139.59.56.23 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): India

运营商(isp): Digital Ocean Inc.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Jul 28 00:12:28 ift sshd\[18904\]: Invalid user kietnt17 from 139.59.56.23Jul 28 00:12:30 ift sshd\[18904\]: Failed password for invalid user kietnt17 from 139.59.56.23 port 59750 ssh2Jul 28 00:13:55 ift sshd\[19127\]: Invalid user zhengdelian from 139.59.56.23Jul 28 00:13:57 ift sshd\[19127\]: Failed password for invalid user zhengdelian from 139.59.56.23 port 51934 ssh2Jul 28 00:15:24 ift sshd\[19465\]: Invalid user dev from 139.59.56.23 ...	2020-07-28 08:06:43
attackbotsspam	(sshd) Failed SSH login from 139.59.56.23 (IN/India/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jul 25 23:19:03 grace sshd[6444]: Invalid user qwy from 139.59.56.23 port 42040 Jul 25 23:19:05 grace sshd[6444]: Failed password for invalid user qwy from 139.59.56.23 port 42040 ssh2 Jul 25 23:24:04 grace sshd[7112]: Invalid user goyette from 139.59.56.23 port 35376 Jul 25 23:24:06 grace sshd[7112]: Failed password for invalid user goyette from 139.59.56.23 port 35376 ssh2 Jul 25 23:28:27 grace sshd[7781]: Invalid user estudiantes from 139.59.56.23 port 48668	2020-07-26 06:42:55
attackbotsspam	Invalid user test from 139.59.56.23 port 58198	2020-07-25 03:56:56
attackspam	Jul 22 23:59:38 Host-KEWR-E sshd[19142]: Disconnected from invalid user vick 139.59.56.23 port 38436 [preauth] ...	2020-07-23 12:04:25
attackbots	Invalid user rmp from 139.59.56.23 port 57984	2020-07-20 20:12:23
attack	Jul 19 14:33:30 eventyay sshd[10490]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.56.23 Jul 19 14:33:32 eventyay sshd[10490]: Failed password for invalid user mysql from 139.59.56.23 port 37930 ssh2 Jul 19 14:38:32 eventyay sshd[10591]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.56.23 ...	2020-07-19 21:46:15
attack	(sshd) Failed SSH login from 139.59.56.23 (IN/India/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jul 18 17:14:30 amsweb01 sshd[15868]: Invalid user support from 139.59.56.23 port 45328 Jul 18 17:14:32 amsweb01 sshd[15868]: Failed password for invalid user support from 139.59.56.23 port 45328 ssh2 Jul 18 17:27:35 amsweb01 sshd[19784]: Invalid user user7 from 139.59.56.23 port 44880 Jul 18 17:27:37 amsweb01 sshd[19784]: Failed password for invalid user user7 from 139.59.56.23 port 44880 ssh2 Jul 18 17:31:43 amsweb01 sshd[20960]: Invalid user mietek from 139.59.56.23 port 50004	2020-07-19 01:36:09
attack	2020-07-05T13:01:45.327616shield sshd\[18585\]: Invalid user user from 139.59.56.23 port 41456 2020-07-05T13:01:45.331288shield sshd\[18585\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.56.23 2020-07-05T13:01:47.576700shield sshd\[18585\]: Failed password for invalid user user from 139.59.56.23 port 41456 ssh2 2020-07-05T13:03:42.112613shield sshd\[19029\]: Invalid user time from 139.59.56.23 port 40014 2020-07-05T13:03:42.116190shield sshd\[19029\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.56.23	2020-07-05 21:13:21
attackbots	Jul 4 14:39:09 eventyay sshd[32254]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.56.23 Jul 4 14:39:11 eventyay sshd[32254]: Failed password for invalid user aa from 139.59.56.23 port 47592 ssh2 Jul 4 14:42:51 eventyay sshd[32397]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.56.23 ...	2020-07-04 21:19:38
attackspambots	Repeated brute force against a port	2020-06-28 13:57:28

相同子网IP讨论:

IP	类型	评论内容	时间
139.59.56.174	attack	" "	2020-05-30 13:14:00
139.59.56.174	attackbots	firewall-block, port(s): 11599/tcp	2020-05-22 02:31:01
139.59.56.174	attackspambots	Apr 16 08:37:35 debian-2gb-nbg1-2 kernel: \[9278036.981010\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=139.59.56.174 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=27143 PROTO=TCP SPT=54304 DPT=22996 WINDOW=1024 RES=0x00 SYN URGP=0	2020-04-16 18:00:26
139.59.56.174	attack	trying to access non-authorized port	2020-04-13 13:52:50
139.59.56.121	attackspam	$f2bV_matches	2020-04-07 16:31:13
139.59.56.121	attackspam	Apr 6 05:52:34 vmd48417 sshd[13684]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.56.121	2020-04-06 16:43:50
139.59.56.121	attackbots	Apr 5 10:19:27 silence02 sshd[21316]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.56.121 Apr 5 10:19:29 silence02 sshd[21316]: Failed password for invalid user carlos from 139.59.56.121 port 57160 ssh2 Apr 5 10:28:57 silence02 sshd[22130]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.56.121	2020-04-05 18:22:27
139.59.56.121	attackspam	Mar 30 13:29:30 ws22vmsma01 sshd[86912]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.56.121 Mar 30 13:29:32 ws22vmsma01 sshd[86912]: Failed password for invalid user oracle from 139.59.56.121 port 42442 ssh2 ...	2020-03-31 02:10:30
139.59.56.121	attackspam	Mar 19 10:16:45 host sshd[15338]: Invalid user ubuntu from 139.59.56.121 port 36542	2020-03-23 19:00:01
139.59.56.121	attackbots	Mar 18 16:09:31 hosting180 sshd[21274]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.56.121 Mar 18 16:09:31 hosting180 sshd[21274]: Invalid user ubuntu from 139.59.56.121 port 49998 Mar 18 16:09:33 hosting180 sshd[21274]: Failed password for invalid user ubuntu from 139.59.56.121 port 49998 ssh2 ...	2020-03-19 12:20:16
139.59.56.121	attackbotsspam	Mar 1 15:18:00 lukav-desktop sshd\[29666\]: Invalid user tr.lukanet from 139.59.56.121 Mar 1 15:18:00 lukav-desktop sshd\[29666\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.56.121 Mar 1 15:18:02 lukav-desktop sshd\[29666\]: Failed password for invalid user tr.lukanet from 139.59.56.121 port 39490 ssh2 Mar 1 15:23:14 lukav-desktop sshd\[29743\]: Invalid user docs.lukanet from 139.59.56.121 Mar 1 15:23:14 lukav-desktop sshd\[29743\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.56.121	2020-03-02 00:48:00
139.59.56.121	attackbots	$f2bV_matches	2020-02-27 20:12:05
139.59.56.125	attackspam	Invalid user collin from 139.59.56.125 port 34522	2020-02-20 08:28:14
139.59.56.125	attack	Feb 15 06:21:38 [host] sshd[22051]: pam_unix(sshd: Feb 15 06:21:39 [host] sshd[22051]: Failed passwor Feb 15 06:26:48 [host] sshd[22160]: Invalid user g	2020-02-15 18:35:43
139.59.56.121	attackbotsspam	Feb 11 14:39:44 mail sshd[18373]: Invalid user admin from 139.59.56.121 Feb 11 14:39:44 mail sshd[18373]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.56.121 Feb 11 14:39:44 mail sshd[18373]: Invalid user admin from 139.59.56.121 Feb 11 14:39:46 mail sshd[18373]: Failed password for invalid user admin from 139.59.56.121 port 37164 ssh2 Feb 11 14:48:40 mail sshd[19467]: Invalid user guest from 139.59.56.121 ...	2020-02-11 22:17:05

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.59.56.23
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 11981
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.59.56.23.			IN	A

;; AUTHORITY SECTION:
.			408	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020062800 1800 900 604800 86400

;; Query time: 101 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jun 28 13:57:23 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 23.56.59.139.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 23.56.59.139.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
91.134.173.100	attack	Apr 11 22:53:11 eventyay sshd[2986]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.134.173.100 Apr 11 22:53:13 eventyay sshd[2986]: Failed password for invalid user jayashree from 91.134.173.100 port 54428 ssh2 Apr 11 22:57:10 eventyay sshd[3166]: Failed password for root from 91.134.173.100 port 36308 ssh2 ...	2020-04-12 05:20:02
119.44.20.30	attack	SSH Invalid Login	2020-04-12 05:48:01
222.186.30.167	attack	Apr 11 18:37:54 firewall sshd[1835]: Failed password for root from 222.186.30.167 port 35216 ssh2 Apr 11 18:37:57 firewall sshd[1835]: Failed password for root from 222.186.30.167 port 35216 ssh2 Apr 11 18:37:59 firewall sshd[1835]: Failed password for root from 222.186.30.167 port 35216 ssh2 ...	2020-04-12 05:42:23
106.12.142.52	attackspam	SSH auth scanning - multiple failed logins	2020-04-12 05:36:46
222.186.175.163	attackbots	Apr 11 23:34:20 mail sshd\[21333\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.163 user=root Apr 11 23:34:22 mail sshd\[21333\]: Failed password for root from 222.186.175.163 port 19782 ssh2 Apr 11 23:34:32 mail sshd\[21333\]: Failed password for root from 222.186.175.163 port 19782 ssh2 ...	2020-04-12 05:35:15
106.12.82.22	attackbots	2020-04-11T22:48:22.064703ns386461 sshd\[11833\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.82.22 user=root 2020-04-11T22:48:24.182590ns386461 sshd\[11833\]: Failed password for root from 106.12.82.22 port 33026 ssh2 2020-04-11T22:56:55.608313ns386461 sshd\[19930\]: Invalid user smbguest from 106.12.82.22 port 42958 2020-04-11T22:56:55.612764ns386461 sshd\[19930\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.82.22 2020-04-11T22:56:57.820227ns386461 sshd\[19930\]: Failed password for invalid user smbguest from 106.12.82.22 port 42958 ssh2 ...	2020-04-12 05:29:05
45.56.137.64	attackbots	\[Apr 12 06:54:18\] NOTICE\[2019\] chan_sip.c: Registration from '\' failed for '45.56.137.64:62738' - Wrong password \[Apr 12 06:54:31\] NOTICE\[2019\] chan_sip.c: Registration from '\' failed for '45.56.137.64:56609' - Wrong password \[Apr 12 06:54:40\] NOTICE\[2019\] chan_sip.c: Registration from '\' failed for '45.56.137.64:63509' - Wrong password \[Apr 12 06:54:47\] NOTICE\[2019\] chan_sip.c: Registration from '\' failed for '45.56.137.64:52033' - Wrong password \[Apr 12 06:55:02\] NOTICE\[2019\] chan_sip.c: Registration from '\' failed for '45.56.137.64:63600' - Wrong password \[Apr 12 06:55:39\] NOTICE\[2019\] chan_sip.c: Registration from '\' failed for '45.56.137.64:58506' - Wrong password \[Apr 12 06:56:19\] NOTICE\[2019\] chan_sip.c: Registration from '\' failed for '45 ...	2020-04-12 05:33:00
51.83.75.56	attack	Apr 11 17:32:32 NPSTNNYC01T sshd[15277]: Failed password for root from 51.83.75.56 port 55124 ssh2 Apr 11 17:36:45 NPSTNNYC01T sshd[15630]: Failed password for sys from 51.83.75.56 port 36414 ssh2 ...	2020-04-12 05:44:03
222.186.175.140	attack	Apr 11 23:07:25 silence02 sshd[17767]: Failed password for root from 222.186.175.140 port 65234 ssh2 Apr 11 23:07:39 silence02 sshd[17767]: error: maximum authentication attempts exceeded for root from 222.186.175.140 port 65234 ssh2 [preauth] Apr 11 23:07:45 silence02 sshd[18029]: Failed password for root from 222.186.175.140 port 5658 ssh2	2020-04-12 05:13:13
104.196.4.163	attackspam	Apr 11 22:58:45 ns381471 sshd[22751]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.196.4.163 Apr 11 22:58:47 ns381471 sshd[22751]: Failed password for invalid user guest from 104.196.4.163 port 41988 ssh2	2020-04-12 05:50:11
95.163.118.126	attack	$f2bV_matches	2020-04-12 05:22:33
120.70.101.85	attackbots	Apr 11 22:48:24 ncomp sshd[19542]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.70.101.85 user=root Apr 11 22:48:27 ncomp sshd[19542]: Failed password for root from 120.70.101.85 port 44053 ssh2 Apr 11 22:56:59 ncomp sshd[19671]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.70.101.85 user=root Apr 11 22:57:02 ncomp sshd[19671]: Failed password for root from 120.70.101.85 port 40450 ssh2	2020-04-12 05:24:23
122.51.146.36	attack	Apr 11 23:07:25 legacy sshd[30471]: Failed password for root from 122.51.146.36 port 51578 ssh2 Apr 11 23:11:08 legacy sshd[30600]: Failed password for root from 122.51.146.36 port 52498 ssh2 ...	2020-04-12 05:46:23
163.172.127.251	attack	Apr 11 22:56:45 h2829583 sshd[6385]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=163.172.127.251	2020-04-12 05:39:13
80.31.185.125	attackbots	(sshd) Failed SSH login from 80.31.185.125 (ES/Spain/-): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Apr 11 23:03:56 ubnt-55d23 sshd[22412]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.31.185.125 user=root Apr 11 23:03:57 ubnt-55d23 sshd[22412]: Failed password for root from 80.31.185.125 port 42562 ssh2	2020-04-12 05:16:01

最近上报的IP列表

23.107.127.182	76.130.106.124	240.183.56.64	116.119.80.246
109.196.75.245	129.155.49.32	175.112.172.188	83.241.85.106
235.246.10.60	138.58.160.52	61.230.133.236	224.155.17.128
64.113.103.196	72.94.1.63	154.173.225.209	90.201.25.34
65.110.214.27	229.103.66.180	173.82.52.26	75.119.219.102