139.59.20.197 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): India

运营商(isp): Digital Ocean Inc.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Jun 3 15:02:21 journals sshd\[63600\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.20.197 user=root Jun 3 15:02:23 journals sshd\[63600\]: Failed password for root from 139.59.20.197 port 58006 ssh2 Jun 3 15:05:01 journals sshd\[63951\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.20.197 user=root Jun 3 15:05:04 journals sshd\[63951\]: Failed password for root from 139.59.20.197 port 40132 ssh2 Jun 3 15:10:22 journals sshd\[2215\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.20.197 user=root ...	2020-06-04 00:41:16

类型

评论内容

时间

attackbotsspam

Jun  3 15:02:21 journals sshd\[63600\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.20.197  user=root
Jun  3 15:02:23 journals sshd\[63600\]: Failed password for root from 139.59.20.197 port 58006 ssh2
Jun  3 15:05:01 journals sshd\[63951\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.20.197  user=root
Jun  3 15:05:04 journals sshd\[63951\]: Failed password for root from 139.59.20.197 port 40132 ssh2
Jun  3 15:10:22 journals sshd\[2215\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.20.197  user=root
...

2020-06-04 00:41:16

相同子网IP讨论:

IP	类型	评论内容	时间
139.59.20.176	attackbotsspam	Automatic report - Banned IP Access	2020-10-06 05:49:46
139.59.20.176	attackspam	Automatic report - Banned IP Access	2020-10-05 21:54:43
139.59.20.176	attackbots	Automatic report - Banned IP Access	2020-10-05 13:48:31
139.59.208.39	attackbotsspam	Port scan denied	2020-09-13 20:07:50
139.59.208.39	attack	TCP (SYN) 139.59.208.39:49233 -> port 80, len 40	2020-09-13 12:00:38
139.59.208.39	attackbotsspam	TCP (SYN) 139.59.208.39:49233 -> port 80, len 40	2020-09-13 03:49:55
139.59.20.249	attackbots	Jun 8 12:14:21 scivo sshd[10972]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.20.249 user=r.r Jun 8 12:14:23 scivo sshd[10972]: Failed password for r.r from 139.59.20.249 port 36510 ssh2 Jun 8 12:14:23 scivo sshd[10972]: Connection closed by 139.59.20.249 [preauth] Jun 8 12:17:11 scivo sshd[11153]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.20.249 user=r.r Jun 8 12:17:13 scivo sshd[11153]: Failed password for r.r from 139.59.20.249 port 47062 ssh2 Jun 8 12:17:13 scivo sshd[11153]: Connection closed by 139.59.20.249 [preauth] Jun 8 12:19:57 scivo sshd[11265]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.20.249 user=r.r Jun 8 12:19:59 scivo sshd[11265]: Failed password for r.r from 139.59.20.249 port 57210 ssh2 Jun 8 12:19:59 scivo sshd[11265]: Connection closed by 139.59.20.249 [preauth] Jun 8 12:22:38 scivo........ -------------------------------	2020-06-08 17:23:26
139.59.20.246	attackspambots	Automatic report - Banned IP Access	2020-05-23 03:49:26
139.59.20.246	attackbotsspam	AbusiveCrawling	2020-05-20 04:13:29
139.59.209.97	attack	Attempt to hack Wordpress Login, XMLRPC or other login	2020-04-05 07:19:09
139.59.20.94	attackspambots	Jan 27 03:53:49 eddieflores sshd\[18195\]: Invalid user 6 from 139.59.20.94 Jan 27 03:53:49 eddieflores sshd\[18195\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.20.94 Jan 27 03:53:51 eddieflores sshd\[18195\]: Failed password for invalid user 6 from 139.59.20.94 port 34026 ssh2 Jan 27 03:57:34 eddieflores sshd\[18653\]: Invalid user afe from 139.59.20.94 Jan 27 03:57:34 eddieflores sshd\[18653\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.20.94	2020-01-27 22:06:15
139.59.20.248	attackspam	Dec 29 13:12:44 MK-Soft-Root1 sshd[27214]: Failed password for root from 139.59.20.248 port 46414 ssh2 ...	2019-12-29 21:56:08
139.59.20.248	attackspam	Dec 28 08:50:00 minden010 sshd[20500]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.20.248 Dec 28 08:50:02 minden010 sshd[20500]: Failed password for invalid user Milja from 139.59.20.248 port 60054 ssh2 Dec 28 08:53:34 minden010 sshd[21702]: Failed password for root from 139.59.20.248 port 34900 ssh2 ...	2019-12-28 21:30:49
139.59.20.248	attack	Dec 13 05:49:47 icinga sshd[26818]: Failed password for mysql from 139.59.20.248 port 50904 ssh2 Dec 13 05:56:09 icinga sshd[27470]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.20.248 ...	2019-12-13 13:14:31
139.59.20.248	attackbotsspam	Nov 20 05:33:41 hanapaa sshd\[30428\]: Invalid user server from 139.59.20.248 Nov 20 05:33:41 hanapaa sshd\[30428\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.20.248 Nov 20 05:33:43 hanapaa sshd\[30428\]: Failed password for invalid user server from 139.59.20.248 port 35344 ssh2 Nov 20 05:41:27 hanapaa sshd\[31140\]: Invalid user tool from 139.59.20.248 Nov 20 05:41:27 hanapaa sshd\[31140\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.20.248	2019-11-21 01:45:32

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.59.20.197
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 23114
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.59.20.197.			IN	A

;; AUTHORITY SECTION:
.			533	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020060300 1800 900 604800 86400

;; Query time: 123 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jun 04 00:41:11 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 197.20.59.139.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 197.20.59.139.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
180.76.151.90	attackbots	2020-07-07 UTC: (14x) - admin,debora,gui,ian,lidio,lpi,root(4x),simpsons,tigrou,vserver,work1	2020-07-08 18:55:03
222.186.175.154	attackbotsspam	Jul 8 12:57:34 vps sshd[684730]: Failed password for root from 222.186.175.154 port 42936 ssh2 Jul 8 12:57:37 vps sshd[684730]: Failed password for root from 222.186.175.154 port 42936 ssh2 Jul 8 12:57:40 vps sshd[684730]: Failed password for root from 222.186.175.154 port 42936 ssh2 Jul 8 12:57:44 vps sshd[684730]: Failed password for root from 222.186.175.154 port 42936 ssh2 Jul 8 12:57:47 vps sshd[684730]: Failed password for root from 222.186.175.154 port 42936 ssh2 ...	2020-07-08 19:01:44
138.185.125.76	attackspambots	Unauthorized connection attempt detected from IP address 138.185.125.76 to port 8080	2020-07-08 18:47:19
125.124.32.85	attackbots	Fail2Ban - SSH Bruteforce Attempt	2020-07-08 18:58:07
91.233.42.38	attack	k+ssh-bruteforce	2020-07-08 19:02:27
118.98.127.138	attackspambots	Unauthorized access or intrusion attempt detected from Thor banned IP	2020-07-08 19:04:36
51.210.96.169	attackbots	Jul 8 12:53:48 jane sshd[6596]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.210.96.169 Jul 8 12:53:50 jane sshd[6596]: Failed password for invalid user hadoop from 51.210.96.169 port 39450 ssh2 ...	2020-07-08 18:57:54
185.176.27.42	attack	TCP (SYN) 185.176.27.42:58993 -> port 40985, len 44	2020-07-08 18:58:48
51.38.127.227	attackspam	fail2ban -- 51.38.127.227 ...	2020-07-08 19:10:01
176.36.192.193	attackbots	Jul 8 13:41:28 gw1 sshd[9361]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=176.36.192.193 Jul 8 13:41:29 gw1 sshd[9361]: Failed password for invalid user helen from 176.36.192.193 port 58686 ssh2 ...	2020-07-08 18:42:52
106.52.133.45	attackbotsspam	Jul 8 04:40:58 l03 sshd[26236]: Invalid user ROOT from 106.52.133.45 port 35390 ...	2020-07-08 18:39:13
185.173.35.17	attack	UDP port : 1434	2020-07-08 19:09:04
117.89.134.231	attackbotsspam	2020-07-08T06:03:16.3189581495-001 sshd[8556]: Invalid user dowon from 117.89.134.231 port 50434 2020-07-08T06:03:17.7243371495-001 sshd[8556]: Failed password for invalid user dowon from 117.89.134.231 port 50434 ssh2 2020-07-08T06:07:15.4070771495-001 sshd[8693]: Invalid user filter from 117.89.134.231 port 45554 2020-07-08T06:07:15.4141641495-001 sshd[8693]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.89.134.231 2020-07-08T06:07:15.4070771495-001 sshd[8693]: Invalid user filter from 117.89.134.231 port 45554 2020-07-08T06:07:17.6199021495-001 sshd[8693]: Failed password for invalid user filter from 117.89.134.231 port 45554 ssh2 ...	2020-07-08 18:40:12
106.12.60.246	attackspam	$f2bV_matches	2020-07-08 18:59:29
2607:5300:60:56c3::	attack	2607:5300:60:56c3:: - - [08/Jul/2020:12:34:49 +0200] "www.ruhnke.cloud" "POST /wp-login.php HTTP/1.1" 200 2822 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" ...	2020-07-08 18:43:10

最近上报的IP列表

58.180.211.117	187.178.86.47	45.95.168.117	156.241.71.110
110.232.64.169	139.215.162.196	178.163.84.13	125.25.184.32
162.243.140.84	160.153.147.140	185.143.223.254	194.182.5.116
196.0.113.110	158.222.8.178	50.4.86.76	51.104.0.170
45.143.223.62	186.235.254.139	72.52.216.50	82.137.217.217