139.59.254.93 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Singapore

运营商(isp): Digital Ocean Inc.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	2020-07-23T18:09:35.869779sd-86998 sshd[24209]: Invalid user admin from 139.59.254.93 port 44669 2020-07-23T18:09:35.872143sd-86998 sshd[24209]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.254.93 2020-07-23T18:09:35.869779sd-86998 sshd[24209]: Invalid user admin from 139.59.254.93 port 44669 2020-07-23T18:09:37.829171sd-86998 sshd[24209]: Failed password for invalid user admin from 139.59.254.93 port 44669 ssh2 2020-07-23T18:14:05.587757sd-86998 sshd[24805]: Invalid user frontdesk from 139.59.254.93 port 55963 ...	2020-07-24 01:00:25
attackbots	Auto Fail2Ban report, multiple SSH login attempts.	2020-07-18 23:52:57
attack	Invalid user uftp from 139.59.254.93 port 46139	2020-07-18 16:47:29
attackbots	Jul 15 07:13:19 firewall sshd[29092]: Invalid user ldm from 139.59.254.93 Jul 15 07:13:21 firewall sshd[29092]: Failed password for invalid user ldm from 139.59.254.93 port 46584 ssh2 Jul 15 07:16:50 firewall sshd[29180]: Invalid user git from 139.59.254.93 ...	2020-07-15 18:17:57
attackbots	2020-07-14T02:26:05.419125server.mjenks.net sshd[1687138]: Invalid user arjun from 139.59.254.93 port 39917 2020-07-14T02:26:05.426453server.mjenks.net sshd[1687138]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.254.93 2020-07-14T02:26:05.419125server.mjenks.net sshd[1687138]: Invalid user arjun from 139.59.254.93 port 39917 2020-07-14T02:26:07.067755server.mjenks.net sshd[1687138]: Failed password for invalid user arjun from 139.59.254.93 port 39917 ssh2 2020-07-14T02:29:32.057302server.mjenks.net sshd[1687531]: Invalid user mother from 139.59.254.93 port 41650 ...	2020-07-14 17:11:29
attack	Jul 9 12:13:47 rotator sshd\[5668\]: Invalid user tujikai from 139.59.254.93Jul 9 12:13:49 rotator sshd\[5668\]: Failed password for invalid user tujikai from 139.59.254.93 port 42755 ssh2Jul 9 12:16:57 rotator sshd\[6474\]: Invalid user liviu from 139.59.254.93Jul 9 12:16:59 rotator sshd\[6474\]: Failed password for invalid user liviu from 139.59.254.93 port 40490 ssh2Jul 9 12:19:58 rotator sshd\[6543\]: Failed password for mail from 139.59.254.93 port 38045 ssh2Jul 9 12:22:48 rotator sshd\[7349\]: Invalid user tweety from 139.59.254.93 ...	2020-07-09 18:38:20
attackbotsspam	Jul 7 20:13:19 mout sshd[11165]: Invalid user amie from 139.59.254.93 port 60657	2020-07-08 02:31:53
attackspam	Jul 4 17:28:27 firewall sshd[14512]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.254.93 Jul 4 17:28:27 firewall sshd[14512]: Invalid user mina from 139.59.254.93 Jul 4 17:28:29 firewall sshd[14512]: Failed password for invalid user mina from 139.59.254.93 port 44369 ssh2 ...	2020-07-05 05:03:40
attackspam	Jun 25 14:24:42 eventyay sshd[2732]: Failed password for root from 139.59.254.93 port 43810 ssh2 Jun 25 14:26:08 eventyay sshd[2785]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.254.93 Jun 25 14:26:10 eventyay sshd[2785]: Failed password for invalid user willy from 139.59.254.93 port 55344 ssh2 ...	2020-06-25 23:13:06
attack	Jun 25 11:51:19 eventyay sshd[28828]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.254.93 Jun 25 11:51:22 eventyay sshd[28828]: Failed password for invalid user shreya1 from 139.59.254.93 port 35411 ssh2 Jun 25 11:54:39 eventyay sshd[28915]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.254.93 ...	2020-06-25 18:15:16
attackspambots	2020-06-15T23:57:56.942534lavrinenko.info sshd[19342]: Invalid user test1 from 139.59.254.93 port 40978 2020-06-15T23:57:56.952248lavrinenko.info sshd[19342]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.254.93 2020-06-15T23:57:56.942534lavrinenko.info sshd[19342]: Invalid user test1 from 139.59.254.93 port 40978 2020-06-15T23:57:59.526681lavrinenko.info sshd[19342]: Failed password for invalid user test1 from 139.59.254.93 port 40978 ssh2 2020-06-16T00:01:39.181004lavrinenko.info sshd[19554]: Invalid user rd from 139.59.254.93 port 44816 ...	2020-06-16 06:06:37
attackbots	2020-06-15T09:14:38.821118n23.at sshd[27310]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.254.93 2020-06-15T09:14:38.812822n23.at sshd[27310]: Invalid user abc from 139.59.254.93 port 37210 2020-06-15T09:14:40.575066n23.at sshd[27310]: Failed password for invalid user abc from 139.59.254.93 port 37210 ssh2 ...	2020-06-15 17:53:47
attackspambots	May 22 08:18:28 OPSO sshd\[18452\]: Invalid user wp-admin from 139.59.254.93 port 51568 May 22 08:18:28 OPSO sshd\[18452\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.254.93 May 22 08:18:30 OPSO sshd\[18452\]: Failed password for invalid user wp-admin from 139.59.254.93 port 51568 ssh2 May 22 08:22:53 OPSO sshd\[19289\]: Invalid user kbt from 139.59.254.93 port 59399 May 22 08:22:53 OPSO sshd\[19289\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.254.93	2020-05-22 15:25:52
attack	SSH authentication failure x 6 reported by Fail2Ban ...	2020-05-20 00:27:27
attackspam	SSH Invalid Login	2020-05-12 05:57:02
attackspam	SSH Invalid Login	2020-05-06 06:39:42
attack	Apr 29 22:01:28 mockhub sshd[21834]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.254.93 Apr 29 22:01:30 mockhub sshd[21834]: Failed password for invalid user lingna from 139.59.254.93 port 57727 ssh2 ...	2020-04-30 18:46:17
attack	Apr 18 13:51:56 ns382633 sshd\[2439\]: Invalid user admin1 from 139.59.254.93 port 37310 Apr 18 13:51:56 ns382633 sshd\[2439\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.254.93 Apr 18 13:51:58 ns382633 sshd\[2439\]: Failed password for invalid user admin1 from 139.59.254.93 port 37310 ssh2 Apr 18 14:01:11 ns382633 sshd\[4323\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.254.93 user=root Apr 18 14:01:14 ns382633 sshd\[4323\]: Failed password for root from 139.59.254.93 port 57856 ssh2	2020-04-18 22:28:11
attackbots	Apr 14 04:46:48 vps58358 sshd\[21234\]: Invalid user nfs from 139.59.254.93Apr 14 04:46:50 vps58358 sshd\[21234\]: Failed password for invalid user nfs from 139.59.254.93 port 39094 ssh2Apr 14 04:49:11 vps58358 sshd\[21282\]: Invalid user zini from 139.59.254.93Apr 14 04:49:13 vps58358 sshd\[21282\]: Failed password for invalid user zini from 139.59.254.93 port 58097 ssh2Apr 14 04:51:25 vps58358 sshd\[21309\]: Failed password for root from 139.59.254.93 port 48675 ssh2Apr 14 04:53:35 vps58358 sshd\[21343\]: Failed password for root from 139.59.254.93 port 39238 ssh2 ...	2020-04-14 13:36:49
attackspambots	Apr 10 20:41:30 host sshd[21765]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.254.93 user=root Apr 10 20:41:32 host sshd[21765]: Failed password for root from 139.59.254.93 port 40839 ssh2 ...	2020-04-11 03:14:14
attackspam	detected by Fail2Ban	2020-04-04 03:42:18
attackbotsspam	Mar 31 15:00:34 ewelt sshd[5861]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.254.93 user=root Mar 31 15:00:36 ewelt sshd[5861]: Failed password for root from 139.59.254.93 port 44839 ssh2 Mar 31 15:05:04 ewelt sshd[6158]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.254.93 user=root Mar 31 15:05:06 ewelt sshd[6158]: Failed password for root from 139.59.254.93 port 55261 ssh2 ...	2020-03-31 21:19:26

相同子网IP讨论:

IP	类型	评论内容	时间
139.59.254.74	attackbotsspam	POST /xmlrpc.php. Part of botnet attack -- 34 POST requests from 19 different IP addresses.	2019-12-27 00:20:59

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.59.254.93
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 5065
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.59.254.93.			IN	A

;; AUTHORITY SECTION:
.			514	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020033100 1800 900 604800 86400

;; Query time: 176 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Mar 31 21:19:16 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 93.254.59.139.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 93.254.59.139.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
36.227.127.240	attack	Honeypot attack, port: 445, PTR: 36-227-127-240.dynamic-ip.hinet.net.	2020-01-15 13:05:21
115.132.156.21	attackbots	1579064157 - 01/15/2020 05:55:57 Host: 115.132.156.21/115.132.156.21 Port: 445 TCP Blocked	2020-01-15 13:05:05
166.111.144.250	attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-01-15 13:17:44
94.177.189.102	attackspam	Unauthorized connection attempt detected from IP address 94.177.189.102 to port 2220 [J]	2020-01-15 09:28:39
101.99.168.56	attackspam	Honeypot attack, port: 5555, PTR: 101-99-168-56.d.c600.guam.net.	2020-01-15 13:19:36
13.233.245.49	attack	Jan 15 01:46:14 vpn01 sshd[15593]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.233.245.49 Jan 15 01:46:16 vpn01 sshd[15593]: Failed password for invalid user vagrant from 13.233.245.49 port 34350 ssh2 ...	2020-01-15 09:15:09
92.78.246.111	attack	Jan 15 05:55:52 lnxweb62 sshd[13408]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.78.246.111 Jan 15 05:55:52 lnxweb62 sshd[13410]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.78.246.111 Jan 15 05:55:54 lnxweb62 sshd[13408]: Failed password for invalid user pi from 92.78.246.111 port 55556 ssh2 Jan 15 05:55:54 lnxweb62 sshd[13410]: Failed password for invalid user pi from 92.78.246.111 port 55560 ssh2	2020-01-15 13:07:44
139.59.136.64	attackspambots	php WP PHPmyadamin ABUSE blocked for 12h	2020-01-15 13:00:15
112.85.42.178	attackbotsspam	Jan 14 15:06:37 web9 sshd\[9725\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.178 user=root Jan 14 15:06:39 web9 sshd\[9725\]: Failed password for root from 112.85.42.178 port 13894 ssh2 Jan 14 15:06:55 web9 sshd\[9772\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.178 user=root Jan 14 15:06:57 web9 sshd\[9772\]: Failed password for root from 112.85.42.178 port 47075 ssh2 Jan 14 15:07:00 web9 sshd\[9772\]: Failed password for root from 112.85.42.178 port 47075 ssh2	2020-01-15 09:16:59
51.255.168.127	attackspambots	20 attempts against mh-ssh on cloud.magehost.pro	2020-01-15 09:09:33
61.231.58.145	attack	Fail2Ban - FTP Abuse Attempt	2020-01-15 13:02:31
5.194.192.27	attackspambots	Unauthorised access (Jan 15) SRC=5.194.192.27 LEN=40 PREC=0x20 TTL=55 ID=61271 TCP DPT=23 WINDOW=60304 SYN	2020-01-15 13:04:14
88.230.7.159	attack	1579064144 - 01/15/2020 05:55:44 Host: 88.230.7.159/88.230.7.159 Port: 445 TCP Blocked	2020-01-15 13:10:32
159.138.155.128	attackspam	badbot	2020-01-15 09:21:43
58.58.224.166	attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-01-15 13:09:14

最近上报的IP列表

140.143.250.121	123.181.58.198	212.16.70.48	178.176.167.169
208.141.229.169	155.4.121.208	103.39.50.147	31.46.136.236
190.104.39.51	148.153.12.213	67.247.6.115	178.212.176.67
113.242.230.37	42.51.223.71	176.53.12.3	121.236.95.118
58.186.126.121	62.210.219.71	197.61.14.17	187.202.128.110