139.59.116.243

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): India

运营商(isp): Digital Ocean Inc.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Fail2Ban Ban Triggered	2020-09-29 03:03:54
attack	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-09-28 19:13:00
attackbots	TCP (SYN) 139.59.116.243:59711 -> port 22790, len 44	2020-09-10 12:23:41
attack	firewall-block, port(s): 11517/tcp	2020-09-01 20:14:50
attackbotsspam	Aug 23 23:10:49 cosmoit sshd[15118]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.116.243	2020-08-24 05:17:33
attack	2020-08-21T10:50:18.222177lavrinenko.info sshd[681]: Failed password for root from 139.59.116.243 port 55046 ssh2 2020-08-21T10:53:13.867419lavrinenko.info sshd[878]: Invalid user ld from 139.59.116.243 port 53164 2020-08-21T10:53:13.872151lavrinenko.info sshd[878]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.116.243 2020-08-21T10:53:13.867419lavrinenko.info sshd[878]: Invalid user ld from 139.59.116.243 port 53164 2020-08-21T10:53:15.853536lavrinenko.info sshd[878]: Failed password for invalid user ld from 139.59.116.243 port 53164 ssh2 ...	2020-08-21 16:00:19
attackspam	TCP (SYN) 139.59.116.243:44476 -> port 21144, len 44	2020-08-20 09:02:21
attackspam	TCP (SYN) 139.59.116.243:56894 -> port 17544, len 44	2020-08-18 08:12:36
attackbotsspam	Port scan denied	2020-08-13 16:10:29
attackbotsspam	Port scan denied	2020-08-09 15:13:05
attackspam	Sent packet to closed port: 1501	2020-08-09 02:45:46
attackspam	07/25/2020-14:09:18.154718 139.59.116.243 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-07-26 02:16:58
attackbotsspam	TCP (SYN) 139.59.116.243:55229 -> port 8937, len 44	2020-07-19 14:57:22
attackspam	Jul 8 19:23:17 santamaria sshd\[31925\]: Invalid user cxy from 139.59.116.243 Jul 8 19:23:17 santamaria sshd\[31925\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.116.243 Jul 8 19:23:19 santamaria sshd\[31925\]: Failed password for invalid user cxy from 139.59.116.243 port 48974 ssh2 ...	2020-07-09 01:28:28
attackspambots	TCP (SYN) 139.59.116.243:54348 -> port 32224, len 44	2020-07-08 03:34:01
attack	SIP/5060 Probe, BF, Hack -	2020-07-06 17:48:30
attackspambots	May 27 20:19:41 legacy sshd[2791]: Failed password for root from 139.59.116.243 port 39396 ssh2 May 27 20:22:18 legacy sshd[2864]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.116.243 May 27 20:22:20 legacy sshd[2864]: Failed password for invalid user testing from 139.59.116.243 port 45934 ssh2 ...	2020-05-28 02:34:46
attack	May 16 04:50:47 server sshd[5059]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.116.243 May 16 04:50:48 server sshd[5059]: Failed password for invalid user user from 139.59.116.243 port 44870 ssh2 May 16 04:55:26 server sshd[5448]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.116.243 ...	2020-05-16 19:20:54
attack	$f2bV_matches	2020-05-10 17:52:51
attackbots	May 10 02:23:49 gw1 sshd[22835]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.116.243 May 10 02:23:51 gw1 sshd[22835]: Failed password for invalid user oyvind from 139.59.116.243 port 37700 ssh2 ...	2020-05-10 06:02:05
attackspam	SSH Brute-Force attacks	2020-05-03 05:20:23
attack	Apr 29 15:56:07 server1 sshd\[23530\]: Invalid user invoices from 139.59.116.243 Apr 29 15:56:07 server1 sshd\[23530\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.116.243 Apr 29 15:56:09 server1 sshd\[23530\]: Failed password for invalid user invoices from 139.59.116.243 port 54172 ssh2 Apr 29 16:01:22 server1 sshd\[25558\]: Invalid user derby from 139.59.116.243 Apr 29 16:01:22 server1 sshd\[25558\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.116.243 ...	2020-04-30 06:15:50
attack	SSH brute-force attempt	2020-04-27 18:03:38
attackspam	Apr 26 21:05:07 h2646465 sshd[24034]: Invalid user core from 139.59.116.243 Apr 26 21:05:07 h2646465 sshd[24034]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.116.243 Apr 26 21:05:07 h2646465 sshd[24034]: Invalid user core from 139.59.116.243 Apr 26 21:05:09 h2646465 sshd[24034]: Failed password for invalid user core from 139.59.116.243 port 40474 ssh2 Apr 26 22:34:01 h2646465 sshd[3426]: Invalid user jiao from 139.59.116.243 Apr 26 22:34:01 h2646465 sshd[3426]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.116.243 Apr 26 22:34:01 h2646465 sshd[3426]: Invalid user jiao from 139.59.116.243 Apr 26 22:34:03 h2646465 sshd[3426]: Failed password for invalid user jiao from 139.59.116.243 port 35220 ssh2 Apr 26 22:40:08 h2646465 sshd[4422]: Invalid user cole from 139.59.116.243 ...	2020-04-27 05:10:06
attackbotsspam	Invalid user oa from 139.59.116.243 port 43654	2020-04-21 20:42:35
attack	Apr 13 07:02:14 mout sshd[22186]: Connection closed by 139.59.116.243 port 53032 [preauth]	2020-04-13 13:56:49
attackspambots	Apr 12 03:05:32 gw1 sshd[15744]: Failed password for root from 139.59.116.243 port 44126 ssh2 ...	2020-04-12 06:25:47
attackbotsspam	Apr 10 17:12:11 vmd17057 sshd[31441]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.116.243 Apr 10 17:12:13 vmd17057 sshd[31441]: Failed password for invalid user dan from 139.59.116.243 port 53504 ssh2 ...	2020-04-11 00:52:00

相同子网IP讨论:

IP	类型	评论内容	时间
139.59.116.115	attackspam	Oct 9 19:17:58 vps-51d81928 sshd[692298]: Failed password for root from 139.59.116.115 port 36468 ssh2 Oct 9 19:22:22 vps-51d81928 sshd[692415]: Invalid user mysql from 139.59.116.115 port 41912 Oct 9 19:22:22 vps-51d81928 sshd[692415]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.116.115 Oct 9 19:22:22 vps-51d81928 sshd[692415]: Invalid user mysql from 139.59.116.115 port 41912 Oct 9 19:22:25 vps-51d81928 sshd[692415]: Failed password for invalid user mysql from 139.59.116.115 port 41912 ssh2 ...	2020-10-10 06:05:43
139.59.116.115	attackbots	2020-10-09T15:36:12.025346ks3355764 sshd[13005]: Invalid user tf2 from 139.59.116.115 port 35304 2020-10-09T15:36:14.038962ks3355764 sshd[13005]: Failed password for invalid user tf2 from 139.59.116.115 port 35304 ssh2 ...	2020-10-09 22:12:25
139.59.116.115	attackbotsspam	Port scan denied	2020-10-09 14:02:44
139.59.116.115	attackbotsspam	[N3.H3.VM3] Port Scanner Detected Blocked by UFW	2020-10-04 05:42:11
139.59.116.115	attack	Aug 27 23:01:13 sip sshd[1441771]: Invalid user admin from 139.59.116.115 port 49294 Aug 27 23:01:15 sip sshd[1441771]: Failed password for invalid user admin from 139.59.116.115 port 49294 ssh2 Aug 27 23:07:30 sip sshd[1441838]: Invalid user teste from 139.59.116.115 port 37416 ...	2020-08-28 06:45:00
139.59.116.115	attackspam	TCP port : 30511	2020-08-23 18:27:20
139.59.116.115	attack	SIP/5060 Probe, BF, Hack -	2020-08-21 16:11:54
139.59.116.115	attackspam	TCP (SYN) 139.59.116.115:46984 -> port 19703, len 44	2020-08-15 04:20:42
139.59.116.115	attack	Port scan denied	2020-08-13 16:56:37
139.59.116.115	attack	Port Scan detected from 139.59.116.115 (SG/Singapore/-/Singapore (Pioneer)/-). 4 hits in the last 261 seconds	2020-08-10 20:31:58
139.59.116.115	attack	Aug 7 20:15:20 sip sshd[1226514]: Failed password for root from 139.59.116.115 port 44400 ssh2 Aug 7 20:19:25 sip sshd[1226534]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.116.115 user=root Aug 7 20:19:28 sip sshd[1226534]: Failed password for root from 139.59.116.115 port 56108 ssh2 ...	2020-08-08 02:53:29
139.59.116.115	attackbotsspam	Jul 28 12:21:08 rush sshd[9776]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.116.115 Jul 28 12:21:10 rush sshd[9776]: Failed password for invalid user uehara from 139.59.116.115 port 54090 ssh2 Jul 28 12:28:17 rush sshd[9948]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.116.115 ...	2020-07-28 21:17:12
139.59.116.115	attackspambots	2020-07-28T03:55:31.779400shield sshd\[17703\]: Invalid user helirong from 139.59.116.115 port 51884 2020-07-28T03:55:31.788286shield sshd\[17703\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.116.115 2020-07-28T03:55:34.347098shield sshd\[17703\]: Failed password for invalid user helirong from 139.59.116.115 port 51884 ssh2 2020-07-28T03:57:49.879215shield sshd\[18226\]: Invalid user bitnami from 139.59.116.115 port 46988 2020-07-28T03:57:49.890278shield sshd\[18226\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.116.115	2020-07-28 12:14:47
139.59.116.115	attackspam	Jul 19 19:16:05 sachi sshd\[9864\]: Invalid user hill from 139.59.116.115 Jul 19 19:16:05 sachi sshd\[9864\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.116.115 Jul 19 19:16:07 sachi sshd\[9864\]: Failed password for invalid user hill from 139.59.116.115 port 40746 ssh2 Jul 19 19:20:35 sachi sshd\[10297\]: Invalid user bill from 139.59.116.115 Jul 19 19:20:35 sachi sshd\[10297\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.116.115	2020-07-20 15:20:28
139.59.116.115	attack	" "	2020-07-20 05:58:22

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.59.116.243
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 5610
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.59.116.243.			IN	A

;; AUTHORITY SECTION:
.			404	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020041000 1800 900 604800 86400

;; Query time: 142 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Apr 11 00:51:52 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 243.116.59.139.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 243.116.59.139.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
1.204.250.32	attackspam	badbot	2019-11-20 17:57:27
45.224.105.42	attackbotsspam	Dovecot Brute-Force	2019-11-20 18:15:56
59.152.237.118	attackbots	2019-11-20T09:37:46.736282abusebot-6.cloudsearch.cf sshd\[27216\]: Invalid user yyyyy from 59.152.237.118 port 46016	2019-11-20 18:30:49
106.52.18.180	attackbotsspam	Nov 20 10:15:42 cavern sshd[16730]: Failed password for root from 106.52.18.180 port 41114 ssh2	2019-11-20 18:18:33
159.65.184.154	attackspambots	php WP PHPmyadamin ABUSE blocked for 12h	2019-11-20 18:05:32
113.140.6.196	attackbotsspam	badbot	2019-11-20 18:23:43
121.23.213.11	attackbots	badbot	2019-11-20 18:30:03
51.91.20.174	attackspambots	Invalid user yvie from 51.91.20.174 port 58184	2019-11-20 18:10:28
93.107.168.96	attackbots	Invalid user rpm from 93.107.168.96 port 37311	2019-11-20 18:32:36
182.61.132.165	attackbots	Nov 20 10:42:02 v22018086721571380 sshd[3600]: Failed password for invalid user 0000000000 from 182.61.132.165 port 45676 ssh2	2019-11-20 18:00:22
148.72.210.28	attackspam	Nov 20 06:42:56 ldap01vmsma01 sshd[10457]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.72.210.28 Nov 20 06:42:58 ldap01vmsma01 sshd[10457]: Failed password for invalid user rpm from 148.72.210.28 port 59328 ssh2 ...	2019-11-20 18:16:20
144.91.93.239	attack	ET SCAN Sipvicious Scan - port: 5060 proto: UDP cat: Attempted Information Leak	2019-11-20 18:18:03
106.13.39.207	attack	Nov 20 09:56:19 minden010 sshd[4491]: Failed password for root from 106.13.39.207 port 54630 ssh2 Nov 20 10:01:10 minden010 sshd[6948]: Failed password for root from 106.13.39.207 port 57802 ssh2 Nov 20 10:06:07 minden010 sshd[12420]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.39.207 ...	2019-11-20 17:57:41
182.247.60.182	attackbotsspam	badbot	2019-11-20 17:59:56
37.139.13.105	attackspambots	Nov 20 03:25:34 ws24vmsma01 sshd[135277]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.13.105 Nov 20 03:25:36 ws24vmsma01 sshd[135277]: Failed password for invalid user ftp from 37.139.13.105 port 44202 ssh2 ...	2019-11-20 18:21:50

最近上报的IP列表

110.168.208.204	167.71.223.41	108.61.182.180	201.218.215.106
85.209.0.134	84.17.46.154	115.74.212.116	192.168.03.1
192.168.3.1	109.169.76.163	20.186.71.226	190.111.140.239
120.92.78.188	104.236.156.136	101.91.176.67	216.228.80.170
116.105.108.162	189.159.114.41	191.7.28.50	5.95.50.96