JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 159.223.213.49

159.223.213.49 was found in our database!

This IP was reported 1,066 times. Confidence of Abuse is 100%: ?

100%

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇳🇱 Netherlands
City	Amsterdam, North Holland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 159.223.213.49

Whois 159.223.213.49

IP Abuse Reports for 159.223.213.49:

This IP address has been reported a total of 1,066 times from 548 distinct sources. 159.223.213.49 was first reported on December 22nd 2024, and the most recent report was 20 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 DrLex0	2026-05-25 13:23:22 (1 week ago)	2026-05-25T13:16:58.755791+00:00 [host] sshd[678586]: User root from 159.223.213.49 not allowed beca ... show more 2026-05-25T13:16:58.755791+00:00 [host] sshd[678586]: User root from 159.223.213.49 not allowed because not listed in AllowUsers 2026-05-25T13:20:12.628514+00:00 [host] sshd[678624]: Invalid user elasticsearch from 159.223.213.49 port 43794 2026-05-25T13:23:21.392654+00:00 [host] sshd[678666]: User root from 159.223.213.49 not allowed because not listed in AllowUsers show less	Brute-Force SSH
🇩🇪 Tom Langer	2026-05-25 13:18:09 (1 week ago)	2026-05-25T13:10:57.614524+00:00 ubuntu sshd[156974]: Received disconnect from 159.223.213.49 port 5 ... show more 2026-05-25T13:10:57.614524+00:00 ubuntu sshd[156974]: Received disconnect from 159.223.213.49 port 53922:11: Bye Bye [preauth] 2026-05-25T13:18:08.983868+00:00 ubuntu sshd[157006]: Invalid user elasticsearch from 159.223.213.49 port 43232 ... show less	Brute-Force SSH
🇺🇸 yzfdude1	2026-05-25 13:17:32 (1 week ago)	May 25 07:17:27 mickey sshd[71108]: Invalid user elasticsearch from 159.223.213.49 port 55058 May 25 ... show more May 25 07:17:27 mickey sshd[71108]: Invalid user elasticsearch from 159.223.213.49 port 55058 May 25 07:17:27 mickey sshd[71108]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.223.213.49 May 25 07:17:30 mickey sshd[71108]: Failed password for invalid user elasticsearch from 159.223.213.49 port 55058 ssh2 ... show less	Brute-Force SSH
🇩🇪 teron	2026-05-25 13:17:24 (1 week ago)	2026-05-25T13:17:23.496904+00:00 Neptun sshd[938635]: Connection from 159.223.213.49 port 33028 on 8 ... show more 2026-05-25T13:17:23.496904+00:00 Neptun sshd[938635]: Connection from 159.223.213.49 port 33028 on 85.215.78.90 port 22 rdomain "" 2026-05-25T13:17:23.721566+00:00 Neptun sshd[938635]: User elasticsearch from 159.223.213.49 not allowed because not listed in AllowUsers ... show less	Brute-Force SSH
🇫🇮 licen777	2026-05-25 13:14:00 (1 week ago)	Cowrie Honeypot: 5 unauthorised SSH/Telnet login attempts between 2026-05-25T12:08:53Z and 2026-05-2 ... show more Cowrie Honeypot: 5 unauthorised SSH/Telnet login attempts between 2026-05-25T12:08:53Z and 2026-05-25T13:13:59Z show less	Brute-Force SSH
🇫🇷 glmx	2026-05-25 13:13:52 (1 week ago)	SSH honeypot interaction detected. The source host initiated a connection to a monitored SSH endpoin ... show more SSH honeypot interaction detected. The source host initiated a connection to a monitored SSH endpoint, behavior consistent with automated SSH scanning or brute-force reconnaissance. show less	Brute-Force SSH
🇫🇮 Recognize6919	2026-05-25 13:10:11 (1 week ago)	CrowdSec: crowdsecurity/ssh-bf-fast user=root events=3	Brute-Force SSH
🇺🇸 ezscale	2026-05-25 12:48:27 (1 week ago)	SSH brute force on atl-02.node.vps.ezscale.tech (3 failures). Detected by fail2ban.	Brute-Force SSH
🇩🇪 PieKnu	2026-05-25 12:25:09 (1 week ago)	May 25 12:20:54 host sshd[2777683]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid ... show more May 25 12:20:54 host sshd[2777683]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.223.213.49 user=root May 25 12:20:56 host sshd[2777683]: Failed password for root from 159.223.213.49 port 54812 ssh2 May 25 12:25:06 host sshd[2778732]: Invalid user frappe from 159.223.213.49 port 48894 May 25 12:25:06 host sshd[2778732]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.223.213.49 May 25 12:25:08 host sshd[2778732]: Failed password for invalid user frappe from 159.223.213.49 port 48894 ssh2 ... show less	Brute-Force SSH
🇩🇪 formality	2026-05-25 12:24:47 (1 week ago)	Invalid user frappe from 159.223.213.49 port 59414	Brute-Force SSH
🇩🇪 formality	2026-05-25 12:23:53 (1 week ago)	Invalid user frappe from 159.223.213.49 port 46556	Brute-Force SSH
🇺🇸 yzfdude1	2026-05-25 12:20:58 (1 week ago)	May 25 06:17:16 felix sshd[70670]: Failed password for root from 159.223.213.49 port 53296 ssh2 May ... show more May 25 06:17:16 felix sshd[70670]: Failed password for root from 159.223.213.49 port 53296 ssh2 May 25 06:20:55 felix sshd[70723]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.223.213.49 user=root May 25 06:20:56 felix sshd[70723]: Failed password for root from 159.223.213.49 port 41628 ssh2 ... show less	Brute-Force SSH
🇩🇪 killmself	2026-05-25 12:13:32 (1 week ago)	Caught by Fail2Ban	Brute-Force SSH
🇩🇪 nzxl	2026-05-25 11:43:08 (1 week ago)	2026-05-25T11:12:52.743210+00:00 nzxlvps sshd[292087]: Invalid user curl from 159.223.213.49 port 42 ... show more 2026-05-25T11:12:52.743210+00:00 nzxlvps sshd[292087]: Invalid user curl from 159.223.213.49 port 42500 2026-05-25T11:23:07.153140+00:00 nzxlvps sshd[295582]: Invalid user cloud from 159.223.213.49 port 40286 2026-05-25T11:43:06.864123+00:00 nzxlvps sshd[302309]: Invalid user jenkins from 159.223.213.49 port 44770 ... show less	Brute-Force SSH
🇧🇾 lns.bz	2026-05-25 10:56:18 (1 week ago)	SSH bruteforce [BY]	SSH

Showing 1006 to 1020 of 1066 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 203.6.235.51

🇺🇸 198.46.154.22

🇳🇱 195.178.110.30

🇧🇬 193.24.211.107

🇺🇸 172.217.107.158

🇮🇳 151.185.42.72

🇫🇮 147.185.133.37

🇭🇰 118.26.37.26

🇧🇷 45.166.98.254

🇧🇪 34.62.0.105

🇬🇧 188.240.59.30

🇺🇸 162.216.149.230

🇯🇵 162.43.116.64

🇺🇸 153.54.133.103

🇨🇳 124.227.31.14

🇮🇳 103.233.64.89

🇸🇬 103.187.146.90

🇮🇳 49.205.36.146

🇯🇵 8.216.3.215

🇨🇳 8.166.134.51