Check an IP Address, Domain Name, Subnet, or ASN

139.59.95.112 was found in our database!

$ whois 139.59.95.112

country·🇮🇳 India

city·Bengaluru

isp·DigitalOcean, LLC

asn·AS14061

network·Standard

$ sikker risk 139.59.95.112scoring →

confidence

69%High

first_seen·Jan 29, 2026

last_seen·1h ago

sessions·26

events·44

$ sikker protocols 139.59.95.112

SIP

7 / 20

HTTP

4 / 4

REDIS

2 / 4

SSH

3 / 3

RTSP

1 / 3

HTTPS

3 / 3

TELNET

2 / 3

FTP

2 / 2

SMB

2 / 2

$ sikker summary 139.59.95.112

139.59.95.112 has a threat confidence score of 69%. This IP address from India (AS14061, DigitalOcean, LLC) has been observed in 26 honeypot sessions targeting SIP, HTTP, REDIS, SSH, RTSP and 4 other protocols. First observed on January 29, 2026, most recently active March 20, 2026.

$ sikker behaviors 139.59.95.112catalog →

mediumRtsp Credentialed Options Probe1x

RTSP OPTIONS request containing embedded credentials in the URI (for example admin:password@host). Unlike standard discovery probes, this indicates an automated attempt to enumerate camera or media endpoints while testing known or default credentials. This pattern is commonly associated with IoT botnets and opportunistic scanners targeting exposed RTSP services rather than passive measurement traffic.

lowRtsp Options Probe1x

Client sends RTSP OPTIONS requests to check supported methods and confirm that an RTSP service is exposed, then disconnects without attempting authentication or stream setup. This pattern is typically associated with automated reconnaissance or internet-wide scanning rather than active stream access.

infoHttp Root Path Request1x

Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.

infoHttps Root Path Request1x

Identifies HTTPS requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration

$ sikker primitives 139.59.95.112

rtsp_options3 rtsp_options_with_admin_credentials3 http_method_get1 https_path_root1

$ sikker related 139.59.95.112

🇮🇳·More threats fromIndia→AS·More threats fromDigitalOcean, LLC→SIP·More threats targetingSIP→HTTP·More threats targetingHTTP→REDI·More threats targetingREDIS→SSH·More threats targetingSSH→RTSP·More threats targetingRTSP→HTTP·More threats targetingHTTPS→TELN·More threats targetingTELNET→FTP·More threats targetingFTP→SMB·More threats targetingSMB→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
129.212.190.51	50%	300
142.93.167.198	89%	39
164.92.165.52	57%	185
128.199.225.7	100%	2,344
161.35.236.116	40%	91

IP Address	Confidence	Events
183.83.52.80	26%	53
128.185.192.70	45%	380
52.66.69.41	95%	864
64.227.166.67	23%	1
103.140.19.162	38%	226