City: Bengaluru
Region: Karnataka
Country: India
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
| IP | Type | Details | Datetime |
|---|---|---|---|
| 139.59.91.254 | attackspambots | Jul 19 18:06:47 ajax sshd[11849]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.91.254 Jul 19 18:06:49 ajax sshd[11849]: Failed password for invalid user postgres from 139.59.91.254 port 48234 ssh2 |
2020-07-20 01:26:19 |
| 139.59.91.23 | attackbots | Invalid user admin from 139.59.91.23 port 53526 |
2020-04-17 14:06:35 |
| 139.59.91.23 | attack | Apr 16 13:44:27 www_kotimaassa_fi sshd[16132]: Failed password for root from 139.59.91.23 port 55098 ssh2 ... |
2020-04-17 01:24:59 |
| 139.59.91.22 | attackspam | Jan 19 22:08:06 vpn01 sshd[29170]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.91.22 Jan 19 22:08:08 vpn01 sshd[29170]: Failed password for invalid user hosting from 139.59.91.22 port 51236 ssh2 ... |
2020-01-20 05:54:07 |
| 139.59.91.165 | attackspambots | Unauthorized connection attempt detected from IP address 139.59.91.165 to port 2220 [J] |
2020-01-15 09:26:31 |
| 139.59.91.165 | attackspam | Unauthorized connection attempt detected from IP address 139.59.91.165 to port 2220 [J] |
2020-01-14 20:38:18 |
| 139.59.91.176 | attackspam | Nov 28 13:11:23 vpn01 sshd[12983]: Failed password for root from 139.59.91.176 port 56023 ssh2 ... |
2019-11-28 22:31:15 |
| 139.59.91.176 | attackspambots | Nov 27 15:03:21 vpn01 sshd[26949]: Failed password for root from 139.59.91.176 port 38403 ssh2 ... |
2019-11-27 22:08:31 |
| 139.59.91.215 | attackspam | 2019-11-24T07:59:53.405861matrix.arvenenaske.de sshd[358984]: Invalid user mysql from 139.59.91.215 port 37302 2019-11-24T07:59:53.410726matrix.arvenenaske.de sshd[358984]: pam_sss(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.91.215 user=mysql 2019-11-24T07:59:53.411274matrix.arvenenaske.de sshd[358984]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.91.215 2019-11-24T07:59:53.405861matrix.arvenenaske.de sshd[358984]: Invalid user mysql from 139.59.91.215 port 37302 2019-11-24T07:59:55.437052matrix.arvenenaske.de sshd[358984]: Failed password for invalid user mysql from 139.59.91.215 port 37302 ssh2 2019-11-24T08:06:20.413519matrix.arvenenaske.de sshd[359101]: Invalid user adhhostname from 139.59.91.215 port 50514 2019-11-24T08:06:20.418255matrix.arvenenaske.de sshd[359101]: pam_sss(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.91.215 user=adhh........ ------------------------------ |
2019-11-25 02:46:00 |
| 139.59.91.176 | attackbots | detected by Fail2Ban |
2019-11-10 19:30:54 |
| 139.59.91.176 | attackspam | Nov 7 08:26:32 vpn01 sshd[15260]: Failed password for root from 139.59.91.176 port 44660 ssh2 ... |
2019-11-07 20:11:37 |
| 139.59.91.139 | attackspambots | (sshd) Failed SSH login from 139.59.91.139 (-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 26 08:37:12 chookity sshd[30151]: Did not receive identification string from 139.59.91.139 port 60946 Sep 26 08:40:19 chookity sshd[30312]: Invalid user doctor from 139.59.91.139 port 33116 Sep 26 08:40:47 chookity sshd[30323]: Invalid user virus from 139.59.91.139 port 48666 Sep 26 08:41:15 chookity sshd[30326]: Invalid user windows from 139.59.91.139 port 37018 Sep 26 08:41:42 chookity sshd[30334]: Invalid user dummy from 139.59.91.139 port 52776 |
2019-09-26 21:00:58 |
| 139.59.91.139 | attackspambots | Sep 4 02:20:00 vpn01 sshd\[21555\]: Invalid user quan from 139.59.91.139 Sep 4 02:20:00 vpn01 sshd\[21555\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.91.139 Sep 4 02:20:02 vpn01 sshd\[21555\]: Failed password for invalid user quan from 139.59.91.139 port 53652 ssh2 |
2019-09-04 11:00:48 |
| 139.59.91.139 | attackbots | Sep 3 04:30:17 lcl-usvr-02 sshd[11852]: Invalid user patrick from 139.59.91.139 port 52970 Sep 3 04:30:17 lcl-usvr-02 sshd[11852]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.91.139 Sep 3 04:30:17 lcl-usvr-02 sshd[11852]: Invalid user patrick from 139.59.91.139 port 52970 Sep 3 04:30:18 lcl-usvr-02 sshd[11852]: Failed password for invalid user patrick from 139.59.91.139 port 52970 ssh2 Sep 3 04:34:49 lcl-usvr-02 sshd[12866]: Invalid user test from 139.59.91.139 port 51652 ... |
2019-09-03 05:51:44 |
| 139.59.91.139 | attack | Aug 15 10:51:50 localhost sshd[25589]: Invalid user est from 139.59.91.139 port 46252 Aug 15 10:51:50 localhost sshd[25589]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.91.139 Aug 15 10:51:50 localhost sshd[25589]: Invalid user est from 139.59.91.139 port 46252 Aug 15 10:51:52 localhost sshd[25589]: Failed password for invalid user est from 139.59.91.139 port 46252 ssh2 ... |
2019-08-15 16:18:48 |
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2025, American Registry for Internet Numbers, Ltd.
#
NetRange: 139.59.0.0 - 139.59.255.255
CIDR: 139.59.0.0/16
NetName: APNIC-ERX-139-59-0-0
NetHandle: NET-139-59-0-0-1
Parent: NET139 (NET-139-0-0-0-0)
NetType: Early Registrations, Transferred to APNIC
OriginAS:
Organization: Asia Pacific Network Information Centre (APNIC)
RegDate: 2004-03-03
Updated: 2009-10-08
Comment: This IP address range is not registered in the ARIN database.
Comment: This range was transferred to the APNIC Whois Database as
Comment: part of the ERX (Early Registration Transfer) project.
Comment: For details, refer to the APNIC Whois Database via
Comment: WHOIS.APNIC.NET or http://wq.apnic.net/apnic-bin/whois.pl
Comment:
Comment: ** IMPORTANT NOTE: APNIC is the Regional Internet Registry
Comment: for the Asia Pacific region. APNIC does not operate networks
Comment: using this IP address range and is not able to investigate
Comment: spam or abuse reports relating to these addresses. For more
Comment: help, refer to http://www.apnic.net/apnic-info/whois_search2/abuse-and-spamming
Ref: https://rdap.arin.net/registry/ip/139.59.0.0
ResourceLink: https://apps.db.ripe.net/db-web-ui/query
ResourceLink: whois.apnic.net
OrgName: Asia Pacific Network Information Centre
OrgId: APNIC
Address: PO Box 3646
City: South Brisbane
StateProv: QLD
PostalCode: 4101
Country: AU
RegDate:
Updated: 2012-01-24
Ref: https://rdap.arin.net/registry/entity/APNIC
ReferralServer: whois://whois.apnic.net
ResourceLink: https://apps.db.ripe.net/db-web-ui/query
OrgTechHandle: AWC12-ARIN
OrgTechName: APNIC Whois Contact
OrgTechPhone: +61 7 3858 3188
OrgTechEmail: search-apnic-not-arin@apnic.net
OrgTechRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
OrgAbuseHandle: AWC12-ARIN
OrgAbuseName: APNIC Whois Contact
OrgAbusePhone: +61 7 3858 3188
OrgAbuseEmail: search-apnic-not-arin@apnic.net
OrgAbuseRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2025, American Registry for Internet Numbers, Ltd.
#
Found a referral to whois.apnic.net.
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
% Information related to '139.59.80.0 - 139.59.95.255'
% Abuse contact for '139.59.80.0 - 139.59.95.255' is 'abuse@digitalocean.com'
inetnum: 139.59.80.0 - 139.59.95.255
netname: DIGITALOCEAN-AP
descr: DigitalOcean, LLC
country: IN
admin-c: DOIA2-AP
tech-c: DOIA2-AP
abuse-c: AD699-AP
status: ASSIGNED NON-PORTABLE
mnt-by: MAINT-DIGITALOCEAN-AP
mnt-irt: IRT-DIGITALOCEAN-AP
last-modified: 2020-05-31T21:36:27Z
source: APNIC
irt: IRT-DIGITALOCEAN-AP
address: 105 Edgeview Drive, Suite 425, Broomfield, Colorado 80021
e-mail: noc@digitalocean.com
abuse-mailbox: abuse@digitalocean.com
admin-c: DOIA2-AP
tech-c: DOIA2-AP
auth: # Filtered
remarks: noc@digitalocean.com was validated on 2025-05-20
remarks: abuse@digitalocean.com was validated on 2025-08-14
mnt-by: MAINT-DIGITALOCEAN-AP
last-modified: 2025-09-04T07:01:35Z
source: APNIC
role: ABUSE DIGITALOCEANAP
country: ZZ
address: 105 Edgeview Drive, Suite 425, Broomfield, Colorado 80021
phone: +000000000
e-mail: noc@digitalocean.com
admin-c: DOIA2-AP
tech-c: DOIA2-AP
nic-hdl: AD699-AP
remarks: Generated from irt object IRT-DIGITALOCEAN-AP
remarks: noc@digitalocean.com was validated on 2025-05-20
remarks: abuse@digitalocean.com was validated on 2025-08-14
abuse-mailbox: abuse@digitalocean.com
mnt-by: APNIC-ABUSE
last-modified: 2025-08-14T13:27:09Z
source: APNIC
role: Digital Ocean Inc administrator
address: 105 Edgeview Drive, Suite 425, Broomfield, Colorado 80021
country: US
phone: +1 646-827-4366
fax-no: +1 646-827-4366
e-mail: abuse@digitalocean.com
admin-c: DOIA2-AP
tech-c: DOIA2-AP
nic-hdl: DOIA2-AP
mnt-by: MAINT-DIGITALOCEAN-AP
last-modified: 2025-04-11T18:24:27Z
source: APNIC
% This query was served by the APNIC Whois Service version 1.88.36-SNAPSHOT (WHOIS-AU5); <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.59.91.121
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 6248
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;139.59.91.121. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025092701 1800 900 604800 86400
;; Query time: 38 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Sep 28 08:30:24 CST 2025
;; MSG SIZE rcvd: 106Host 121.91.59.139.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 121.91.59.139.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 77.42.117.215 | attackbotsspam | Honeypot attack, port: 23, PTR: PTR record not found |
2019-08-11 05:27:12 |
| 213.194.169.40 | attackspambots | Aug 10 22:42:58 v22018076622670303 sshd\[12160\]: Invalid user debora from 213.194.169.40 port 48158 Aug 10 22:42:58 v22018076622670303 sshd\[12160\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.194.169.40 Aug 10 22:43:00 v22018076622670303 sshd\[12160\]: Failed password for invalid user debora from 213.194.169.40 port 48158 ssh2 ... |
2019-08-11 05:46:33 |
| 122.156.123.109 | attackspam | Unauthorised access (Aug 10) SRC=122.156.123.109 LEN=40 TTL=49 ID=528 TCP DPT=8080 WINDOW=60584 SYN |
2019-08-11 05:41:46 |
| 182.254.222.241 | attack | Honeypot attack, port: 445, PTR: PTR record not found |
2019-08-11 05:40:49 |
| 171.109.252.136 | attack | Aug 10 22:41:57 v22018076622670303 sshd\[12149\]: Invalid user bjorn from 171.109.252.136 port 2547 Aug 10 22:41:57 v22018076622670303 sshd\[12149\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.109.252.136 Aug 10 22:41:59 v22018076622670303 sshd\[12149\]: Failed password for invalid user bjorn from 171.109.252.136 port 2547 ssh2 ... |
2019-08-11 05:07:00 |
| 138.197.78.121 | attack | Aug 10 21:34:43 pornomens sshd\[12433\]: Invalid user kasia from 138.197.78.121 port 57964 Aug 10 21:34:43 pornomens sshd\[12433\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.78.121 Aug 10 21:34:45 pornomens sshd\[12433\]: Failed password for invalid user kasia from 138.197.78.121 port 57964 ssh2 ... |
2019-08-11 05:16:36 |
| 78.186.245.16 | attack | Honeypot attack, port: 23, PTR: 78.186.245.16.static.ttnet.com.tr. |
2019-08-11 05:32:41 |
| 111.6.78.158 | attackbots | Aug 10 20:59:00 thevastnessof sshd[28475]: Failed password for root from 111.6.78.158 port 36173 ssh2 ... |
2019-08-11 05:05:29 |
| 194.135.123.66 | attack | Honeypot attack, port: 445, PTR: PTR record not found |
2019-08-11 05:33:39 |
| 162.243.144.186 | attack | MultiHost/MultiPort Probe, Scan, Hack - |
2019-08-11 05:24:59 |
| 209.85.167.51 | attackbots | sending fraudulent emails claiming to work for the Canadian embassy, Romanian embassy and Swedish Embassy. Scamming money from people. This person is a fake. |
2019-08-11 05:06:10 |
| 106.12.147.16 | attackspam | $f2bV_matches |
2019-08-11 05:38:48 |
| 142.93.240.79 | attackbotsspam | Aug 10 15:32:26 TORMINT sshd\[17945\]: Invalid user odoo from 142.93.240.79 Aug 10 15:32:26 TORMINT sshd\[17945\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.240.79 Aug 10 15:32:28 TORMINT sshd\[17945\]: Failed password for invalid user odoo from 142.93.240.79 port 48030 ssh2 ... |
2019-08-11 05:48:41 |
| 106.12.203.210 | attackbots | Aug 10 11:44:44 xtremcommunity sshd\[14796\]: Invalid user developer from 106.12.203.210 port 55815 Aug 10 11:44:44 xtremcommunity sshd\[14796\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.203.210 Aug 10 11:44:46 xtremcommunity sshd\[14796\]: Failed password for invalid user developer from 106.12.203.210 port 55815 ssh2 Aug 10 11:51:07 xtremcommunity sshd\[14964\]: Invalid user ciro from 106.12.203.210 port 51538 Aug 10 11:51:07 xtremcommunity sshd\[14964\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.203.210 ... |
2019-08-11 05:19:18 |
| 162.243.144.171 | attackspambots | MultiHost/MultiPort Probe, Scan, Hack - |
2019-08-11 05:27:46 |