139.59.11.235 - IPInfo

基本信息:

城市(city): Bengaluru

省份(region): Karnataka

国家(country): India

运营商(isp): Digital Ocean Inc.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	2020-01-25T21:59:27.056835shield sshd\[29065\]: Invalid user chuan from 139.59.11.235 port 40844 2020-01-25T21:59:27.060912shield sshd\[29065\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.11.235 2020-01-25T21:59:29.452288shield sshd\[29065\]: Failed password for invalid user chuan from 139.59.11.235 port 40844 ssh2 2020-01-25T22:01:46.166357shield sshd\[29631\]: Invalid user guest3 from 139.59.11.235 port 39946 2020-01-25T22:01:46.169738shield sshd\[29631\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.11.235	2020-01-26 06:10:03
attackbotsspam	Unauthorized connection attempt detected from IP address 139.59.11.235 to port 2220 [J]	2020-01-25 13:12:44
attackspam	Unauthorized connection attempt detected from IP address 139.59.11.235 to port 2220 [J]	2020-01-25 05:54:46

类型

评论内容

时间

attack

2020-01-25T21:59:27.056835shield sshd\[29065\]: Invalid user chuan from 139.59.11.235 port 40844
2020-01-25T21:59:27.060912shield sshd\[29065\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.11.235
2020-01-25T21:59:29.452288shield sshd\[29065\]: Failed password for invalid user chuan from 139.59.11.235 port 40844 ssh2
2020-01-25T22:01:46.166357shield sshd\[29631\]: Invalid user guest3 from 139.59.11.235 port 39946
2020-01-25T22:01:46.169738shield sshd\[29631\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.11.235

2020-01-26 06:10:03

attackbotsspam

Unauthorized connection attempt detected from IP address 139.59.11.235 to port 2220 [J]

2020-01-25 13:12:44

attackspam

Unauthorized connection attempt detected from IP address 139.59.11.235 to port 2220 [J]

2020-01-25 05:54:46

相同子网IP讨论:

IP	类型	评论内容	时间
139.59.11.31	attackproxy	, e.g. 127.0.0.1 or 2001:DB8:0:0:8:800:200C:417A	2023-01-16 21:48:53
139.59.116.115	attackspam	Oct 9 19:17:58 vps-51d81928 sshd[692298]: Failed password for root from 139.59.116.115 port 36468 ssh2 Oct 9 19:22:22 vps-51d81928 sshd[692415]: Invalid user mysql from 139.59.116.115 port 41912 Oct 9 19:22:22 vps-51d81928 sshd[692415]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.116.115 Oct 9 19:22:22 vps-51d81928 sshd[692415]: Invalid user mysql from 139.59.116.115 port 41912 Oct 9 19:22:25 vps-51d81928 sshd[692415]: Failed password for invalid user mysql from 139.59.116.115 port 41912 ssh2 ...	2020-10-10 06:05:43
139.59.116.115	attackbots	2020-10-09T15:36:12.025346ks3355764 sshd[13005]: Invalid user tf2 from 139.59.116.115 port 35304 2020-10-09T15:36:14.038962ks3355764 sshd[13005]: Failed password for invalid user tf2 from 139.59.116.115 port 35304 ssh2 ...	2020-10-09 22:12:25
139.59.116.115	attackbotsspam	Port scan denied	2020-10-09 14:02:44
139.59.116.115	attackbotsspam	[N3.H3.VM3] Port Scanner Detected Blocked by UFW	2020-10-04 05:42:11
139.59.11.66	attackspambots	Scanned 67 times in the last 24 hours on port 22	2020-10-01 08:07:44
139.59.11.66	attack	Invalid user admin from 139.59.11.66 port 48246	2020-10-01 00:39:37
139.59.11.66	attackbots	TCP (SYN) 139.59.11.66:47123 -> port 22, len 48	2020-09-30 09:50:50
139.59.11.66	attackspambots	TCP (SYN) 139.59.11.66:29278 -> port 22, len 48	2020-09-30 02:42:17
139.59.11.66	attackspambots	[N1.H1.VM1] Port Scanner Detected Blocked by UFW	2020-09-29 18:45:14
139.59.116.243	attack	Fail2Ban Ban Triggered	2020-09-29 03:03:54
139.59.11.66	attackbotsspam	Time: Mon Sep 28 18:48:41 2020 +0000 IP: 139.59.11.66 (IN/India/-) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Sep 28 18:47:48 29-1 sshd[18366]: Did not receive identification string from 139.59.11.66 port 37284 Sep 28 18:48:12 29-1 sshd[18444]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.11.66 user=root Sep 28 18:48:14 29-1 sshd[18444]: Failed password for root from 139.59.11.66 port 58320 ssh2 Sep 28 18:48:36 29-1 sshd[18481]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.11.66 user=root Sep 28 18:48:37 29-1 sshd[18481]: Failed password for root from 139.59.11.66 port 51980 ssh2	2020-09-29 02:53:19
139.59.116.243	attack	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-09-28 19:13:00
139.59.11.66	attack	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-09-28 19:00:55
139.59.116.243	attackbots	TCP (SYN) 139.59.116.243:59711 -> port 22790, len 44	2020-09-10 12:23:41

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.59.11.235
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2835
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.59.11.235.			IN	A

;; AUTHORITY SECTION:
.			501	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020012402 1800 900 604800 86400

;; Query time: 63 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Jan 25 05:54:43 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 235.11.59.139.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 235.11.59.139.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
202.65.135.91	attackbots	Dec 18 09:26:44 web8 sshd\[20004\]: Invalid user jh from 202.65.135.91 Dec 18 09:26:44 web8 sshd\[20004\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.65.135.91 Dec 18 09:26:45 web8 sshd\[20004\]: Failed password for invalid user jh from 202.65.135.91 port 43882 ssh2 Dec 18 09:32:57 web8 sshd\[23031\]: Invalid user hhh45688 from 202.65.135.91 Dec 18 09:32:57 web8 sshd\[23031\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.65.135.91	2019-12-18 17:35:53
1.9.46.177	attackspambots	Dec 18 10:37:46 mail sshd[14896]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.9.46.177 Dec 18 10:37:48 mail sshd[14896]: Failed password for invalid user flavor from 1.9.46.177 port 57637 ssh2 Dec 18 10:44:27 mail sshd[16102]: Failed password for backup from 1.9.46.177 port 60235 ssh2	2019-12-18 17:49:33
117.4.153.168	attackbotsspam	Unauthorized connection attempt detected from IP address 117.4.153.168 to port 445	2019-12-18 17:18:34
118.212.95.18	attackbotsspam	Dec 18 10:08:21 vps647732 sshd[9017]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.212.95.18 Dec 18 10:08:23 vps647732 sshd[9017]: Failed password for invalid user qwe123 from 118.212.95.18 port 58026 ssh2 ...	2019-12-18 17:21:28
92.222.216.81	attackspambots	Dec 18 08:48:26 sauna sshd[18180]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.222.216.81 Dec 18 08:48:28 sauna sshd[18180]: Failed password for invalid user ava from 92.222.216.81 port 32960 ssh2 ...	2019-12-18 17:30:53
186.67.248.8	attackbots	2019-12-18T07:43:56.458526Z 883a22b8838d New connection: 186.67.248.8:39690 (172.17.0.5:2222) [session: 883a22b8838d] 2019-12-18T08:20:09.423098Z cf1f182eca55 New connection: 186.67.248.8:49687 (172.17.0.5:2222) [session: cf1f182eca55]	2019-12-18 17:38:32
106.13.48.20	attackbotsspam	Dec 18 10:29:16 ns3042688 sshd\[10873\]: Invalid user anh from 106.13.48.20 Dec 18 10:29:16 ns3042688 sshd\[10873\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.20 Dec 18 10:29:18 ns3042688 sshd\[10873\]: Failed password for invalid user anh from 106.13.48.20 port 58940 ssh2 Dec 18 10:35:56 ns3042688 sshd\[14619\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.20 user=root Dec 18 10:35:58 ns3042688 sshd\[14619\]: Failed password for root from 106.13.48.20 port 56266 ssh2 ...	2019-12-18 17:41:50
185.208.211.234	attackspambots	2019-12-17 20:09:50 no host name found for IP address 185.208.211.234 2019-12-17 20:09:50 no host name found for IP address 185.208.211.234 2019-12-17 20:10:05 no host name found for IP address 185.208.211.234 2019-12-17 20:10:20 no host name found for IP address 185.208.211.234 2019-12-17 20:10:35 no host name found for IP address 185.208.211.234 2019-12-17 20:10:50 no host name found for IP address 185.208.211.234 2019-12-17 20:11:05 no host name found for IP address 185.208.211.234 2019-12-17 20:11:20 no host name found for IP address 185.208.211.234 2019-12-17 20:11:35 no host name found for IP address 185.208.211.234 2019-12-17 20:11:50 no host name found for IP address 185.208.211.234 2019-12-17 20:12:05 no host name found for IP address 185.208.211.234 2019-12-17 20:12:20 no host name found for IP address 185.208.211.234 2019-12-17 20:12:35 no host name found for IP address 185.208.211.234 2019-12-17 20:12:50 no host name found for IP address 185.208.211.234 2019-........ ------------------------------	2019-12-18 17:26:24
36.77.93.84	attackspam	Honeypot attack, port: 445, PTR: PTR record not found	2019-12-18 17:14:15
114.202.139.173	attackspambots	Dec 18 07:14:06 localhost sshd[51345]: Failed password for invalid user server from 114.202.139.173 port 41490 ssh2 Dec 18 07:28:10 localhost sshd[51707]: User smmsp from 114.202.139.173 not allowed because not listed in AllowUsers Dec 18 07:28:11 localhost sshd[51707]: Failed password for invalid user smmsp from 114.202.139.173 port 40516 ssh2	2019-12-18 17:37:52
159.203.176.82	attackbotsspam	fail2ban honeypot	2019-12-18 17:15:26
94.191.76.19	attackbotsspam	Dec 18 10:36:38 sd-53420 sshd\[6524\]: User root from 94.191.76.19 not allowed because none of user's groups are listed in AllowGroups Dec 18 10:36:38 sd-53420 sshd\[6524\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.191.76.19 user=root Dec 18 10:36:40 sd-53420 sshd\[6524\]: Failed password for invalid user root from 94.191.76.19 port 44882 ssh2 Dec 18 10:43:54 sd-53420 sshd\[9254\]: Invalid user eloise from 94.191.76.19 Dec 18 10:43:54 sd-53420 sshd\[9254\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.191.76.19 ...	2019-12-18 17:48:26
118.24.83.41	attack	Dec 18 04:02:25 TORMINT sshd\[12195\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.83.41 user=root Dec 18 04:02:27 TORMINT sshd\[12195\]: Failed password for root from 118.24.83.41 port 33694 ssh2 Dec 18 04:10:55 TORMINT sshd\[12650\]: Invalid user henten from 118.24.83.41 Dec 18 04:10:55 TORMINT sshd\[12650\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.83.41 ...	2019-12-18 17:17:37
182.61.2.249	attackspambots	[ssh] SSH attack	2019-12-18 17:30:17
194.190.163.112	attack	Dec 18 06:30:22 ws24vmsma01 sshd[241780]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.190.163.112 Dec 18 06:30:24 ws24vmsma01 sshd[241780]: Failed password for invalid user ching from 194.190.163.112 port 44712 ssh2 ...	2019-12-18 17:34:50

最近上报的IP列表

181.123.30.134	144.217.231.122	61.187.145.169	121.48.250.86
108.124.167.193	103.49.69.91	182.233.17.76	71.128.25.48
198.61.27.240	39.80.84.200	217.192.210.216	100.54.103.203
189.61.213.95	81.229.40.31	77.50.50.250	113.196.32.36
87.36.80.199	37.184.237.26	58.114.13.24	61.164.13.233