AbuseIPDB » 139.59.132.8

139.59.132.8 was found in our database!

This IP was reported 3,295 times. Confidence of Abuse is 100%: ?

100%

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Hostname(s)	a113ac0491.scan.leakix.org
Domain Name	digitalocean.com
Country	Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated biweekly.

Report 139.59.132.8

Whois 139.59.132.8

IP Abuse Reports for 139.59.132.8:

This IP address has been reported a total of 3,295 times from 500 distinct sources. 139.59.132.8 was first reported on March 7th 2021, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp in UTC	Comment	Categories
dtorrer	2025-04-30 21:05:20 (1 hour ago)	General vulnerability scan.	Port Scan
oh.mg	2025-04-30 19:31:31 (3 hours ago)	[Wed Apr 30 21:31:24.753164 2025] [security2:error] [pid 1154111:tid 1154149] [client 139.59.132.8:5 ... show more[Wed Apr 30 21:31:24.753164 2025] [security2:error] [pid 1154111:tid 1154149] [client 139.59.132.8:53018] [client 139.59.132.8] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:blocking_inbound_anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "233"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [ver "OWASP_CRS/4.10.0-dev"] [tag "anomaly-evaluation"] [tag "OWASP_CRS"] [hostname "mmn.eco"] [uri "/.vscode/sftp.json"] [unique_id "aBJ6jCo9-FlOmvTcL-gPVgAAAEU"] [Wed Apr 30 21:31:25.747242 2025] [security2:error] [pid 1154104:tid 1154132] [client 139.59.132.8:53084] [client 139.59.132.8] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:blocking_inbound_anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "233"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [ver "OWASP_CRS/4.10.0-dev"] [ta ... show less	Bad Web Bot Web App Attack
2000cn.com.au	2025-04-30 14:28:16 (8 hours ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-probing	Hacking Web App Attack
mashamal	2025-04-30 09:29:16 (13 hours ago)	Vulnerability Probe ...	Web App Attack
SecondEdge	2025-04-30 04:52:32 (18 hours ago)	A web attack was detected from 139.59.132.8 (Germany / Hesse / Frankfurt am Main) against hf.second- ... show moreA web attack was detected from 139.59.132.8 (Germany / Hesse / Frankfurt am Main) against hf.second-edge.com (Git Variable Scan,SFTP Credential Exposure,Spring Boot Actuator RCE) over 3s. show less	Web App Attack
StatsMe	2025-04-30 03:47:57 (19 hours ago)	2025-04-29T17:44:48.441995+0300 ET SCAN NMAP -sS window 1024	Port Scan
Site.eu	2025-04-30 03:25:18 (19 hours ago)	Excessive multi-domain requests	Brute-Force
qtland Cloud Inc.	2025-04-29 21:29:11 (1 day ago)	2025-04-29T22:29:09.229239+01:00 as-southeast-dxn1 sshd[3745871]: error: kex_exchange_identification ... show more2025-04-29T22:29:09.229239+01:00 as-southeast-dxn1 sshd[3745871]: error: kex_exchange_identification: client sent invalid protocol identifier "GET / HTTP/1.1" 2025-04-29T22:29:09.229293+01:00 as-southeast-dxn1 sshd[3745871]: banner exchange: Connection from 139.59.132.8 port 57432: invalid format 2025-04-29T22:29:10.278094+01:00 as-southeast-dxn1 sshd[3745872]: Connection reset by authenticating user root 139.59.132.8 port 57448 [preauth] ... show less	Brute-Force SSH
masterguru	2025-04-29 19:54:29 (1 day ago)	BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (110 ... show moreBAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (1100000-123) show less	Bad Web Bot
zumbo.net	2025-04-29 12:34:16 (1 day ago)	CMS/PHP/SQL vulnerabilities/excessive crawling	Brute-Force Bad Web Bot Web App Attack
COMPLEX	2025-04-29 12:30:04 (1 day ago)	Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: MANAGED_CHALLENGE ASN: ... show moreTriggered Cloudflare WAF (firewallCustom) from DE. Action taken: MANAGED_CHALLENGE ASN: 14061 (DIGITALOCEAN-ASN) Protocol: HTTP/1.1 (GET method) Timestamp: 2025-04-29T12:24:10Z show less	Bad Web Bot
Anonymous	2025-04-29 05:09:54 (1 day ago)	Excessive crawling/scraping	Hacking Brute-Force
kosada.com	2025-04-29 02:57:10 (1 day ago)	Web vulnerability probing	Web App Attack
sthoyer.de	2025-04-29 00:05:30 (1 day ago)	139.59.132.8 - - [29/Apr/2025:02:05:28 +0200] "GET /@vite/env HTTP/1.1" 404 711 "-" "Go-http-client/ ... show more139.59.132.8 - - [29/Apr/2025:02:05:28 +0200] "GET /@vite/env HTTP/1.1" 404 711 "-" "Go-http-client/1.1" 139.59.132.8 - - [29/Apr/2025:02:05:28 +0200] "GET /server HTTP/1.1" 404 711 "-" "Go-http-client/1.1" 139.59.132.8 - - [29/Apr/2025:02:05:28 +0200] "GET /about HTTP/1.1" 404 711 "-" "Go-http-client/1.1" ... show less	Web App Attack
4server	2025-04-28 17:05:59 (2 days ago)	[MonApr2819:05:53.7196642025][security2:error][pid358276:tid358313][client139.59.132.8:0][client139. ... show more[MonApr2819:05:53.7196642025][security2:error][pid358276:tid358313][client139.59.132.8:0][client139.59.132.8]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\\\\\\\\.vscode/\"atREQUEST_FILENAME.[file\"/etc/apache2/conf.d/modsec_rules/10_asl_rules.conf\"][line\"1189\"][id\"350593\"][rev\"1\"][msg\"Atomicorp.comWAFRules:AttackBlocked-Dataleakage-attempttoaccessstoredvscodepasswords\"][severity\"CRITICAL\"][hostname\"www.risanamento-pareti-umide.ch.risanamento-funghi-muffa.ch\"][uri\"/.vscode/sftp.json\"][unique_id\"aA-1cV5Ocpb_GfqhcUzkLgAAAEY\"] show less	Port Scan Brute-Force Web App Attack

Is this your IP? You may request to takedown any associated reports. We will attempt to verify your ownership. Request Takedown 🚩