139.59.128.123

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Singapore

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Lines containing failures of 139.59.128.123 Sep 4 09:41:07 v2hgb sshd[7002]: Did not receive identification string from 139.59.128.123 port 39562 Sep 4 09:41:14 v2hgb sshd[7004]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.128.123 user=r.r Sep 4 09:41:16 v2hgb sshd[7004]: Failed password for r.r from 139.59.128.123 port 47650 ssh2 Sep 4 09:41:17 v2hgb sshd[7004]: Received disconnect from 139.59.128.123 port 47650:11: Normal Shutdown, Thank you for playing [preauth] Sep 4 09:41:17 v2hgb sshd[7004]: Disconnected from authenticating user r.r 139.59.128.123 port 47650 [preauth] Sep 4 09:41:34 v2hgb sshd[7014]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.128.123 user=r.r Sep 4 09:41:36 v2hgb sshd[7014]: Failed password for r.r from 139.59.128.123 port 47606 ssh2 Sep 4 09:41:36 v2hgb sshd[7014]: Received disconnect from 139.59.128.123 port 47606:11: Normal Shutdown, ........ ------------------------------	2020-09-06 02:57:54

类型

评论内容

时间

attackspam

Lines containing failures of 139.59.128.123
Sep  4 09:41:07 v2hgb sshd[7002]: Did not receive identification string from 139.59.128.123 port 39562
Sep  4 09:41:14 v2hgb sshd[7004]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.128.123  user=r.r
Sep  4 09:41:16 v2hgb sshd[7004]: Failed password for r.r from 139.59.128.123 port 47650 ssh2
Sep  4 09:41:17 v2hgb sshd[7004]: Received disconnect from 139.59.128.123 port 47650:11: Normal Shutdown, Thank you for playing [preauth]
Sep  4 09:41:17 v2hgb sshd[7004]: Disconnected from authenticating user r.r 139.59.128.123 port 47650 [preauth]
Sep  4 09:41:34 v2hgb sshd[7014]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.128.123  user=r.r
Sep  4 09:41:36 v2hgb sshd[7014]: Failed password for r.r from 139.59.128.123 port 47606 ssh2
Sep  4 09:41:36 v2hgb sshd[7014]: Received disconnect from 139.59.128.123 port 47606:11: Normal Shutdown, ........
------------------------------

2020-09-06 02:57:54

相同子网IP讨论:

IP	类型	评论内容	时间
139.59.128.23	attack	Feb 20 17:47:35 XXX sshd[27452]: Did not receive identification string from 139.59.128.23 Feb 20 17:47:51 XXX sshd[27589]: User r.r from 139.59.128.23 not allowed because none of user's groups are listed in AllowGroups Feb 20 17:47:51 XXX sshd[27589]: Received disconnect from 139.59.128.23: 11: Normal Shutdown, Thank you for playing [preauth] Feb 20 17:48:04 XXX sshd[27595]: Invalid user oracle from 139.59.128.23 Feb 20 17:48:04 XXX sshd[27595]: Received disconnect from 139.59.128.23: 11: Normal Shutdown, Thank you for playing [preauth] Feb 20 17:48:15 XXX sshd[27599]: User r.r from 139.59.128.23 not allowed because none of user's groups are listed in AllowGroups Feb 20 17:48:15 XXX sshd[27599]: Received disconnect from 139.59.128.23: 11: Normal Shutdown, Thank you for playing [preauth] Feb 20 17:48:27 XXX sshd[27601]: User postgres from 139.59.128.23 not allowed because none of user's groups are listed in AllowGroups Feb 20 17:48:27 XXX sshd[27601]: Received disconnect........ -------------------------------	2020-02-21 18:53:27
139.59.128.97	attackbotsspam	2019-11-21T05:25:53.507703abusebot-7.cloudsearch.cf sshd\[27987\]: Invalid user sophia12345678 from 139.59.128.97 port 35338	2019-11-21 14:25:56
139.59.128.97	attackspambots	2019-11-10 08:10:44,870 fail2ban.actions \[14488\]: NOTICE \[sshd\] Ban 139.59.128.97 2019-11-10 08:49:02,637 fail2ban.actions \[14488\]: NOTICE \[sshd\] Ban 139.59.128.97 2019-11-10 09:24:24,886 fail2ban.actions \[14488\]: NOTICE \[sshd\] Ban 139.59.128.97 2019-11-10 09:56:40,310 fail2ban.actions \[14488\]: NOTICE \[sshd\] Ban 139.59.128.97 2019-11-10 10:28:57,612 fail2ban.actions \[14488\]: NOTICE \[sshd\] Ban 139.59.128.97 ...	2019-11-10 19:47:18
139.59.128.97	attack	Oct 28 20:52:57 localhost sshd\[57739\]: Invalid user 123456+ from 139.59.128.97 port 44688 Oct 28 20:52:57 localhost sshd\[57739\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.128.97 Oct 28 20:53:00 localhost sshd\[57739\]: Failed password for invalid user 123456+ from 139.59.128.97 port 44688 ssh2 Oct 28 20:56:39 localhost sshd\[57849\]: Invalid user d0ng from 139.59.128.97 port 55424 Oct 28 20:56:39 localhost sshd\[57849\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.128.97 ...	2019-10-29 05:06:42
139.59.128.97	attackspam	Oct 28 03:39:10 mailserver sshd[605]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.128.97 user=r.r Oct 28 03:39:12 mailserver sshd[605]: Failed password for r.r from 139.59.128.97 port 42704 ssh2 Oct 28 03:39:12 mailserver sshd[605]: Received disconnect from 139.59.128.97 port 42704:11: Bye Bye [preauth] Oct 28 03:39:12 mailserver sshd[605]: Disconnected from 139.59.128.97 port 42704 [preauth] Oct 28 03:49:59 mailserver sshd[1252]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.128.97 user=r.r Oct 28 03:50:00 mailserver sshd[1252]: Failed password for r.r from 139.59.128.97 port 36134 ssh2 Oct 28 03:50:00 mailserver sshd[1252]: Received disconnect from 139.59.128.97 port 36134:11: Bye Bye [preauth] Oct 28 03:50:00 mailserver sshd[1252]: Disconnected from 139.59.128.97 port 36134 [preauth] Oct 28 03:55:35 mailserver sshd[1603]: pam_unix(sshd:auth): authentication failure; ........ -------------------------------	2019-10-28 18:30:57
139.59.128.97	attackspambots	2019-10-19 03:50:33,728 fail2ban.actions \[1778\]: NOTICE \[sshd\] Ban 139.59.128.97 2019-10-19 04:23:56,018 fail2ban.actions \[1778\]: NOTICE \[sshd\] Ban 139.59.128.97 2019-10-19 04:54:03,680 fail2ban.actions \[1778\]: NOTICE \[sshd\] Ban 139.59.128.97 2019-10-19 05:24:23,381 fail2ban.actions \[1778\]: NOTICE \[sshd\] Ban 139.59.128.97 2019-10-19 05:54:48,441 fail2ban.actions \[1778\]: NOTICE \[sshd\] Ban 139.59.128.97 ...	2019-10-19 14:27:54
139.59.128.97	attack	2019-10-15T08:41:34.587419abusebot-7.cloudsearch.cf sshd\[29149\]: Invalid user a9r8e4V\) from 139.59.128.97 port 43896	2019-10-15 16:46:23
139.59.128.97	attack	Oct 1 07:09:30 www sshd\[22999\]: Invalid user install from 139.59.128.97Oct 1 07:09:32 www sshd\[22999\]: Failed password for invalid user install from 139.59.128.97 port 49894 ssh2Oct 1 07:13:12 www sshd\[23182\]: Invalid user temp from 139.59.128.97 ...	2019-10-01 15:28:34
139.59.128.97	attackbotsspam	Sep 22 11:17:07 tdfoods sshd\[13517\]: Invalid user snjuguna from 139.59.128.97 Sep 22 11:17:07 tdfoods sshd\[13517\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=labs2.armadilloamarillo.com Sep 22 11:17:09 tdfoods sshd\[13517\]: Failed password for invalid user snjuguna from 139.59.128.97 port 49594 ssh2 Sep 22 11:21:03 tdfoods sshd\[13826\]: Invalid user taysa from 139.59.128.97 Sep 22 11:21:03 tdfoods sshd\[13826\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=labs2.armadilloamarillo.com	2019-09-23 05:27:28
139.59.128.97	attackspambots	Invalid user user from 139.59.128.97 port 40674	2019-09-16 21:04:50
139.59.128.97	attack	Sep 12 15:36:55 php2 sshd\[31558\]: Invalid user test from 139.59.128.97 Sep 12 15:36:55 php2 sshd\[31558\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=labs2.armadilloamarillo.com Sep 12 15:36:57 php2 sshd\[31558\]: Failed password for invalid user test from 139.59.128.97 port 48800 ssh2 Sep 12 15:42:43 php2 sshd\[32533\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=labs2.armadilloamarillo.com user=mysql Sep 12 15:42:45 php2 sshd\[32533\]: Failed password for mysql from 139.59.128.97 port 54340 ssh2	2019-09-13 14:54:44
139.59.128.97	attackbotsspam	Sep 7 02:24:03 hpm sshd\[27460\]: Invalid user mc from 139.59.128.97 Sep 7 02:24:03 hpm sshd\[27460\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=labs2.armadilloamarillo.com Sep 7 02:24:05 hpm sshd\[27460\]: Failed password for invalid user mc from 139.59.128.97 port 47032 ssh2 Sep 7 02:28:11 hpm sshd\[27793\]: Invalid user rstudio from 139.59.128.97 Sep 7 02:28:11 hpm sshd\[27793\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=labs2.armadilloamarillo.com	2019-09-07 21:56:04
139.59.128.97	attackspambots	Invalid user rushi from 139.59.128.97 port 44176	2019-08-25 08:05:35
139.59.128.97	attackbotsspam	Aug 23 20:02:56 tuxlinux sshd[63909]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.128.97 user=root Aug 23 20:02:58 tuxlinux sshd[63909]: Failed password for root from 139.59.128.97 port 47108 ssh2 Aug 23 20:02:56 tuxlinux sshd[63909]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.128.97 user=root Aug 23 20:02:58 tuxlinux sshd[63909]: Failed password for root from 139.59.128.97 port 47108 ssh2 Aug 23 20:13:21 tuxlinux sshd[64162]: Invalid user readonly from 139.59.128.97 port 51238 ...	2019-08-24 07:12:48
139.59.128.97	attackspambots	Aug 15 03:06:14 vps691689 sshd[6233]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.128.97 Aug 15 03:06:17 vps691689 sshd[6233]: Failed password for invalid user raul from 139.59.128.97 port 50174 ssh2 ...	2019-08-15 09:16:47

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.59.128.123
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 23426
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.59.128.123.			IN	A

;; AUTHORITY SECTION:
.			367	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020090500 1800 900 604800 86400

;; Query time: 67 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Sep 05 18:35:15 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 123.128.59.139.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 123.128.59.139.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
34.224.74.193	attackbotsspam	Port Scan detected from 34.224.74.193 (US/United States/ec2-34-224-74-193.compute-1.amazonaws.com). 5 hits in the last 20 seconds	2020-09-23 15:45:11
159.65.157.70	attackbotsspam	Sep 23 03:19:28 lanister sshd[21576]: Invalid user minecraft from 159.65.157.70 Sep 23 03:19:28 lanister sshd[21576]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.157.70 Sep 23 03:19:28 lanister sshd[21576]: Invalid user minecraft from 159.65.157.70 Sep 23 03:19:30 lanister sshd[21576]: Failed password for invalid user minecraft from 159.65.157.70 port 60306 ssh2	2020-09-23 15:51:55
42.113.140.150	attackspambots	Unauthorized connection attempt from IP address 42.113.140.150 on Port 445(SMB)	2020-09-23 16:16:07
222.186.175.215	attackbots	Sep 23 09:56:18 vm0 sshd[11420]: Failed password for root from 222.186.175.215 port 65328 ssh2 Sep 23 09:56:30 vm0 sshd[11420]: error: maximum authentication attempts exceeded for root from 222.186.175.215 port 65328 ssh2 [preauth] ...	2020-09-23 16:00:23
78.187.15.121	attack	Unauthorized connection attempt from IP address 78.187.15.121 on Port 445(SMB)	2020-09-23 15:57:25
176.226.180.158	attackbotsspam	Sep 22 19:03:12 vps639187 sshd\[1033\]: Invalid user admin from 176.226.180.158 port 58609 Sep 22 19:03:12 vps639187 sshd\[1033\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=176.226.180.158 Sep 22 19:03:14 vps639187 sshd\[1033\]: Failed password for invalid user admin from 176.226.180.158 port 58609 ssh2 ...	2020-09-23 15:55:08
95.226.56.46	attackbotsspam	Unauthorized connection attempt from IP address 95.226.56.46 on Port 445(SMB)	2020-09-23 15:53:24
156.54.174.197	attack	Sep 23 09:35:57 PorscheCustomer sshd[31122]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=156.54.174.197 Sep 23 09:36:00 PorscheCustomer sshd[31122]: Failed password for invalid user ali from 156.54.174.197 port 56148 ssh2 Sep 23 09:39:53 PorscheCustomer sshd[31247]: Failed password for root from 156.54.174.197 port 36864 ssh2 ...	2020-09-23 15:55:21
3.236.184.241	attackspambots	Automatic report - Port Scan	2020-09-23 15:58:27
31.176.177.255	attackspam	1600838985 - 09/23/2020 07:29:45 Host: 31.176.177.255/31.176.177.255 Port: 445 TCP Blocked	2020-09-23 15:43:59
122.226.245.178	attackbots	445/tcp 1433/tcp... [2020-08-04/09-22]12pkt,2pt.(tcp)	2020-09-23 16:16:32
89.248.162.164	attackspam	[H1.VM10] Blocked by UFW	2020-09-23 16:18:26
82.62.245.237	attackbots	Unauthorised access (Sep 23) SRC=82.62.245.237 LEN=44 TTL=53 ID=25017 TCP DPT=23 WINDOW=10443 SYN	2020-09-23 16:13:25
194.124.144.3	attackspam	E-Mail Spam (RBL) [REJECTED]	2020-09-23 16:08:45
118.173.16.42	attackspambots	Automatic report - Port Scan Attack	2020-09-23 16:10:02

最近上报的IP列表

49.115.68.63	74.192.226.54	181.191.223.163	104.47.38.111
243.171.37.127	117.195.112.85	121.70.126.247	95.180.105.128
234.101.223.154	49.102.103.62	89.133.45.112	20.52.34.80
123.25.52.173	14.127.74.87	5.35.107.206	179.243.246.171
219.109.231.159	179.1.76.219	35.228.119.156	95.134.165.14