139.59.169.103

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United Kingdom

运营商(isp): Digital Ocean Inc.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	SSH Brute-Force reported by Fail2Ban	2020-09-21 01:33:59
attackspam	Sep 20 09:43:45 abendstille sshd\[24764\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.169.103 user=root Sep 20 09:43:46 abendstille sshd\[24764\]: Failed password for root from 139.59.169.103 port 55790 ssh2 Sep 20 09:47:38 abendstille sshd\[28445\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.169.103 user=root Sep 20 09:47:41 abendstille sshd\[28445\]: Failed password for root from 139.59.169.103 port 37266 ssh2 Sep 20 09:51:28 abendstille sshd\[32082\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.169.103 user=root ...	2020-09-20 17:32:25
attackspam	2020-09-19T18:22:11.053498abusebot-7.cloudsearch.cf sshd[5595]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.169.103 user=root 2020-09-19T18:22:12.713064abusebot-7.cloudsearch.cf sshd[5595]: Failed password for root from 139.59.169.103 port 55142 ssh2 2020-09-19T18:25:35.850413abusebot-7.cloudsearch.cf sshd[5615]: Invalid user user from 139.59.169.103 port 36294 2020-09-19T18:25:35.855177abusebot-7.cloudsearch.cf sshd[5615]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.169.103 2020-09-19T18:25:35.850413abusebot-7.cloudsearch.cf sshd[5615]: Invalid user user from 139.59.169.103 port 36294 2020-09-19T18:25:37.519726abusebot-7.cloudsearch.cf sshd[5615]: Failed password for invalid user user from 139.59.169.103 port 36294 ssh2 2020-09-19T18:28:54.363106abusebot-7.cloudsearch.cf sshd[5776]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.169.103 ...	2020-09-20 02:41:24
attackspam	Fail2Ban Ban Triggered (2)	2020-09-19 18:37:48
attackspambots	2020-09-01T19:33:27.992646hostname sshd[14178]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.169.103 2020-09-01T19:33:27.975394hostname sshd[14178]: Invalid user leon from 139.59.169.103 port 40972 2020-09-01T19:33:30.279570hostname sshd[14178]: Failed password for invalid user leon from 139.59.169.103 port 40972 ssh2 ...	2020-09-01 22:11:38
attack	$f2bV_matches	2020-08-27 23:02:58
attackspam	Invalid user radmin from 139.59.169.103 port 39184	2020-08-23 01:13:36
attackspambots	$f2bV_matches	2020-08-20 04:26:08
attack	Banned for a week because repeated abuses, for example SSH, but not only	2020-08-08 07:28:33
attack	Aug 3 21:02:26 ns382633 sshd\[1798\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.169.103 user=root Aug 3 21:02:28 ns382633 sshd\[1798\]: Failed password for root from 139.59.169.103 port 58170 ssh2 Aug 3 21:04:50 ns382633 sshd\[2051\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.169.103 user=root Aug 3 21:04:52 ns382633 sshd\[2051\]: Failed password for root from 139.59.169.103 port 36428 ssh2 Aug 3 21:06:12 ns382633 sshd\[2689\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.169.103 user=root	2020-08-04 03:10:20
attack	Aug 2 12:50:20 Tower sshd[22774]: Connection from 139.59.169.103 port 37834 on 192.168.10.220 port 22 rdomain "" Aug 2 12:50:21 Tower sshd[22774]: Failed password for root from 139.59.169.103 port 37834 ssh2 Aug 2 12:50:21 Tower sshd[22774]: Received disconnect from 139.59.169.103 port 37834:11: Bye Bye [preauth] Aug 2 12:50:21 Tower sshd[22774]: Disconnected from authenticating user root 139.59.169.103 port 37834 [preauth]	2020-08-03 01:10:01
attack	Aug 2 05:55:58 minden010 sshd[9799]: Failed password for root from 139.59.169.103 port 57130 ssh2 Aug 2 05:58:48 minden010 sshd[10733]: Failed password for root from 139.59.169.103 port 50092 ssh2 ...	2020-08-02 12:28:48
attackspam	Jul 31 17:21:41 ny01 sshd[10181]: Failed password for root from 139.59.169.103 port 47796 ssh2 Jul 31 17:22:53 ny01 sshd[10291]: Failed password for root from 139.59.169.103 port 38892 ssh2	2020-08-01 06:03:32
attack	SSH bruteforce	2020-07-25 06:30:03
attackspambots	k+ssh-bruteforce	2020-07-21 18:57:13
attack	Invalid user admin from 139.59.169.103 port 41420	2020-07-18 21:56:48
attackspam	Jul 16 18:52:03 rocket sshd[11507]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.169.103 Jul 16 18:52:05 rocket sshd[11507]: Failed password for invalid user duke from 139.59.169.103 port 50506 ssh2 Jul 16 18:56:22 rocket sshd[12055]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.169.103 ...	2020-07-17 04:01:55
attackspambots	Jul 10 04:20:10 NPSTNNYC01T sshd[23057]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.169.103 Jul 10 04:20:12 NPSTNNYC01T sshd[23057]: Failed password for invalid user dylan from 139.59.169.103 port 45984 ssh2 Jul 10 04:23:11 NPSTNNYC01T sshd[23401]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.169.103 ...	2020-07-10 16:52:27
attack	Jul 8 08:49:50 ws22vmsma01 sshd[49800]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.169.103 Jul 8 08:49:52 ws22vmsma01 sshd[49800]: Failed password for invalid user phinex from 139.59.169.103 port 54118 ssh2 ...	2020-07-08 21:29:32
attackspam	SSH Brute-Forcing (server1)	2020-06-15 05:21:16
attackspambots	Jun 13 16:21:47 NG-HHDC-SVS-001 sshd[30137]: Invalid user continuum from 139.59.169.103 ...	2020-06-13 19:10:32
attackspambots	Jun 12 11:32:56 meumeu sshd[313054]: Invalid user znc from 139.59.169.103 port 57144 Jun 12 11:32:56 meumeu sshd[313054]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.169.103 Jun 12 11:32:56 meumeu sshd[313054]: Invalid user znc from 139.59.169.103 port 57144 Jun 12 11:32:58 meumeu sshd[313054]: Failed password for invalid user znc from 139.59.169.103 port 57144 ssh2 Jun 12 11:33:34 meumeu sshd[313134]: Invalid user kody from 139.59.169.103 port 38094 Jun 12 11:33:34 meumeu sshd[313134]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.169.103 Jun 12 11:33:34 meumeu sshd[313134]: Invalid user kody from 139.59.169.103 port 38094 Jun 12 11:33:36 meumeu sshd[313134]: Failed password for invalid user kody from 139.59.169.103 port 38094 ssh2 Jun 12 11:34:11 meumeu sshd[313167]: Invalid user xyz from 139.59.169.103 port 47274 ...	2020-06-12 17:53:47
attackbotsspam	Invalid user zwo from 139.59.169.103 port 37994	2020-05-21 18:01:59
attackbots	May 20 08:00:19 web8 sshd\[17406\]: Invalid user dvw from 139.59.169.103 May 20 08:00:19 web8 sshd\[17406\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.169.103 May 20 08:00:21 web8 sshd\[17406\]: Failed password for invalid user dvw from 139.59.169.103 port 33492 ssh2 May 20 08:03:40 web8 sshd\[19325\]: Invalid user wangxiaoyong from 139.59.169.103 May 20 08:03:40 web8 sshd\[19325\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.169.103	2020-05-20 19:47:01
attackspambots	Invalid user system1 from 139.59.169.103 port 60084	2020-05-17 04:13:23
attack	SSH Brute Force	2020-05-16 02:12:55
attackbotsspam	Invalid user rcs from 139.59.169.103 port 46712	2020-05-14 15:00:48
attackspam	2020-05-11T00:30:01.592665vps751288.ovh.net sshd\[326\]: Invalid user fanny from 139.59.169.103 port 57968 2020-05-11T00:30:01.600892vps751288.ovh.net sshd\[326\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.169.103 2020-05-11T00:30:03.913567vps751288.ovh.net sshd\[326\]: Failed password for invalid user fanny from 139.59.169.103 port 57968 ssh2 2020-05-11T00:33:34.826408vps751288.ovh.net sshd\[375\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.169.103 user=root 2020-05-11T00:33:36.712938vps751288.ovh.net sshd\[375\]: Failed password for root from 139.59.169.103 port 39934 ssh2	2020-05-11 07:34:45
attackbotsspam	SSH Invalid Login	2020-05-09 21:58:17
attack	$f2bV_matches	2020-05-06 12:44:28

相同子网IP讨论:

IP	类型	评论内容	时间
139.59.169.37	attackbotsspam	2020-10-05 10:48:51.019369-0500 localhost sshd[6050]: Failed password for root from 139.59.169.37 port 36660 ssh2	2020-10-06 07:27:52
139.59.169.37	attackspambots	2020-10-05 10:18:16.215894-0500 localhost sshd[3803]: Failed password for root from 139.59.169.37 port 51328 ssh2	2020-10-05 23:44:24
139.59.169.37	attackspambots	Oct 5 09:12:10 nopemail auth.info sshd[22652]: Disconnected from authenticating user root 139.59.169.37 port 58408 [preauth] ...	2020-10-05 15:43:17
139.59.169.37	attackspam	2020-08-24T09:46:55.084084linuxbox-skyline sshd[118180]: Invalid user yl from 139.59.169.37 port 39016 ...	2020-08-25 03:54:20
139.59.169.37	attackspam	Aug 5 20:29:59 game-panel sshd[22349]: Failed password for root from 139.59.169.37 port 45090 ssh2 Aug 5 20:34:56 game-panel sshd[22536]: Failed password for root from 139.59.169.37 port 57332 ssh2	2020-08-06 06:18:15
139.59.169.37	attack	Aug 4 11:23:28 sip sshd[1186515]: Failed password for root from 139.59.169.37 port 33838 ssh2 Aug 4 11:28:12 sip sshd[1186541]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.169.37 user=root Aug 4 11:28:14 sip sshd[1186541]: Failed password for root from 139.59.169.37 port 45348 ssh2 ...	2020-08-04 17:59:19
139.59.169.37	attackbotsspam	Aug 2 20:17:58 PorscheCustomer sshd[28551]: Failed password for root from 139.59.169.37 port 56006 ssh2 Aug 2 20:22:37 PorscheCustomer sshd[28716]: Failed password for root from 139.59.169.37 port 40894 ssh2 ...	2020-08-03 02:40:56
139.59.169.37	attack	(sshd) Failed SSH login from 139.59.169.37 (GB/United Kingdom/crypto.beeone.co.uk): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jul 9 09:48:11 amsweb01 sshd[13121]: Invalid user ed from 139.59.169.37 port 44132 Jul 9 09:48:13 amsweb01 sshd[13121]: Failed password for invalid user ed from 139.59.169.37 port 44132 ssh2 Jul 9 10:01:55 amsweb01 sshd[15222]: Invalid user donny from 139.59.169.37 port 54928 Jul 9 10:01:57 amsweb01 sshd[15222]: Failed password for invalid user donny from 139.59.169.37 port 54928 ssh2 Jul 9 10:05:57 amsweb01 sshd[15770]: Invalid user huangyuehong from 139.59.169.37 port 51204	2020-07-09 17:51:30
139.59.169.37	attackspambots	Jun 7 07:56:41 lukav-desktop sshd\[17836\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.169.37 user=root Jun 7 07:56:43 lukav-desktop sshd\[17836\]: Failed password for root from 139.59.169.37 port 39278 ssh2 Jun 7 08:00:23 lukav-desktop sshd\[17895\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.169.37 user=root Jun 7 08:00:26 lukav-desktop sshd\[17895\]: Failed password for root from 139.59.169.37 port 41832 ssh2 Jun 7 08:04:03 lukav-desktop sshd\[17934\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.169.37 user=root	2020-06-07 15:16:03
139.59.169.84	attackspambots	Automatic report - XMLRPC Attack	2020-06-03 17:35:07
139.59.169.37	attackbotsspam	May 27 15:28:35 NPSTNNYC01T sshd[22863]: Failed password for root from 139.59.169.37 port 38110 ssh2 May 27 15:32:44 NPSTNNYC01T sshd[23127]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.169.37 May 27 15:32:46 NPSTNNYC01T sshd[23127]: Failed password for invalid user hatti from 139.59.169.37 port 43850 ssh2 ...	2020-05-28 03:34:28
139.59.169.25	attack	Wordpress_xmlrpc_attack	2020-05-25 22:27:34
139.59.169.37	attack	SSH Login Bruteforce	2020-05-21 15:31:24
139.59.169.37	attackbotsspam	2020-05-13T00:16:01.379653vps773228.ovh.net sshd[7157]: Invalid user cla from 139.59.169.37 port 47960 2020-05-13T00:16:03.502635vps773228.ovh.net sshd[7157]: Failed password for invalid user cla from 139.59.169.37 port 47960 ssh2 2020-05-13T00:20:03.888003vps773228.ovh.net sshd[7177]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=crypto.beeone.co.uk user=root 2020-05-13T00:20:05.878731vps773228.ovh.net sshd[7177]: Failed password for root from 139.59.169.37 port 55412 ssh2 2020-05-13T00:24:41.822084vps773228.ovh.net sshd[7230]: Invalid user geoffrey from 139.59.169.37 port 34630 ...	2020-05-13 06:26:33
139.59.169.37	attackspam	IP blocked	2020-05-06 03:47:04

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.59.169.103
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 31171
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.59.169.103.			IN	A

;; AUTHORITY SECTION:
.			242	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019102400 1800 900 604800 86400

;; Query time: 114 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Oct 24 15:15:42 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 103.169.59.139.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 103.169.59.139.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
103.145.13.43	attackbots	TCP (SYN) 103.145.13.43:57432 -> port 50802, len 44	2020-09-26 20:06:44
1.53.129.193	attackspam	2020-01-31T04:39:47.517077suse-nuc sshd[12178]: Invalid user tets from 1.53.129.193 port 56675 ...	2020-09-26 20:25:28
87.13.122.96	attackspam	Port Scan detected! ...	2020-09-26 20:07:18
1.54.133.0	attackbotsspam	2020-02-22T01:25:14.400750suse-nuc sshd[10308]: Invalid user upload from 1.54.133.0 port 57852 ...	2020-09-26 20:19:22
116.90.165.26	attack	Sep 26 13:12:38 markkoudstaal sshd[16278]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.90.165.26 Sep 26 13:12:39 markkoudstaal sshd[16278]: Failed password for invalid user bso from 116.90.165.26 port 34758 ssh2 Sep 26 13:17:55 markkoudstaal sshd[17673]: Failed password for root from 116.90.165.26 port 40680 ssh2 ...	2020-09-26 20:24:02
209.141.54.138	attackspambots	TCP (SYN) 209.141.54.138:32924 -> port 22, len 48	2020-09-26 19:53:32
128.14.230.12	attackspambots	prod11 ...	2020-09-26 20:20:11
167.248.133.36	attack	Honeypot hit.	2020-09-26 19:55:32
89.39.107.209	attackspam	0,23-01/28 [bc01/m21] PostRequest-Spammer scoring: Dodoma	2020-09-26 20:28:26
51.91.176.108	attackspambots	Sep 26 11:35:48 vm1 sshd[8061]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.91.176.108 Sep 26 11:35:50 vm1 sshd[8061]: Failed password for invalid user android from 51.91.176.108 port 42800 ssh2 ...	2020-09-26 20:08:26
190.32.21.250	attack	Invalid user globalflash from 190.32.21.250 port 58066	2020-09-26 20:06:27
13.65.112.43	attackspam	Sep 26 03:00:07 hidden sshd[44889]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.65.112.43 Sep 26 03:00:10 hidden sshd[44889]: Failed password for invalid user admin from 13.65.112.43 port 65259 ssh2 Sep 26 14:15:28 hidden sshd[49360]: Invalid user glase from 13.65.112.43 port 11727	2020-09-26 20:22:37
1.46.128.131	attackspam	2020-05-19T19:20:48.182466suse-nuc sshd[4202]: Invalid user 888888 from 1.46.128.131 port 18377 ...	2020-09-26 20:31:00
13.67.46.188	attackbotsspam	Multiple SSH login attempts.	2020-09-26 20:18:05
52.187.190.83	attackspam	Sep 26 14:12:15 * sshd[12306]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.187.190.83 Sep 26 14:12:16 * sshd[12306]: Failed password for invalid user admin from 52.187.190.83 port 17661 ssh2	2020-09-26 20:21:17

最近上报的IP列表

14.177.215.128	186.93.158.127	35.240.108.244	124.127.73.34
109.248.190.21	117.2.123.95	186.90.66.106	14.241.121.34
190.189.4.15	35.202.204.123	177.134.229.117	95.142.81.103
183.171.78.17	125.231.143.138	138.6.42.111	125.124.38.96
215.89.26.33	131.8.112.150	185.221.227.49	146.88.197.202