139.59.116.243

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): India

运营商(isp): Digital Ocean Inc.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Fail2Ban Ban Triggered	2020-09-29 03:03:54
attack	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-09-28 19:13:00
attackbots	TCP (SYN) 139.59.116.243:59711 -> port 22790, len 44	2020-09-10 12:23:41
attack	firewall-block, port(s): 11517/tcp	2020-09-01 20:14:50
attackbotsspam	Aug 23 23:10:49 cosmoit sshd[15118]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.116.243	2020-08-24 05:17:33
attack	2020-08-21T10:50:18.222177lavrinenko.info sshd[681]: Failed password for root from 139.59.116.243 port 55046 ssh2 2020-08-21T10:53:13.867419lavrinenko.info sshd[878]: Invalid user ld from 139.59.116.243 port 53164 2020-08-21T10:53:13.872151lavrinenko.info sshd[878]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.116.243 2020-08-21T10:53:13.867419lavrinenko.info sshd[878]: Invalid user ld from 139.59.116.243 port 53164 2020-08-21T10:53:15.853536lavrinenko.info sshd[878]: Failed password for invalid user ld from 139.59.116.243 port 53164 ssh2 ...	2020-08-21 16:00:19
attackspam	TCP (SYN) 139.59.116.243:44476 -> port 21144, len 44	2020-08-20 09:02:21
attackspam	TCP (SYN) 139.59.116.243:56894 -> port 17544, len 44	2020-08-18 08:12:36
attackbotsspam	Port scan denied	2020-08-13 16:10:29
attackbotsspam	Port scan denied	2020-08-09 15:13:05
attackspam	Sent packet to closed port: 1501	2020-08-09 02:45:46
attackspam	07/25/2020-14:09:18.154718 139.59.116.243 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-07-26 02:16:58
attackbotsspam	TCP (SYN) 139.59.116.243:55229 -> port 8937, len 44	2020-07-19 14:57:22
attackspam	Jul 8 19:23:17 santamaria sshd\[31925\]: Invalid user cxy from 139.59.116.243 Jul 8 19:23:17 santamaria sshd\[31925\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.116.243 Jul 8 19:23:19 santamaria sshd\[31925\]: Failed password for invalid user cxy from 139.59.116.243 port 48974 ssh2 ...	2020-07-09 01:28:28
attackspambots	TCP (SYN) 139.59.116.243:54348 -> port 32224, len 44	2020-07-08 03:34:01
attack	SIP/5060 Probe, BF, Hack -	2020-07-06 17:48:30
attackspambots	May 27 20:19:41 legacy sshd[2791]: Failed password for root from 139.59.116.243 port 39396 ssh2 May 27 20:22:18 legacy sshd[2864]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.116.243 May 27 20:22:20 legacy sshd[2864]: Failed password for invalid user testing from 139.59.116.243 port 45934 ssh2 ...	2020-05-28 02:34:46
attack	May 16 04:50:47 server sshd[5059]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.116.243 May 16 04:50:48 server sshd[5059]: Failed password for invalid user user from 139.59.116.243 port 44870 ssh2 May 16 04:55:26 server sshd[5448]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.116.243 ...	2020-05-16 19:20:54
attack	$f2bV_matches	2020-05-10 17:52:51
attackbots	May 10 02:23:49 gw1 sshd[22835]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.116.243 May 10 02:23:51 gw1 sshd[22835]: Failed password for invalid user oyvind from 139.59.116.243 port 37700 ssh2 ...	2020-05-10 06:02:05
attackspam	SSH Brute-Force attacks	2020-05-03 05:20:23
attack	Apr 29 15:56:07 server1 sshd\[23530\]: Invalid user invoices from 139.59.116.243 Apr 29 15:56:07 server1 sshd\[23530\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.116.243 Apr 29 15:56:09 server1 sshd\[23530\]: Failed password for invalid user invoices from 139.59.116.243 port 54172 ssh2 Apr 29 16:01:22 server1 sshd\[25558\]: Invalid user derby from 139.59.116.243 Apr 29 16:01:22 server1 sshd\[25558\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.116.243 ...	2020-04-30 06:15:50
attack	SSH brute-force attempt	2020-04-27 18:03:38
attackspam	Apr 26 21:05:07 h2646465 sshd[24034]: Invalid user core from 139.59.116.243 Apr 26 21:05:07 h2646465 sshd[24034]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.116.243 Apr 26 21:05:07 h2646465 sshd[24034]: Invalid user core from 139.59.116.243 Apr 26 21:05:09 h2646465 sshd[24034]: Failed password for invalid user core from 139.59.116.243 port 40474 ssh2 Apr 26 22:34:01 h2646465 sshd[3426]: Invalid user jiao from 139.59.116.243 Apr 26 22:34:01 h2646465 sshd[3426]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.116.243 Apr 26 22:34:01 h2646465 sshd[3426]: Invalid user jiao from 139.59.116.243 Apr 26 22:34:03 h2646465 sshd[3426]: Failed password for invalid user jiao from 139.59.116.243 port 35220 ssh2 Apr 26 22:40:08 h2646465 sshd[4422]: Invalid user cole from 139.59.116.243 ...	2020-04-27 05:10:06
attackbotsspam	Invalid user oa from 139.59.116.243 port 43654	2020-04-21 20:42:35
attack	Apr 13 07:02:14 mout sshd[22186]: Connection closed by 139.59.116.243 port 53032 [preauth]	2020-04-13 13:56:49
attackspambots	Apr 12 03:05:32 gw1 sshd[15744]: Failed password for root from 139.59.116.243 port 44126 ssh2 ...	2020-04-12 06:25:47
attackbotsspam	Apr 10 17:12:11 vmd17057 sshd[31441]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.116.243 Apr 10 17:12:13 vmd17057 sshd[31441]: Failed password for invalid user dan from 139.59.116.243 port 53504 ssh2 ...	2020-04-11 00:52:00

相同子网IP讨论:

IP	类型	评论内容	时间
139.59.116.115	attackspam	Oct 9 19:17:58 vps-51d81928 sshd[692298]: Failed password for root from 139.59.116.115 port 36468 ssh2 Oct 9 19:22:22 vps-51d81928 sshd[692415]: Invalid user mysql from 139.59.116.115 port 41912 Oct 9 19:22:22 vps-51d81928 sshd[692415]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.116.115 Oct 9 19:22:22 vps-51d81928 sshd[692415]: Invalid user mysql from 139.59.116.115 port 41912 Oct 9 19:22:25 vps-51d81928 sshd[692415]: Failed password for invalid user mysql from 139.59.116.115 port 41912 ssh2 ...	2020-10-10 06:05:43
139.59.116.115	attackbots	2020-10-09T15:36:12.025346ks3355764 sshd[13005]: Invalid user tf2 from 139.59.116.115 port 35304 2020-10-09T15:36:14.038962ks3355764 sshd[13005]: Failed password for invalid user tf2 from 139.59.116.115 port 35304 ssh2 ...	2020-10-09 22:12:25
139.59.116.115	attackbotsspam	Port scan denied	2020-10-09 14:02:44
139.59.116.115	attackbotsspam	[N3.H3.VM3] Port Scanner Detected Blocked by UFW	2020-10-04 05:42:11
139.59.116.115	attack	Aug 27 23:01:13 sip sshd[1441771]: Invalid user admin from 139.59.116.115 port 49294 Aug 27 23:01:15 sip sshd[1441771]: Failed password for invalid user admin from 139.59.116.115 port 49294 ssh2 Aug 27 23:07:30 sip sshd[1441838]: Invalid user teste from 139.59.116.115 port 37416 ...	2020-08-28 06:45:00
139.59.116.115	attackspam	TCP port : 30511	2020-08-23 18:27:20
139.59.116.115	attack	SIP/5060 Probe, BF, Hack -	2020-08-21 16:11:54
139.59.116.115	attackspam	TCP (SYN) 139.59.116.115:46984 -> port 19703, len 44	2020-08-15 04:20:42
139.59.116.115	attack	Port scan denied	2020-08-13 16:56:37
139.59.116.115	attack	Port Scan detected from 139.59.116.115 (SG/Singapore/-/Singapore (Pioneer)/-). 4 hits in the last 261 seconds	2020-08-10 20:31:58
139.59.116.115	attack	Aug 7 20:15:20 sip sshd[1226514]: Failed password for root from 139.59.116.115 port 44400 ssh2 Aug 7 20:19:25 sip sshd[1226534]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.116.115 user=root Aug 7 20:19:28 sip sshd[1226534]: Failed password for root from 139.59.116.115 port 56108 ssh2 ...	2020-08-08 02:53:29
139.59.116.115	attackbotsspam	Jul 28 12:21:08 rush sshd[9776]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.116.115 Jul 28 12:21:10 rush sshd[9776]: Failed password for invalid user uehara from 139.59.116.115 port 54090 ssh2 Jul 28 12:28:17 rush sshd[9948]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.116.115 ...	2020-07-28 21:17:12
139.59.116.115	attackspambots	2020-07-28T03:55:31.779400shield sshd\[17703\]: Invalid user helirong from 139.59.116.115 port 51884 2020-07-28T03:55:31.788286shield sshd\[17703\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.116.115 2020-07-28T03:55:34.347098shield sshd\[17703\]: Failed password for invalid user helirong from 139.59.116.115 port 51884 ssh2 2020-07-28T03:57:49.879215shield sshd\[18226\]: Invalid user bitnami from 139.59.116.115 port 46988 2020-07-28T03:57:49.890278shield sshd\[18226\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.116.115	2020-07-28 12:14:47
139.59.116.115	attackspam	Jul 19 19:16:05 sachi sshd\[9864\]: Invalid user hill from 139.59.116.115 Jul 19 19:16:05 sachi sshd\[9864\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.116.115 Jul 19 19:16:07 sachi sshd\[9864\]: Failed password for invalid user hill from 139.59.116.115 port 40746 ssh2 Jul 19 19:20:35 sachi sshd\[10297\]: Invalid user bill from 139.59.116.115 Jul 19 19:20:35 sachi sshd\[10297\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.116.115	2020-07-20 15:20:28
139.59.116.115	attack	" "	2020-07-20 05:58:22

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.59.116.243
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 5610
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.59.116.243.			IN	A

;; AUTHORITY SECTION:
.			404	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020041000 1800 900 604800 86400

;; Query time: 142 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Apr 11 00:51:52 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 243.116.59.139.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 243.116.59.139.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
134.73.51.102	attackspam	Email Spam	2020-03-23 09:01:07
190.104.149.194	attack	2020-03-22T22:55:25.953186rocketchat.forhosting.nl sshd[21992]: Invalid user xya from 190.104.149.194 port 49046 2020-03-22T22:55:27.724316rocketchat.forhosting.nl sshd[21992]: Failed password for invalid user xya from 190.104.149.194 port 49046 ssh2 2020-03-22T23:03:40.905789rocketchat.forhosting.nl sshd[22135]: Invalid user esbee from 190.104.149.194 port 52202 ...	2020-03-23 09:37:30
69.94.158.106	attackspam	Email Spam	2020-03-23 09:04:59
110.53.234.81	attackbots	ICMP MH Probe, Scan /Distributed -	2020-03-23 09:38:21
134.73.51.9	attack	Email Spam	2020-03-23 09:04:15
139.199.48.217	attackbotsspam	Mar 23 01:20:40 ip-172-31-62-245 sshd\[17844\]: Invalid user edwana from 139.199.48.217\ Mar 23 01:20:42 ip-172-31-62-245 sshd\[17844\]: Failed password for invalid user edwana from 139.199.48.217 port 51964 ssh2\ Mar 23 01:24:10 ip-172-31-62-245 sshd\[17878\]: Invalid user muramatsu from 139.199.48.217\ Mar 23 01:24:12 ip-172-31-62-245 sshd\[17878\]: Failed password for invalid user muramatsu from 139.199.48.217 port 50746 ssh2\ Mar 23 01:27:41 ip-172-31-62-245 sshd\[17897\]: Invalid user sys_admin from 139.199.48.217\	2020-03-23 09:39:03
63.82.48.19	attackspam	Email Spam	2020-03-23 09:19:23
63.82.48.178	attackspambots	Email Spam	2020-03-23 09:14:09
170.239.108.74	attackbotsspam	Mar 22 22:53:24 ns392434 sshd[29712]: Invalid user ttest from 170.239.108.74 port 59679 Mar 22 22:53:24 ns392434 sshd[29712]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=170.239.108.74 Mar 22 22:53:24 ns392434 sshd[29712]: Invalid user ttest from 170.239.108.74 port 59679 Mar 22 22:53:25 ns392434 sshd[29712]: Failed password for invalid user ttest from 170.239.108.74 port 59679 ssh2 Mar 22 22:59:28 ns392434 sshd[29871]: Invalid user liwenxuan from 170.239.108.74 port 43054 Mar 22 22:59:28 ns392434 sshd[29871]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=170.239.108.74 Mar 22 22:59:28 ns392434 sshd[29871]: Invalid user liwenxuan from 170.239.108.74 port 43054 Mar 22 22:59:30 ns392434 sshd[29871]: Failed password for invalid user liwenxuan from 170.239.108.74 port 43054 ssh2 Mar 22 23:03:47 ns392434 sshd[30047]: Invalid user admin from 170.239.108.74 port 44364	2020-03-23 09:31:13
167.172.220.247	attack	20/3/22@20:03:41: FAIL: Alarm-Intrusion address from=167.172.220.247 ...	2020-03-23 09:44:39
35.186.145.141	attackspambots	Mar 23 01:52:29 163-172-32-151 sshd[6783]: Invalid user axente from 35.186.145.141 port 42416 ...	2020-03-23 09:45:25
134.73.51.10	attackspambots	Email Spam	2020-03-23 09:03:56
212.231.19.150	attackbots	Telnet/23 MH Probe, Scan, BF, Hack -	2020-03-23 09:25:33
63.82.48.6	attack	Email Spam	2020-03-23 09:19:46
63.82.49.144	attack	Email Spam	2020-03-23 09:11:41

最近上报的IP列表

110.168.208.204	167.71.223.41	108.61.182.180	201.218.215.106
85.209.0.134	84.17.46.154	115.74.212.116	192.168.03.1
192.168.3.1	109.169.76.163	20.186.71.226	190.111.140.239
120.92.78.188	104.236.156.136	101.91.176.67	216.228.80.170
116.105.108.162	189.159.114.41	191.7.28.50	5.95.50.96