59.148.136.149

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Hong Kong

运营商(isp): Hong Kong Broadband Network Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Time: Sat Sep 12 12:58:56 2020 -0400 IP: 59.148.136.149 (HK/Hong Kong/059148136149.ctinets.com) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Sep 12 12:58:46 pv-11-ams1 sshd[14736]: Invalid user admin from 59.148.136.149 port 48861 Sep 12 12:58:48 pv-11-ams1 sshd[14736]: Failed password for invalid user admin from 59.148.136.149 port 48861 ssh2 Sep 12 12:58:50 pv-11-ams1 sshd[14740]: Invalid user admin from 59.148.136.149 port 48937 Sep 12 12:58:53 pv-11-ams1 sshd[14740]: Failed password for invalid user admin from 59.148.136.149 port 48937 ssh2 Sep 12 12:58:55 pv-11-ams1 sshd[14743]: Invalid user admin from 59.148.136.149 port 49083	2020-09-13 23:27:40
attackspambots	Time: Sat Sep 12 12:58:56 2020 -0400 IP: 59.148.136.149 (HK/Hong Kong/059148136149.ctinets.com) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Sep 12 12:58:46 pv-11-ams1 sshd[14736]: Invalid user admin from 59.148.136.149 port 48861 Sep 12 12:58:48 pv-11-ams1 sshd[14736]: Failed password for invalid user admin from 59.148.136.149 port 48861 ssh2 Sep 12 12:58:50 pv-11-ams1 sshd[14740]: Invalid user admin from 59.148.136.149 port 48937 Sep 12 12:58:53 pv-11-ams1 sshd[14740]: Failed password for invalid user admin from 59.148.136.149 port 48937 ssh2 Sep 12 12:58:55 pv-11-ams1 sshd[14743]: Invalid user admin from 59.148.136.149 port 49083	2020-09-13 15:20:55
attackbots	Time: Sat Sep 12 12:58:56 2020 -0400 IP: 59.148.136.149 (HK/Hong Kong/059148136149.ctinets.com) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Sep 12 12:58:46 pv-11-ams1 sshd[14736]: Invalid user admin from 59.148.136.149 port 48861 Sep 12 12:58:48 pv-11-ams1 sshd[14736]: Failed password for invalid user admin from 59.148.136.149 port 48861 ssh2 Sep 12 12:58:50 pv-11-ams1 sshd[14740]: Invalid user admin from 59.148.136.149 port 48937 Sep 12 12:58:53 pv-11-ams1 sshd[14740]: Failed password for invalid user admin from 59.148.136.149 port 48937 ssh2 Sep 12 12:58:55 pv-11-ams1 sshd[14743]: Invalid user admin from 59.148.136.149 port 49083	2020-09-13 07:04:15

类型

评论内容

时间

attackbots

Time:     Sat Sep 12 12:58:56 2020 -0400
IP:       59.148.136.149 (HK/Hong Kong/059148136149.ctinets.com)
Failures: 5 (sshd)
Interval: 3600 seconds
Blocked:  Permanent Block [LF_SSHD]

Log entries:

Sep 12 12:58:46 pv-11-ams1 sshd[14736]: Invalid user admin from 59.148.136.149 port 48861
Sep 12 12:58:48 pv-11-ams1 sshd[14736]: Failed password for invalid user admin from 59.148.136.149 port 48861 ssh2
Sep 12 12:58:50 pv-11-ams1 sshd[14740]: Invalid user admin from 59.148.136.149 port 48937
Sep 12 12:58:53 pv-11-ams1 sshd[14740]: Failed password for invalid user admin from 59.148.136.149 port 48937 ssh2
Sep 12 12:58:55 pv-11-ams1 sshd[14743]: Invalid user admin from 59.148.136.149 port 49083

2020-09-13 23:27:40

attackspambots

Time:     Sat Sep 12 12:58:56 2020 -0400
IP:       59.148.136.149 (HK/Hong Kong/059148136149.ctinets.com)
Failures: 5 (sshd)
Interval: 3600 seconds
Blocked:  Permanent Block [LF_SSHD]

Log entries:

Sep 12 12:58:46 pv-11-ams1 sshd[14736]: Invalid user admin from 59.148.136.149 port 48861
Sep 12 12:58:48 pv-11-ams1 sshd[14736]: Failed password for invalid user admin from 59.148.136.149 port 48861 ssh2
Sep 12 12:58:50 pv-11-ams1 sshd[14740]: Invalid user admin from 59.148.136.149 port 48937
Sep 12 12:58:53 pv-11-ams1 sshd[14740]: Failed password for invalid user admin from 59.148.136.149 port 48937 ssh2
Sep 12 12:58:55 pv-11-ams1 sshd[14743]: Invalid user admin from 59.148.136.149 port 49083

2020-09-13 15:20:55

attackbots

Time:     Sat Sep 12 12:58:56 2020 -0400
IP:       59.148.136.149 (HK/Hong Kong/059148136149.ctinets.com)
Failures: 5 (sshd)
Interval: 3600 seconds
Blocked:  Permanent Block [LF_SSHD]

Log entries:

Sep 12 12:58:46 pv-11-ams1 sshd[14736]: Invalid user admin from 59.148.136.149 port 48861
Sep 12 12:58:48 pv-11-ams1 sshd[14736]: Failed password for invalid user admin from 59.148.136.149 port 48861 ssh2
Sep 12 12:58:50 pv-11-ams1 sshd[14740]: Invalid user admin from 59.148.136.149 port 48937
Sep 12 12:58:53 pv-11-ams1 sshd[14740]: Failed password for invalid user admin from 59.148.136.149 port 48937 ssh2
Sep 12 12:58:55 pv-11-ams1 sshd[14743]: Invalid user admin from 59.148.136.149 port 49083

2020-09-13 07:04:15

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 59.148.136.149
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 22978
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;59.148.136.149.			IN	A

;; AUTHORITY SECTION:
.			275	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020091202 1800 900 604800 86400

;; Query time: 77 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Sep 13 07:04:12 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

149.136.148.59.in-addr.arpa domain name pointer 059148136149.ctinets.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
149.136.148.59.in-addr.arpa	name = 059148136149.ctinets.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
41.65.68.70	attackbots	Unauthorised access (Mar 5) SRC=41.65.68.70 LEN=44 TTL=241 ID=49431 TCP DPT=1433 WINDOW=1024 SYN	2020-03-05 13:09:02
27.254.130.60	attack	Mar 5 00:10:56 plusreed sshd[22456]: Invalid user wuwei from 27.254.130.60 ...	2020-03-05 13:35:25
212.34.240.65	attackspam	Unauthorised access (Mar 5) SRC=212.34.240.65 LEN=40 TTL=113 ID=256 TCP DPT=139 WINDOW=16384 SYN Unauthorised access (Mar 4) SRC=212.34.240.65 LEN=40 TTL=110 ID=256 TCP DPT=139 WINDOW=16384 SYN Unauthorised access (Mar 3) SRC=212.34.240.65 LEN=40 TTL=111 ID=256 TCP DPT=139 WINDOW=16384 SYN Unauthorised access (Mar 2) SRC=212.34.240.65 LEN=40 TTL=113 ID=256 TCP DPT=139 WINDOW=16384 SYN	2020-03-05 13:05:26
111.230.141.189	attackbotsspam	2020-03-05T05:08:23.034820shield sshd\[9486\]: Invalid user wrchang from 111.230.141.189 port 51170 2020-03-05T05:08:23.042473shield sshd\[9486\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.230.141.189 2020-03-05T05:08:25.263977shield sshd\[9486\]: Failed password for invalid user wrchang from 111.230.141.189 port 51170 ssh2 2020-03-05T05:15:14.319591shield sshd\[10434\]: Invalid user bliu from 111.230.141.189 port 60014 2020-03-05T05:15:14.324260shield sshd\[10434\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.230.141.189	2020-03-05 13:32:11
167.172.246.43	attackbotsspam	Mar 5 00:30:16 plusreed sshd[26977]: Invalid user chang from 167.172.246.43 ...	2020-03-05 13:43:01
114.104.158.172	attack	failed_logins	2020-03-05 13:10:23
141.98.10.141	attack	2020-03-05 05:47:24 dovecot_login authenticator failed for \(User\) \[141.98.10.141\]: 535 Incorrect authentication data \(set_id=office@no-server.de\) 2020-03-05 05:51:34 dovecot_login authenticator failed for \(User\) \[141.98.10.141\]: 535 Incorrect authentication data \(set_id=aaaaaaaaaa\) 2020-03-05 05:53:36 dovecot_login authenticator failed for \(User\) \[141.98.10.141\]: 535 Incorrect authentication data \(set_id=office@no-server.de\) 2020-03-05 05:55:12 dovecot_login authenticator failed for \(User\) \[141.98.10.141\]: 535 Incorrect authentication data \(set_id=aaaaaaaaaa\) 2020-03-05 05:55:21 dovecot_login authenticator failed for \(User\) \[141.98.10.141\]: 535 Incorrect authentication data \(set_id=aaaaaaaaaa\) ...	2020-03-05 13:00:50
114.84.180.113	attackspambots	2020-03-04T21:54:25.964767linuxbox-skyline sshd[135140]: Invalid user rstudio-server from 114.84.180.113 port 37202 ...	2020-03-05 13:41:42
222.186.173.154	attackspam	Mar 5 06:23:01 vps691689 sshd[27326]: Failed password for root from 222.186.173.154 port 35086 ssh2 Mar 5 06:23:15 vps691689 sshd[27326]: Failed password for root from 222.186.173.154 port 35086 ssh2 Mar 5 06:23:15 vps691689 sshd[27326]: error: maximum authentication attempts exceeded for root from 222.186.173.154 port 35086 ssh2 [preauth] ...	2020-03-05 13:26:11
62.210.140.151	attackspam	xmlrpc attack	2020-03-05 13:12:12
201.205.137.34	attackspambots	Mar 5 05:54:56 debian-2gb-nbg1-2 kernel: \[5643267.595907\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=201.205.137.34 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=50 ID=20546 PROTO=TCP SPT=33696 DPT=23 WINDOW=41860 RES=0x00 SYN URGP=0	2020-03-05 13:20:42
164.132.111.76	attack	Mar 5 10:21:15 gw1 sshd[18193]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.132.111.76 Mar 5 10:21:17 gw1 sshd[18193]: Failed password for invalid user linqj from 164.132.111.76 port 37192 ssh2 ...	2020-03-05 13:36:19
103.68.9.118	attackbotsspam	Automatic report - XMLRPC Attack	2020-03-05 13:07:11
112.215.172.212	attackbotsspam	1583384092 - 03/05/2020 05:54:52 Host: 112.215.172.212/112.215.172.212 Port: 445 TCP Blocked	2020-03-05 13:23:50
122.228.19.79	attackbotsspam	122.228.19.79 was recorded 20 times by 5 hosts attempting to connect to the following ports: 11300,5632,623,64738,40001,8090,9000,8010,8333,9001,8140,4800,1433,6000,5222,1099,5443,20476,5351,7. Incident counter (4h, 24h, all-time): 20, 94, 15364	2020-03-05 13:05:08

最近上报的IP列表

198.2.109.207	186.154.36.194	180.253.28.239	203.212.251.103
193.7.200.114	27.7.177.15	36.81.245.83	186.124.218.62
134.73.73.117	112.251.184.172	94.204.6.137	62.77.233.66
203.212.236.242	165.232.106.24	68.183.89.216	36.148.22.126
112.251.212.157	13.85.19.58	62.4.23.127	57.82.131.230