139.59.5.178 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Singapore

运营商(isp): Digital Ocean Inc.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Honeypot attack, port: 23, PTR: PTR record not found	2019-07-30 03:43:03
attackbots	DATE:2019-07-23 01:27:58, IP:139.59.5.178, PORT:telnet - Telnet brute force auth on a honeypot server (epe-dc)	2019-07-23 08:57:21
attack	DATE:2019-07-22_18:26:42, IP:139.59.5.178, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2019-07-23 06:10:33
attack	18.07.2019 01:59:54 Connection to port 23 blocked by firewall	2019-07-18 11:57:15
attackbots	23/tcp 23/tcp 23/tcp... [2019-06-03/07-05]173pkt,1pt.(tcp)	2019-07-08 00:56:32
attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2019-06-24 10:22:22

相同子网IP讨论:

IP	类型	评论内容	时间
139.59.5.179	attack	139.59.5.179 - - [06/Oct/2020:19:11:30 +0100] "POST /wp-login.php HTTP/1.1" 200 2426 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.5.179 - - [06/Oct/2020:19:11:31 +0100] "POST /wp-login.php HTTP/1.1" 200 2407 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.5.179 - - [06/Oct/2020:19:11:33 +0100] "POST /wp-login.php HTTP/1.1" 200 2441 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-07 04:09:06
139.59.59.75	attackbots	139.59.59.75 - - [06/Oct/2020:20:12:56 +0100] "POST /wp-login.php HTTP/1.1" 200 2141 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.59.75 - - [06/Oct/2020:20:12:58 +0100] "POST /wp-login.php HTTP/1.1" 200 2173 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.59.75 - - [06/Oct/2020:20:12:58 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-07 03:56:44
139.59.5.179	attack	CMS (WordPress or Joomla) login attempt.	2020-10-06 20:11:48
139.59.59.75	attackbots	139.59.59.75 is unauthorized and has been banned by fail2ban	2020-10-06 19:57:50
139.59.58.115	attackspam	TCP (SYN) 139.59.58.115:41161 -> port 16666, len 44	2020-10-04 05:48:16
139.59.58.115	attackspam	Port Scan ...	2020-10-03 13:31:50
139.59.59.102	attackspam	Port scan: Attack repeated for 24 hours	2020-10-02 06:56:36
139.59.59.102	attackspambots	Oct 1 17:23:04 localhost sshd\[6134\]: Invalid user mailer from 139.59.59.102 Oct 1 17:23:04 localhost sshd\[6134\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.59.102 Oct 1 17:23:06 localhost sshd\[6134\]: Failed password for invalid user mailer from 139.59.59.102 port 58682 ssh2 Oct 1 17:26:56 localhost sshd\[6532\]: Invalid user Qwer123456 from 139.59.59.102 Oct 1 17:26:56 localhost sshd\[6532\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.59.102 ...	2020-10-01 23:28:05
139.59.57.2	attack	2020-09-30T18:58:27.0319611495-001 sshd[24174]: Invalid user postgres from 139.59.57.2 port 38182 2020-09-30T18:58:28.9923601495-001 sshd[24174]: Failed password for invalid user postgres from 139.59.57.2 port 38182 ssh2 2020-09-30T19:01:48.3197441495-001 sshd[24371]: Invalid user jerry from 139.59.57.2 port 33216 2020-09-30T19:01:48.3238011495-001 sshd[24371]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.57.2 2020-09-30T19:01:48.3197441495-001 sshd[24371]: Invalid user jerry from 139.59.57.2 port 33216 2020-09-30T19:01:50.2062181495-001 sshd[24371]: Failed password for invalid user jerry from 139.59.57.2 port 33216 ssh2 ...	2020-10-01 07:35:24
139.59.59.102	attackspambots	[N3.H3.VM3] Port Scanner Detected Blocked by UFW	2020-09-29 03:29:55
139.59.57.64	attackspambots	139.59.57.64 - - [16/Sep/2020:04:48:19 +0100] "POST /wp-login.php HTTP/1.1" 200 1967 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.57.64 - - [16/Sep/2020:04:48:21 +0100] "POST /wp-login.php HTTP/1.1" 200 1948 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.57.64 - - [16/Sep/2020:04:48:21 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-16 20:27:08
139.59.57.64	attackspam	139.59.57.64 - - [16/Sep/2020:04:48:19 +0100] "POST /wp-login.php HTTP/1.1" 200 1967 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.57.64 - - [16/Sep/2020:04:48:21 +0100] "POST /wp-login.php HTTP/1.1" 200 1948 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.57.64 - - [16/Sep/2020:04:48:21 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-16 12:59:04
139.59.59.102	attack	$f2bV_matches	2020-09-16 12:38:29
139.59.57.64	attackspambots	139.59.57.64 - - [15/Sep/2020:18:01:15 +0100] "POST /wp-login.php HTTP/1.1" 200 1996 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.57.64 - - [15/Sep/2020:18:01:21 +0100] "POST /wp-login.php HTTP/1.1" 200 1929 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.57.64 - - [15/Sep/2020:18:01:22 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-16 04:44:36
139.59.59.102	attackbotsspam	Brute-force attempt banned	2020-09-16 04:25:14

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.59.5.178
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 45159
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.59.5.178.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019061000 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Jun 10 20:37:12 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 178.5.59.139.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 178.5.59.139.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
185.173.35.5	attackspambots	3389BruteforceFW21	2019-10-06 07:26:58
159.203.201.116	attackbots	1 pkts, ports: TCP:990	2019-10-06 07:34:27
187.87.38.63	attackbotsspam	Oct 6 05:50:48 MK-Soft-VM6 sshd[8750]: Failed password for root from 187.87.38.63 port 47411 ssh2 ...	2019-10-06 12:02:53
201.182.232.34	attack	1 pkts, ports: TCP:445	2019-10-06 07:21:29
222.186.175.147	attackspam	SSH bruteforce	2019-10-06 12:10:24
119.29.154.234	attackspam	1 pkts, ports: TCP:445	2019-10-06 07:38:50
39.65.82.44	attackspambots	Telnetd brute force attack detected by fail2ban	2019-10-06 12:09:53
188.50.41.85	attackspam	1 pkts, ports: TCP:445	2019-10-06 07:24:50
93.80.235.170	attackspam	1 pkts, ports: TCP:445	2019-10-06 07:43:18
201.211.116.144	attack	1 pkts, ports: TCP:445	2019-10-06 07:21:11
14.184.217.165	attackbots	1 pkts, ports: TCP:445	2019-10-06 07:18:20
188.131.216.109	attackspam	Oct 6 05:45:45 piServer sshd[11983]: Failed password for root from 188.131.216.109 port 60444 ssh2 Oct 6 05:50:29 piServer sshd[12324]: Failed password for root from 188.131.216.109 port 39034 ssh2 ...	2019-10-06 12:06:51
139.162.113.212	attackspam	1 pkts, ports: TCP:25	2019-10-06 07:37:07
83.68.239.73	attackspam	1 pkts, ports: TCP:445	2019-10-06 07:46:21
93.63.167.100	attack	Hits on port : 445	2019-10-06 07:43:45

最近上报的IP列表

110.86.178.221	254.186.88.11	154.66.202.53	234.54.246.54
3.2.57.21	177.204.175.95	113.248.226.209	103.179.157.12
253.120.234.232	215.253.30.214	49.110.13.13	20.247.180.58
52.80.203.174	43.209.21.218	222.187.254.115	188.6.252.6
61.178.32.88	116.251.192.9	139.155.115.23	112.112.7.202