139.59.75.111 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): India

运营商(isp): Digital Ocean Inc.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	various type of attack	2020-10-14 03:04:25
attack	Oct 13 11:55:42 cho sshd[567303]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.75.111 Oct 13 11:55:42 cho sshd[567303]: Invalid user ht from 139.59.75.111 port 53006 Oct 13 11:55:44 cho sshd[567303]: Failed password for invalid user ht from 139.59.75.111 port 53006 ssh2 Oct 13 11:59:29 cho sshd[567472]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.75.111 user=root Oct 13 11:59:30 cho sshd[567472]: Failed password for root from 139.59.75.111 port 57192 ssh2 ...	2020-10-13 18:20:31
attackbotsspam	20 attempts against mh-ssh on cloud	2020-10-02 07:33:42
attack	Oct 1 14:53:57 sip sshd[1786819]: Invalid user nmrsu from 139.59.75.111 port 55268 Oct 1 14:53:58 sip sshd[1786819]: Failed password for invalid user nmrsu from 139.59.75.111 port 55268 ssh2 Oct 1 14:58:09 sip sshd[1786852]: Invalid user ark from 139.59.75.111 port 34488 ...	2020-10-02 00:06:07
attackspambots	Oct 1 07:14:12 gitlab sshd[2340282]: Failed password for root from 139.59.75.111 port 52774 ssh2 Oct 1 07:18:07 gitlab sshd[2340871]: Invalid user carlos from 139.59.75.111 port 60008 Oct 1 07:18:07 gitlab sshd[2340871]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.75.111 Oct 1 07:18:07 gitlab sshd[2340871]: Invalid user carlos from 139.59.75.111 port 60008 Oct 1 07:18:09 gitlab sshd[2340871]: Failed password for invalid user carlos from 139.59.75.111 port 60008 ssh2 ...	2020-10-01 16:12:33
attackbotsspam	Aug 31 05:44:23 ns382633 sshd\[17051\]: Invalid user lynx from 139.59.75.111 port 36274 Aug 31 05:44:23 ns382633 sshd\[17051\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.75.111 Aug 31 05:44:25 ns382633 sshd\[17051\]: Failed password for invalid user lynx from 139.59.75.111 port 36274 ssh2 Aug 31 05:49:23 ns382633 sshd\[17853\]: Invalid user ubuntu from 139.59.75.111 port 45040 Aug 31 05:49:23 ns382633 sshd\[17853\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.75.111	2020-08-31 18:31:40
attackspam	Invalid user ark from 139.59.75.111 port 42634	2020-08-25 21:54:02
attack	invalid login attempt (ark)	2020-08-25 17:07:15
attack	2020-08-20T09:54:09.050851snf-827550 sshd[4703]: Failed password for invalid user nagios from 139.59.75.111 port 38488 ssh2 2020-08-20T10:02:54.655328snf-827550 sshd[5312]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.75.111 user=root 2020-08-20T10:02:56.633650snf-827550 sshd[5312]: Failed password for root from 139.59.75.111 port 33066 ssh2 ...	2020-08-20 15:35:03
attackspam	2020-08-19T13:26:31.114628mail.standpoint.com.ua sshd[22168]: Failed password for root from 139.59.75.111 port 56810 ssh2 2020-08-19T13:30:16.213132mail.standpoint.com.ua sshd[22682]: Invalid user admin from 139.59.75.111 port 58284 2020-08-19T13:30:16.215825mail.standpoint.com.ua sshd[22682]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.75.111 2020-08-19T13:30:16.213132mail.standpoint.com.ua sshd[22682]: Invalid user admin from 139.59.75.111 port 58284 2020-08-19T13:30:18.050081mail.standpoint.com.ua sshd[22682]: Failed password for invalid user admin from 139.59.75.111 port 58284 ssh2 ...	2020-08-19 19:37:51
attack	2020-08-10T09:32:51.615112centos sshd[28551]: Failed password for root from 139.59.75.111 port 37856 ssh2 2020-08-10T09:34:45.821206centos sshd[28926]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.75.111 user=root 2020-08-10T09:34:47.658491centos sshd[28926]: Failed password for root from 139.59.75.111 port 50092 ssh2 ...	2020-08-10 17:17:16
attackbots	Aug 4 11:28:22 mail sshd[9825]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.75.111 user=root Aug 4 11:28:24 mail sshd[9825]: Failed password for root from 139.59.75.111 port 33736 ssh2 ...	2020-08-04 17:50:33
attackbots	Jul 31 09:04:47 hosting sshd[12400]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.75.111 user=root Jul 31 09:04:48 hosting sshd[12400]: Failed password for root from 139.59.75.111 port 33832 ssh2 ...	2020-07-31 14:16:17
attack	2020-07-28T09:26:37+0200 Failed SSH Authentication/Brute Force Attack. (Server 9)	2020-07-28 15:30:13
attackbots	Jul 22 17:45:14 home sshd[151355]: Invalid user michelle from 139.59.75.111 port 33520 Jul 22 17:45:14 home sshd[151355]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.75.111 Jul 22 17:45:14 home sshd[151355]: Invalid user michelle from 139.59.75.111 port 33520 Jul 22 17:45:16 home sshd[151355]: Failed password for invalid user michelle from 139.59.75.111 port 33520 ssh2 Jul 22 17:49:15 home sshd[151806]: Invalid user dada from 139.59.75.111 port 35170 ...	2020-07-23 02:42:39
attack	Jul 4 00:27:02 plex-server sshd[749682]: Invalid user limin from 139.59.75.111 port 42502 Jul 4 00:27:02 plex-server sshd[749682]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.75.111 Jul 4 00:27:02 plex-server sshd[749682]: Invalid user limin from 139.59.75.111 port 42502 Jul 4 00:27:04 plex-server sshd[749682]: Failed password for invalid user limin from 139.59.75.111 port 42502 ssh2 Jul 4 00:30:03 plex-server sshd[749953]: Invalid user rabbitmq from 139.59.75.111 port 33628 ...	2020-07-04 10:55:32
attackspam	Jun 25 09:52:11 santamaria sshd\[11872\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.75.111 user=root Jun 25 09:52:12 santamaria sshd\[11872\]: Failed password for root from 139.59.75.111 port 45658 ssh2 Jun 25 09:55:39 santamaria sshd\[11932\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.75.111 user=root ...	2020-06-25 16:58:55
attackspambots	Jun 16 21:05:10 eventyay sshd[31110]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.75.111 Jun 16 21:05:12 eventyay sshd[31110]: Failed password for invalid user mfg from 139.59.75.111 port 58756 ssh2 Jun 16 21:08:33 eventyay sshd[31260]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.75.111 ...	2020-06-17 03:30:58
attack	$f2bV_matches	2020-06-15 12:07:36
attackspambots	2020-06-14T13:53:52.631286server.mjenks.net sshd[802912]: Invalid user postgres from 139.59.75.111 port 40162 2020-06-14T13:53:52.638499server.mjenks.net sshd[802912]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.75.111 2020-06-14T13:53:52.631286server.mjenks.net sshd[802912]: Invalid user postgres from 139.59.75.111 port 40162 2020-06-14T13:53:54.732288server.mjenks.net sshd[802912]: Failed password for invalid user postgres from 139.59.75.111 port 40162 ssh2 2020-06-14T13:57:16.331348server.mjenks.net sshd[803336]: Invalid user nr from 139.59.75.111 port 40672 ...	2020-06-15 03:09:00
attackbots	Jun 12 07:58:01 * sshd[5792]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.75.111 Jun 12 07:58:03 * sshd[5792]: Failed password for invalid user admin from 139.59.75.111 port 45088 ssh2	2020-06-12 14:06:21
attackspam	Invalid user fzw from 139.59.75.111 port 33948	2020-05-23 15:02:18
attack	May 9 04:38:37 buvik sshd[17139]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.75.111 user=root May 9 04:38:38 buvik sshd[17139]: Failed password for root from 139.59.75.111 port 38700 ssh2 May 9 04:42:25 buvik sshd[17774]: Invalid user zul from 139.59.75.111 ...	2020-05-09 14:54:56
attackbots	$f2bV_matches \| Triggered by Fail2Ban at Vostok web server	2020-05-08 00:34:52
attackspam	Apr 27 13:56:20 v22018086721571380 sshd[6110]: Failed password for invalid user guest from 139.59.75.111 port 43572 ssh2	2020-04-27 20:12:01
attackbots	Apr 24 12:31:56 game-panel sshd[19152]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.75.111 Apr 24 12:31:57 game-panel sshd[19152]: Failed password for invalid user limorov from 139.59.75.111 port 46934 ssh2 Apr 24 12:36:07 game-panel sshd[19374]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.75.111	2020-04-25 01:28:33
attackbots	Automatic report BANNED IP	2020-04-23 03:32:46
attack	Apr 2 01:09:32 vmd26974 sshd[6698]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.75.111 Apr 2 01:09:34 vmd26974 sshd[6698]: Failed password for invalid user gj from 139.59.75.111 port 36352 ssh2 ...	2020-04-02 08:49:35
attackspambots	leo_www	2020-04-01 15:56:11
attackspam	SSH login attempts.	2020-03-22 19:53:54

相同子网IP讨论:

IP	类型	评论内容	时间
139.59.75.74	attack	SSH Honeypot -> SSH Bruteforce / Login	2020-09-28 06:36:17
139.59.75.74	attackbots	Automatic report - Banned IP Access	2020-09-27 23:01:45
139.59.75.74	attack	[f2b] sshd bruteforce, retries: 1	2020-09-17 20:27:33
139.59.75.74	attackspam	Aug 24 13:55:43 ajax sshd[28815]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.75.74 Aug 24 13:55:46 ajax sshd[28815]: Failed password for invalid user tom1 from 139.59.75.74 port 53416 ssh2	2020-08-24 21:20:31
139.59.75.74	attackspambots	Aug 17 15:57:21 nextcloud sshd\[5707\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.75.74 user=root Aug 17 15:57:23 nextcloud sshd\[5707\]: Failed password for root from 139.59.75.74 port 40878 ssh2 Aug 17 16:02:49 nextcloud sshd\[12933\]: Invalid user fabrice from 139.59.75.74	2020-08-17 23:20:41
139.59.75.74	attackbots	2020-08-16T20:49:22+0000 Failed SSH Authentication/Brute Force Attack. (Server 6)	2020-08-17 05:07:48
139.59.75.162	attackbots	139.59.75.162 - - [18/Jul/2020:10:48:23 +0100] "POST /wp-login.php HTTP/1.1" 200 1996 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.75.162 - - [18/Jul/2020:10:48:36 +0100] "POST /wp-login.php HTTP/1.1" 200 1970 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.75.162 - - [18/Jul/2020:10:48:45 +0100] "POST /wp-login.php HTTP/1.1" 200 1928 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-07-18 18:16:55
139.59.75.162	attackspam	Website hacking attempt: Wordpress admin access [wp-login.php]	2020-07-02 02:30:43
139.59.75.162	attackspambots	Automatic report - XMLRPC Attack	2020-06-29 06:36:47
139.59.75.162	attackspam	xmlrpc attack	2020-06-19 13:09:14
139.59.75.162	attackspam	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-06-05 23:26:50
139.59.75.162	attack	Automatic report - XMLRPC Attack	2020-06-02 20:16:07
139.59.75.162	attackspambots	139.59.75.162 - - [15/May/2020:12:50:19 +0200] "GET /wp-login.php HTTP/1.1" 200 6539 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.75.162 - - [15/May/2020:12:50:24 +0200] "POST /wp-login.php HTTP/1.1" 200 6790 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.75.162 - - [15/May/2020:12:50:25 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-05-15 19:13:49
139.59.75.162	attack	xmlrpc attack	2020-05-04 15:02:33
139.59.75.53	attackspam	139.59.75.53 - - [12/Nov/2019:07:39:21 +0100] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.75.53 - - [12/Nov/2019:07:39:28 +0100] "POST /wp-login.php HTTP/1.1" 200 1503 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.75.53 - - [12/Nov/2019:07:39:33 +0100] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.75.53 - - [12/Nov/2019:07:39:39 +0100] "POST /wp-login.php HTTP/1.1" 200 1486 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.75.53 - - [12/Nov/2019:07:39:40 +0100] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.75.53 - - [12/Nov/2019:07:39:46 +0100] "POST /wp-login.php HTTP/1.1" 200 1486 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-11-12 15:41:56

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.59.75.111
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 8474
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.59.75.111.			IN	A

;; AUTHORITY SECTION:
.			368	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020032200 1800 900 604800 86400

;; Query time: 41 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Mar 22 19:53:45 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 111.75.59.139.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 111.75.59.139.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
36.48.167.37	attackbots	Port probing on unauthorized port 1433	2020-02-09 13:33:26
104.244.79.181	attackspambots	SSH Server BruteForce Attack	2020-02-09 13:51:38
221.124.119.224	attackspambots	port scan and connect, tcp 23 (telnet)	2020-02-09 13:16:20
222.186.175.140	attack	$f2bV_matches	2020-02-09 13:23:14
36.74.121.216	attack	1581224283 - 02/09/2020 05:58:03 Host: 36.74.121.216/36.74.121.216 Port: 445 TCP Blocked	2020-02-09 13:52:50
37.49.226.49	attackbotsspam	unauthorized connection attempt	2020-02-09 13:44:01
104.244.79.250	attackspambots	unauthorized connection attempt	2020-02-09 13:14:56
45.253.65.245	attack	Feb 8 18:55:48 sachi sshd\[6374\]: Invalid user agy from 45.253.65.245 Feb 8 18:55:48 sachi sshd\[6374\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.253.65.245 Feb 8 18:55:50 sachi sshd\[6374\]: Failed password for invalid user agy from 45.253.65.245 port 41665 ssh2 Feb 8 18:59:01 sachi sshd\[6645\]: Invalid user iot from 45.253.65.245 Feb 8 18:59:01 sachi sshd\[6645\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.253.65.245	2020-02-09 13:12:41
79.162.198.65	attackbots	port scan and connect, tcp 23 (telnet)	2020-02-09 13:52:21
129.211.125.143	attackbots	Unauthorized connection attempt detected from IP address 129.211.125.143 to port 22	2020-02-09 13:44:31
124.116.188.142	attackbots	Feb 9 05:58:49 plex sshd[19917]: Invalid user clq from 124.116.188.142 port 41381	2020-02-09 13:19:35
107.170.121.10	attackspam	Feb 9 06:28:03 v22018076590370373 sshd[13111]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.170.121.10 ...	2020-02-09 13:28:48
106.13.167.187	attack	10 attempts against mh-pma-try-ban on river	2020-02-09 13:29:11
113.173.215.118	attackspambots	2020-02-0905:57:301j0eev-0002mZ-8V\<=verena@rs-solution.chH=\(localhost\)[183.89.214.56]:37629P=esmtpsaX=TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:verena@rs-solution.chS=2071id=FAFF491A11C5EB588481C87084503F5D@rs-solution.chT="apleasantsurprise"forrortizhd@yahoo.com2020-02-0905:57:121j0eed-0002aF-Vw\<=verena@rs-solution.chH=\(localhost\)[113.173.215.118]:54471P=esmtpsaX=TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:verena@rs-solution.chS=2140id=787DCB98934769DA06034AF206A62021@rs-solution.chT="apleasantsurprise"fornathanalomari@gmail.com2020-02-0905:58:101j0efZ-0002nm-4E\<=verena@rs-solution.chH=\(localhost\)[222.254.27.137]:53640P=esmtpsaX=TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:verena@rs-solution.chS=2249id=787DCB98934769DA06034AF206A62021@rs-solution.chT="areyoulonelytoo\?"forputtusangapura@gmail.com2020-02-0905:56:451j0eeB-0002Yx-Qf\<=verena@rs-solution.chH=\(localhost\)[156.210.19.76]:45875P=esmtpsaX=TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=d	2020-02-09 13:46:27
69.162.105.66	attack	" "	2020-02-09 13:17:54

最近上报的IP列表

106.13.19.145	24.54.44.91	114.143.153.138	112.84.61.217
211.253.9.49	24.30.91.171	1.52.134.46	115.126.226.134
14.161.160.43	80.85.154.247	101.201.130.127	58.246.94.230
128.132.68.84	71.231.227.201	2.174.215.19	128.201.75.39
106.54.60.40	181.84.177.250	40.15.243.253	127.174.15.233