IP address

Search at other sites:

.048139.59.150.60

Shodan(more info)

Passive DNS

IP blacklists

blocklist.de SSH

139.59.150.60 is listed on the blocklist.de SSH blacklist.

Description: Blocklist.de feed is a free and voluntary service provided<br>by a Fraud/Abuse-specialist. IPs performing SSH attacks.
Type of feed: primary (feed detail page)

Last checked at: 2025-12-01 17:05:00.600000
Was present on blacklist at: 2025-11-30 05:05, 2025-11-30 11:05, 2025-11-30 17:05, 2025-11-30 23:05, 2025-12-01 05:05, 2025-12-01 11:05, 2025-12-01 17:05

DataPlane SIP query

139.59.150.60 is listed on the DataPlane SIP query blacklist.

Description: DataPlane.org is a community-powered Internet data, feeds,<br>and measurement resource for operators, by operators. IP addresses that<br>has been seen initiating an unsolicited SIP OPTIONS query to a remote host.
Type of feed: primary (feed detail page)

Last checked at: 2025-12-07 19:10:01.209000
Was present on blacklist at: 2025-11-30 15:10, 2025-11-30 19:10, 2025-11-30 23:10, 2025-12-01 03:10, 2025-12-01 07:10, 2025-12-01 11:10, 2025-12-01 15:10, 2025-12-01 19:10, 2025-12-01 23:10, 2025-12-02 03:10, 2025-12-02 07:10, 2025-12-02 11:10, 2025-12-02 15:10, 2025-12-02 19:10, 2025-12-02 23:10, 2025-12-03 03:10, 2025-12-03 07:10, 2025-12-03 15:10, 2025-12-03 19:10, 2025-12-03 23:10, 2025-12-04 03:10, 2025-12-04 07:10, 2025-12-04 11:10, 2025-12-04 15:10, 2025-12-04 19:10, 2025-12-04 23:10, 2025-12-05 03:10, 2025-12-05 07:10, 2025-12-05 11:10, 2025-12-05 15:10, 2025-12-05 19:10, 2025-12-05 23:10, 2025-12-06 03:10, 2025-12-06 07:10, 2025-12-06 11:10, 2025-12-06 15:10, 2025-12-06 19:10, 2025-12-06 23:10, 2025-12-07 03:10, 2025-12-07 07:10, 2025-12-07 11:10, 2025-12-07 15:10, 2025-12-07 19:10

Turris greylist

139.59.150.60 is listed on the Turris greylist blacklist.

Description: Greylist is the output of the Turris research project by CZ.NIC,<br>which collects data of malicious IPs.
Type of feed: primary (feed detail page)

Last checked at: 2025-12-05 22:15:00.193000
Was present on blacklist at: 2025-12-01 22:15, 2025-12-02 22:15, 2025-12-03 22:15, 2025-12-04 22:15, 2025-12-05 22:15

DataPlane TELNET login

139.59.150.60 is listed on the DataPlane TELNET login blacklist.

Description: DataPlane.org is a community-powered Internet data, feeds,<br>and measurement resource for operators, by operators. IPs trying<br>an unsolicited login via TELNET password authentication.
Type of feed: primary (feed detail page)

Last checked at: 2025-12-10 19:10:03.956000
Was present on blacklist at: 2025-12-01 23:10, 2025-12-02 03:10, 2025-12-02 07:10, 2025-12-02 11:10, 2025-12-02 15:10, 2025-12-02 19:10, 2025-12-02 23:10, 2025-12-03 03:10, 2025-12-03 07:10, 2025-12-03 11:10, 2025-12-03 15:10, 2025-12-03 19:10, 2025-12-03 23:10, 2025-12-04 03:10, 2025-12-04 07:10, 2025-12-04 11:10, 2025-12-04 15:10, 2025-12-04 19:10, 2025-12-04 23:10, 2025-12-05 03:10, 2025-12-05 07:10, 2025-12-05 11:10, 2025-12-05 15:10, 2025-12-05 19:10, 2025-12-05 23:10, 2025-12-06 03:10, 2025-12-06 07:10, 2025-12-06 11:10, 2025-12-06 15:10, 2025-12-06 19:10, 2025-12-06 23:10, 2025-12-07 03:10, 2025-12-07 07:10, 2025-12-07 11:10, 2025-12-07 15:10, 2025-12-07 19:10, 2025-12-07 23:10, 2025-12-08 03:10, 2025-12-08 07:10, 2025-12-08 11:10, 2025-12-08 15:10, 2025-12-08 19:10, 2025-12-08 23:10, 2025-12-09 03:10, 2025-12-09 07:10, 2025-12-09 11:10, 2025-12-09 15:10, 2025-12-09 19:10, 2025-12-09 23:10, 2025-12-10 03:10, 2025-12-10 07:10, 2025-12-10 11:10, 2025-12-10 15:10, 2025-12-10 19:10

Spamhaus XBL CBL

139.59.150.60 was recently listed on the Spamhaus XBL CBL blacklist, but currently it is not.

Description: The Spamhaus Exploits Block List (XBL) is a realtime database of IP addresses of hijacked PCs infected by illegal 3rd party exploits, including open proxies, worms/viruses with built-in spam engines, and other types of trojan-horse exploits.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2025-12-14 04:18:20.090000
Was present on blacklist at: 2025-12-07 04:18

Warden events (152)

2025-12-08

ReconScanning (node.9c1411): 14

2025-12-07

ReconScanning (node.9c1411): 16

2025-12-06

ReconScanning (node.9c1411): 20

2025-12-05

ReconScanning (node.9c1411): 11

2025-12-04

ReconScanning (node.9c1411): 20

IntrusionUserCompromise (node.cfb4f7): 17

2025-12-03

ReconScanning (node.9c1411): 19

IntrusionUserCompromise (node.cfb4f7): 16

2025-12-02

ReconScanning (node.9c1411): 11

2025-12-01

IntrusionUserCompromise (node.cfb4f7): 5

2025-11-30

IntrusionUserCompromise (node.cfb4f7): 3

DShield reports (IP summary, reports)

2025-11-30

Number of reports: 27

Distinct targets: 3

2025-12-04

Number of reports: 10

Distinct targets: 3

Origin AS

AS14061 - DIGITALOCEAN-ASN

BGP Prefix

139.59.128.0/19

geo

Germany, Frankfurt am Main

🕑 Europe/Berlin

hostname

(null)

Address block ('inetnum' or 'NetRange' in whois database)

139.59.0.0 - 139.59.255.255

last_activity

2025-12-08 17:24:18

last_warden_event

2025-12-08 17:24:18

rep

0.0476153328305199

reserved_range

0

ts_added

2025-11-30 04:18:13.475000

ts_last_update

2025-12-18 04:18:20.065000

Warden event timeline

DShield event timeline

Presence on blacklists