City: Bengaluru
Region: Karnataka
Country: India
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
| IP | Type | Details | Datetime |
|---|---|---|---|
| 139.59.72.161 | attackbots | Unauthorized connection attempt detected from IP address 139.59.72.161 to port 2220 [J] |
2020-02-03 20:09:15 |
| 139.59.72.161 | attack | Jan 12 21:08:06 mx01 sshd[22255]: reveeclipse mapping checking getaddrinfo for cloud.imedihub.com [139.59.72.161] failed - POSSIBLE BREAK-IN ATTEMPT! Jan 12 21:08:06 mx01 sshd[22255]: Invalid user uftp from 139.59.72.161 Jan 12 21:08:06 mx01 sshd[22255]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.72.161 Jan 12 21:08:09 mx01 sshd[22255]: Failed password for invalid user uftp from 139.59.72.161 port 44900 ssh2 Jan 12 21:08:09 mx01 sshd[22255]: Received disconnect from 139.59.72.161: 11: Bye Bye [preauth] Jan 12 21:15:25 mx01 sshd[23493]: reveeclipse mapping checking getaddrinfo for cloud.imedihub.com [139.59.72.161] failed - POSSIBLE BREAK-IN ATTEMPT! Jan 12 21:15:25 mx01 sshd[23493]: Invalid user deploy from 139.59.72.161 Jan 12 21:15:25 mx01 sshd[23493]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.72.161 Jan 12 21:15:27 mx01 sshd[23493]: Failed password for invalid u........ ------------------------------- |
2020-01-13 08:14:38 |
| 139.59.72.135 | attack | POST /index.php?option=com_jce&task=plugin&plugin=imgmanager&file=imgmanager&method=form GET /XxX.php?XxX POST /index.php?option=com_fabrik&format=raw&task=plugin.pluginAjax&plugin=fileupload&method=ajax_upload GET /raiz0.html GET /miNuS.php POST /modules/mod_simplefileuploadv1.3/elements/udd.php |
2019-10-29 19:38:25 |
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#
NetRange: 139.59.0.0 - 139.59.255.255
CIDR: 139.59.0.0/16
NetName: APNIC-ERX-139-59-0-0
NetHandle: NET-139-59-0-0-1
Parent: NET139 (NET-139-0-0-0-0)
NetType: Early Registrations, Transferred to APNIC
OriginAS:
Organization: Asia Pacific Network Information Centre (APNIC)
RegDate: 2004-03-03
Updated: 2009-10-08
Comment: This IP address range is not registered in the ARIN database.
Comment: This range was transferred to the APNIC Whois Database as
Comment: part of the ERX (Early Registration Transfer) project.
Comment: For details, refer to the APNIC Whois Database via
Comment: WHOIS.APNIC.NET or http://wq.apnic.net/apnic-bin/whois.pl
Comment:
Comment: ** IMPORTANT NOTE: APNIC is the Regional Internet Registry
Comment: for the Asia Pacific region. APNIC does not operate networks
Comment: using this IP address range and is not able to investigate
Comment: spam or abuse reports relating to these addresses. For more
Comment: help, refer to http://www.apnic.net/apnic-info/whois_search2/abuse-and-spamming
Ref: https://rdap.arin.net/registry/ip/139.59.0.0
ResourceLink: https://apps.db.ripe.net/db-web-ui/query
ResourceLink: whois.apnic.net
OrgName: Asia Pacific Network Information Centre
OrgId: APNIC
Address: PO Box 3646
City: South Brisbane
StateProv: QLD
PostalCode: 4101
Country: AU
RegDate:
Updated: 2012-01-24
Ref: https://rdap.arin.net/registry/entity/APNIC
ReferralServer: whois://whois.apnic.net
ResourceLink: http://wq.apnic.net/whois-search/static/search.html
OrgTechHandle: AWC12-ARIN
OrgTechName: APNIC Whois Contact
OrgTechPhone: +61 7 3858 3188
OrgTechEmail: search-apnic-not-arin@apnic.net
OrgTechRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
OrgAbuseHandle: AWC12-ARIN
OrgAbuseName: APNIC Whois Contact
OrgAbusePhone: +61 7 3858 3188
OrgAbuseEmail: search-apnic-not-arin@apnic.net
OrgAbuseRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#
Found a referral to whois.apnic.net.
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
% Information related to '139.59.64.0 - 139.59.79.255'
% Abuse contact for '139.59.64.0 - 139.59.79.255' is 'abuse@digitalocean.com'
inetnum: 139.59.64.0 - 139.59.79.255
netname: DIGITALOCEAN-AP
descr: DigitalOcean, LLC
country: IN
admin-c: DOIA2-AP
tech-c: DOIA2-AP
abuse-c: AD699-AP
status: ASSIGNED NON-PORTABLE
mnt-by: MAINT-DIGITALOCEAN-AP
mnt-irt: IRT-DIGITALOCEAN-AP
last-modified: 2020-05-31T21:36:27Z
source: APNIC
irt: IRT-DIGITALOCEAN-AP
address: 105 Edgeview Drive, Suite 425, Broomfield, Colorado 80021
e-mail: noc@digitalocean.com
abuse-mailbox: abuse@digitalocean.com
admin-c: DOIA2-AP
tech-c: DOIA2-AP
auth: # Filtered
remarks: abuse@digitalocean.com was validated on 2026-03-19
remarks: noc@digitalocean.com was validated on 2026-03-25
mnt-by: MAINT-DIGITALOCEAN-AP
last-modified: 2026-03-25T17:24:46Z
source: APNIC
role: ABUSE DIGITALOCEANAP
country: ZZ
address: 105 Edgeview Drive, Suite 425, Broomfield, Colorado 80021
phone: +000000000
e-mail: noc@digitalocean.com
admin-c: DOIA2-AP
tech-c: DOIA2-AP
nic-hdl: AD699-AP
remarks: Generated from irt object IRT-DIGITALOCEAN-AP
remarks: abuse@digitalocean.com was validated on 2026-03-19
remarks: noc@digitalocean.com was validated on 2026-03-25
abuse-mailbox: abuse@digitalocean.com
mnt-by: APNIC-ABUSE
last-modified: 2026-03-25T17:25:11Z
source: APNIC
role: Digital Ocean Inc administrator
address: 105 Edgeview Drive, Suite 425, Broomfield, Colorado 80021
country: US
phone: +1 646-827-4366
fax-no: +1 646-827-4366
e-mail: abuse@digitalocean.com
admin-c: DOIA2-AP
tech-c: DOIA2-AP
nic-hdl: DOIA2-AP
mnt-by: MAINT-DIGITALOCEAN-AP
last-modified: 2025-04-11T18:24:27Z
source: APNIC
% This query was served by the APNIC Whois Service version 1.88.48 (WHOIS-AU5); <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.59.72.214
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1979
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;139.59.72.214. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2026050100 1800 900 604800 86400
;; Query time: 8 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat May 02 00:54:22 CST 2026
;; MSG SIZE rcvd: 106Host 214.72.59.139.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 214.72.59.139.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 218.92.0.145 | attackbots | SSH login attempts |
2020-01-20 17:34:02 |
| 183.89.214.13 | attackbots | Attempts against Pop3/IMAP |
2020-01-20 17:24:43 |
| 47.75.172.46 | attackbotsspam | 47.75.172.46 - - \[20/Jan/2020:05:51:32 +0100\] "POST /wp-login.php HTTP/1.0" 200 7672 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 47.75.172.46 - - \[20/Jan/2020:05:51:35 +0100\] "POST /wp-login.php HTTP/1.0" 200 7502 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 47.75.172.46 - - \[20/Jan/2020:05:51:38 +0100\] "POST /wp-login.php HTTP/1.0" 200 7496 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" |
2020-01-20 17:33:37 |
| 124.156.211.137 | attack | Unauthorized connection attempt detected from IP address 124.156.211.137 to port 443 [J] |
2020-01-20 17:55:50 |
| 223.15.206.229 | attackspambots | Unauthorized connection attempt detected from IP address 223.15.206.229 to port 23 [J] |
2020-01-20 17:49:53 |
| 212.118.24.10 | attackbotsspam | port scan and connect, tcp 1433 (ms-sql-s) |
2020-01-20 17:29:48 |
| 77.42.86.74 | attackspambots | DATE:2020-01-20 05:51:12, IP:77.42.86.74, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc) |
2020-01-20 17:45:51 |
| 212.3.165.40 | attackspambots | Unauthorized connection attempt detected from IP address 212.3.165.40 to port 23 [J] |
2020-01-20 17:50:11 |
| 176.92.184.39 | attackspam | Unauthorized connection attempt detected from IP address 176.92.184.39 to port 80 [J] |
2020-01-20 17:53:05 |
| 118.25.105.121 | attackbots | ssh brute force |
2020-01-20 17:39:58 |
| 2001:41d0:1000:647:: | attackspam | WordPress login Brute force / Web App Attack on client site. |
2020-01-20 17:28:19 |
| 14.170.112.62 | attack | Postfix Brute-Force reported by Fail2Ban |
2020-01-20 17:34:24 |
| 87.21.53.149 | attackspam | Unauthorized connection attempt detected from IP address 87.21.53.149 to port 4567 [J] |
2020-01-20 17:59:53 |
| 185.156.73.64 | attackspam | 01/20/2020-02:52:14.649136 185.156.73.64 Protocol: 6 ET SCAN NMAP -sS window 1024 |
2020-01-20 17:25:50 |
| 81.133.226.101 | attackbotsspam | Jan 20 06:06:31 server sshd\[28332\]: Invalid user shoutcast from 81.133.226.101 Jan 20 06:06:31 server sshd\[28332\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=host81-133-226-101.in-addr.btopenworld.com Jan 20 06:06:34 server sshd\[28332\]: Failed password for invalid user shoutcast from 81.133.226.101 port 47369 ssh2 Jan 20 07:51:01 server sshd\[22591\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=host81-133-226-101.in-addr.btopenworld.com user=root Jan 20 07:51:03 server sshd\[22591\]: Failed password for root from 81.133.226.101 port 47369 ssh2 ... |
2020-01-20 17:48:45 |