139.59.6.148 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Singapore

运营商(isp): Digital Ocean Inc.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	2019-08-14 17:54:46,902 fail2ban.actions [791]: NOTICE [sshd] Ban 139.59.6.148 2019-08-14 21:00:28,339 fail2ban.actions [791]: NOTICE [sshd] Ban 139.59.6.148 2019-08-15 00:07:07,618 fail2ban.actions [791]: NOTICE [sshd] Ban 139.59.6.148 ...	2019-10-03 15:44:51
attackbots	Sep 13 07:42:30 TORMINT sshd\[16651\]: Invalid user user from 139.59.6.148 Sep 13 07:42:31 TORMINT sshd\[16651\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.6.148 Sep 13 07:42:32 TORMINT sshd\[16651\]: Failed password for invalid user user from 139.59.6.148 port 39868 ssh2 ...	2019-09-13 22:44:59
attack	Sep 7 13:39:42 php1 sshd\[1042\]: Invalid user user9 from 139.59.6.148 Sep 7 13:39:42 php1 sshd\[1042\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.6.148 Sep 7 13:39:44 php1 sshd\[1042\]: Failed password for invalid user user9 from 139.59.6.148 port 42442 ssh2 Sep 7 13:44:44 php1 sshd\[1498\]: Invalid user 123456 from 139.59.6.148 Sep 7 13:44:44 php1 sshd\[1498\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.6.148	2019-09-08 11:57:44
attack	2019-09-04T17:15:33.489751abusebot-2.cloudsearch.cf sshd\[14420\]: Invalid user cluster from 139.59.6.148 port 47882	2019-09-05 04:13:36
attackspam	Aug 29 14:09:01 pkdns2 sshd\[59690\]: Invalid user norman from 139.59.6.148Aug 29 14:09:03 pkdns2 sshd\[59690\]: Failed password for invalid user norman from 139.59.6.148 port 42504 ssh2Aug 29 14:13:40 pkdns2 sshd\[59954\]: Invalid user administrator from 139.59.6.148Aug 29 14:13:42 pkdns2 sshd\[59954\]: Failed password for invalid user administrator from 139.59.6.148 port 59504 ssh2Aug 29 14:18:17 pkdns2 sshd\[60200\]: Invalid user postgres from 139.59.6.148Aug 29 14:18:19 pkdns2 sshd\[60200\]: Failed password for invalid user postgres from 139.59.6.148 port 48276 ssh2 ...	2019-08-29 19:31:57
attack	Aug 15 10:46:28 wbs sshd\[3854\]: Invalid user webserver from 139.59.6.148 Aug 15 10:46:28 wbs sshd\[3854\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.6.148 Aug 15 10:46:30 wbs sshd\[3854\]: Failed password for invalid user webserver from 139.59.6.148 port 41662 ssh2 Aug 15 10:51:32 wbs sshd\[4303\]: Invalid user px from 139.59.6.148 Aug 15 10:51:32 wbs sshd\[4303\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.6.148	2019-08-16 04:54:36
attack	Automatic report - Banned IP Access	2019-07-31 16:14:22
attackspam	Invalid user benny from 139.59.6.148 port 59922	2019-07-13 22:45:45
attackspambots	Invalid user nexus from 139.59.6.148 port 44066	2019-07-12 14:35:53
attackspambots	Jul 11 06:59:52 MK-Soft-Root2 sshd\[7275\]: Invalid user oracle from 139.59.6.148 port 55528 Jul 11 06:59:52 MK-Soft-Root2 sshd\[7275\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.6.148 Jul 11 06:59:54 MK-Soft-Root2 sshd\[7275\]: Failed password for invalid user oracle from 139.59.6.148 port 55528 ssh2 ...	2019-07-11 14:05:17
attackbotsspam	Jul 10 21:43:00 ns341937 sshd[8762]: Failed password for root from 139.59.6.148 port 36254 ssh2 Jul 10 21:45:31 ns341937 sshd[9790]: Failed password for root from 139.59.6.148 port 32882 ssh2 ...	2019-07-11 07:29:19
attack	Jul 10 10:51:04 s64-1 sshd[23486]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.6.148 Jul 10 10:51:05 s64-1 sshd[23486]: Failed password for invalid user support from 139.59.6.148 port 48084 ssh2 Jul 10 10:53:43 s64-1 sshd[23490]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.6.148 ...	2019-07-10 19:55:14
attackspam	Jul 7 08:06:52 MK-Soft-VM3 sshd\[7709\]: Invalid user dante from 139.59.6.148 port 58572 Jul 7 08:06:52 MK-Soft-VM3 sshd\[7709\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.6.148 Jul 7 08:06:54 MK-Soft-VM3 sshd\[7709\]: Failed password for invalid user dante from 139.59.6.148 port 58572 ssh2 ...	2019-07-07 20:34:05

相同子网IP讨论:

IP	类型	评论内容	时间
139.59.61.103	attack	2020-10-13T21:49:56.558044shield sshd\[20328\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.61.103 user=root 2020-10-13T21:49:57.942513shield sshd\[20328\]: Failed password for root from 139.59.61.103 port 39274 ssh2 2020-10-13T21:51:12.508806shield sshd\[20501\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.61.103 user=root 2020-10-13T21:51:13.993354shield sshd\[20501\]: Failed password for root from 139.59.61.103 port 57790 ssh2 2020-10-13T21:52:32.116952shield sshd\[20665\]: Invalid user Affordable from 139.59.61.103 port 48074	2020-10-14 08:03:24
139.59.61.103	attack	Connection to SSH Honeypot - Detected by HoneypotDB	2020-10-13 03:02:47
139.59.61.103	attack	Oct 11 19:29:31 auw2 sshd\[25585\]: Invalid user dulap from 139.59.61.103 Oct 11 19:29:31 auw2 sshd\[25585\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.61.103 Oct 11 19:29:32 auw2 sshd\[25585\]: Failed password for invalid user dulap from 139.59.61.103 port 49060 ssh2 Oct 11 19:33:30 auw2 sshd\[25908\]: Invalid user tsukada from 139.59.61.103 Oct 11 19:33:30 auw2 sshd\[25908\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.61.103	2020-10-12 18:30:40
139.59.63.216	attackspambots	2020-10-01T13:05:47.906197hostname sshd[129214]: Failed password for invalid user administrador from 139.59.63.216 port 40342 ssh2 ...	2020-10-02 02:15:55
139.59.63.216	attackspambots	Brute%20Force%20SSH	2020-10-01 18:23:24
139.59.61.103	attackbotsspam	Sep 29 00:07:59 hidden sshd[21038]: Invalid user sql from 139.59.61.103 port 49496 Sep 29 00:07:59 hidden sshd[21038]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.61.103 Sep 29 00:08:00 hidden sshd[21038]: Failed password for invalid user sql from 139.59.61.103 port 49496 ssh2	2020-09-29 06:53:36
139.59.61.103	attackspam	Time: Sun Sep 27 02:26:36 2020 +0000 IP: 139.59.61.103 (IN/India/-) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Sep 27 02:21:17 activeserver sshd[18781]: Invalid user vbox from 139.59.61.103 port 41542 Sep 27 02:21:19 activeserver sshd[18781]: Failed password for invalid user vbox from 139.59.61.103 port 41542 ssh2 Sep 27 02:24:47 activeserver sshd[27012]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.61.103 user=postgres Sep 27 02:24:49 activeserver sshd[27012]: Failed password for postgres from 139.59.61.103 port 59988 ssh2 Sep 27 02:26:32 activeserver sshd[31455]: Invalid user canal from 139.59.61.103 port 40978	2020-09-28 23:21:40
139.59.61.103	attackspambots	2020-09-28T09:52:17.961948afi-git.jinr.ru sshd[3444]: Invalid user jeremy from 139.59.61.103 port 35444 2020-09-28T09:52:17.965352afi-git.jinr.ru sshd[3444]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.61.103 2020-09-28T09:52:17.961948afi-git.jinr.ru sshd[3444]: Invalid user jeremy from 139.59.61.103 port 35444 2020-09-28T09:52:19.884653afi-git.jinr.ru sshd[3444]: Failed password for invalid user jeremy from 139.59.61.103 port 35444 ssh2 2020-09-28T09:56:45.397638afi-git.jinr.ru sshd[4796]: Invalid user ubuntu from 139.59.61.103 port 45374 ...	2020-09-28 15:25:13
139.59.63.216	attackbotsspam	Sep 27 00:50:18 ns381471 sshd[30366]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.63.216 Sep 27 00:50:20 ns381471 sshd[30366]: Failed password for invalid user olga from 139.59.63.216 port 42386 ssh2	2020-09-27 07:18:47
139.59.69.76	attackbots	Sep 26 21:21:12 piServer sshd[2429]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.69.76 Sep 26 21:21:14 piServer sshd[2429]: Failed password for invalid user oracle from 139.59.69.76 port 46216 ssh2 Sep 26 21:25:18 piServer sshd[2818]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.69.76 ...	2020-09-27 06:45:20
139.59.63.216	attack	detected by Fail2Ban	2020-09-26 23:47:57
139.59.69.76	attackbots	Invalid user test from 139.59.69.76 port 54588	2020-09-26 23:09:42
139.59.63.216	attackbotsspam	21 attempts against mh-ssh on cloud	2020-09-26 15:39:19
139.59.69.76	attackbotsspam	Invalid user test from 139.59.69.76 port 54588	2020-09-26 14:57:49
139.59.67.82	attack	Sep 26 02:28:48 pkdns2 sshd\[53860\]: Invalid user rsync from 139.59.67.82Sep 26 02:28:50 pkdns2 sshd\[53860\]: Failed password for invalid user rsync from 139.59.67.82 port 55228 ssh2Sep 26 02:32:36 pkdns2 sshd\[54021\]: Invalid user henry from 139.59.67.82Sep 26 02:32:38 pkdns2 sshd\[54021\]: Failed password for invalid user henry from 139.59.67.82 port 60514 ssh2Sep 26 02:36:22 pkdns2 sshd\[54186\]: Invalid user testing from 139.59.67.82Sep 26 02:36:24 pkdns2 sshd\[54186\]: Failed password for invalid user testing from 139.59.67.82 port 37568 ssh2 ...	2020-09-26 08:13:10

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.59.6.148
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 52720
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.59.6.148.			IN	A

;; AUTHORITY SECTION:
.			3598	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019032900 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Fri Mar 29 13:52:56 +08 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 148.6.59.139.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 148.6.59.139.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
119.18.157.10	attack	Dec 14 14:29:17 MK-Soft-VM8 sshd[27309]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.18.157.10 Dec 14 14:29:20 MK-Soft-VM8 sshd[27309]: Failed password for invalid user theriot from 119.18.157.10 port 15459 ssh2 ...	2019-12-14 22:00:35
159.65.239.48	attackspambots	Dec 14 14:29:04 MK-Soft-VM7 sshd[18211]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.239.48 Dec 14 14:29:06 MK-Soft-VM7 sshd[18211]: Failed password for invalid user lamer from 159.65.239.48 port 48372 ssh2 ...	2019-12-14 21:33:56
123.169.97.210	attackspam	Dec 14 01:03:43 esmtp postfix/smtpd[19990]: lost connection after AUTH from unknown[123.169.97.210] Dec 14 01:03:47 esmtp postfix/smtpd[19926]: lost connection after AUTH from unknown[123.169.97.210] Dec 14 01:03:49 esmtp postfix/smtpd[19990]: lost connection after AUTH from unknown[123.169.97.210] Dec 14 01:03:52 esmtp postfix/smtpd[19926]: lost connection after AUTH from unknown[123.169.97.210] Dec 14 01:03:54 esmtp postfix/smtpd[19990]: lost connection after AUTH from unknown[123.169.97.210] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=123.169.97.210	2019-12-14 21:42:33
196.9.24.40	attackspambots	Dec 14 13:07:19 MainVPS sshd[4107]: Invalid user yoyo from 196.9.24.40 port 38634 Dec 14 13:07:19 MainVPS sshd[4107]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.9.24.40 Dec 14 13:07:19 MainVPS sshd[4107]: Invalid user yoyo from 196.9.24.40 port 38634 Dec 14 13:07:20 MainVPS sshd[4107]: Failed password for invalid user yoyo from 196.9.24.40 port 38634 ssh2 Dec 14 13:14:31 MainVPS sshd[18216]: Invalid user morgensen from 196.9.24.40 port 47060 ...	2019-12-14 21:42:08
183.89.160.8	attackspambots	Unauthorized connection attempt from IP address 183.89.160.8 on Port 445(SMB)	2019-12-14 22:00:00
50.60.217.168	attackspam	Unauthorized connection attempt detected from IP address 50.60.217.168 to port 445	2019-12-14 22:02:09
104.236.239.60	attackspam	Invalid user server from 104.236.239.60 port 59781	2019-12-14 21:52:38
129.204.67.235	attackspambots	Dec 14 18:40:04 areeb-Workstation sshd[19941]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.67.235 Dec 14 18:40:06 areeb-Workstation sshd[19941]: Failed password for invalid user test from 129.204.67.235 port 48428 ssh2 ...	2019-12-14 21:24:42
106.12.183.3	attackbots	DATE:2019-12-14 09:49:21,IP:106.12.183.3,MATCHES:10,PORT:ssh	2019-12-14 21:33:15
54.221.110.84	attack	2019-12-14 x@x 2019-12-14 05:35:33 unexpected disconnection while reading SMTP command from em3-54-221-110-84.compute-1.amazonaws.com (Penelope.suxinhotel.com) [54.221.110.84]:43276 I=[10.100.18.20]:25 (error: Connection reset by peer) 2019-12-14 x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=54.221.110.84	2019-12-14 21:37:57
129.146.175.93	attack	2019-12-14T08:54:44.292527abusebot-6.cloudsearch.cf sshd\[11729\]: Invalid user farlee from 129.146.175.93 port 43524 2019-12-14T08:54:44.300993abusebot-6.cloudsearch.cf sshd\[11729\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.146.175.93 2019-12-14T08:54:46.646249abusebot-6.cloudsearch.cf sshd\[11729\]: Failed password for invalid user farlee from 129.146.175.93 port 43524 ssh2 2019-12-14T09:04:42.295952abusebot-6.cloudsearch.cf sshd\[11779\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.146.175.93 user=bin	2019-12-14 22:00:19
49.235.39.126	attackbots	$f2bV_matches	2019-12-14 21:43:59
185.162.235.107	attackbotsspam	Dec 14 12:08:33 mail postfix/smtpd[18804]: warning: unknown[185.162.235.107]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Dec 14 12:08:33 mail postfix/smtpd[20020]: warning: unknown[185.162.235.107]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Dec 14 12:08:33 mail postfix/smtpd[20021]: warning: unknown[185.162.235.107]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Dec 14 12:08:33 mail postfix/smtpd[19939]: warning: unknown[185.162.235.107]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2019-12-14 21:55:58
164.132.102.168	attack	Invalid user apache from 164.132.102.168 port 42044	2019-12-14 21:50:02
106.12.55.39	attackbotsspam	SSH bruteforce (Triggered fail2ban)	2019-12-14 21:47:16

最近上报的IP列表

117.218.54.161	106.13.93.109	104.248.24.192	104.236.31.227
101.68.81.66	66.249.83.206	85.95.153.155	81.174.173.6
80.227.12.38	78.94.145.110	77.28.102.7	62.117.12.71
51.255.162.65	2.135.218.242	203.213.67.30	189.254.33.157
185.176.27.242	180.151.8.180	179.184.217.83	150.161.8.120