139.59.20.246 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): India

运营商(isp): Digital Ocean Inc.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Automatic report - Banned IP Access	2020-05-23 03:49:26
attackbotsspam	AbusiveCrawling	2020-05-20 04:13:29

相同子网IP讨论:

IP	类型	评论内容	时间
139.59.20.176	attackbotsspam	Automatic report - Banned IP Access	2020-10-06 05:49:46
139.59.20.176	attackspam	Automatic report - Banned IP Access	2020-10-05 21:54:43
139.59.20.176	attackbots	Automatic report - Banned IP Access	2020-10-05 13:48:31
139.59.208.39	attackbotsspam	Port scan denied	2020-09-13 20:07:50
139.59.208.39	attack	TCP (SYN) 139.59.208.39:49233 -> port 80, len 40	2020-09-13 12:00:38
139.59.208.39	attackbotsspam	TCP (SYN) 139.59.208.39:49233 -> port 80, len 40	2020-09-13 03:49:55
139.59.20.249	attackbots	Jun 8 12:14:21 scivo sshd[10972]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.20.249 user=r.r Jun 8 12:14:23 scivo sshd[10972]: Failed password for r.r from 139.59.20.249 port 36510 ssh2 Jun 8 12:14:23 scivo sshd[10972]: Connection closed by 139.59.20.249 [preauth] Jun 8 12:17:11 scivo sshd[11153]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.20.249 user=r.r Jun 8 12:17:13 scivo sshd[11153]: Failed password for r.r from 139.59.20.249 port 47062 ssh2 Jun 8 12:17:13 scivo sshd[11153]: Connection closed by 139.59.20.249 [preauth] Jun 8 12:19:57 scivo sshd[11265]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.20.249 user=r.r Jun 8 12:19:59 scivo sshd[11265]: Failed password for r.r from 139.59.20.249 port 57210 ssh2 Jun 8 12:19:59 scivo sshd[11265]: Connection closed by 139.59.20.249 [preauth] Jun 8 12:22:38 scivo........ -------------------------------	2020-06-08 17:23:26
139.59.20.197	attackbotsspam	Jun 3 15:02:21 journals sshd\[63600\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.20.197 user=root Jun 3 15:02:23 journals sshd\[63600\]: Failed password for root from 139.59.20.197 port 58006 ssh2 Jun 3 15:05:01 journals sshd\[63951\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.20.197 user=root Jun 3 15:05:04 journals sshd\[63951\]: Failed password for root from 139.59.20.197 port 40132 ssh2 Jun 3 15:10:22 journals sshd\[2215\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.20.197 user=root ...	2020-06-04 00:41:16
139.59.209.97	attack	Attempt to hack Wordpress Login, XMLRPC or other login	2020-04-05 07:19:09
139.59.20.94	attackspambots	Jan 27 03:53:49 eddieflores sshd\[18195\]: Invalid user 6 from 139.59.20.94 Jan 27 03:53:49 eddieflores sshd\[18195\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.20.94 Jan 27 03:53:51 eddieflores sshd\[18195\]: Failed password for invalid user 6 from 139.59.20.94 port 34026 ssh2 Jan 27 03:57:34 eddieflores sshd\[18653\]: Invalid user afe from 139.59.20.94 Jan 27 03:57:34 eddieflores sshd\[18653\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.20.94	2020-01-27 22:06:15
139.59.20.248	attackspam	Dec 29 13:12:44 MK-Soft-Root1 sshd[27214]: Failed password for root from 139.59.20.248 port 46414 ssh2 ...	2019-12-29 21:56:08
139.59.20.248	attackspam	Dec 28 08:50:00 minden010 sshd[20500]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.20.248 Dec 28 08:50:02 minden010 sshd[20500]: Failed password for invalid user Milja from 139.59.20.248 port 60054 ssh2 Dec 28 08:53:34 minden010 sshd[21702]: Failed password for root from 139.59.20.248 port 34900 ssh2 ...	2019-12-28 21:30:49
139.59.20.248	attack	Dec 13 05:49:47 icinga sshd[26818]: Failed password for mysql from 139.59.20.248 port 50904 ssh2 Dec 13 05:56:09 icinga sshd[27470]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.20.248 ...	2019-12-13 13:14:31
139.59.20.248	attackbotsspam	Nov 20 05:33:41 hanapaa sshd\[30428\]: Invalid user server from 139.59.20.248 Nov 20 05:33:41 hanapaa sshd\[30428\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.20.248 Nov 20 05:33:43 hanapaa sshd\[30428\]: Failed password for invalid user server from 139.59.20.248 port 35344 ssh2 Nov 20 05:41:27 hanapaa sshd\[31140\]: Invalid user tool from 139.59.20.248 Nov 20 05:41:27 hanapaa sshd\[31140\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.20.248	2019-11-21 01:45:32
139.59.20.248	attackbotsspam	Nov 19 05:10:45 game-panel sshd[8532]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.20.248 Nov 19 05:10:47 game-panel sshd[8532]: Failed password for invalid user cluett from 139.59.20.248 port 54658 ssh2 Nov 19 05:14:57 game-panel sshd[8673]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.20.248	2019-11-19 13:23:32

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.59.20.246
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 65350
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.59.20.246.			IN	A

;; AUTHORITY SECTION:
.			358	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020051901 1800 900 604800 86400

;; Query time: 104 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed May 20 04:13:25 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 246.20.59.139.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 246.20.59.139.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
80.82.77.250	attack	11/02/2019-04:52:29.207788 80.82.77.250 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-11-02 14:04:09
218.78.44.63	attackbotsspam	Nov 2 05:45:59 dedicated sshd[28667]: Invalid user kabita from 218.78.44.63 port 37169	2019-11-02 13:50:03
52.187.17.107	attackspambots	Nov 1 17:49:06 auw2 sshd\[22432\]: Invalid user cqcq from 52.187.17.107 Nov 1 17:49:06 auw2 sshd\[22432\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.187.17.107 Nov 1 17:49:08 auw2 sshd\[22432\]: Failed password for invalid user cqcq from 52.187.17.107 port 11319 ssh2 Nov 1 17:53:56 auw2 sshd\[22848\]: Invalid user com from 52.187.17.107 Nov 1 17:53:56 auw2 sshd\[22848\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.187.17.107	2019-11-02 13:16:05
123.234.219.226	attackbots	2019-11-02T05:30:01.514442abusebot-5.cloudsearch.cf sshd\[20539\]: Invalid user test from 123.234.219.226 port 36261 2019-11-02T05:30:01.521662abusebot-5.cloudsearch.cf sshd\[20539\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.234.219.226	2019-11-02 14:02:36
45.61.172.60	attackspambots	(From eric@talkwithcustomer.com) Hello abcchiropractic.net, People ask, “why does TalkWithCustomer work so well?” It’s simple. TalkWithCustomer enables you to connect with a prospective customer at EXACTLY the Perfect Time. - NOT one week, two weeks, three weeks after they’ve checked out your website abcchiropractic.net. - NOT with a form letter style email that looks like it was written by a bot. - NOT with a robocall that could come at any time out of the blue. TalkWithCustomer connects you to that person within seconds of THEM asking to hear from YOU. They kick off the conversation. They take that first step. They ask to hear from you regarding what you have to offer and how it can make their life better. And it happens almost immediately. In real time. While they’re still looking over your website abcchiropractic.net, trying to make up their mind whether you are right for them. When you connect with them at that very moment it’s the ultimate in Perfect Timing – as one famo	2019-11-02 13:14:51
121.8.153.194	attackbotsspam	Nov 2 07:19:15 server sshd\[19884\]: Invalid user securityagent from 121.8.153.194 port 47362 Nov 2 07:19:15 server sshd\[19884\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.8.153.194 Nov 2 07:19:17 server sshd\[19884\]: Failed password for invalid user securityagent from 121.8.153.194 port 47362 ssh2 Nov 2 07:24:15 server sshd\[6292\]: User root from 121.8.153.194 not allowed because listed in DenyUsers Nov 2 07:24:15 server sshd\[6292\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.8.153.194 user=root	2019-11-02 13:53:37
41.43.125.185	attackspambots	Nov 2 04:35:13 xzibhostname postfix/smtpd[4875]: warning: hostname host-41.43.125.185.tedata.net does not resolve to address 41.43.125.185: Name or service not known Nov 2 04:35:13 xzibhostname postfix/smtpd[4875]: connect from unknown[41.43.125.185] Nov 2 04:35:14 xzibhostname postfix/smtpd[4876]: warning: hostname host-41.43.125.185.tedata.net does not resolve to address 41.43.125.185: Name or service not known Nov 2 04:35:14 xzibhostname postfix/smtpd[4876]: connect from unknown[41.43.125.185] Nov 2 04:36:01 xzibhostname postfix/smtpd[4876]: lost connection after CONNECT from unknown[41.43.125.185] Nov 2 04:36:01 xzibhostname postfix/smtpd[4876]: disconnect from unknown[41.43.125.185] Nov 2 04:36:01 xzibhostname postfix/smtpd[4875]: SSL_accept error from unknown[41.43.125.185]: lost connection Nov 2 04:36:01 xzibhostname postfix/smtpd[4875]: lost connection after CONNECT from unknown[41.43.125.185] Nov 2 04:36:01 xzibhostname postfix/smtpd[4875]: disconnect ........ -------------------------------	2019-11-02 14:00:48
37.187.46.74	attack	$f2bV_matches	2019-11-02 13:20:44
107.172.227.120	attack	(From eric@talkwithcustomer.com) Hello abcchiropractic.net, People ask, “why does TalkWithCustomer work so well?” It’s simple. TalkWithCustomer enables you to connect with a prospective customer at EXACTLY the Perfect Time. - NOT one week, two weeks, three weeks after they’ve checked out your website abcchiropractic.net. - NOT with a form letter style email that looks like it was written by a bot. - NOT with a robocall that could come at any time out of the blue. TalkWithCustomer connects you to that person within seconds of THEM asking to hear from YOU. They kick off the conversation. They take that first step. They ask to hear from you regarding what you have to offer and how it can make their life better. And it happens almost immediately. In real time. While they’re still looking over your website abcchiropractic.net, trying to make up their mind whether you are right for them. When you connect with them at that very moment it’s the ultimate in Perfect Timing – as one famo	2019-11-02 13:15:13
162.214.14.3	attackspam	Nov 2 06:59:54 server sshd\[25770\]: Invalid user test1 from 162.214.14.3 port 52418 Nov 2 06:59:54 server sshd\[25770\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.214.14.3 Nov 2 06:59:56 server sshd\[25770\]: Failed password for invalid user test1 from 162.214.14.3 port 52418 ssh2 Nov 2 07:03:40 server sshd\[28606\]: User root from 162.214.14.3 not allowed because listed in DenyUsers Nov 2 07:03:40 server sshd\[28606\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.214.14.3 user=root	2019-11-02 13:18:12
61.8.75.5	attack	Nov 1 18:42:59 web1 sshd\[22457\]: Invalid user tri_mulyanto from 61.8.75.5 Nov 1 18:42:59 web1 sshd\[22457\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.8.75.5 Nov 1 18:43:01 web1 sshd\[22457\]: Failed password for invalid user tri_mulyanto from 61.8.75.5 port 43128 ssh2 Nov 1 18:47:30 web1 sshd\[22856\]: Invalid user netdump from 61.8.75.5 Nov 1 18:47:30 web1 sshd\[22856\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.8.75.5	2019-11-02 13:42:59
1.204.239.19	attackbotsspam	Automatic report - Port Scan	2019-11-02 14:06:07
157.245.234.175	attackbotsspam	2019-11-02T03:52:23Z - RDP login failed multiple times. (157.245.234.175)	2019-11-02 14:05:16
92.53.90.179	attackspam	Port scan on 6 port(s): 5607 5769 5916 5950 6270 6371	2019-11-02 13:17:56
27.71.225.91	attackbotsspam	2019-11-02T04:59:03.691754abusebot-8.cloudsearch.cf sshd\[5800\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.71.225.91 user=root	2019-11-02 13:23:43

最近上报的IP列表

170.78.140.218	62.177.241.136	146.145.114.62	181.225.11.250
122.160.30.17	144.91.99.244	107.172.132.73	45.152.33.169
222.252.114.84	87.251.174.200	87.251.174.191	193.154.250.62
13.82.40.209	87.251.174.190	31.23.10.140	123.185.78.31
186.3.131.61	93.99.104.101	28.227.141.210	87.251.174.193