City: Bengaluru
Region: Karnataka
Country: India
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
| IP | Type | Details | Datetime |
|---|---|---|---|
| 139.59.90.210 | attack | Oct 13 07:21:08 rancher-0 sshd[305710]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.90.210 user=root Oct 13 07:21:10 rancher-0 sshd[305710]: Failed password for root from 139.59.90.210 port 34288 ssh2 ... |
2020-10-13 17:29:52 |
| 139.59.90.148 | attackbots | Registration form abuse |
2020-10-04 09:16:42 |
| 139.59.90.148 | attackbots | Registration form abuse |
2020-10-04 01:53:23 |
| 139.59.90.148 | attackspam | Dovecot Invalid User Login Attempt. |
2020-10-03 17:38:46 |
| 139.59.90.0 | attack | Oct 2 23:06:04 pipo sshd[7628]: Disconnected from authenticating user root 139.59.90.0 port 51130 [preauth] Oct 2 23:06:04 pipo sshd[7627]: Disconnected from authenticating user root 139.59.90.0 port 51008 [preauth] Oct 2 23:06:04 pipo sshd[7629]: Disconnected from authenticating user root 139.59.90.0 port 51256 [preauth] Oct 2 23:06:04 pipo sshd[7634]: Disconnected from authenticating user root 139.59.90.0 port 51598 [preauth] ... |
2020-10-03 06:10:19 |
| 139.59.90.0 | attackspam | Found on CINS badguys / proto=6 . srcport=48048 . dstport=50022 . (1044) |
2020-10-03 01:36:24 |
| 139.59.90.0 | attackbots | Found on CINS badguys / proto=6 . srcport=48048 . dstport=50022 . (1044) |
2020-10-02 22:05:50 |
| 139.59.90.0 | attack | Port scan denied |
2020-10-02 18:37:58 |
| 139.59.90.0 | attack | Port scan denied |
2020-10-02 15:11:00 |
| 139.59.90.31 | attackspam | $f2bV_matches |
2020-08-15 18:44:12 |
| 139.59.90.31 | attackspambots | Aug 14 20:13:14 vm0 sshd[4596]: Failed password for root from 139.59.90.31 port 56598 ssh2 ... |
2020-08-15 03:28:34 |
| 139.59.90.31 | attackbotsspam | Aug 9 16:29:51 abendstille sshd\[24569\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.90.31 user=root Aug 9 16:29:53 abendstille sshd\[24569\]: Failed password for root from 139.59.90.31 port 48706 ssh2 Aug 9 16:32:20 abendstille sshd\[27208\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.90.31 user=root Aug 9 16:32:23 abendstille sshd\[27208\]: Failed password for root from 139.59.90.31 port 52044 ssh2 Aug 9 16:34:53 abendstille sshd\[29775\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.90.31 user=root ... |
2020-08-10 01:57:37 |
| 139.59.90.31 | attackspambots | Jul 20 15:46:55 itv-usvr-02 sshd[387]: Invalid user noreply from 139.59.90.31 port 33408 Jul 20 15:46:55 itv-usvr-02 sshd[387]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.90.31 Jul 20 15:46:55 itv-usvr-02 sshd[387]: Invalid user noreply from 139.59.90.31 port 33408 Jul 20 15:46:58 itv-usvr-02 sshd[387]: Failed password for invalid user noreply from 139.59.90.31 port 33408 ssh2 Jul 20 15:48:45 itv-usvr-02 sshd[456]: Invalid user sistemas from 139.59.90.31 port 53562 |
2020-07-20 20:15:34 |
| 139.59.90.31 | attackbots | Jul 16 07:25:26 mout sshd[27780]: Invalid user ghost from 139.59.90.31 port 47156 |
2020-07-16 14:14:53 |
| 139.59.90.31 | attackspam | Jul 10 10:03:29 ns381471 sshd[3374]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.90.31 Jul 10 10:03:32 ns381471 sshd[3374]: Failed password for invalid user sslvpn from 139.59.90.31 port 44708 ssh2 |
2020-07-10 16:15:33 |
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2025, American Registry for Internet Numbers, Ltd.
#
NetRange: 139.59.0.0 - 139.59.255.255
CIDR: 139.59.0.0/16
NetName: APNIC-ERX-139-59-0-0
NetHandle: NET-139-59-0-0-1
Parent: NET139 (NET-139-0-0-0-0)
NetType: Early Registrations, Transferred to APNIC
OriginAS:
Organization: Asia Pacific Network Information Centre (APNIC)
RegDate: 2004-03-03
Updated: 2009-10-08
Comment: This IP address range is not registered in the ARIN database.
Comment: This range was transferred to the APNIC Whois Database as
Comment: part of the ERX (Early Registration Transfer) project.
Comment: For details, refer to the APNIC Whois Database via
Comment: WHOIS.APNIC.NET or http://wq.apnic.net/apnic-bin/whois.pl
Comment:
Comment: ** IMPORTANT NOTE: APNIC is the Regional Internet Registry
Comment: for the Asia Pacific region. APNIC does not operate networks
Comment: using this IP address range and is not able to investigate
Comment: spam or abuse reports relating to these addresses. For more
Comment: help, refer to http://www.apnic.net/apnic-info/whois_search2/abuse-and-spamming
Ref: https://rdap.arin.net/registry/ip/139.59.0.0
ResourceLink: https://apps.db.ripe.net/db-web-ui/query
ResourceLink: whois.apnic.net
OrgName: Asia Pacific Network Information Centre
OrgId: APNIC
Address: PO Box 3646
City: South Brisbane
StateProv: QLD
PostalCode: 4101
Country: AU
RegDate:
Updated: 2012-01-24
Ref: https://rdap.arin.net/registry/entity/APNIC
ReferralServer: whois://whois.apnic.net
ResourceLink: https://apps.db.ripe.net/db-web-ui/query
OrgAbuseHandle: AWC12-ARIN
OrgAbuseName: APNIC Whois Contact
OrgAbusePhone: +61 7 3858 3188
OrgAbuseEmail: search-apnic-not-arin@apnic.net
OrgAbuseRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
OrgTechHandle: AWC12-ARIN
OrgTechName: APNIC Whois Contact
OrgTechPhone: +61 7 3858 3188
OrgTechEmail: search-apnic-not-arin@apnic.net
OrgTechRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2025, American Registry for Internet Numbers, Ltd.
#
Found a referral to whois.apnic.net.
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
% Information related to '139.59.80.0 - 139.59.95.255'
% Abuse contact for '139.59.80.0 - 139.59.95.255' is 'abuse@digitalocean.com'
inetnum: 139.59.80.0 - 139.59.95.255
netname: DIGITALOCEAN-AP
descr: DigitalOcean, LLC
country: IN
admin-c: DOIA2-AP
tech-c: DOIA2-AP
abuse-c: AD699-AP
status: ASSIGNED NON-PORTABLE
mnt-by: MAINT-DIGITALOCEAN-AP
mnt-irt: IRT-DIGITALOCEAN-AP
last-modified: 2020-05-31T21:36:27Z
source: APNIC
irt: IRT-DIGITALOCEAN-AP
address: 105 Edgeview Drive, Suite 425, Broomfield, Colorado 80021
e-mail: noc@digitalocean.com
abuse-mailbox: abuse@digitalocean.com
admin-c: DOIA2-AP
tech-c: DOIA2-AP
auth: # Filtered
remarks: noc@digitalocean.com was validated on 2025-05-20
remarks: abuse@digitalocean.com was validated on 2025-08-14
mnt-by: MAINT-DIGITALOCEAN-AP
last-modified: 2025-09-04T07:01:35Z
source: APNIC
role: ABUSE DIGITALOCEANAP
country: ZZ
address: 105 Edgeview Drive, Suite 425, Broomfield, Colorado 80021
phone: +000000000
e-mail: noc@digitalocean.com
admin-c: DOIA2-AP
tech-c: DOIA2-AP
nic-hdl: AD699-AP
remarks: Generated from irt object IRT-DIGITALOCEAN-AP
remarks: noc@digitalocean.com was validated on 2025-05-20
remarks: abuse@digitalocean.com was validated on 2025-08-14
abuse-mailbox: abuse@digitalocean.com
mnt-by: APNIC-ABUSE
last-modified: 2025-08-14T13:27:09Z
source: APNIC
role: Digital Ocean Inc administrator
address: 105 Edgeview Drive, Suite 425, Broomfield, Colorado 80021
country: US
phone: +1 646-827-4366
fax-no: +1 646-827-4366
e-mail: abuse@digitalocean.com
admin-c: DOIA2-AP
tech-c: DOIA2-AP
nic-hdl: DOIA2-AP
mnt-by: MAINT-DIGITALOCEAN-AP
last-modified: 2025-04-11T18:24:27Z
source: APNIC
% This query was served by the APNIC Whois Service version 1.88.36-SNAPSHOT (WHOIS-AU5); <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.59.90.53
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 40852
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;139.59.90.53. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025100501 1800 900 604800 86400
;; Query time: 39 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Oct 06 11:00:27 CST 2025
;; MSG SIZE rcvd: 105Host 53.90.59.139.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 53.90.59.139.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 36.71.235.54 | attackbots | Sender demands 550 bitcoins in dollar. He claims that this mail is sent from my email account. I hope that hes using mailserver open relay hole... У меня для вас очень плохие новости. 11.08.2019 - в этот день я взломал вашу операционную систему и получил полный доступ к вашей учетной записи Конечно вы можете сменить пароль.. Но моя вредоносная программа перехватывает каждый раз, когда вы его меняете. Как я это сделал: В программном обеспечении роутера, через который вы выходили в интернет, была уязвимость. Я просто взломал этот роутер и поместил на него свой вредоносный код. Когда вы выходили в интернет, мой троян был установлен на ОС вашего устройства. После этого я сделал полный копию вашего диска (у меня есть вся ваша адресная книга, история просмотра сайтов, все файлы, номера телефонов и адреса всех ваших контактов). |
2019-12-11 00:52:27 |
| 172.104.124.229 | attackspam | SIP/5060 Probe, BF, Hack - |
2019-12-11 01:18:32 |
| 119.27.170.64 | attack | Dec 10 07:06:51 kapalua sshd\[6105\]: Invalid user apache from 119.27.170.64 Dec 10 07:06:51 kapalua sshd\[6105\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.27.170.64 Dec 10 07:06:53 kapalua sshd\[6105\]: Failed password for invalid user apache from 119.27.170.64 port 44812 ssh2 Dec 10 07:14:25 kapalua sshd\[6988\]: Invalid user userftp from 119.27.170.64 Dec 10 07:14:25 kapalua sshd\[6988\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.27.170.64 |
2019-12-11 01:33:28 |
| 142.93.15.179 | attack | 2019-12-10 06:33:10 server sshd[11780]: Failed password for invalid user root from 142.93.15.179 port 49510 ssh2 |
2019-12-11 01:32:53 |
| 103.75.103.211 | attackbots | Dec 10 10:06:15 ny01 sshd[29103]: Failed password for root from 103.75.103.211 port 34248 ssh2 Dec 10 10:13:04 ny01 sshd[29880]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.75.103.211 Dec 10 10:13:05 ny01 sshd[29880]: Failed password for invalid user jarchow from 103.75.103.211 port 42260 ssh2 |
2019-12-11 01:05:16 |
| 171.242.95.116 | attack | SIP/5060 Probe, BF, Hack - |
2019-12-11 01:29:34 |
| 175.207.13.200 | attack | Dec 10 16:08:03 loxhost sshd\[1956\]: Invalid user dd from 175.207.13.200 port 37314 Dec 10 16:08:03 loxhost sshd\[1956\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.207.13.200 Dec 10 16:08:05 loxhost sshd\[1956\]: Failed password for invalid user dd from 175.207.13.200 port 37314 ssh2 Dec 10 16:15:26 loxhost sshd\[2309\]: Invalid user heyleigh from 175.207.13.200 port 50802 Dec 10 16:15:26 loxhost sshd\[2309\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.207.13.200 ... |
2019-12-11 01:01:31 |
| 222.186.175.202 | attack | Dec 10 12:04:55 lanister sshd[21823]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.202 user=root Dec 10 12:04:57 lanister sshd[21823]: Failed password for root from 222.186.175.202 port 21056 ssh2 ... |
2019-12-11 01:08:27 |
| 121.208.190.238 | attack | Dec 10 14:53:00 gitlab-ci sshd\[23315\]: Invalid user pi from 121.208.190.238Dec 10 14:53:01 gitlab-ci sshd\[23317\]: Invalid user pi from 121.208.190.238 ... |
2019-12-11 00:53:21 |
| 187.189.63.82 | attackspam | Dec 10 17:46:06 legacy sshd[13278]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.189.63.82 Dec 10 17:46:08 legacy sshd[13278]: Failed password for invalid user bashnie from 187.189.63.82 port 55532 ssh2 Dec 10 17:52:07 legacy sshd[13591]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.189.63.82 ... |
2019-12-11 01:08:52 |
| 185.143.221.186 | attackspam | 12/10/2019-10:55:45.206782 185.143.221.186 Protocol: 6 ET DROP Dshield Block Listed Source group 1 |
2019-12-11 00:55:05 |
| 114.79.2.167 | attack | Dec 10 14:52:33 marvibiene sshd[8241]: Invalid user ubnt from 114.79.2.167 port 63063 Dec 10 14:52:33 marvibiene sshd[8241]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.79.2.167 Dec 10 14:52:33 marvibiene sshd[8241]: Invalid user ubnt from 114.79.2.167 port 63063 Dec 10 14:52:36 marvibiene sshd[8241]: Failed password for invalid user ubnt from 114.79.2.167 port 63063 ssh2 ... |
2019-12-11 01:31:23 |
| 111.230.19.43 | attack | Dec 10 06:37:12 web1 sshd\[15943\]: Invalid user rpc from 111.230.19.43 Dec 10 06:37:12 web1 sshd\[15943\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.230.19.43 Dec 10 06:37:14 web1 sshd\[15943\]: Failed password for invalid user rpc from 111.230.19.43 port 48068 ssh2 Dec 10 06:43:58 web1 sshd\[16663\]: Invalid user catardi from 111.230.19.43 Dec 10 06:43:58 web1 sshd\[16663\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.230.19.43 |
2019-12-11 00:55:41 |
| 182.18.139.201 | attack | Dec 10 17:44:15 eventyay sshd[31177]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.18.139.201 Dec 10 17:44:17 eventyay sshd[31177]: Failed password for invalid user 123456 from 182.18.139.201 port 40292 ssh2 Dec 10 17:50:52 eventyay sshd[31375]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.18.139.201 ... |
2019-12-11 01:32:32 |
| 218.92.0.138 | attack | Dec 10 18:17:07 tux-35-217 sshd\[12420\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.138 user=root Dec 10 18:17:10 tux-35-217 sshd\[12420\]: Failed password for root from 218.92.0.138 port 5105 ssh2 Dec 10 18:17:13 tux-35-217 sshd\[12420\]: Failed password for root from 218.92.0.138 port 5105 ssh2 Dec 10 18:17:16 tux-35-217 sshd\[12420\]: Failed password for root from 218.92.0.138 port 5105 ssh2 ... |
2019-12-11 01:17:42 |