139.59.6.148 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Singapore

运营商(isp): Digital Ocean Inc.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	2019-08-14 17:54:46,902 fail2ban.actions [791]: NOTICE [sshd] Ban 139.59.6.148 2019-08-14 21:00:28,339 fail2ban.actions [791]: NOTICE [sshd] Ban 139.59.6.148 2019-08-15 00:07:07,618 fail2ban.actions [791]: NOTICE [sshd] Ban 139.59.6.148 ...	2019-10-03 15:44:51
attackbots	Sep 13 07:42:30 TORMINT sshd\[16651\]: Invalid user user from 139.59.6.148 Sep 13 07:42:31 TORMINT sshd\[16651\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.6.148 Sep 13 07:42:32 TORMINT sshd\[16651\]: Failed password for invalid user user from 139.59.6.148 port 39868 ssh2 ...	2019-09-13 22:44:59
attack	Sep 7 13:39:42 php1 sshd\[1042\]: Invalid user user9 from 139.59.6.148 Sep 7 13:39:42 php1 sshd\[1042\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.6.148 Sep 7 13:39:44 php1 sshd\[1042\]: Failed password for invalid user user9 from 139.59.6.148 port 42442 ssh2 Sep 7 13:44:44 php1 sshd\[1498\]: Invalid user 123456 from 139.59.6.148 Sep 7 13:44:44 php1 sshd\[1498\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.6.148	2019-09-08 11:57:44
attack	2019-09-04T17:15:33.489751abusebot-2.cloudsearch.cf sshd\[14420\]: Invalid user cluster from 139.59.6.148 port 47882	2019-09-05 04:13:36
attackspam	Aug 29 14:09:01 pkdns2 sshd\[59690\]: Invalid user norman from 139.59.6.148Aug 29 14:09:03 pkdns2 sshd\[59690\]: Failed password for invalid user norman from 139.59.6.148 port 42504 ssh2Aug 29 14:13:40 pkdns2 sshd\[59954\]: Invalid user administrator from 139.59.6.148Aug 29 14:13:42 pkdns2 sshd\[59954\]: Failed password for invalid user administrator from 139.59.6.148 port 59504 ssh2Aug 29 14:18:17 pkdns2 sshd\[60200\]: Invalid user postgres from 139.59.6.148Aug 29 14:18:19 pkdns2 sshd\[60200\]: Failed password for invalid user postgres from 139.59.6.148 port 48276 ssh2 ...	2019-08-29 19:31:57
attack	Aug 15 10:46:28 wbs sshd\[3854\]: Invalid user webserver from 139.59.6.148 Aug 15 10:46:28 wbs sshd\[3854\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.6.148 Aug 15 10:46:30 wbs sshd\[3854\]: Failed password for invalid user webserver from 139.59.6.148 port 41662 ssh2 Aug 15 10:51:32 wbs sshd\[4303\]: Invalid user px from 139.59.6.148 Aug 15 10:51:32 wbs sshd\[4303\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.6.148	2019-08-16 04:54:36
attack	Automatic report - Banned IP Access	2019-07-31 16:14:22
attackspam	Invalid user benny from 139.59.6.148 port 59922	2019-07-13 22:45:45
attackspambots	Invalid user nexus from 139.59.6.148 port 44066	2019-07-12 14:35:53
attackspambots	Jul 11 06:59:52 MK-Soft-Root2 sshd\[7275\]: Invalid user oracle from 139.59.6.148 port 55528 Jul 11 06:59:52 MK-Soft-Root2 sshd\[7275\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.6.148 Jul 11 06:59:54 MK-Soft-Root2 sshd\[7275\]: Failed password for invalid user oracle from 139.59.6.148 port 55528 ssh2 ...	2019-07-11 14:05:17
attackbotsspam	Jul 10 21:43:00 ns341937 sshd[8762]: Failed password for root from 139.59.6.148 port 36254 ssh2 Jul 10 21:45:31 ns341937 sshd[9790]: Failed password for root from 139.59.6.148 port 32882 ssh2 ...	2019-07-11 07:29:19
attack	Jul 10 10:51:04 s64-1 sshd[23486]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.6.148 Jul 10 10:51:05 s64-1 sshd[23486]: Failed password for invalid user support from 139.59.6.148 port 48084 ssh2 Jul 10 10:53:43 s64-1 sshd[23490]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.6.148 ...	2019-07-10 19:55:14
attackspam	Jul 7 08:06:52 MK-Soft-VM3 sshd\[7709\]: Invalid user dante from 139.59.6.148 port 58572 Jul 7 08:06:52 MK-Soft-VM3 sshd\[7709\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.6.148 Jul 7 08:06:54 MK-Soft-VM3 sshd\[7709\]: Failed password for invalid user dante from 139.59.6.148 port 58572 ssh2 ...	2019-07-07 20:34:05

相同子网IP讨论:

IP	类型	评论内容	时间
139.59.61.103	attack	2020-10-13T21:49:56.558044shield sshd\[20328\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.61.103 user=root 2020-10-13T21:49:57.942513shield sshd\[20328\]: Failed password for root from 139.59.61.103 port 39274 ssh2 2020-10-13T21:51:12.508806shield sshd\[20501\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.61.103 user=root 2020-10-13T21:51:13.993354shield sshd\[20501\]: Failed password for root from 139.59.61.103 port 57790 ssh2 2020-10-13T21:52:32.116952shield sshd\[20665\]: Invalid user Affordable from 139.59.61.103 port 48074	2020-10-14 08:03:24
139.59.61.103	attack	Connection to SSH Honeypot - Detected by HoneypotDB	2020-10-13 03:02:47
139.59.61.103	attack	Oct 11 19:29:31 auw2 sshd\[25585\]: Invalid user dulap from 139.59.61.103 Oct 11 19:29:31 auw2 sshd\[25585\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.61.103 Oct 11 19:29:32 auw2 sshd\[25585\]: Failed password for invalid user dulap from 139.59.61.103 port 49060 ssh2 Oct 11 19:33:30 auw2 sshd\[25908\]: Invalid user tsukada from 139.59.61.103 Oct 11 19:33:30 auw2 sshd\[25908\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.61.103	2020-10-12 18:30:40
139.59.63.216	attackspambots	2020-10-01T13:05:47.906197hostname sshd[129214]: Failed password for invalid user administrador from 139.59.63.216 port 40342 ssh2 ...	2020-10-02 02:15:55
139.59.63.216	attackspambots	Brute%20Force%20SSH	2020-10-01 18:23:24
139.59.61.103	attackbotsspam	Sep 29 00:07:59 hidden sshd[21038]: Invalid user sql from 139.59.61.103 port 49496 Sep 29 00:07:59 hidden sshd[21038]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.61.103 Sep 29 00:08:00 hidden sshd[21038]: Failed password for invalid user sql from 139.59.61.103 port 49496 ssh2	2020-09-29 06:53:36
139.59.61.103	attackspam	Time: Sun Sep 27 02:26:36 2020 +0000 IP: 139.59.61.103 (IN/India/-) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Sep 27 02:21:17 activeserver sshd[18781]: Invalid user vbox from 139.59.61.103 port 41542 Sep 27 02:21:19 activeserver sshd[18781]: Failed password for invalid user vbox from 139.59.61.103 port 41542 ssh2 Sep 27 02:24:47 activeserver sshd[27012]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.61.103 user=postgres Sep 27 02:24:49 activeserver sshd[27012]: Failed password for postgres from 139.59.61.103 port 59988 ssh2 Sep 27 02:26:32 activeserver sshd[31455]: Invalid user canal from 139.59.61.103 port 40978	2020-09-28 23:21:40
139.59.61.103	attackspambots	2020-09-28T09:52:17.961948afi-git.jinr.ru sshd[3444]: Invalid user jeremy from 139.59.61.103 port 35444 2020-09-28T09:52:17.965352afi-git.jinr.ru sshd[3444]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.61.103 2020-09-28T09:52:17.961948afi-git.jinr.ru sshd[3444]: Invalid user jeremy from 139.59.61.103 port 35444 2020-09-28T09:52:19.884653afi-git.jinr.ru sshd[3444]: Failed password for invalid user jeremy from 139.59.61.103 port 35444 ssh2 2020-09-28T09:56:45.397638afi-git.jinr.ru sshd[4796]: Invalid user ubuntu from 139.59.61.103 port 45374 ...	2020-09-28 15:25:13
139.59.63.216	attackbotsspam	Sep 27 00:50:18 ns381471 sshd[30366]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.63.216 Sep 27 00:50:20 ns381471 sshd[30366]: Failed password for invalid user olga from 139.59.63.216 port 42386 ssh2	2020-09-27 07:18:47
139.59.69.76	attackbots	Sep 26 21:21:12 piServer sshd[2429]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.69.76 Sep 26 21:21:14 piServer sshd[2429]: Failed password for invalid user oracle from 139.59.69.76 port 46216 ssh2 Sep 26 21:25:18 piServer sshd[2818]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.69.76 ...	2020-09-27 06:45:20
139.59.63.216	attack	detected by Fail2Ban	2020-09-26 23:47:57
139.59.69.76	attackbots	Invalid user test from 139.59.69.76 port 54588	2020-09-26 23:09:42
139.59.63.216	attackbotsspam	21 attempts against mh-ssh on cloud	2020-09-26 15:39:19
139.59.69.76	attackbotsspam	Invalid user test from 139.59.69.76 port 54588	2020-09-26 14:57:49
139.59.67.82	attack	Sep 26 02:28:48 pkdns2 sshd\[53860\]: Invalid user rsync from 139.59.67.82Sep 26 02:28:50 pkdns2 sshd\[53860\]: Failed password for invalid user rsync from 139.59.67.82 port 55228 ssh2Sep 26 02:32:36 pkdns2 sshd\[54021\]: Invalid user henry from 139.59.67.82Sep 26 02:32:38 pkdns2 sshd\[54021\]: Failed password for invalid user henry from 139.59.67.82 port 60514 ssh2Sep 26 02:36:22 pkdns2 sshd\[54186\]: Invalid user testing from 139.59.67.82Sep 26 02:36:24 pkdns2 sshd\[54186\]: Failed password for invalid user testing from 139.59.67.82 port 37568 ssh2 ...	2020-09-26 08:13:10

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.59.6.148
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 52720
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.59.6.148.			IN	A

;; AUTHORITY SECTION:
.			3598	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019032900 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Fri Mar 29 13:52:56 +08 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 148.6.59.139.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 148.6.59.139.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
206.189.35.254	attack	Jan 16 19:58:07 lnxweb61 sshd[1944]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.35.254	2020-01-17 03:35:20
52.66.120.148	attack	Unauthorized connection attempt detected from IP address 52.66.120.148 to port 2220 [J]	2020-01-17 03:28:10
196.27.127.61	attack	Unauthorized connection attempt detected from IP address 196.27.127.61 to port 2220 [J]	2020-01-17 03:09:59
50.239.163.172	attackbotsspam	Jan 16 17:00:15 ws12vmsma01 sshd[17933]: Failed password for invalid user iam from 50.239.163.172 port 34644 ssh2 Jan 16 17:07:40 ws12vmsma01 sshd[19009]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=50.239.163.172 user=root Jan 16 17:07:42 ws12vmsma01 sshd[19009]: Failed password for root from 50.239.163.172 port 54634 ssh2 ...	2020-01-17 03:28:39
5.253.17.160	attackspam	Unauthorized connection attempt detected from IP address 5.253.17.160 to port 2220 [J]	2020-01-17 03:05:36
5.135.179.178	attackbotsspam	Unauthorized connection attempt detected from IP address 5.135.179.178 to port 2220 [J]	2020-01-17 03:05:55
212.237.55.37	attackspambots	Unauthorized connection attempt detected from IP address 212.237.55.37 to port 2220 [J]	2020-01-17 03:32:51
220.76.205.178	attackbots	Jan 16 19:28:32 MK-Soft-VM4 sshd[12909]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.76.205.178 Jan 16 19:28:34 MK-Soft-VM4 sshd[12909]: Failed password for invalid user newuser from 220.76.205.178 port 47284 ssh2 ...	2020-01-17 03:32:39
34.242.99.103	attackspambots	Invalid user gv from 34.242.99.103 port 41756	2020-01-17 03:30:44
88.26.231.224	attackbots	Unauthorized connection attempt detected from IP address 88.26.231.224 to port 2220 [J]	2020-01-17 02:59:49
27.254.137.144	attack	Jan 16 15:54:34 ws24vmsma01 sshd[89800]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.254.137.144 Jan 16 15:54:36 ws24vmsma01 sshd[89800]: Failed password for invalid user sp from 27.254.137.144 port 57958 ssh2 ...	2020-01-17 03:04:47
140.143.222.95	attackspambots	Unauthorized connection attempt detected from IP address 140.143.222.95 to port 2220 [J]	2020-01-17 03:16:44
64.33.138.205	attackbots	Jan 16 19:17:05 sshgateway sshd\[18403\]: Invalid user arnav from 64.33.138.205 Jan 16 19:17:05 sshgateway sshd\[18403\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=bal-broadband-dhcp4-ws-204.dsl.airstreamcomm.net Jan 16 19:17:08 sshgateway sshd\[18403\]: Failed password for invalid user arnav from 64.33.138.205 port 58322 ssh2	2020-01-17 03:26:41
114.220.238.191	attackspam	Jan 16 19:32:09 vpn01 sshd[20872]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.220.238.191 Jan 16 19:32:11 vpn01 sshd[20872]: Failed password for invalid user tx from 114.220.238.191 port 56032 ssh2 ...	2020-01-17 03:19:30
208.48.167.217	attack	Unauthorized connection attempt detected from IP address 208.48.167.217 to port 2220 [J]	2020-01-17 03:34:02

最近上报的IP列表

117.218.54.161	106.13.93.109	104.248.24.192	104.236.31.227
101.68.81.66	66.249.83.206	85.95.153.155	81.174.173.6
80.227.12.38	78.94.145.110	77.28.102.7	62.117.12.71
51.255.162.65	2.135.218.242	203.213.67.30	189.254.33.157
185.176.27.242	180.151.8.180	179.184.217.83	150.161.8.120