IP address

Passive DNS

Tags:

IP blacklists

DataPlane TELNET login

139.59.24.250 is listed on the DataPlane TELNET login blacklist.

Description: DataPlane.org is a community-powered Internet data, feeds,<br>and measurement resource for operators, by operators. IPs trying<br>an unsolicited login via TELNET password authentication.
Type of feed: primary (feed detail page)

Last checked at: 2025-12-20 07:10:07.113000
Was present on blacklist at: 2025-12-12 23:10, 2025-12-13 03:10, 2025-12-13 07:10, 2025-12-13 11:10, 2025-12-13 15:10, 2025-12-13 19:10, 2025-12-13 23:10, 2025-12-14 03:10, 2025-12-14 07:10, 2025-12-14 11:10, 2025-12-14 15:10, 2025-12-14 19:10, 2025-12-14 23:10, 2025-12-15 03:10, 2025-12-15 07:10, 2025-12-15 11:10, 2025-12-15 15:10, 2025-12-15 19:10, 2025-12-15 23:10, 2025-12-16 03:10, 2025-12-16 07:10, 2025-12-16 11:10, 2025-12-16 15:10, 2025-12-16 19:10, 2025-12-16 23:10, 2025-12-17 03:10, 2025-12-17 07:10, 2025-12-17 11:10, 2025-12-17 15:10, 2025-12-17 19:10, 2025-12-17 23:10, 2025-12-18 03:10, 2025-12-18 07:10, 2025-12-18 11:10, 2025-12-18 15:10, 2025-12-18 19:10, 2025-12-18 23:10, 2025-12-19 03:10, 2025-12-19 07:10, 2025-12-19 11:10, 2025-12-19 15:10, 2025-12-19 19:10, 2025-12-19 23:10, 2025-12-20 03:10, 2025-12-20 07:10

Spamhaus XBL CBL

139.59.24.250 is listed on the Spamhaus XBL CBL blacklist.

Description: The Spamhaus Exploits Block List (XBL) is a realtime database of IP addresses of hijacked PCs infected by illegal 3rd party exploits, including open proxies, worms/viruses with built-in spam engines, and other types of trojan-horse exploits.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2025-12-19 23:41:03.016000
Was present on blacklist at: 2025-12-12 23:40, 2025-12-19 23:41

Turris greylist

139.59.24.250 is listed on the Turris greylist blacklist.

Description: Greylist is the output of the Turris research project by CZ.NIC,<br>which collects data of malicious IPs.
Type of feed: primary (feed detail page)

Last checked at: 2025-12-16 22:15:00.144000
Was present on blacklist at: 2025-12-14 22:15, 2025-12-16 22:15

AbuseIPDB

139.59.24.250 is listed on the AbuseIPDB blacklist.

Description: AbuseIPDB is a project managed by Marathon Studios Inc.<br>Lists IPs performing a malicious activity (DDoS, spam, phishing...)
Type of feed: primary (feed detail page)

Last checked at: 2025-12-15 05:00:00.709000
Was present on blacklist at: 2025-12-15 05:00

DShield reports (IP summary, reports)

2025-12-14: Number of reports: 16; Distinct targets: 6

Origin AS: AS14061 - DIGITALOCEAN-ASN
BGP Prefix: 139.59.16.0/20
geo: India, Bengaluru; 🕑 Asia/Kolkata
hostname: (null)
Address block ('inetnum' or 'NetRange' in whois database): 139.59.0.0 - 139.59.255.255
reserved_range: 0
Shodan's InternetDB: Open ports: 22, 80; Tags: cloud; CPEs: cpe:/a:openbsd:openssh:7.6p1, cpe:/o:canonical:ubuntu_linux, cpe:/a:apache:http_server:2.4.29
ts_added: 2025-12-12 23:40:57.218000
ts_last_update: 2025-12-20 07:41:21.141000

Warden event timeline

DShield event timeline

Presence on blacklists