139.59.22.106 - IPInfo

基本信息:

城市(city): Bengaluru

省份(region): Karnataka

国家(country): India

运营商(isp): Digital Ocean Inc.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Jan 16 18:18:36 firewall sshd[32170]: Failed password for invalid user test from 139.59.22.106 port 44906 ssh2 Jan 16 18:20:53 firewall sshd[32261]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.22.106 user=root Jan 16 18:20:55 firewall sshd[32261]: Failed password for root from 139.59.22.106 port 56406 ssh2 ...	2020-01-17 05:30:21

类型

评论内容

时间

attack

Jan 16 18:18:36 firewall sshd[32170]: Failed password for invalid user test from 139.59.22.106 port 44906 ssh2
Jan 16 18:20:53 firewall sshd[32261]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.22.106  user=root
Jan 16 18:20:55 firewall sshd[32261]: Failed password for root from 139.59.22.106 port 56406 ssh2
...

2020-01-17 05:30:21

相同子网IP讨论:

IP	类型	评论内容	时间
139.59.228.154	attackspambots	Unauthorised connection attempt detected at AUO NODE 4. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-10-08 05:13:06
139.59.228.154	attackbots	Unauthorised connection attempt detected at AUO NODE 4. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-10-07 21:36:43
139.59.228.154	attack	20 attempts against mh-ssh on cloud	2020-10-07 13:23:50
139.59.22.2	attackbotsspam	Web App Attack	2020-08-08 07:51:29
139.59.228.226	attackspam	WordPress brute force	2020-06-17 08:41:58
139.59.22.169	attack	Mar 6 19:57:23 hcbbdb sshd\[24189\]: Invalid user tss from 139.59.22.169 Mar 6 19:57:23 hcbbdb sshd\[24189\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.22.169 Mar 6 19:57:25 hcbbdb sshd\[24189\]: Failed password for invalid user tss from 139.59.22.169 port 42788 ssh2 Mar 6 20:01:48 hcbbdb sshd\[24708\]: Invalid user nicolas from 139.59.22.169 Mar 6 20:01:48 hcbbdb sshd\[24708\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.22.169	2020-03-07 04:39:55
139.59.22.169	attackbots	SSH authentication failure x 6 reported by Fail2Ban ...	2020-02-25 20:21:21
139.59.22.169	attackbots	Feb 11 08:04:45 mout sshd[30769]: Invalid user rat from 139.59.22.169 port 53612	2020-02-11 17:08:10
139.59.224.32	attackbotsspam	$f2bV_matches	2020-02-04 23:04:45
139.59.22.169	attackspambots	Unauthorized connection attempt detected from IP address 139.59.22.169 to port 2220 [J]	2020-02-04 21:04:17
139.59.22.169	attackspambots	Jan 10 22:09:44 mail sshd[15644]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.22.169 user=root Jan 10 22:09:45 mail sshd[15644]: Failed password for root from 139.59.22.169 port 46936 ssh2 ...	2020-01-11 07:22:19
139.59.22.169	attack	$f2bV_matches	2020-01-08 05:45:34
139.59.22.169	attackspam	Unauthorized connection attempt detected from IP address 139.59.22.169 to port 2220 [J]	2020-01-06 08:50:57
139.59.22.169	attack	Automatic report - Banned IP Access	2020-01-02 01:46:01
139.59.22.169	attackspambots	Dec 21 13:25:55 gw1 sshd[19962]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.22.169 Dec 21 13:25:56 gw1 sshd[19962]: Failed password for invalid user class2005 from 139.59.22.169 port 42452 ssh2 ...	2019-12-21 16:43:01

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.59.22.106
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 37979
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.59.22.106.			IN	A

;; AUTHORITY SECTION:
.			514	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020011601 1800 900 604800 86400

;; Query time: 849 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jan 17 05:30:18 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 106.22.59.139.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 106.22.59.139.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
187.189.51.123	attackspam	$f2bV_matches	2020-07-07 01:56:48
2.228.138.58	attack	Unauthorized connection attempt detected from IP address 2.228.138.58 to port 23	2020-07-07 02:33:09
148.70.169.14	attackbotsspam	Icarus honeypot on github	2020-07-07 02:05:16
82.64.153.14	attack	Jul 6 17:11:08 abendstille sshd\[32441\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.64.153.14 user=root Jul 6 17:11:10 abendstille sshd\[32441\]: Failed password for root from 82.64.153.14 port 51176 ssh2 Jul 6 17:14:13 abendstille sshd\[3100\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.64.153.14 user=root Jul 6 17:14:15 abendstille sshd\[3100\]: Failed password for root from 82.64.153.14 port 47462 ssh2 Jul 6 17:17:24 abendstille sshd\[5974\]: Invalid user openhabian from 82.64.153.14 Jul 6 17:17:24 abendstille sshd\[5974\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.64.153.14 ...	2020-07-07 02:24:47
184.105.139.95	attackspambots	srv02 Mass scanning activity detected Target: 11211 ..	2020-07-07 02:09:02
58.48.152.75	attackspam	Unauthorized connection attempt detected from IP address 58.48.152.75 to port 23	2020-07-07 02:14:36
134.122.28.208	attackbotsspam	TCP (SYN) 134.122.28.208:48074 -> port 11069, len 44	2020-07-07 02:16:27
111.72.197.211	attack	Jul 6 15:36:35 srv01 postfix/smtpd\[19562\]: warning: unknown\[111.72.197.211\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 6 15:36:48 srv01 postfix/smtpd\[19562\]: warning: unknown\[111.72.197.211\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 6 15:37:03 srv01 postfix/smtpd\[19562\]: warning: unknown\[111.72.197.211\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 6 15:37:23 srv01 postfix/smtpd\[19562\]: warning: unknown\[111.72.197.211\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 6 15:37:35 srv01 postfix/smtpd\[19562\]: warning: unknown\[111.72.197.211\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-07-07 02:17:14
183.80.255.23	attack	183.80.255.23 - - \[06/Jul/2020:15:46:35 +0200\] "POST /wp-login.php HTTP/1.0" 200 6963 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 183.80.255.23 - - \[06/Jul/2020:15:46:39 +0200\] "POST /wp-login.php HTTP/1.0" 200 6967 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 183.80.255.23 - - \[06/Jul/2020:15:46:42 +0200\] "POST /wp-login.php HTTP/1.0" 200 6963 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2020-07-07 02:21:04
54.197.204.196	attack	54.197.204.196 - - [06/Jul/2020:15:56:16 +0200] "POST /xmlrpc.php HTTP/1.1" 403 613 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 54.197.204.196 - - [06/Jul/2020:16:16:52 +0200] "POST /xmlrpc.php HTTP/1.1" 403 461 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-07-07 02:10:25
188.165.24.200	attackbots	Jul 6 19:54:52 inter-technics sshd[26867]: Invalid user admin from 188.165.24.200 port 56120 Jul 6 19:54:52 inter-technics sshd[26867]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.165.24.200 Jul 6 19:54:52 inter-technics sshd[26867]: Invalid user admin from 188.165.24.200 port 56120 Jul 6 19:54:54 inter-technics sshd[26867]: Failed password for invalid user admin from 188.165.24.200 port 56120 ssh2 Jul 6 19:56:07 inter-technics sshd[27001]: Invalid user ans from 188.165.24.200 port 49670 ...	2020-07-07 02:06:03
104.238.120.74	attackbots	Automatic report - XMLRPC Attack	2020-07-07 02:09:45
42.115.146.21	attackspambots	1594040028 - 07/06/2020 14:53:48 Host: 42.115.146.21/42.115.146.21 Port: 445 TCP Blocked	2020-07-07 02:21:47
106.12.31.186	attack	Jul 6 12:24:28 raspberrypi sshd[28047]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.31.186 user=root Jul 6 12:24:30 raspberrypi sshd[28047]: Failed password for invalid user root from 106.12.31.186 port 39002 ssh2 Jul 6 12:34:10 raspberrypi sshd[28342]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.31.186 ...	2020-07-07 02:25:58
222.186.175.23	attackbotsspam	Jul 6 19:58:16 amit sshd\[27550\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.23 user=root Jul 6 19:58:18 amit sshd\[27550\]: Failed password for root from 222.186.175.23 port 42182 ssh2 Jul 6 19:58:19 amit sshd\[27550\]: Failed password for root from 222.186.175.23 port 42182 ssh2 ...	2020-07-07 02:00:35

最近上报的IP列表

125.62.96.118	119.116.136.43	171.245.89.17	118.39.212.170
89.135.127.193	105.136.100.232	178.208.241.152	17.219.199.195
188.69.171.78	193.221.194.24	183.235.191.78	185.82.220.158
22.98.166.168	126.158.21.21	26.99.22.22	148.217.233.11
106.18.157.177	146.251.7.184	86.64.6.181	98.86.102.64