139.59.58.155 - IPInfo

基本信息:

城市(city): Bengaluru

省份(region): Karnataka

国家(country): India

运营商(isp): Digital Ocean Inc.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Jul 23 12:32:28 rush sshd[12842]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.58.155 Jul 23 12:32:29 rush sshd[12842]: Failed password for invalid user laurie from 139.59.58.155 port 47078 ssh2 Jul 23 12:39:59 rush sshd[12977]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.58.155 ...	2020-07-23 20:59:44
attackbotsspam	Port Scan detected from 139.59.58.155 (IN/India/Karnataka/Bengaluru/-). 4 hits in the last 125 seconds	2020-07-18 18:20:14
attack	" "	2020-07-16 23:53:38
attackbotsspam	Jul 15 03:59:32 dignus sshd[26607]: Failed password for invalid user sandy from 139.59.58.155 port 37802 ssh2 Jul 15 04:03:13 dignus sshd[27028]: Invalid user eveline from 139.59.58.155 port 48430 Jul 15 04:03:13 dignus sshd[27028]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.58.155 Jul 15 04:03:15 dignus sshd[27028]: Failed password for invalid user eveline from 139.59.58.155 port 48430 ssh2 Jul 15 04:06:39 dignus sshd[27773]: Invalid user alban from 139.59.58.155 port 51902 ...	2020-07-15 19:12:07
attackspam	firewall-block, port(s): 511/tcp	2020-07-14 04:12:36
attackbotsspam	Jul 8 13:49:12 debian-2gb-nbg1-2 kernel: \[16467551.789072\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=139.59.58.155 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=32252 PROTO=TCP SPT=44330 DPT=29651 WINDOW=1024 RES=0x00 SYN URGP=0	2020-07-08 20:37:58
attack	Jun 30 06:08:10 inter-technics sshd[27345]: Invalid user backups from 139.59.58.155 port 42866 Jun 30 06:08:10 inter-technics sshd[27345]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.58.155 Jun 30 06:08:10 inter-technics sshd[27345]: Invalid user backups from 139.59.58.155 port 42866 Jun 30 06:08:12 inter-technics sshd[27345]: Failed password for invalid user backups from 139.59.58.155 port 42866 ssh2 Jun 30 06:14:00 inter-technics sshd[27774]: Invalid user aster from 139.59.58.155 port 43192 ...	2020-06-30 12:20:55
attackbotsspam	unauthorized connection attempt	2020-06-27 12:50:45
attack	$f2bV_matches	2020-05-30 22:53:13
attackspam	2020-05-15T06:54:13.992417abusebot.cloudsearch.cf sshd[31787]: Invalid user jc2 from 139.59.58.155 port 42918 2020-05-15T06:54:13.999635abusebot.cloudsearch.cf sshd[31787]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.58.155 2020-05-15T06:54:13.992417abusebot.cloudsearch.cf sshd[31787]: Invalid user jc2 from 139.59.58.155 port 42918 2020-05-15T06:54:15.910296abusebot.cloudsearch.cf sshd[31787]: Failed password for invalid user jc2 from 139.59.58.155 port 42918 ssh2 2020-05-15T07:00:40.373295abusebot.cloudsearch.cf sshd[32236]: Invalid user ry from 139.59.58.155 port 50034 2020-05-15T07:00:40.378491abusebot.cloudsearch.cf sshd[32236]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.58.155 2020-05-15T07:00:40.373295abusebot.cloudsearch.cf sshd[32236]: Invalid user ry from 139.59.58.155 port 50034 2020-05-15T07:00:42.083469abusebot.cloudsearch.cf sshd[32236]: Failed password for invalid user r ...	2020-05-15 15:37:02
attackspambots	May 14 19:19:22 NG-HHDC-SVS-001 sshd[4269]: Invalid user redbot from 139.59.58.155 ...	2020-05-14 19:44:36
attackbots	$f2bV_matches	2020-05-11 23:36:25
attackspambots	May 6 23:25:07 vps639187 sshd\[6471\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.58.155 user=root May 6 23:25:09 vps639187 sshd\[6471\]: Failed password for root from 139.59.58.155 port 38222 ssh2 May 6 23:30:27 vps639187 sshd\[6584\]: Invalid user sinusbot from 139.59.58.155 port 38122 May 6 23:30:27 vps639187 sshd\[6584\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.58.155 ...	2020-05-07 06:30:47
attack	$f2bV_matches	2020-05-03 02:01:16
attack	Apr 28 16:00:57 PorscheCustomer sshd[16837]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.58.155 Apr 28 16:00:59 PorscheCustomer sshd[16837]: Failed password for invalid user rico from 139.59.58.155 port 49612 ssh2 Apr 28 16:02:59 PorscheCustomer sshd[16953]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.58.155 ...	2020-04-28 22:11:01
attackspam	SSH Brute-Force reported by Fail2Ban	2020-04-23 08:06:51
attackspam	Apr 17 19:48:59 markkoudstaal sshd[30561]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.58.155 Apr 17 19:49:01 markkoudstaal sshd[30561]: Failed password for invalid user uf from 139.59.58.155 port 48924 ssh2 Apr 17 19:52:07 markkoudstaal sshd[30954]: Failed password for root from 139.59.58.155 port 53438 ssh2	2020-04-18 02:08:56
attackspam	Mar 28 14:38:56 [HOSTNAME] sshd[20473]: Invalid user gem from 139.59.58.155 port 46048 Mar 28 14:38:56 [HOSTNAME] sshd[20473]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.58.155 Mar 28 14:38:58 [HOSTNAME] sshd[20473]: Failed password for invalid user gem from 139.59.58.155 port 46048 ssh2 ...	2020-03-28 22:12:45
attackspam	Invalid user narciso from 139.59.58.155 port 33468	2020-03-25 17:06:18
attackspam	Mar 6 15:46:30 ArkNodeAT sshd\[10827\]: Invalid user neutron from 139.59.58.155 Mar 6 15:46:30 ArkNodeAT sshd\[10827\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.58.155 Mar 6 15:46:32 ArkNodeAT sshd\[10827\]: Failed password for invalid user neutron from 139.59.58.155 port 33614 ssh2	2020-03-07 04:03:39
attackspam	Mar 1 21:36:58 vpn01 sshd[14179]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.58.155 Mar 1 21:37:00 vpn01 sshd[14179]: Failed password for invalid user usuario from 139.59.58.155 port 57122 ssh2 ...	2020-03-02 05:06:49
attackspambots	Unauthorized connection attempt detected from IP address 139.59.58.155 to port 2220 [J]	2020-01-31 03:59:00

相同子网IP讨论:

IP	类型	评论内容	时间
139.59.58.115	attackspam	TCP (SYN) 139.59.58.115:41161 -> port 16666, len 44	2020-10-04 05:48:16
139.59.58.115	attackspam	Port Scan ...	2020-10-03 13:31:50
139.59.58.115	attackspambots	TCP port : 3259	2020-08-16 20:03:46
139.59.58.115	attackbots	Unauthorized connection attempt detected from IP address 139.59.58.115 to port 10796	2020-07-23 04:04:31
139.59.58.115	attack	Jun 26 20:40:33 ArkNodeAT sshd\[17687\]: Invalid user scs from 139.59.58.115 Jun 26 20:40:33 ArkNodeAT sshd\[17687\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.58.115 Jun 26 20:40:34 ArkNodeAT sshd\[17687\]: Failed password for invalid user scs from 139.59.58.115 port 40836 ssh2	2020-06-27 03:29:06
139.59.58.115	attack	TCP (SYN) 139.59.58.115:49139 -> port 4755, len 44	2020-06-24 02:04:24
139.59.58.115	attackbotsspam	TCP (SYN) 139.59.58.115:55217 -> port 4233, len 44	2020-06-23 14:59:18
139.59.58.115	attackbotsspam	Scanned 313 unique addresses for 2 unique ports in 24 hours (ports 19854,27717)	2020-06-16 23:44:39
139.59.58.169	attackbotsspam	Jun 12 15:03:53 ArkNodeAT sshd\[28820\]: Invalid user libcloud from 139.59.58.169 Jun 12 15:03:53 ArkNodeAT sshd\[28820\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.58.169 Jun 12 15:03:55 ArkNodeAT sshd\[28820\]: Failed password for invalid user libcloud from 139.59.58.169 port 47206 ssh2	2020-06-12 23:58:34
139.59.58.169	attackbotsspam	Jun 7 14:58:53 legacy sshd[7481]: Failed password for root from 139.59.58.169 port 59994 ssh2 Jun 7 15:02:39 legacy sshd[7654]: Failed password for root from 139.59.58.169 port 35266 ssh2 ...	2020-06-07 21:21:24
139.59.58.169	attackbots	DATE:2020-06-07 06:55:36, IP:139.59.58.169, PORT:ssh SSH brute force auth (docker-dc)	2020-06-07 13:08:02
139.59.58.169	attackbotsspam	[ssh] SSH attack	2020-06-01 04:29:39
139.59.58.115	attack	May 29 09:44:09 eventyay sshd[9765]: Failed password for root from 139.59.58.115 port 35292 ssh2 May 29 09:48:09 eventyay sshd[9821]: Failed password for root from 139.59.58.115 port 40354 ssh2 ...	2020-05-29 16:04:54
139.59.58.169	attackspam	Invalid user hki from 139.59.58.169 port 48784	2020-05-24 15:35:17
139.59.58.115	attackbotsspam	Unauthorized connection attempt detected from IP address 139.59.58.115 to port 9156	2020-05-24 01:22:56

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.59.58.155
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 48341
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.59.58.155.			IN	A

;; AUTHORITY SECTION:
.			182	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020013003 1800 900 604800 86400

;; Query time: 119 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jan 31 03:58:57 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 155.58.59.139.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 155.58.59.139.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
36.90.56.129	attackspam	Honeypot hit.	2020-02-03 06:47:47
192.241.133.33	attack	Brute force attempt	2020-02-03 07:01:07
92.62.131.124	attackbotsspam	Unauthorized connection attempt detected from IP address 92.62.131.124 to port 2220 [J]	2020-02-03 07:00:39
137.74.193.225	attackspambots	Unauthorized connection attempt detected from IP address 137.74.193.225 to port 2220 [J]	2020-02-03 06:57:12
45.169.45.179	attackbots	Honeypot attack, port: 445, PTR: 45-169-45-179.absolutnet.com.br.	2020-02-03 06:30:46
193.110.61.218	attackspam	Jan 25 02:53:00 ms-srv sshd[1739]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.110.61.218 Jan 25 02:53:02 ms-srv sshd[1739]: Failed password for invalid user jira from 193.110.61.218 port 47720 ssh2	2020-02-03 06:34:42
112.26.98.122	attackbots	Unauthorized connection attempt detected from IP address 112.26.98.122 to port 2220 [J]	2020-02-03 06:32:04
13.76.190.246	attackbotsspam	Unauthorized connection attempt detected from IP address 13.76.190.246 to port 2220 [J]	2020-02-03 06:45:59
119.235.48.75	attackbotsspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-02-03 06:47:13
103.72.103.10	attack	1580655950 - 02/02/2020 16:05:50 Host: 103.72.103.10/103.72.103.10 Port: 445 TCP Blocked	2020-02-03 06:38:13
193.110.157.151	attackbotsspam	Jul 29 16:58:04 ms-srv sshd[61257]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.110.157.151 Jul 29 16:58:06 ms-srv sshd[61257]: Failed password for invalid user amx from 193.110.157.151 port 35732 ssh2	2020-02-03 06:34:22
119.29.119.151	attackbotsspam	Unauthorized connection attempt detected from IP address 119.29.119.151 to port 2220 [J]	2020-02-03 06:58:07
54.38.180.53	attack	Unauthorized connection attempt detected from IP address 54.38.180.53 to port 2220 [J]	2020-02-03 06:44:14
193.112.12.183	attack	Sep 9 01:11:11 ms-srv sshd[20048]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.12.183 Sep 9 01:11:12 ms-srv sshd[20048]: Failed password for invalid user sinus from 193.112.12.183 port 38105 ssh2	2020-02-03 06:26:28
185.209.0.32	attack	Feb 2 22:46:40 h2177944 kernel: \[3878135.497543\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.209.0.32 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=50632 PROTO=TCP SPT=41422 DPT=1389 WINDOW=1024 RES=0x00 SYN URGP=0 Feb 2 22:46:40 h2177944 kernel: \[3878135.497558\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.209.0.32 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=50632 PROTO=TCP SPT=41422 DPT=1389 WINDOW=1024 RES=0x00 SYN URGP=0 Feb 2 23:02:31 h2177944 kernel: \[3879086.371105\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.209.0.32 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=22130 PROTO=TCP SPT=41422 DPT=3331 WINDOW=1024 RES=0x00 SYN URGP=0 Feb 2 23:02:31 h2177944 kernel: \[3879086.371120\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.209.0.32 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=22130 PROTO=TCP SPT=41422 DPT=3331 WINDOW=1024 RES=0x00 SYN URGP=0 Feb 2 23:31:01 h2177944 kernel: \[3880796.089380\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.209.0.32 DST=85.214.117.9 LEN=	2020-02-03 06:59:06

最近上报的IP列表

206.70.212.244	13.23.35.234	149.140.55.95	119.192.186.252
71.138.248.136	43.244.182.71	119.129.118.105	174.138.40.214
83.186.142.72	49.159.90.67	105.93.170.58	174.121.233.74
153.223.90.188	88.174.114.112	106.52.109.120	141.144.213.197
104.140.114.116	16.19.157.237	197.141.79.194	78.255.37.101