139.59.6.148 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Singapore

运营商(isp): Digital Ocean Inc.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	2019-08-14 17:54:46,902 fail2ban.actions [791]: NOTICE [sshd] Ban 139.59.6.148 2019-08-14 21:00:28,339 fail2ban.actions [791]: NOTICE [sshd] Ban 139.59.6.148 2019-08-15 00:07:07,618 fail2ban.actions [791]: NOTICE [sshd] Ban 139.59.6.148 ...	2019-10-03 15:44:51
attackbots	Sep 13 07:42:30 TORMINT sshd\[16651\]: Invalid user user from 139.59.6.148 Sep 13 07:42:31 TORMINT sshd\[16651\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.6.148 Sep 13 07:42:32 TORMINT sshd\[16651\]: Failed password for invalid user user from 139.59.6.148 port 39868 ssh2 ...	2019-09-13 22:44:59
attack	Sep 7 13:39:42 php1 sshd\[1042\]: Invalid user user9 from 139.59.6.148 Sep 7 13:39:42 php1 sshd\[1042\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.6.148 Sep 7 13:39:44 php1 sshd\[1042\]: Failed password for invalid user user9 from 139.59.6.148 port 42442 ssh2 Sep 7 13:44:44 php1 sshd\[1498\]: Invalid user 123456 from 139.59.6.148 Sep 7 13:44:44 php1 sshd\[1498\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.6.148	2019-09-08 11:57:44
attack	2019-09-04T17:15:33.489751abusebot-2.cloudsearch.cf sshd\[14420\]: Invalid user cluster from 139.59.6.148 port 47882	2019-09-05 04:13:36
attackspam	Aug 29 14:09:01 pkdns2 sshd\[59690\]: Invalid user norman from 139.59.6.148Aug 29 14:09:03 pkdns2 sshd\[59690\]: Failed password for invalid user norman from 139.59.6.148 port 42504 ssh2Aug 29 14:13:40 pkdns2 sshd\[59954\]: Invalid user administrator from 139.59.6.148Aug 29 14:13:42 pkdns2 sshd\[59954\]: Failed password for invalid user administrator from 139.59.6.148 port 59504 ssh2Aug 29 14:18:17 pkdns2 sshd\[60200\]: Invalid user postgres from 139.59.6.148Aug 29 14:18:19 pkdns2 sshd\[60200\]: Failed password for invalid user postgres from 139.59.6.148 port 48276 ssh2 ...	2019-08-29 19:31:57
attack	Aug 15 10:46:28 wbs sshd\[3854\]: Invalid user webserver from 139.59.6.148 Aug 15 10:46:28 wbs sshd\[3854\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.6.148 Aug 15 10:46:30 wbs sshd\[3854\]: Failed password for invalid user webserver from 139.59.6.148 port 41662 ssh2 Aug 15 10:51:32 wbs sshd\[4303\]: Invalid user px from 139.59.6.148 Aug 15 10:51:32 wbs sshd\[4303\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.6.148	2019-08-16 04:54:36
attack	Automatic report - Banned IP Access	2019-07-31 16:14:22
attackspam	Invalid user benny from 139.59.6.148 port 59922	2019-07-13 22:45:45
attackspambots	Invalid user nexus from 139.59.6.148 port 44066	2019-07-12 14:35:53
attackspambots	Jul 11 06:59:52 MK-Soft-Root2 sshd\[7275\]: Invalid user oracle from 139.59.6.148 port 55528 Jul 11 06:59:52 MK-Soft-Root2 sshd\[7275\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.6.148 Jul 11 06:59:54 MK-Soft-Root2 sshd\[7275\]: Failed password for invalid user oracle from 139.59.6.148 port 55528 ssh2 ...	2019-07-11 14:05:17
attackbotsspam	Jul 10 21:43:00 ns341937 sshd[8762]: Failed password for root from 139.59.6.148 port 36254 ssh2 Jul 10 21:45:31 ns341937 sshd[9790]: Failed password for root from 139.59.6.148 port 32882 ssh2 ...	2019-07-11 07:29:19
attack	Jul 10 10:51:04 s64-1 sshd[23486]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.6.148 Jul 10 10:51:05 s64-1 sshd[23486]: Failed password for invalid user support from 139.59.6.148 port 48084 ssh2 Jul 10 10:53:43 s64-1 sshd[23490]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.6.148 ...	2019-07-10 19:55:14
attackspam	Jul 7 08:06:52 MK-Soft-VM3 sshd\[7709\]: Invalid user dante from 139.59.6.148 port 58572 Jul 7 08:06:52 MK-Soft-VM3 sshd\[7709\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.6.148 Jul 7 08:06:54 MK-Soft-VM3 sshd\[7709\]: Failed password for invalid user dante from 139.59.6.148 port 58572 ssh2 ...	2019-07-07 20:34:05

相同子网IP讨论:

IP	类型	评论内容	时间
139.59.61.103	attack	2020-10-13T21:49:56.558044shield sshd\[20328\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.61.103 user=root 2020-10-13T21:49:57.942513shield sshd\[20328\]: Failed password for root from 139.59.61.103 port 39274 ssh2 2020-10-13T21:51:12.508806shield sshd\[20501\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.61.103 user=root 2020-10-13T21:51:13.993354shield sshd\[20501\]: Failed password for root from 139.59.61.103 port 57790 ssh2 2020-10-13T21:52:32.116952shield sshd\[20665\]: Invalid user Affordable from 139.59.61.103 port 48074	2020-10-14 08:03:24
139.59.61.103	attack	Connection to SSH Honeypot - Detected by HoneypotDB	2020-10-13 03:02:47
139.59.61.103	attack	Oct 11 19:29:31 auw2 sshd\[25585\]: Invalid user dulap from 139.59.61.103 Oct 11 19:29:31 auw2 sshd\[25585\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.61.103 Oct 11 19:29:32 auw2 sshd\[25585\]: Failed password for invalid user dulap from 139.59.61.103 port 49060 ssh2 Oct 11 19:33:30 auw2 sshd\[25908\]: Invalid user tsukada from 139.59.61.103 Oct 11 19:33:30 auw2 sshd\[25908\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.61.103	2020-10-12 18:30:40
139.59.63.216	attackspambots	2020-10-01T13:05:47.906197hostname sshd[129214]: Failed password for invalid user administrador from 139.59.63.216 port 40342 ssh2 ...	2020-10-02 02:15:55
139.59.63.216	attackspambots	Brute%20Force%20SSH	2020-10-01 18:23:24
139.59.61.103	attackbotsspam	Sep 29 00:07:59 hidden sshd[21038]: Invalid user sql from 139.59.61.103 port 49496 Sep 29 00:07:59 hidden sshd[21038]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.61.103 Sep 29 00:08:00 hidden sshd[21038]: Failed password for invalid user sql from 139.59.61.103 port 49496 ssh2	2020-09-29 06:53:36
139.59.61.103	attackspam	Time: Sun Sep 27 02:26:36 2020 +0000 IP: 139.59.61.103 (IN/India/-) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Sep 27 02:21:17 activeserver sshd[18781]: Invalid user vbox from 139.59.61.103 port 41542 Sep 27 02:21:19 activeserver sshd[18781]: Failed password for invalid user vbox from 139.59.61.103 port 41542 ssh2 Sep 27 02:24:47 activeserver sshd[27012]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.61.103 user=postgres Sep 27 02:24:49 activeserver sshd[27012]: Failed password for postgres from 139.59.61.103 port 59988 ssh2 Sep 27 02:26:32 activeserver sshd[31455]: Invalid user canal from 139.59.61.103 port 40978	2020-09-28 23:21:40
139.59.61.103	attackspambots	2020-09-28T09:52:17.961948afi-git.jinr.ru sshd[3444]: Invalid user jeremy from 139.59.61.103 port 35444 2020-09-28T09:52:17.965352afi-git.jinr.ru sshd[3444]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.61.103 2020-09-28T09:52:17.961948afi-git.jinr.ru sshd[3444]: Invalid user jeremy from 139.59.61.103 port 35444 2020-09-28T09:52:19.884653afi-git.jinr.ru sshd[3444]: Failed password for invalid user jeremy from 139.59.61.103 port 35444 ssh2 2020-09-28T09:56:45.397638afi-git.jinr.ru sshd[4796]: Invalid user ubuntu from 139.59.61.103 port 45374 ...	2020-09-28 15:25:13
139.59.63.216	attackbotsspam	Sep 27 00:50:18 ns381471 sshd[30366]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.63.216 Sep 27 00:50:20 ns381471 sshd[30366]: Failed password for invalid user olga from 139.59.63.216 port 42386 ssh2	2020-09-27 07:18:47
139.59.69.76	attackbots	Sep 26 21:21:12 piServer sshd[2429]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.69.76 Sep 26 21:21:14 piServer sshd[2429]: Failed password for invalid user oracle from 139.59.69.76 port 46216 ssh2 Sep 26 21:25:18 piServer sshd[2818]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.69.76 ...	2020-09-27 06:45:20
139.59.63.216	attack	detected by Fail2Ban	2020-09-26 23:47:57
139.59.69.76	attackbots	Invalid user test from 139.59.69.76 port 54588	2020-09-26 23:09:42
139.59.63.216	attackbotsspam	21 attempts against mh-ssh on cloud	2020-09-26 15:39:19
139.59.69.76	attackbotsspam	Invalid user test from 139.59.69.76 port 54588	2020-09-26 14:57:49
139.59.67.82	attack	Sep 26 02:28:48 pkdns2 sshd\[53860\]: Invalid user rsync from 139.59.67.82Sep 26 02:28:50 pkdns2 sshd\[53860\]: Failed password for invalid user rsync from 139.59.67.82 port 55228 ssh2Sep 26 02:32:36 pkdns2 sshd\[54021\]: Invalid user henry from 139.59.67.82Sep 26 02:32:38 pkdns2 sshd\[54021\]: Failed password for invalid user henry from 139.59.67.82 port 60514 ssh2Sep 26 02:36:22 pkdns2 sshd\[54186\]: Invalid user testing from 139.59.67.82Sep 26 02:36:24 pkdns2 sshd\[54186\]: Failed password for invalid user testing from 139.59.67.82 port 37568 ssh2 ...	2020-09-26 08:13:10

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.59.6.148
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 52720
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.59.6.148.			IN	A

;; AUTHORITY SECTION:
.			3598	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019032900 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Fri Mar 29 13:52:56 +08 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 148.6.59.139.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 148.6.59.139.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
93.186.253.152	attack	May 10 10:21:18 v22018086721571380 sshd[31075]: Failed password for invalid user kovtim from 93.186.253.152 port 46826 ssh2	2020-05-10 17:28:23
95.167.39.12	attack	SSH/22 MH Probe, BF, Hack -	2020-05-10 18:09:29
31.41.255.34	attackspambots	2020-05-10T14:02:51.789066vivaldi2.tree2.info sshd[27275]: Failed password for root from 31.41.255.34 port 58250 ssh2 2020-05-10T14:06:50.540515vivaldi2.tree2.info sshd[27450]: Invalid user software from 31.41.255.34 2020-05-10T14:06:50.557323vivaldi2.tree2.info sshd[27450]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=31.41.255.34 2020-05-10T14:06:50.540515vivaldi2.tree2.info sshd[27450]: Invalid user software from 31.41.255.34 2020-05-10T14:06:51.880126vivaldi2.tree2.info sshd[27450]: Failed password for invalid user software from 31.41.255.34 port 38382 ssh2 ...	2020-05-10 18:01:51
106.12.186.210	attackbotsspam	May 10 06:51:12 server sshd[24432]: Failed password for invalid user nagios from 106.12.186.210 port 59122 ssh2 May 10 06:54:16 server sshd[26726]: Failed password for invalid user ej from 106.12.186.210 port 36818 ssh2 May 10 06:57:19 server sshd[28951]: Failed password for invalid user usuario from 106.12.186.210 port 42742 ssh2	2020-05-10 17:43:02
14.207.203.22	attack	Unauthorised connection attempt detected at AUO NODE 4. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-05-10 18:07:10
106.54.48.29	attackspambots	SSH login attempts.	2020-05-10 17:36:51
140.143.160.217	attackbots	May 10 05:16:25 NPSTNNYC01T sshd[20324]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.160.217 May 10 05:16:27 NPSTNNYC01T sshd[20324]: Failed password for invalid user hank from 140.143.160.217 port 52388 ssh2 May 10 05:23:36 NPSTNNYC01T sshd[20996]: Failed password for root from 140.143.160.217 port 53228 ssh2 ...	2020-05-10 17:48:47
180.249.75.252	attackspambots	1589082553 - 05/10/2020 05:49:13 Host: 180.249.75.252/180.249.75.252 Port: 445 TCP Blocked	2020-05-10 17:58:59
194.31.244.42	attackbots	firewall-block, port(s): 5169/tcp, 5185/tcp	2020-05-10 17:33:46
107.170.37.74	attackspam	...	2020-05-10 17:57:38
187.167.195.144	attack	Automatic report - Port Scan Attack	2020-05-10 18:04:33
172.111.199.29	attackspambots	Hits on port : 445	2020-05-10 18:07:58
187.167.197.36	attackbotsspam	Automatic report - Port Scan Attack	2020-05-10 18:01:02
82.227.214.152	attackspam	May 10 10:15:20 sso sshd[9991]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.227.214.152 May 10 10:15:22 sso sshd[9991]: Failed password for invalid user tiaobanji from 82.227.214.152 port 51610 ssh2 ...	2020-05-10 17:29:13
159.89.197.1	attackbots	Unauthorized SSH login attempts	2020-05-10 17:52:03

最近上报的IP列表

117.218.54.161	106.13.93.109	104.248.24.192	104.236.31.227
101.68.81.66	66.249.83.206	85.95.153.155	81.174.173.6
80.227.12.38	78.94.145.110	77.28.102.7	62.117.12.71
51.255.162.65	2.135.218.242	203.213.67.30	189.254.33.157
185.176.27.242	180.151.8.180	179.184.217.83	150.161.8.120