139.59.116.243

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): India

运营商(isp): Digital Ocean Inc.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Fail2Ban Ban Triggered	2020-09-29 03:03:54
attack	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-09-28 19:13:00
attackbots	TCP (SYN) 139.59.116.243:59711 -> port 22790, len 44	2020-09-10 12:23:41
attack	firewall-block, port(s): 11517/tcp	2020-09-01 20:14:50
attackbotsspam	Aug 23 23:10:49 cosmoit sshd[15118]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.116.243	2020-08-24 05:17:33
attack	2020-08-21T10:50:18.222177lavrinenko.info sshd[681]: Failed password for root from 139.59.116.243 port 55046 ssh2 2020-08-21T10:53:13.867419lavrinenko.info sshd[878]: Invalid user ld from 139.59.116.243 port 53164 2020-08-21T10:53:13.872151lavrinenko.info sshd[878]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.116.243 2020-08-21T10:53:13.867419lavrinenko.info sshd[878]: Invalid user ld from 139.59.116.243 port 53164 2020-08-21T10:53:15.853536lavrinenko.info sshd[878]: Failed password for invalid user ld from 139.59.116.243 port 53164 ssh2 ...	2020-08-21 16:00:19
attackspam	TCP (SYN) 139.59.116.243:44476 -> port 21144, len 44	2020-08-20 09:02:21
attackspam	TCP (SYN) 139.59.116.243:56894 -> port 17544, len 44	2020-08-18 08:12:36
attackbotsspam	Port scan denied	2020-08-13 16:10:29
attackbotsspam	Port scan denied	2020-08-09 15:13:05
attackspam	Sent packet to closed port: 1501	2020-08-09 02:45:46
attackspam	07/25/2020-14:09:18.154718 139.59.116.243 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-07-26 02:16:58
attackbotsspam	TCP (SYN) 139.59.116.243:55229 -> port 8937, len 44	2020-07-19 14:57:22
attackspam	Jul 8 19:23:17 santamaria sshd\[31925\]: Invalid user cxy from 139.59.116.243 Jul 8 19:23:17 santamaria sshd\[31925\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.116.243 Jul 8 19:23:19 santamaria sshd\[31925\]: Failed password for invalid user cxy from 139.59.116.243 port 48974 ssh2 ...	2020-07-09 01:28:28
attackspambots	TCP (SYN) 139.59.116.243:54348 -> port 32224, len 44	2020-07-08 03:34:01
attack	SIP/5060 Probe, BF, Hack -	2020-07-06 17:48:30
attackspambots	May 27 20:19:41 legacy sshd[2791]: Failed password for root from 139.59.116.243 port 39396 ssh2 May 27 20:22:18 legacy sshd[2864]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.116.243 May 27 20:22:20 legacy sshd[2864]: Failed password for invalid user testing from 139.59.116.243 port 45934 ssh2 ...	2020-05-28 02:34:46
attack	May 16 04:50:47 server sshd[5059]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.116.243 May 16 04:50:48 server sshd[5059]: Failed password for invalid user user from 139.59.116.243 port 44870 ssh2 May 16 04:55:26 server sshd[5448]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.116.243 ...	2020-05-16 19:20:54
attack	$f2bV_matches	2020-05-10 17:52:51
attackbots	May 10 02:23:49 gw1 sshd[22835]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.116.243 May 10 02:23:51 gw1 sshd[22835]: Failed password for invalid user oyvind from 139.59.116.243 port 37700 ssh2 ...	2020-05-10 06:02:05
attackspam	SSH Brute-Force attacks	2020-05-03 05:20:23
attack	Apr 29 15:56:07 server1 sshd\[23530\]: Invalid user invoices from 139.59.116.243 Apr 29 15:56:07 server1 sshd\[23530\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.116.243 Apr 29 15:56:09 server1 sshd\[23530\]: Failed password for invalid user invoices from 139.59.116.243 port 54172 ssh2 Apr 29 16:01:22 server1 sshd\[25558\]: Invalid user derby from 139.59.116.243 Apr 29 16:01:22 server1 sshd\[25558\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.116.243 ...	2020-04-30 06:15:50
attack	SSH brute-force attempt	2020-04-27 18:03:38
attackspam	Apr 26 21:05:07 h2646465 sshd[24034]: Invalid user core from 139.59.116.243 Apr 26 21:05:07 h2646465 sshd[24034]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.116.243 Apr 26 21:05:07 h2646465 sshd[24034]: Invalid user core from 139.59.116.243 Apr 26 21:05:09 h2646465 sshd[24034]: Failed password for invalid user core from 139.59.116.243 port 40474 ssh2 Apr 26 22:34:01 h2646465 sshd[3426]: Invalid user jiao from 139.59.116.243 Apr 26 22:34:01 h2646465 sshd[3426]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.116.243 Apr 26 22:34:01 h2646465 sshd[3426]: Invalid user jiao from 139.59.116.243 Apr 26 22:34:03 h2646465 sshd[3426]: Failed password for invalid user jiao from 139.59.116.243 port 35220 ssh2 Apr 26 22:40:08 h2646465 sshd[4422]: Invalid user cole from 139.59.116.243 ...	2020-04-27 05:10:06
attackbotsspam	Invalid user oa from 139.59.116.243 port 43654	2020-04-21 20:42:35
attack	Apr 13 07:02:14 mout sshd[22186]: Connection closed by 139.59.116.243 port 53032 [preauth]	2020-04-13 13:56:49
attackspambots	Apr 12 03:05:32 gw1 sshd[15744]: Failed password for root from 139.59.116.243 port 44126 ssh2 ...	2020-04-12 06:25:47
attackbotsspam	Apr 10 17:12:11 vmd17057 sshd[31441]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.116.243 Apr 10 17:12:13 vmd17057 sshd[31441]: Failed password for invalid user dan from 139.59.116.243 port 53504 ssh2 ...	2020-04-11 00:52:00

相同子网IP讨论:

IP	类型	评论内容	时间
139.59.116.115	attackspam	Oct 9 19:17:58 vps-51d81928 sshd[692298]: Failed password for root from 139.59.116.115 port 36468 ssh2 Oct 9 19:22:22 vps-51d81928 sshd[692415]: Invalid user mysql from 139.59.116.115 port 41912 Oct 9 19:22:22 vps-51d81928 sshd[692415]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.116.115 Oct 9 19:22:22 vps-51d81928 sshd[692415]: Invalid user mysql from 139.59.116.115 port 41912 Oct 9 19:22:25 vps-51d81928 sshd[692415]: Failed password for invalid user mysql from 139.59.116.115 port 41912 ssh2 ...	2020-10-10 06:05:43
139.59.116.115	attackbots	2020-10-09T15:36:12.025346ks3355764 sshd[13005]: Invalid user tf2 from 139.59.116.115 port 35304 2020-10-09T15:36:14.038962ks3355764 sshd[13005]: Failed password for invalid user tf2 from 139.59.116.115 port 35304 ssh2 ...	2020-10-09 22:12:25
139.59.116.115	attackbotsspam	Port scan denied	2020-10-09 14:02:44
139.59.116.115	attackbotsspam	[N3.H3.VM3] Port Scanner Detected Blocked by UFW	2020-10-04 05:42:11
139.59.116.115	attack	Aug 27 23:01:13 sip sshd[1441771]: Invalid user admin from 139.59.116.115 port 49294 Aug 27 23:01:15 sip sshd[1441771]: Failed password for invalid user admin from 139.59.116.115 port 49294 ssh2 Aug 27 23:07:30 sip sshd[1441838]: Invalid user teste from 139.59.116.115 port 37416 ...	2020-08-28 06:45:00
139.59.116.115	attackspam	TCP port : 30511	2020-08-23 18:27:20
139.59.116.115	attack	SIP/5060 Probe, BF, Hack -	2020-08-21 16:11:54
139.59.116.115	attackspam	TCP (SYN) 139.59.116.115:46984 -> port 19703, len 44	2020-08-15 04:20:42
139.59.116.115	attack	Port scan denied	2020-08-13 16:56:37
139.59.116.115	attack	Port Scan detected from 139.59.116.115 (SG/Singapore/-/Singapore (Pioneer)/-). 4 hits in the last 261 seconds	2020-08-10 20:31:58
139.59.116.115	attack	Aug 7 20:15:20 sip sshd[1226514]: Failed password for root from 139.59.116.115 port 44400 ssh2 Aug 7 20:19:25 sip sshd[1226534]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.116.115 user=root Aug 7 20:19:28 sip sshd[1226534]: Failed password for root from 139.59.116.115 port 56108 ssh2 ...	2020-08-08 02:53:29
139.59.116.115	attackbotsspam	Jul 28 12:21:08 rush sshd[9776]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.116.115 Jul 28 12:21:10 rush sshd[9776]: Failed password for invalid user uehara from 139.59.116.115 port 54090 ssh2 Jul 28 12:28:17 rush sshd[9948]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.116.115 ...	2020-07-28 21:17:12
139.59.116.115	attackspambots	2020-07-28T03:55:31.779400shield sshd\[17703\]: Invalid user helirong from 139.59.116.115 port 51884 2020-07-28T03:55:31.788286shield sshd\[17703\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.116.115 2020-07-28T03:55:34.347098shield sshd\[17703\]: Failed password for invalid user helirong from 139.59.116.115 port 51884 ssh2 2020-07-28T03:57:49.879215shield sshd\[18226\]: Invalid user bitnami from 139.59.116.115 port 46988 2020-07-28T03:57:49.890278shield sshd\[18226\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.116.115	2020-07-28 12:14:47
139.59.116.115	attackspam	Jul 19 19:16:05 sachi sshd\[9864\]: Invalid user hill from 139.59.116.115 Jul 19 19:16:05 sachi sshd\[9864\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.116.115 Jul 19 19:16:07 sachi sshd\[9864\]: Failed password for invalid user hill from 139.59.116.115 port 40746 ssh2 Jul 19 19:20:35 sachi sshd\[10297\]: Invalid user bill from 139.59.116.115 Jul 19 19:20:35 sachi sshd\[10297\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.116.115	2020-07-20 15:20:28
139.59.116.115	attack	" "	2020-07-20 05:58:22

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.59.116.243
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 5610
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.59.116.243.			IN	A

;; AUTHORITY SECTION:
.			404	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020041000 1800 900 604800 86400

;; Query time: 142 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Apr 11 00:51:52 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 243.116.59.139.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 243.116.59.139.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
104.14.29.2	attackbots	Mar 27 13:21:15 server1 sshd\[3316\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.14.29.2 Mar 27 13:21:17 server1 sshd\[3315\]: Failed password for invalid user stazo from 104.14.29.2 port 53111 ssh2 Mar 27 13:21:18 server1 sshd\[3316\]: Failed password for invalid user stazo from 104.14.29.2 port 53112 ssh2 Mar 27 13:25:44 server1 sshd\[4984\]: Invalid user hap from 104.14.29.2 Mar 27 13:25:44 server1 sshd\[4984\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.14.29.2 ...	2020-03-28 04:40:06
104.248.138.38	attack	Invalid user oracle from 104.248.138.38 port 56464	2020-03-28 04:14:09
91.74.234.154	attackbots	$f2bV_matches	2020-03-28 04:15:50
94.102.52.57	attackspam	Port scan: Attack repeated for 24 hours	2020-03-28 04:04:27
134.122.26.244	attack	ZTE Router Exploit Scanner	2020-03-28 04:39:23
104.236.61.100	attackbots	Mar 27 15:08:13 vps647732 sshd[22511]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.236.61.100 Mar 27 15:08:15 vps647732 sshd[22511]: Failed password for invalid user otb from 104.236.61.100 port 49858 ssh2 ...	2020-03-28 04:29:18
181.112.225.34	attackbotsspam	Mar 27 19:41:26 XXXXXX sshd[52970]: Invalid user gat from 181.112.225.34 port 32874	2020-03-28 04:28:05
104.244.76.130	attackspam	Mar 20 22:51:53 itv-usvr-01 sshd[7158]: Invalid user neena from 104.244.76.130 Mar 20 22:51:53 itv-usvr-01 sshd[7158]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.244.76.130 Mar 20 22:51:53 itv-usvr-01 sshd[7158]: Invalid user neena from 104.244.76.130 Mar 20 22:51:55 itv-usvr-01 sshd[7158]: Failed password for invalid user neena from 104.244.76.130 port 42046 ssh2 Mar 20 22:56:58 itv-usvr-01 sshd[7358]: Invalid user buerocomputer from 104.244.76.130	2020-03-28 04:14:26
156.202.47.246	attackbots	SSH login attempts.	2020-03-28 04:14:56
157.245.217.186	attackspambots	157.245.217.186 has been banned for [WebApp Attack] ...	2020-03-28 04:30:15
145.239.94.191	attackbots	2020-03-27T20:07:36.748088struts4.enskede.local sshd\[12909\]: Invalid user adamina from 145.239.94.191 port 37714 2020-03-27T20:07:36.754271struts4.enskede.local sshd\[12909\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.ip-145-239-94.eu 2020-03-27T20:07:39.100374struts4.enskede.local sshd\[12909\]: Failed password for invalid user adamina from 145.239.94.191 port 37714 ssh2 2020-03-27T20:12:49.224868struts4.enskede.local sshd\[13023\]: Invalid user prom from 145.239.94.191 port 46674 2020-03-27T20:12:49.231510struts4.enskede.local sshd\[13023\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.ip-145-239-94.eu ...	2020-03-28 04:11:53
104.244.75.244	attackbots	Triggered by Fail2Ban at Ares web server	2020-03-28 04:15:18
54.39.22.191	attack	Automatic report BANNED IP	2020-03-28 04:38:00
104.248.170.45	attackspambots	Mar 27 14:03:21 server1 sshd\[18280\]: Failed password for invalid user eqa from 104.248.170.45 port 33304 ssh2 Mar 27 14:03:21 server1 sshd\[18279\]: Failed password for invalid user eqa from 104.248.170.45 port 33302 ssh2 Mar 27 14:06:41 server1 sshd\[19253\]: Invalid user form-test from 104.248.170.45 Mar 27 14:06:41 server1 sshd\[19253\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.170.45 Mar 27 14:06:41 server1 sshd\[19254\]: Invalid user form-test from 104.248.170.45 ...	2020-03-28 04:09:06
52.183.211.109	attack	Mar 27 20:36:18 host sshd[52315]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.183.211.109 user=root Mar 27 20:36:20 host sshd[52315]: Failed password for root from 52.183.211.109 port 59348 ssh2 ...	2020-03-28 04:22:47

最近上报的IP列表

110.168.208.204	167.71.223.41	108.61.182.180	201.218.215.106
85.209.0.134	84.17.46.154	115.74.212.116	192.168.03.1
192.168.3.1	109.169.76.163	20.186.71.226	190.111.140.239
120.92.78.188	104.236.156.136	101.91.176.67	216.228.80.170
116.105.108.162	189.159.114.41	191.7.28.50	5.95.50.96