59.46.13.137 - IPInfo

基本信息:

城市(city): Beijing

省份(region): Beijing

国家(country): China

运营商(isp): ChinaNet Liaoning Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Oct 10 20:18:13 kernel: [22528.514245] IN=enp34s0 OUT= MAC=SERVERMAC SRC=59.46.13.137 DST=MYSERVERIP LEN=40 TOS=0x00 PREC=0x00 TTL=240 ID=58583 PROTO=TCP SPT=41713 DPT=1433 WINDOW=1024 RES=0x00 SYN URGP=0 Ports: 1433	2020-10-12 00:21:36
attackbots	Oct 10 20:18:13 kernel: [22528.514245] IN=enp34s0 OUT= MAC=SERVERMAC SRC=59.46.13.137 DST=MYSERVERIP LEN=40 TOS=0x00 PREC=0x00 TTL=240 ID=58583 PROTO=TCP SPT=41713 DPT=1433 WINDOW=1024 RES=0x00 SYN URGP=0 Ports: 1433	2020-10-11 16:20:01
attack	Oct 10 20:18:13 kernel: [22528.514245] IN=enp34s0 OUT= MAC=SERVERMAC SRC=59.46.13.137 DST=MYSERVERIP LEN=40 TOS=0x00 PREC=0x00 TTL=240 ID=58583 PROTO=TCP SPT=41713 DPT=1433 WINDOW=1024 RES=0x00 SYN URGP=0 Ports: 1433	2020-10-11 09:38:55

类型

评论内容

时间

attack

Oct 10 20:18:13  kernel: [22528.514245] IN=enp34s0 OUT= MAC=SERVERMAC SRC=59.46.13.137 DST=MYSERVERIP LEN=40 TOS=0x00 PREC=0x00 TTL=240 ID=58583 PROTO=TCP SPT=41713 DPT=1433 WINDOW=1024 RES=0x00 SYN URGP=0  Ports: 1433

2020-10-12 00:21:36

attackbots

Oct 10 20:18:13  kernel: [22528.514245] IN=enp34s0 OUT= MAC=SERVERMAC SRC=59.46.13.137 DST=MYSERVERIP LEN=40 TOS=0x00 PREC=0x00 TTL=240 ID=58583 PROTO=TCP SPT=41713 DPT=1433 WINDOW=1024 RES=0x00 SYN URGP=0  Ports: 1433

2020-10-11 16:20:01

attack

Oct 10 20:18:13  kernel: [22528.514245] IN=enp34s0 OUT= MAC=SERVERMAC SRC=59.46.13.137 DST=MYSERVERIP LEN=40 TOS=0x00 PREC=0x00 TTL=240 ID=58583 PROTO=TCP SPT=41713 DPT=1433 WINDOW=1024 RES=0x00 SYN URGP=0  Ports: 1433

2020-10-11 09:38:55

相同子网IP讨论:

IP	类型	评论内容	时间
59.46.13.139	attackbots	1433/tcp 1433/tcp [2020-10-02/05]2pkt	2020-10-07 00:58:54
59.46.13.139	attackbots	1433/tcp 1433/tcp [2020-10-02/05]2pkt	2020-10-06 16:52:18
59.46.13.135	attackspam	Listed on zen-spamhaus / proto=6 . srcport=45192 . dstport=1433 . (3626)	2020-09-26 07:10:34
59.46.13.135	attackspam	Listed on zen-spamhaus / proto=6 . srcport=45192 . dstport=1433 . (3626)	2020-09-26 00:19:50
59.46.13.135	attackspam	Listed on zen-spamhaus / proto=6 . srcport=45192 . dstport=1433 . (3626)	2020-09-25 15:55:13
59.46.136.141	attack	Aug 8 15:16:44 hosting sshd[32190]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.46.136.141 user=root Aug 8 15:16:46 hosting sshd[32190]: Failed password for root from 59.46.136.141 port 34299 ssh2 ...	2020-08-08 21:36:43
59.46.136.140	attackspam	Aug 5 14:09:19 PorscheCustomer sshd[14455]: Failed password for root from 59.46.136.140 port 35721 ssh2 Aug 5 14:14:10 PorscheCustomer sshd[14584]: Failed password for root from 59.46.136.140 port 36942 ssh2 ...	2020-08-05 22:00:05
59.46.136.140	attackbotsspam	DATE:2020-07-12 13:59:33, IP:59.46.136.140, PORT:ssh SSH brute force auth (docker-dc)	2020-07-12 20:28:21
59.46.136.138	attackspam	(sshd) Failed SSH login from 59.46.136.138 (CN/China/-): 5 in the last 3600 secs	2020-07-01 05:22:55
59.46.136.138	attackbotsspam	Invalid user wwu from 59.46.136.138 port 38926	2020-05-23 14:29:57
59.46.136.138	attack	May 9 19:02:08 ws12vmsma01 sshd[61610]: Invalid user oracle from 59.46.136.138 May 9 19:02:10 ws12vmsma01 sshd[61610]: Failed password for invalid user oracle from 59.46.136.138 port 44224 ssh2 May 9 19:06:11 ws12vmsma01 sshd[62157]: Invalid user test from 59.46.136.138 ...	2020-05-10 07:27:30
59.46.136.138	attackbotsspam	Apr 29 10:43:59 main sshd[20731]: Failed password for invalid user oracle from 59.46.136.138 port 54669 ssh2 Apr 29 10:49:53 main sshd[20852]: Failed password for invalid user grodriguez from 59.46.136.138 port 57563 ssh2 Apr 29 10:55:42 main sshd[20982]: Failed password for invalid user kube from 59.46.136.138 port 60456 ssh2 Apr 29 11:01:22 main sshd[21115]: Failed password for invalid user checkout from 59.46.136.138 port 35119 ssh2	2020-04-30 04:11:53
59.46.136.138	attack	$f2bV_matches	2020-04-13 14:49:50
59.46.138.42	attackbotsspam	Unauthorized connection attempt from IP address 59.46.138.42 on Port 445(SMB)	2019-09-09 21:08:13
59.46.136.54	attackbots	445/tcp 445/tcp 445/tcp... [2019-05-29/07-19]11pkt,1pt.(tcp)	2019-07-20 02:48:31

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 59.46.13.137
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 27234
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;59.46.13.137.			IN	A

;; AUTHORITY SECTION:
.			361	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020101002 1800 900 604800 86400

;; Query time: 117 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Oct 11 09:38:51 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 137.13.46.59.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 137.13.46.59.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
123.207.36.159	attackbotsspam	Automatic report - XMLRPC Attack	2019-10-13 18:48:57
178.62.64.107	attackspam	Triggered by Fail2Ban at Ares web server	2019-10-13 18:27:29
77.232.62.34	attackbots	Oct 13 05:45:16 MK-Soft-VM7 sshd[25119]: Failed password for root from 77.232.62.34 port 60201 ssh2 Oct 13 05:45:19 MK-Soft-VM7 sshd[25119]: Failed password for root from 77.232.62.34 port 60201 ssh2 ...	2019-10-13 19:02:17
185.176.27.254	attackspambots	10/13/2019-05:53:11.223470 185.176.27.254 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-10-13 19:01:08
119.28.105.127	attackspam	Automatic report - Banned IP Access	2019-10-13 18:29:49
39.87.241.26	attack	(Oct 13) LEN=40 TTL=49 ID=63467 TCP DPT=8080 WINDOW=49746 SYN (Oct 12) LEN=40 TTL=49 ID=33190 TCP DPT=8080 WINDOW=4227 SYN (Oct 12) LEN=40 TTL=49 ID=15684 TCP DPT=8080 WINDOW=4227 SYN (Oct 12) LEN=40 TTL=49 ID=8390 TCP DPT=8080 WINDOW=49746 SYN (Oct 11) LEN=40 TTL=49 ID=14186 TCP DPT=8080 WINDOW=4227 SYN (Oct 11) LEN=40 TTL=49 ID=16121 TCP DPT=8080 WINDOW=49746 SYN (Oct 11) LEN=40 TTL=49 ID=54947 TCP DPT=8080 WINDOW=4227 SYN (Oct 10) LEN=40 TTL=49 ID=15452 TCP DPT=8080 WINDOW=49746 SYN (Oct 10) LEN=40 TTL=49 ID=49679 TCP DPT=8080 WINDOW=49746 SYN (Oct 9) LEN=40 TTL=49 ID=23770 TCP DPT=8080 WINDOW=4227 SYN (Oct 9) LEN=40 TTL=49 ID=49850 TCP DPT=8080 WINDOW=4227 SYN (Oct 8) LEN=40 TTL=49 ID=30219 TCP DPT=8080 WINDOW=4227 SYN (Oct 7) LEN=40 TTL=49 ID=17281 TCP DPT=8080 WINDOW=49746 SYN (Oct 7) LEN=40 TTL=49 ID=6115 TCP DPT=8080 WINDOW=4227 SYN	2019-10-13 18:53:20
136.228.161.66	attackbots	2019-10-13T05:18:06.035515shield sshd\[8303\]: Invalid user Server@2015 from 136.228.161.66 port 47008 2019-10-13T05:18:06.039759shield sshd\[8303\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=136.228.161.66 2019-10-13T05:18:07.307218shield sshd\[8303\]: Failed password for invalid user Server@2015 from 136.228.161.66 port 47008 ssh2 2019-10-13T05:23:38.727437shield sshd\[9600\]: Invalid user Canon123 from 136.228.161.66 port 56844 2019-10-13T05:23:38.734033shield sshd\[9600\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=136.228.161.66	2019-10-13 18:27:54
185.121.168.254	attack	$f2bV_matches	2019-10-13 18:34:42
202.112.57.41	attackbotsspam	Lines containing failures of 202.112.57.41 Oct 6 04:42:58 shared02 sshd[3186]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.112.57.41 user=r.r Oct 6 04:43:00 shared02 sshd[3186]: Failed password for r.r from 202.112.57.41 port 44198 ssh2 Oct 6 04:43:01 shared02 sshd[3186]: Received disconnect from 202.112.57.41 port 44198:11: Bye Bye [preauth] Oct 6 04:43:01 shared02 sshd[3186]: Disconnected from authenticating user r.r 202.112.57.41 port 44198 [preauth] Oct 6 05:05:53 shared02 sshd[11174]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.112.57.41 user=r.r Oct 6 05:05:55 shared02 sshd[11174]: Failed password for r.r from 202.112.57.41 port 47288 ssh2 Oct 6 05:05:55 shared02 sshd[11174]: Received disconnect from 202.112.57.41 port 47288:11: Bye Bye [preauth] Oct 6 05:05:55 shared02 sshd[11174]: Disconnected from authenticating user r.r 202.112.57.41 port 47288 [preauth] Oc........ ------------------------------	2019-10-13 18:30:09
51.254.47.198	attackbotsspam	Oct 13 09:08:43 MK-Soft-Root1 sshd[14626]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.254.47.198 Oct 13 09:08:45 MK-Soft-Root1 sshd[14626]: Failed password for invalid user postgres from 51.254.47.198 port 45664 ssh2 ...	2019-10-13 18:17:11
119.28.19.161	attackbots	Oct 13 12:48:36 microserver sshd[1510]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.28.19.161 user=root Oct 13 12:48:38 microserver sshd[1510]: Failed password for root from 119.28.19.161 port 52202 ssh2 Oct 13 12:52:59 microserver sshd[2177]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.28.19.161 user=root Oct 13 12:53:02 microserver sshd[2177]: Failed password for root from 119.28.19.161 port 35144 ssh2 Oct 13 12:57:03 microserver sshd[2765]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.28.19.161 user=root Oct 13 13:09:57 microserver sshd[4257]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.28.19.161 user=root Oct 13 13:09:58 microserver sshd[4257]: Failed password for root from 119.28.19.161 port 51570 ssh2 Oct 13 13:14:10 microserver sshd[4843]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=s	2019-10-13 18:41:37
117.242.147.5	attackbots	117.242.147.5 has been banned for [spam] ...	2019-10-13 18:55:44
51.75.202.120	attackbots	Oct 13 07:06:35 ovpn sshd\[18659\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.202.120 user=root Oct 13 07:06:37 ovpn sshd\[18659\]: Failed password for root from 51.75.202.120 port 45917 ssh2 Oct 13 07:12:30 ovpn sshd\[19760\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.202.120 user=root Oct 13 07:12:32 ovpn sshd\[19760\]: Failed password for root from 51.75.202.120 port 42596 ssh2 Oct 13 07:16:56 ovpn sshd\[20624\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.202.120 user=root	2019-10-13 18:48:00
111.230.227.17	attackbots	Automatic report - Banned IP Access	2019-10-13 18:38:32
145.239.10.217	attackbotsspam	Oct 13 05:46:27 ns41 sshd[5121]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.10.217	2019-10-13 18:26:16

最近上报的IP列表

207.154.242.155	114.42.207.37	83.227.11.180	189.86.186.70
81.70.22.100	178.90.110.78	24.165.155.71	122.61.62.26
34.92.27.85	103.138.78.135	109.73.3.94	114.35.95.191
103.111.70.12	162.14.11.184	96.58.39.28	186.93.220.199
94.3.73.109	37.151.32.27	60.100.10.195	223.247.133.19