139.59.14.136 - IPInfo

基本信息:

城市(city): Bengaluru

省份(region): Karnataka

国家(country): India

运营商(isp): Digital Ocean Inc.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Jun 26 14:17:08 saturn sshd[434919]: Failed password for root from 139.59.14.136 port 60000 ssh2 Jun 26 14:22:34 saturn sshd[435116]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.14.136 user=root Jun 26 14:22:36 saturn sshd[435116]: Failed password for root from 139.59.14.136 port 60530 ssh2 ...	2020-06-27 00:24:52
attack	Fail2Ban Ban Triggered (2)	2020-06-24 07:58:12

类型

评论内容

时间

attackbots

Jun 26 14:17:08 saturn sshd[434919]: Failed password for root from 139.59.14.136 port 60000 ssh2
Jun 26 14:22:34 saturn sshd[435116]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.14.136  user=root
Jun 26 14:22:36 saturn sshd[435116]: Failed password for root from 139.59.14.136 port 60530 ssh2
...

2020-06-27 00:24:52

attack

Fail2Ban Ban Triggered (2)

2020-06-24 07:58:12

相同子网IP讨论:

IP	类型	评论内容	时间
139.59.148.56	attack	Oct 13 14:30:51 staging sshd[30119]: Invalid user adm from 139.59.148.56 port 59726 Oct 13 14:30:51 staging sshd[30119]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.148.56 Oct 13 14:30:51 staging sshd[30119]: Invalid user adm from 139.59.148.56 port 59726 Oct 13 14:30:53 staging sshd[30119]: Failed password for invalid user adm from 139.59.148.56 port 59726 ssh2 ...	2020-10-14 04:31:27
139.59.141.196	attack	139.59.141.196 - - [11/Oct/2020:16:45:30 +0100] "POST /wp-login.php HTTP/1.1" 200 2520 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.141.196 - - [11/Oct/2020:16:45:31 +0100] "POST /wp-login.php HTTP/1.1" 200 2478 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.141.196 - - [11/Oct/2020:16:45:32 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-12 00:48:43
139.59.141.196	attack	139.59.141.196 - - [10/Oct/2020:22:54:38 +0100] "POST /wp-login.php HTTP/1.1" 200 2398 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.141.196 - - [10/Oct/2020:22:54:39 +0100] "POST /wp-login.php HTTP/1.1" 200 2375 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.141.196 - - [10/Oct/2020:22:54:39 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-11 16:44:14
139.59.141.196	attackspambots	139.59.141.196 - - [10/Oct/2020:22:54:38 +0100] "POST /wp-login.php HTTP/1.1" 200 2398 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.141.196 - - [10/Oct/2020:22:54:39 +0100] "POST /wp-login.php HTTP/1.1" 200 2375 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.141.196 - - [10/Oct/2020:22:54:39 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-11 10:04:07
139.59.147.218	attackbots	xmlrpc attack	2020-10-06 05:38:03
139.59.147.218	attackbots	Automatic report - Banned IP Access	2020-10-05 21:42:20
139.59.147.218	attackbotsspam	memoran 139.59.147.218 [05/Oct/2020:09:39:59 "-" "POST /wp-login.php 200 6727 139.59.147.218 [05/Oct/2020:09:40:06 "-" "GET /wp-login.php 200 6618 139.59.147.218 [05/Oct/2020:09:40:12 "-" "POST /wp-login.php 200 6725	2020-10-05 13:36:21
139.59.141.196	attackspam	139.59.141.196 - - [28/Sep/2020:21:42:48 +0100] "POST /wp-login.php HTTP/1.1" 200 2340 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.141.196 - - [28/Sep/2020:21:42:48 +0100] "POST /wp-login.php HTTP/1.1" 200 2319 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.141.196 - - [28/Sep/2020:21:42:49 +0100] "POST /wp-login.php HTTP/1.1" 200 2324 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-29 05:30:47
139.59.141.196	attackspambots	139.59.141.196 - - [28/Sep/2020:13:25:38 +0100] "POST /wp-login.php HTTP/1.1" 200 2862 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.141.196 - - [28/Sep/2020:13:25:39 +0100] "POST /wp-login.php HTTP/1.1" 200 2831 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.141.196 - - [28/Sep/2020:13:25:40 +0100] "POST /wp-login.php HTTP/1.1" 200 2866 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-28 21:51:17
139.59.141.196	attack	WordPress wp-login brute force :: 139.59.141.196 0.116 - [28/Sep/2020:05:49:23 0000] [censored_1] "POST /wp-login.php HTTP/1.1" 200 2414 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "HTTP/1.1"	2020-09-28 13:58:01
139.59.141.196	attackbots	139.59.141.196 - - [13/Sep/2020:19:05:10 +0000] "POST /wp-login.php HTTP/1.1" 200 2077 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 139.59.141.196 - - [13/Sep/2020:19:05:11 +0000] "POST /wp-login.php HTTP/1.1" 200 2055 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 139.59.141.196 - - [13/Sep/2020:19:05:13 +0000] "POST /wp-login.php HTTP/1.1" 200 2052 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 139.59.141.196 - - [13/Sep/2020:19:05:15 +0000] "POST /wp-login.php HTTP/1.1" 200 2052 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 139.59.141.196 - - [13/Sep/2020:19:05:16 +0000] "POST /xmlrpc.php HTTP/1.1" 200 236 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-"	2020-09-14 03:29:50
139.59.141.196	attack	Automatic report generated by Wazuh	2020-09-13 19:29:40
139.59.14.210	attackspam	Sep 8 22:57:09 gitea sshd[39431]: Invalid user martinez from 139.59.14.210 port 39882 Sep 8 22:57:24 gitea sshd[48741]: Invalid user knoppix from 139.59.14.210 port 43882	2020-09-09 15:35:15
139.59.14.210	attack	Sep 8 22:57:09 gitea sshd[39431]: Invalid user martinez from 139.59.14.210 port 39882 Sep 8 22:57:24 gitea sshd[48741]: Invalid user knoppix from 139.59.14.210 port 43882	2020-09-09 07:44:41
139.59.146.28	attack	Attempting to access Wordpress login on a honeypot or private system.	2020-08-29 07:04:48

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.59.14.136
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 21494
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.59.14.136.			IN	A

;; AUTHORITY SECTION:
.			155	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020062301 1800 900 604800 86400

;; Query time: 119 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jun 24 07:58:08 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

136.14.59.139.in-addr.arpa domain name pointer shipkar.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
136.14.59.139.in-addr.arpa	name = shipkar.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
1.52.201.238	attackspam	Unauthorized connection attempt from IP address 1.52.201.238 on Port 445(SMB)	2020-03-18 10:07:55
71.40.80.50	attack	Unauthorized connection attempt from IP address 71.40.80.50 on Port 445(SMB)	2020-03-18 09:58:02
220.122.99.69	attack	Telnet/23 MH Probe, Scan, BF, Hack -	2020-03-18 10:08:17
110.49.40.2	attack	Unauthorized connection attempt from IP address 110.49.40.2 on Port 445(SMB)	2020-03-18 09:58:52
222.186.190.92	attackspambots	2020-03-18T02:33:53.062450vps773228.ovh.net sshd[21144]: Failed password for root from 222.186.190.92 port 18632 ssh2 2020-03-18T02:33:56.017247vps773228.ovh.net sshd[21144]: Failed password for root from 222.186.190.92 port 18632 ssh2 2020-03-18T02:33:59.716437vps773228.ovh.net sshd[21144]: Failed password for root from 222.186.190.92 port 18632 ssh2 2020-03-18T02:34:02.628716vps773228.ovh.net sshd[21144]: Failed password for root from 222.186.190.92 port 18632 ssh2 2020-03-18T02:34:05.821525vps773228.ovh.net sshd[21144]: Failed password for root from 222.186.190.92 port 18632 ssh2 ...	2020-03-18 09:35:55
118.89.41.227	attackspambots	Port scan detected on ports: 65529[TCP], 65529[TCP], 3389[TCP]	2020-03-18 09:35:13
14.166.162.172	attack	Unauthorized connection attempt from IP address 14.166.162.172 on Port 445(SMB)	2020-03-18 10:03:14
36.85.185.105	attack	Automatic report - Port Scan Attack	2020-03-18 09:54:01
59.115.71.16	attack	Unauthorized connection attempt from IP address 59.115.71.16 on Port 445(SMB)	2020-03-18 10:00:08
180.76.238.128	attackbots	Mar 18 02:12:06 vserver sshd\[30427\]: Invalid user jira from 180.76.238.128Mar 18 02:12:08 vserver sshd\[30427\]: Failed password for invalid user jira from 180.76.238.128 port 47644 ssh2Mar 18 02:16:24 vserver sshd\[30473\]: Failed password for root from 180.76.238.128 port 47542 ssh2Mar 18 02:20:25 vserver sshd\[30519\]: Failed password for root from 180.76.238.128 port 47184 ssh2 ...	2020-03-18 10:06:36
137.74.26.179	attackspam	2020-03-18T01:06:49.160961abusebot-2.cloudsearch.cf sshd[20844]: Invalid user telnet from 137.74.26.179 port 50042 2020-03-18T01:06:49.167476abusebot-2.cloudsearch.cf sshd[20844]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=137.74.26.179 2020-03-18T01:06:49.160961abusebot-2.cloudsearch.cf sshd[20844]: Invalid user telnet from 137.74.26.179 port 50042 2020-03-18T01:06:50.746310abusebot-2.cloudsearch.cf sshd[20844]: Failed password for invalid user telnet from 137.74.26.179 port 50042 ssh2 2020-03-18T01:11:11.728430abusebot-2.cloudsearch.cf sshd[21073]: Invalid user redmine from 137.74.26.179 port 43980 2020-03-18T01:11:11.735462abusebot-2.cloudsearch.cf sshd[21073]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=137.74.26.179 2020-03-18T01:11:11.728430abusebot-2.cloudsearch.cf sshd[21073]: Invalid user redmine from 137.74.26.179 port 43980 2020-03-18T01:11:13.615405abusebot-2.cloudsearch.cf sshd[21073]: ...	2020-03-18 10:10:53
192.144.164.167	attackbotsspam	Mar 17 23:54:21 *** sshd[13703]: User root from 192.144.164.167 not allowed because not listed in AllowUsers	2020-03-18 10:04:48
194.61.27.241	attack	Multiport scan : 7 ports scanned 3388 3390 3391 3392 3393 13389 33389	2020-03-18 09:34:39
122.3.55.209	attackspam	Unauthorized connection attempt from IP address 122.3.55.209 on Port 445(SMB)	2020-03-18 10:08:36
190.75.204.59	attackbots	Unauthorized connection attempt from IP address 190.75.204.59 on Port 445(SMB)	2020-03-18 09:46:46

最近上报的IP列表

196.94.66.117	116.70.221.248	172.69.70.195	95.181.39.65
12.78.52.113	24.146.115.247	118.0.4.116	2.48.3.18
216.110.62.99	154.199.251.180	200.252.195.146	195.65.48.186
199.59.62.236	88.181.116.220	122.46.196.209	187.223.245.217
23.254.30.102	80.11.74.133	114.255.15.130	180.196.123.88