuse@driftnet.io'
inetnum: 195.96.139.0 - 195.96.139.255
netname: UK-DRIFTNET-20260127
remarks: +-----------------------------------------------------------
remarks: | This IP range is not attacking your network.
remarks: | Visit https://internet-measurement.com for more details.
remarks: | View data collected at https://driftnet.io.
remarks: +-----------------------------------------------------------
country: GB
org: ORG-DL595-RIPE
admin-c: DH9005-RIPE
tech-c: DH9005-RIPE
status: ALLOCATED PA
mnt-by: lir-uk-driftnet-1-MNT
mnt-by: RIPE-NCC-HM-MNT
created: 2026-01-27T15:37:46Z
last-modified: 2026-05-12T14:16:48Z
source: RIPE
organisation: ORG-DL595-RIPE
org-name: Driftnet Ltd
remarks: +-----------------------------------------------------------
remarks: | We are not attacking your network.
remarks: | Visit https://internet-measurement.com for more details.
remarks: | View data collected at https://driftnet.io.
remarks: +-----------------------------------------------------------
country: GB
reg-nr: 15588031
org-type: LIR
address: 1140 Avenue of the Americas, 19th Floor
address: 10036
address: New York
address: UNITED STATES
phone: +442037450350
admin-c: DH9005-RIPE
tech-c: DH9005-RIPE
abuse-c: AR77106-RIPE
mnt-ref: lir-uk-driftnet-1-MNT
mnt-by: RIPE-NCC-HM-MNT
mnt-by: lir-uk-driftnet-1-MNT
created: 2024-10-30T18:00:20Z
last-modified: 2026-06-02T10:02:58Z
source: RIPE # Filtered
role: Driftnet Hostmaster
remarks: +-----------------------------------------------------------
remarks: | We are not attacking your network.
remarks: | Visit https://internet-measurement.com for more details.
remarks: | View data collected at https://driftnet.io.
remarks: +-----------------------------------------------------------
address: 1140 Avenue of the Americas, 19th Floor
address: New York, NY 10036
address: UNITED STATES
phone: +442037450350
abuse-mailbox: network-abuse@driftnet.io
nic-hdl: DH9005-RIPE
mnt-by: lir-uk-driftnet-1-MNT
created: 2024-10-30T18:00:18Z
last-modified: 2026-06-02T10:04:23Z
source: RIPE # Filtered
% Information related to '195.96.139.0/24AS211298'
route: 195.96.139.0/24
origin: AS211298
created: 2026-05-12T14:06:44Z
last-modified: 2026-05-12T14:06:44Z
source: RIPE
mnt-by: lir-uk-driftnet-1-MNT
% This query was served by the RIPE Database Query Service version 1.122.1 (BUSA); <<>> DiG 9.10.3-P4-Ubuntu <<>> 195.96.139.14
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57154
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;195.96.139.14. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2026062901 1800 900 604800 86400
;; Query time: 10 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Jun 30 02:30:15 CST 2026
;; MSG SIZE rcvd: 10614.139.96.195.in-addr.arpa domain name pointer r5-14-e.monitoring.internet-measurement.com.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
14.139.96.195.in-addr.arpa name = r5-14-e.monitoring.internet-measurement.com.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 177.92.66.227 | attack | Jul 25 09:52:23 rocket sshd[21150]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.92.66.227 Jul 25 09:52:25 rocket sshd[21150]: Failed password for invalid user shaonan from 177.92.66.227 port 11363 ssh2 Jul 25 09:57:19 rocket sshd[21874]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.92.66.227 ... |
2020-07-25 17:08:37 |
| 156.96.155.3 | attackbots | [2020-07-25 05:00:32] NOTICE[1277][C-00003103] chan_sip.c: Call from '' (156.96.155.3:59556) to extension '00441235619357' rejected because extension not found in context 'public'. [2020-07-25 05:00:32] SECURITY[1295] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-07-25T05:00:32.709-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="00441235619357",SessionID="0x7f17545b1d48",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/156.96.155.3/59556",ACLName="no_extension_match" [2020-07-25 05:03:44] NOTICE[1277][C-00003107] chan_sip.c: Call from '' (156.96.155.3:60414) to extension '00441235619357' rejected because extension not found in context 'public'. [2020-07-25 05:03:44] SECURITY[1295] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-07-25T05:03:44.460-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="00441235619357",SessionID="0x7f1754742008",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/156.96. ... |
2020-07-25 17:17:54 |
| 142.93.34.237 | attack | Jul 25 09:59:04 server sshd[15155]: Failed password for invalid user vmuser from 142.93.34.237 port 46724 ssh2 Jul 25 10:03:20 server sshd[16701]: Failed password for invalid user alan from 142.93.34.237 port 59442 ssh2 Jul 25 10:07:43 server sshd[18401]: Failed password for invalid user yin from 142.93.34.237 port 43942 ssh2 |
2020-07-25 16:58:32 |
| 35.201.225.235 | attack | SSH Attack |
2020-07-25 17:09:58 |
| 106.51.80.198 | attackspam | Invalid user jike from 106.51.80.198 port 60354 |
2020-07-25 17:00:48 |
| 89.90.209.252 | attackspambots | (sshd) Failed SSH login from 89.90.209.252 (FR/France/static-qvn-qvd-209252.business.bouyguestelecom.com): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jul 25 09:25:31 grace sshd[23390]: Invalid user pos from 89.90.209.252 port 32958 Jul 25 09:25:33 grace sshd[23390]: Failed password for invalid user pos from 89.90.209.252 port 32958 ssh2 Jul 25 09:37:37 grace sshd[24930]: Invalid user test1 from 89.90.209.252 port 58620 Jul 25 09:37:39 grace sshd[24930]: Failed password for invalid user test1 from 89.90.209.252 port 58620 ssh2 Jul 25 09:41:36 grace sshd[25452]: Invalid user vivo from 89.90.209.252 port 43722 |
2020-07-25 17:01:06 |
| 66.249.76.158 | attack | MYH,DEF GET /news/wp-content/plugins/custom-background/uploadify/uploadify.php |
2020-07-25 17:24:06 |
| 198.46.152.196 | attackspam | Invalid user qb from 198.46.152.196 port 54456 |
2020-07-25 17:25:57 |
| 171.8.190.109 | attackbots | firewall-block, port(s): 445/tcp |
2020-07-25 17:22:46 |
| 220.130.10.13 | attack | $f2bV_matches |
2020-07-25 17:07:44 |
| 49.233.148.2 | attack | Jul 25 11:18:31 OPSO sshd\[22604\]: Invalid user kye from 49.233.148.2 port 43706 Jul 25 11:18:31 OPSO sshd\[22604\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.148.2 Jul 25 11:18:33 OPSO sshd\[22604\]: Failed password for invalid user kye from 49.233.148.2 port 43706 ssh2 Jul 25 11:22:45 OPSO sshd\[23297\]: Invalid user zz from 49.233.148.2 port 59990 Jul 25 11:22:45 OPSO sshd\[23297\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.148.2 |
2020-07-25 17:24:38 |
| 24.1.32.78 | attackbots | Jul 25 13:50:36 web1 sshd[30395]: Invalid user admin from 24.1.32.78 port 48544 Jul 25 13:50:37 web1 sshd[30395]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=24.1.32.78 Jul 25 13:50:36 web1 sshd[30395]: Invalid user admin from 24.1.32.78 port 48544 Jul 25 13:50:39 web1 sshd[30395]: Failed password for invalid user admin from 24.1.32.78 port 48544 ssh2 Jul 25 13:50:41 web1 sshd[30421]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=24.1.32.78 user=root Jul 25 13:50:43 web1 sshd[30421]: Failed password for root from 24.1.32.78 port 48712 ssh2 Jul 25 13:50:44 web1 sshd[30441]: Invalid user admin from 24.1.32.78 port 48790 Jul 25 13:50:45 web1 sshd[30441]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=24.1.32.78 Jul 25 13:50:44 web1 sshd[30441]: Invalid user admin from 24.1.32.78 port 48790 Jul 25 13:50:47 web1 sshd[30441]: Failed password for invalid user admin f ... |
2020-07-25 17:03:33 |
| 71.6.146.185 | attack | Unauthorized connection attempt detected from IP address 71.6.146.185 to port 5984 |
2020-07-25 16:53:16 |
| 169.159.130.225 | attack | 2020-07-25T04:52:58.0264021495-001 sshd[21394]: Invalid user admin from 169.159.130.225 port 34471 2020-07-25T04:53:00.0307331495-001 sshd[21394]: Failed password for invalid user admin from 169.159.130.225 port 34471 ssh2 2020-07-25T04:59:04.1090221495-001 sshd[21655]: Invalid user kshitiz from 169.159.130.225 port 35913 2020-07-25T04:59:04.1159001495-001 sshd[21655]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=169.159.130.225 2020-07-25T04:59:04.1090221495-001 sshd[21655]: Invalid user kshitiz from 169.159.130.225 port 35913 2020-07-25T04:59:05.3589941495-001 sshd[21655]: Failed password for invalid user kshitiz from 169.159.130.225 port 35913 ssh2 ... |
2020-07-25 17:22:59 |
| 42.236.10.70 | attack | Automated report (2020-07-25T12:53:43+08:00). Scraper detected at this address. |
2020-07-25 17:14:14 |