City: Bengaluru
Region: Karnataka
Country: India
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
| IP | Type | Details | Datetime |
|---|---|---|---|
| 139.59.173.205 | attack | Fraud connect |
2024-05-12 23:34:25 |
| 139.59.174.107 | attackbots | 139.59.174.107 - - [04/Oct/2020:15:12:36 +0200] "GET /wp-login.php HTTP/1.1" 200 9061 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.174.107 - - [04/Oct/2020:15:12:38 +0200] "POST /wp-login.php HTTP/1.1" 200 9312 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.174.107 - - [04/Oct/2020:15:12:39 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" |
2020-10-05 01:52:10 |
| 139.59.174.107 | attackspam | Attempt to hack Wordpress Login, XMLRPC or other login |
2020-10-04 17:35:07 |
| 139.59.174.107 | attackbotsspam | 139.59.174.107 - - [01/Sep/2020:15:23:20 +0100] "POST /wp-login.php HTTP/1.1" 200 1801 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.174.107 - - [01/Sep/2020:15:23:20 +0100] "POST /wp-login.php HTTP/1.1" 200 1779 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.174.107 - - [01/Sep/2020:15:23:21 +0100] "POST /wp-login.php HTTP/1.1" 200 1781 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ... |
2020-09-02 02:11:16 |
| 139.59.17.238 | attackspambots | Port scan: Attack repeated for 24 hours |
2020-08-19 22:16:07 |
| 139.59.173.249 | attackbots | Mailserver and mailaccount attacks |
2020-08-18 03:07:10 |
| 139.59.17.238 | attack | firewall-block, port(s): 17651/tcp |
2020-08-15 04:42:58 |
| 139.59.17.15 | attack |
|
2020-08-14 04:08:12 |
| 139.59.17.238 | attackspambots | Fail2Ban Ban Triggered |
2020-08-13 04:14:46 |
| 139.59.174.107 | attack | 139.59.174.107 - - [12/Aug/2020:05:24:05 +0100] "POST /wp-login.php HTTP/1.1" 200 1971 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.174.107 - - [12/Aug/2020:05:24:06 +0100] "POST /wp-login.php HTTP/1.1" 200 1967 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.174.107 - - [12/Aug/2020:05:24:06 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ... |
2020-08-12 14:51:09 |
| 139.59.174.107 | attackbotsspam | 139.59.174.107 - - [05/Aug/2020:13:30:47 +0100] "POST /wp-login.php HTTP/1.1" 200 2082 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.174.107 - - [05/Aug/2020:13:30:48 +0100] "POST /wp-login.php HTTP/1.1" 200 2060 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.174.107 - - [05/Aug/2020:13:30:49 +0100] "POST /wp-login.php HTTP/1.1" 200 2062 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ... |
2020-08-05 22:47:31 |
| 139.59.17.238 | attackspam | 13651/tcp 6656/tcp 16558/tcp... [2020-06-02/08-02]188pkt,71pt.(tcp) |
2020-08-03 03:31:09 |
| 139.59.174.107 | attack | Automatic report - Banned IP Access |
2020-07-28 12:58:00 |
| 139.59.174.107 | attack | 139.59.174.107 - - [27/Jul/2020:14:35:49 +0200] "GET /wp-login.php HTTP/1.1" 200 6310 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.174.107 - - [27/Jul/2020:14:35:49 +0200] "POST /wp-login.php HTTP/1.1" 200 6561 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.174.107 - - [27/Jul/2020:14:35:50 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" |
2020-07-27 22:37:52 |
| 139.59.17.238 | attackspambots | Fail2Ban Ban Triggered |
2020-07-27 20:03:09 |
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#
NetRange: 139.59.0.0 - 139.59.255.255
CIDR: 139.59.0.0/16
NetName: APNIC-ERX-139-59-0-0
NetHandle: NET-139-59-0-0-1
Parent: NET139 (NET-139-0-0-0-0)
NetType: Early Registrations, Transferred to APNIC
OriginAS:
Organization: Asia Pacific Network Information Centre (APNIC)
RegDate: 2004-03-03
Updated: 2009-10-08
Comment: This IP address range is not registered in the ARIN database.
Comment: This range was transferred to the APNIC Whois Database as
Comment: part of the ERX (Early Registration Transfer) project.
Comment: For details, refer to the APNIC Whois Database via
Comment: WHOIS.APNIC.NET or http://wq.apnic.net/apnic-bin/whois.pl
Comment:
Comment: ** IMPORTANT NOTE: APNIC is the Regional Internet Registry
Comment: for the Asia Pacific region. APNIC does not operate networks
Comment: using this IP address range and is not able to investigate
Comment: spam or abuse reports relating to these addresses. For more
Comment: help, refer to http://www.apnic.net/apnic-info/whois_search2/abuse-and-spamming
Ref: https://rdap.arin.net/registry/ip/139.59.0.0
ResourceLink: https://apps.db.ripe.net/db-web-ui/query
ResourceLink: whois.apnic.net
OrgName: Asia Pacific Network Information Centre
OrgId: APNIC
Address: PO Box 3646
City: South Brisbane
StateProv: QLD
PostalCode: 4101
Country: AU
RegDate:
Updated: 2012-01-24
Ref: https://rdap.arin.net/registry/entity/APNIC
ReferralServer: whois://whois.apnic.net
ResourceLink: https://apps.db.ripe.net/db-web-ui/query
OrgAbuseHandle: AWC12-ARIN
OrgAbuseName: APNIC Whois Contact
OrgAbusePhone: +61 7 3858 3188
OrgAbuseEmail: search-apnic-not-arin@apnic.net
OrgAbuseRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
OrgTechHandle: AWC12-ARIN
OrgTechName: APNIC Whois Contact
OrgTechPhone: +61 7 3858 3188
OrgTechEmail: search-apnic-not-arin@apnic.net
OrgTechRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#
Found a referral to whois.apnic.net.
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
% Information related to '139.59.16.0 - 139.59.31.255'
% Abuse contact for '139.59.16.0 - 139.59.31.255' is 'abuse@digitalocean.com'
inetnum: 139.59.16.0 - 139.59.31.255
netname: DIGITALOCEAN-AP
descr: DigitalOcean, LLC
country: IN
admin-c: DOIA2-AP
tech-c: DOIA2-AP
abuse-c: AD699-AP
status: ASSIGNED NON-PORTABLE
mnt-by: MAINT-DIGITALOCEAN-AP
mnt-irt: IRT-DIGITALOCEAN-AP
last-modified: 2020-05-31T21:34:24Z
source: APNIC
irt: IRT-DIGITALOCEAN-AP
address: 105 Edgeview Drive, Suite 425, Broomfield, Colorado 80021
e-mail: noc@digitalocean.com
abuse-mailbox: abuse@digitalocean.com
admin-c: DOIA2-AP
tech-c: DOIA2-AP
auth: # Filtered
remarks: abuse@digitalocean.com was validated on 2025-08-14
remarks: noc@digitalocean.com is invalid
mnt-by: MAINT-DIGITALOCEAN-AP
last-modified: 2025-12-10T13:07:01Z
source: APNIC
role: ABUSE DIGITALOCEANAP
country: ZZ
address: 105 Edgeview Drive, Suite 425, Broomfield, Colorado 80021
phone: +000000000
e-mail: noc@digitalocean.com
admin-c: DOIA2-AP
tech-c: DOIA2-AP
nic-hdl: AD699-AP
remarks: Generated from irt object IRT-DIGITALOCEAN-AP
remarks: abuse@digitalocean.com was validated on 2025-08-14
remarks: noc@digitalocean.com is invalid
abuse-mailbox: abuse@digitalocean.com
mnt-by: APNIC-ABUSE
last-modified: 2025-12-10T13:07:40Z
source: APNIC
role: Digital Ocean Inc administrator
address: 105 Edgeview Drive, Suite 425, Broomfield, Colorado 80021
country: US
phone: +1 646-827-4366
fax-no: +1 646-827-4366
e-mail: abuse@digitalocean.com
admin-c: DOIA2-AP
tech-c: DOIA2-AP
nic-hdl: DOIA2-AP
mnt-by: MAINT-DIGITALOCEAN-AP
last-modified: 2025-04-11T18:24:27Z
source: APNIC
% This query was served by the APNIC Whois Service version 1.88.36-SNAPSHOT (WHOIS-AU5); <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.59.17.60
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 59909
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;139.59.17.60. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2026012700 1800 900 604800 86400
;; Query time: 10 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jan 28 01:30:06 CST 2026
;; MSG SIZE rcvd: 105Host 60.17.59.139.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 60.17.59.139.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 158.69.163.146 | attackspambots | firewall-block, port(s): 445/tcp |
2019-07-30 04:49:21 |
| 77.247.108.170 | attackspam | Trying to (more than 3 packets) bruteforce (not in use) VoIP/SIP port 5060 |
2019-07-30 04:51:30 |
| 35.194.223.105 | attack | Jul 29 22:47:09 dedicated sshd[14777]: Invalid user cvs from 35.194.223.105 port 39208 |
2019-07-30 04:57:56 |
| 75.119.96.39 | attackbots | firewall-block, port(s): 5431/tcp |
2019-07-30 05:03:19 |
| 118.25.42.51 | attackspam | Jul 29 20:04:32 MK-Soft-VM6 sshd\[16048\]: Invalid user gsmith from 118.25.42.51 port 55270 Jul 29 20:04:32 MK-Soft-VM6 sshd\[16048\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.42.51 Jul 29 20:04:34 MK-Soft-VM6 sshd\[16048\]: Failed password for invalid user gsmith from 118.25.42.51 port 55270 ssh2 ... |
2019-07-30 05:04:15 |
| 154.126.235.38 | attackbots | Honeypot attack, port: 23, PTR: PTR record not found |
2019-07-30 04:26:40 |
| 167.71.85.50 | attackspam | Unauthorised access (Jul 29) SRC=167.71.85.50 LEN=40 TTL=56 ID=36060 TCP DPT=8080 WINDOW=57440 SYN Unauthorised access (Jul 29) SRC=167.71.85.50 LEN=40 TTL=56 ID=64978 TCP DPT=8080 WINDOW=57440 SYN |
2019-07-30 04:44:03 |
| 120.203.197.58 | attackspambots | Jul 29 14:36:42 vtv3 sshd\[12980\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.203.197.58 user=root Jul 29 14:36:44 vtv3 sshd\[12980\]: Failed password for root from 120.203.197.58 port 49363 ssh2 Jul 29 14:42:10 vtv3 sshd\[15732\]: Invalid user com from 120.203.197.58 port 41962 Jul 29 14:42:10 vtv3 sshd\[15732\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.203.197.58 Jul 29 14:42:12 vtv3 sshd\[15732\]: Failed password for invalid user com from 120.203.197.58 port 41962 ssh2 Jul 29 14:52:47 vtv3 sshd\[20658\]: Invalid user hsq from 120.203.197.58 port 55407 Jul 29 14:52:47 vtv3 sshd\[20658\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.203.197.58 Jul 29 14:52:50 vtv3 sshd\[20658\]: Failed password for invalid user hsq from 120.203.197.58 port 55407 ssh2 Jul 29 14:58:12 vtv3 sshd\[23186\]: Invalid user qwe123rty456 from 120.203.197.58 port 48024 Jul 29 14:5 |
2019-07-30 04:59:02 |
| 219.151.22.20 | attack | firewall-block, port(s): 445/tcp |
2019-07-30 04:46:58 |
| 13.93.1.86 | attackspam | Jul 30 00:01:23 www2 sshd\[1536\]: Invalid user lee from 13.93.1.86Jul 30 00:01:25 www2 sshd\[1536\]: Failed password for invalid user lee from 13.93.1.86 port 62941 ssh2Jul 30 00:05:35 www2 sshd\[3421\]: Invalid user mit from 13.93.1.86Jul 30 00:05:37 www2 sshd\[3421\]: Failed password for invalid user mit from 13.93.1.86 port 35772 ssh2Jul 30 00:09:49 www2 sshd\[3750\]: Invalid user ftphome from 13.93.1.86Jul 30 00:09:51 www2 sshd\[3750\]: Failed password for invalid user ftphome from 13.93.1.86 port 64897 ssh2 ... |
2019-07-30 05:12:44 |
| 189.45.37.254 | attackbotsspam | Honeypot attack, port: 445, PTR: gw.stech.net.br. |
2019-07-30 05:06:01 |
| 69.181.231.202 | attackspambots | 2019-07-29T20:16:43.040876abusebot-7.cloudsearch.cf sshd\[23409\]: Invalid user marco from 69.181.231.202 port 39386 |
2019-07-30 04:46:25 |
| 110.14.205.242 | attackspambots | firewall-block, port(s): 23/tcp |
2019-07-30 04:51:12 |
| 106.12.11.160 | attackbotsspam | 2019-07-29T19:53:50.175716abusebot-8.cloudsearch.cf sshd\[4627\]: Invalid user osman from 106.12.11.160 port 45890 |
2019-07-30 04:25:49 |
| 23.247.81.43 | attackspambots | /?s=index/%5Cthink%5Ctemplate%5Cdriver%5Cfile/write&cacheFile=osyxy.php&content=%3C?php%20mb_ereg_replace('.*',@$_REQUEST%5B_%5D,%20'',%20'e');?%3E |
2019-07-30 04:33:06 |