2.59.119.106 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Turkey

运营商(isp): Mehmet Uzunca

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	TR - 1H : (37) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : TR NAME ASN : ASN42926 IP : 2.59.119.106 CIDR : 2.59.119.0/24 PREFIX COUNT : 420 UNIQUE IP COUNT : 110848 WYKRYTE ATAKI Z ASN42926 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 1 INFO : SYN Flood DDoS Attack Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN - data recovery https://help-dysk.pl	2019-09-16 09:53:08

类型

评论内容

时间

attackspam

TR - 1H : (37)  Protection Against DDoS WordPress plugin :  
 "odzyskiwanie danych help-dysk" 
 IP Address Ranges by Country : TR 
 NAME ASN : ASN42926 
 
 IP : 2.59.119.106 
 
 CIDR : 2.59.119.0/24 
 
 PREFIX COUNT : 420 
 
 UNIQUE IP COUNT : 110848 
 
 
 WYKRYTE ATAKI Z ASN42926 :  
  1H - 1 
  3H - 1 
  6H - 1 
 12H - 1 
 24H - 1 
 
 INFO : SYN Flood DDoS Attack Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN  - data recovery 
  https://help-dysk.pl

2019-09-16 09:53:08

相同子网IP讨论:

IP	类型	评论内容	时间
2.59.119.46	attackbots	IP was detected trying to Brute-Force SSH, FTP, Web Apps, Port-Scan or Hacking.	2020-09-25 10:26:56
2.59.119.39	attack	IP was detected trying to Brute-Force SSH, FTP, Web Apps, Port-Scan or Hacking.	2020-02-24 18:04:30
2.59.119.72	attackspambots	WordPress XMLRPC scan :: 2.59.119.72 0.120 BYPASS [05/Jan/2020:04:55:17 0000] www.[censored_2] "POST /xmlrpc.php HTTP/1.1" 200 194 "https://www.[censored_2]/" "PHP/7.2.45"	2020-01-05 17:18:45
2.59.119.148	attackbotsspam	X-Barracuda-Envelope-From: mother@baconbrain.icu X-Barracuda-Effective-Source-IP: hostmaster.hostingdunyam.com.tr[160.20.109.5] X-Barracuda-Apparent-Source-IP: 160.20.109.5	2019-10-15 21:00:06
2.59.119.105	attackspam	php WP PHPmyadamin ABUSE blocked for 12h	2019-08-31 02:16:50

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 2.59.119.106
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 31879
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;2.59.119.106.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019091501 1800 900 604800 86400

;; Query time: 12 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Sep 16 09:53:02 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

106.119.59.2.in-addr.arpa domain name pointer hostmaster.hostingdunyam.com.tr.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
106.119.59.2.in-addr.arpa	name = hostmaster.hostingdunyam.com.tr.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
168.232.14.6	attackspam	port scan and connect, tcp 80 (http)	2019-09-26 17:29:11
194.67.216.94	attack	Sep 26 07:51:44 nextcloud sshd\[14450\]: Invalid user dods from 194.67.216.94 Sep 26 07:51:44 nextcloud sshd\[14450\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.67.216.94 Sep 26 07:51:46 nextcloud sshd\[14450\]: Failed password for invalid user dods from 194.67.216.94 port 48626 ssh2 ...	2019-09-26 17:41:57
193.112.191.228	attack	Sep 26 07:25:09 localhost sshd\[67876\]: Invalid user t from 193.112.191.228 port 60644 Sep 26 07:25:09 localhost sshd\[67876\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.191.228 Sep 26 07:25:11 localhost sshd\[67876\]: Failed password for invalid user t from 193.112.191.228 port 60644 ssh2 Sep 26 07:27:46 localhost sshd\[67962\]: Invalid user alysha from 193.112.191.228 port 56084 Sep 26 07:27:46 localhost sshd\[67962\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.191.228 ...	2019-09-26 17:08:45
119.96.227.19	attack	Sep 26 08:48:28 DAAP sshd[14800]: Invalid user rt from 119.96.227.19 port 55658 Sep 26 08:48:28 DAAP sshd[14800]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.96.227.19 Sep 26 08:48:28 DAAP sshd[14800]: Invalid user rt from 119.96.227.19 port 55658 Sep 26 08:48:30 DAAP sshd[14800]: Failed password for invalid user rt from 119.96.227.19 port 55658 ssh2 ...	2019-09-26 17:35:51
27.123.215.222	attackbotsspam	Attempt to attack host OS, exploiting network vulnerabilities, on 26-09-2019 04:45:32.	2019-09-26 17:36:50
171.22.148.17	attackbotsspam	Sep 25 06:24:00 mxgate1 postfix/postscreen[28403]: CONNECT from [171.22.148.17]:59049 to [176.31.12.44]:25 Sep 25 06:24:00 mxgate1 postfix/dnsblog[28538]: addr 171.22.148.17 listed by domain zen.spamhaus.org as 127.0.0.4 Sep 25 06:24:00 mxgate1 postfix/dnsblog[28538]: addr 171.22.148.17 listed by domain zen.spamhaus.org as 127.0.0.3 Sep 25 06:24:00 mxgate1 postfix/dnsblog[28536]: addr 171.22.148.17 listed by domain cbl.abuseat.org as 127.0.0.2 Sep 25 06:24:00 mxgate1 postfix/dnsblog[28537]: addr 171.22.148.17 listed by domain bl.spamcop.net as 127.0.0.2 Sep 25 06:24:01 mxgate1 postfix/postscreen[28403]: PREGREET 17 after 0.61 from [171.22.148.17]:59049: EHLO 009191.com Sep 25 06:24:01 mxgate1 postfix/dnsblog[28784]: addr 171.22.148.17 listed by domain ix.dnsbl.xxxxxx.net as 127.0.0.2 Sep 25 06:24:07 mxgate1 postfix/postscreen[28403]: DNSBL rank 5 for [171.22.148.17]:59049 Sep x@x Sep 25 06:24:11 mxgate1 postfix/postscreen[28403]: HANGUP after 3.9 from [171.22.148.17]:5........ -------------------------------	2019-09-26 17:20:37
188.162.234.146	attackbotsspam	Attempt to attack host OS, exploiting network vulnerabilities, on 26-09-2019 04:45:28.	2019-09-26 17:40:33
52.41.20.47	attackspambots	Sending out Netflix spam from IP 54.240.14.174 (amazon.com / amazonaws.com) I have NEVER been a Netflix customer and never asked for this junk. The website spammed out is https://www.netflix.com/signup/creditoption?nftoken=BQAbAAEBEA77T6CHfer3tv8qolkSAduAkLFC%2FFYUyiUS4Sdi62TDOAptLP7WiMxUQK74rIuN%2BRXrWDnwU8vxCNSC2khWG0ZmflN2tsqMsqNHMDWRdKmlf6XFVqwlgd%2BFLY2Nz88IH4y3pcuOeFYD5X9L4G9ZZfbRHvrmZF%2FjsAyUI1f5mpTFg3eEFWfNQayYDiVrbb%2FU65EF%2B0XXrVI0T4jKa2zmCB8w5g%3D%3D&lnktrk=EMP&g=AEF2F71097E503EBEB44921E2720235C64526E40&lkid=URL_SIGNUP_CREDIT IPs: 54.69.16.110, 54.70.73.70, 54.149.101.155, 54.201.91.38, 54.213.182.74, 52.37.77.112, 52.41.20.47, 52.41.193.16 (amazon.com / amazonaws.com) amazon are pure scumbags who allow their customers to send out spam and do nothing about it! Report via email and website at https://support.aws.amazon.com/#/contacts/report-abuse	2019-09-26 17:14:27
148.70.101.245	attackbots	Sep 23 22:38:07 www sshd[1968]: Failed password for invalid user erreur from 148.70.101.245 port 50566 ssh2 Sep 23 22:38:08 www sshd[1968]: Received disconnect from 148.70.101.245 port 50566:11: Bye Bye [preauth] Sep 23 22:38:08 www sshd[1968]: Disconnected from 148.70.101.245 port 50566 [preauth] Sep 23 22:53:09 www sshd[2987]: Failed password for invalid user miguel from 148.70.101.245 port 42762 ssh2 Sep 23 22:53:10 www sshd[2987]: Received disconnect from 148.70.101.245 port 42762:11: Bye Bye [preauth] Sep 23 22:53:10 www sshd[2987]: Disconnected from 148.70.101.245 port 42762 [preauth] Sep 23 22:57:41 www sshd[3227]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.101.245 user=sshd Sep 23 22:57:43 www sshd[3227]: Failed password for sshd from 148.70.101.245 port 58774 ssh2 Sep 23 22:57:43 www sshd[3227]: Received disconnect from 148.70.101.245 port 58774:11: Bye Bye [preauth] Sep 23 22:57:43 www sshd[3227]: Disconnect........ -------------------------------	2019-09-26 17:11:53
171.225.223.211	attackbots	Attempt to attack host OS, exploiting network vulnerabilities, on 26-09-2019 04:45:26.	2019-09-26 17:45:03
43.226.39.221	attackspam	Sep 26 04:29:25 game-panel sshd[1185]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.226.39.221 Sep 26 04:29:27 game-panel sshd[1185]: Failed password for invalid user ee from 43.226.39.221 port 36654 ssh2 Sep 26 04:32:46 game-panel sshd[1266]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.226.39.221	2019-09-26 17:21:08
51.68.44.158	attack	Sep 26 10:14:34 lnxmysql61 sshd[15259]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.44.158	2019-09-26 17:16:26
77.82.206.218	attack	Attempt to attack host OS, exploiting network vulnerabilities, on 26-09-2019 04:45:34.	2019-09-26 17:31:44
115.159.237.70	attackbotsspam	Sep 26 06:36:45 eventyay sshd[1083]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.159.237.70 Sep 26 06:36:48 eventyay sshd[1083]: Failed password for invalid user yp from 115.159.237.70 port 54104 ssh2 Sep 26 06:41:31 eventyay sshd[1178]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.159.237.70 ...	2019-09-26 17:27:05
213.131.62.230	attack	Attempt to attack host OS, exploiting network vulnerabilities, on 26-09-2019 04:45:31.	2019-09-26 17:35:16

最近上报的IP列表

183.239.61.55	222.139.3.0	168.63.154.174	162.241.65.246
84.15.160.187	70.113.83.144	159.203.193.54	36.251.143.239
37.114.172.67	128.46.69.104	155.208.82.240	93.176.173.225
198.25.243.120	185.36.81.251	212.95.90.35	159.192.230.28
109.236.50.49	62.176.9.128	89.22.166.70	129.51.246.207