139.59.75.111 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): India

运营商(isp): Digital Ocean Inc.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	various type of attack	2020-10-14 03:04:25
attack	Oct 13 11:55:42 cho sshd[567303]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.75.111 Oct 13 11:55:42 cho sshd[567303]: Invalid user ht from 139.59.75.111 port 53006 Oct 13 11:55:44 cho sshd[567303]: Failed password for invalid user ht from 139.59.75.111 port 53006 ssh2 Oct 13 11:59:29 cho sshd[567472]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.75.111 user=root Oct 13 11:59:30 cho sshd[567472]: Failed password for root from 139.59.75.111 port 57192 ssh2 ...	2020-10-13 18:20:31
attackbotsspam	20 attempts against mh-ssh on cloud	2020-10-02 07:33:42
attack	Oct 1 14:53:57 sip sshd[1786819]: Invalid user nmrsu from 139.59.75.111 port 55268 Oct 1 14:53:58 sip sshd[1786819]: Failed password for invalid user nmrsu from 139.59.75.111 port 55268 ssh2 Oct 1 14:58:09 sip sshd[1786852]: Invalid user ark from 139.59.75.111 port 34488 ...	2020-10-02 00:06:07
attackspambots	Oct 1 07:14:12 gitlab sshd[2340282]: Failed password for root from 139.59.75.111 port 52774 ssh2 Oct 1 07:18:07 gitlab sshd[2340871]: Invalid user carlos from 139.59.75.111 port 60008 Oct 1 07:18:07 gitlab sshd[2340871]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.75.111 Oct 1 07:18:07 gitlab sshd[2340871]: Invalid user carlos from 139.59.75.111 port 60008 Oct 1 07:18:09 gitlab sshd[2340871]: Failed password for invalid user carlos from 139.59.75.111 port 60008 ssh2 ...	2020-10-01 16:12:33
attackbotsspam	Aug 31 05:44:23 ns382633 sshd\[17051\]: Invalid user lynx from 139.59.75.111 port 36274 Aug 31 05:44:23 ns382633 sshd\[17051\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.75.111 Aug 31 05:44:25 ns382633 sshd\[17051\]: Failed password for invalid user lynx from 139.59.75.111 port 36274 ssh2 Aug 31 05:49:23 ns382633 sshd\[17853\]: Invalid user ubuntu from 139.59.75.111 port 45040 Aug 31 05:49:23 ns382633 sshd\[17853\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.75.111	2020-08-31 18:31:40
attackspam	Invalid user ark from 139.59.75.111 port 42634	2020-08-25 21:54:02
attack	invalid login attempt (ark)	2020-08-25 17:07:15
attack	2020-08-20T09:54:09.050851snf-827550 sshd[4703]: Failed password for invalid user nagios from 139.59.75.111 port 38488 ssh2 2020-08-20T10:02:54.655328snf-827550 sshd[5312]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.75.111 user=root 2020-08-20T10:02:56.633650snf-827550 sshd[5312]: Failed password for root from 139.59.75.111 port 33066 ssh2 ...	2020-08-20 15:35:03
attackspam	2020-08-19T13:26:31.114628mail.standpoint.com.ua sshd[22168]: Failed password for root from 139.59.75.111 port 56810 ssh2 2020-08-19T13:30:16.213132mail.standpoint.com.ua sshd[22682]: Invalid user admin from 139.59.75.111 port 58284 2020-08-19T13:30:16.215825mail.standpoint.com.ua sshd[22682]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.75.111 2020-08-19T13:30:16.213132mail.standpoint.com.ua sshd[22682]: Invalid user admin from 139.59.75.111 port 58284 2020-08-19T13:30:18.050081mail.standpoint.com.ua sshd[22682]: Failed password for invalid user admin from 139.59.75.111 port 58284 ssh2 ...	2020-08-19 19:37:51
attack	2020-08-10T09:32:51.615112centos sshd[28551]: Failed password for root from 139.59.75.111 port 37856 ssh2 2020-08-10T09:34:45.821206centos sshd[28926]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.75.111 user=root 2020-08-10T09:34:47.658491centos sshd[28926]: Failed password for root from 139.59.75.111 port 50092 ssh2 ...	2020-08-10 17:17:16
attackbots	Aug 4 11:28:22 mail sshd[9825]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.75.111 user=root Aug 4 11:28:24 mail sshd[9825]: Failed password for root from 139.59.75.111 port 33736 ssh2 ...	2020-08-04 17:50:33
attackbots	Jul 31 09:04:47 hosting sshd[12400]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.75.111 user=root Jul 31 09:04:48 hosting sshd[12400]: Failed password for root from 139.59.75.111 port 33832 ssh2 ...	2020-07-31 14:16:17
attack	2020-07-28T09:26:37+0200 Failed SSH Authentication/Brute Force Attack. (Server 9)	2020-07-28 15:30:13
attackbots	Jul 22 17:45:14 home sshd[151355]: Invalid user michelle from 139.59.75.111 port 33520 Jul 22 17:45:14 home sshd[151355]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.75.111 Jul 22 17:45:14 home sshd[151355]: Invalid user michelle from 139.59.75.111 port 33520 Jul 22 17:45:16 home sshd[151355]: Failed password for invalid user michelle from 139.59.75.111 port 33520 ssh2 Jul 22 17:49:15 home sshd[151806]: Invalid user dada from 139.59.75.111 port 35170 ...	2020-07-23 02:42:39
attack	Jul 4 00:27:02 plex-server sshd[749682]: Invalid user limin from 139.59.75.111 port 42502 Jul 4 00:27:02 plex-server sshd[749682]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.75.111 Jul 4 00:27:02 plex-server sshd[749682]: Invalid user limin from 139.59.75.111 port 42502 Jul 4 00:27:04 plex-server sshd[749682]: Failed password for invalid user limin from 139.59.75.111 port 42502 ssh2 Jul 4 00:30:03 plex-server sshd[749953]: Invalid user rabbitmq from 139.59.75.111 port 33628 ...	2020-07-04 10:55:32
attackspam	Jun 25 09:52:11 santamaria sshd\[11872\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.75.111 user=root Jun 25 09:52:12 santamaria sshd\[11872\]: Failed password for root from 139.59.75.111 port 45658 ssh2 Jun 25 09:55:39 santamaria sshd\[11932\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.75.111 user=root ...	2020-06-25 16:58:55
attackspambots	Jun 16 21:05:10 eventyay sshd[31110]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.75.111 Jun 16 21:05:12 eventyay sshd[31110]: Failed password for invalid user mfg from 139.59.75.111 port 58756 ssh2 Jun 16 21:08:33 eventyay sshd[31260]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.75.111 ...	2020-06-17 03:30:58
attack	$f2bV_matches	2020-06-15 12:07:36
attackspambots	2020-06-14T13:53:52.631286server.mjenks.net sshd[802912]: Invalid user postgres from 139.59.75.111 port 40162 2020-06-14T13:53:52.638499server.mjenks.net sshd[802912]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.75.111 2020-06-14T13:53:52.631286server.mjenks.net sshd[802912]: Invalid user postgres from 139.59.75.111 port 40162 2020-06-14T13:53:54.732288server.mjenks.net sshd[802912]: Failed password for invalid user postgres from 139.59.75.111 port 40162 ssh2 2020-06-14T13:57:16.331348server.mjenks.net sshd[803336]: Invalid user nr from 139.59.75.111 port 40672 ...	2020-06-15 03:09:00
attackbots	Jun 12 07:58:01 * sshd[5792]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.75.111 Jun 12 07:58:03 * sshd[5792]: Failed password for invalid user admin from 139.59.75.111 port 45088 ssh2	2020-06-12 14:06:21
attackspam	Invalid user fzw from 139.59.75.111 port 33948	2020-05-23 15:02:18
attack	May 9 04:38:37 buvik sshd[17139]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.75.111 user=root May 9 04:38:38 buvik sshd[17139]: Failed password for root from 139.59.75.111 port 38700 ssh2 May 9 04:42:25 buvik sshd[17774]: Invalid user zul from 139.59.75.111 ...	2020-05-09 14:54:56
attackbots	$f2bV_matches \| Triggered by Fail2Ban at Vostok web server	2020-05-08 00:34:52
attackspam	Apr 27 13:56:20 v22018086721571380 sshd[6110]: Failed password for invalid user guest from 139.59.75.111 port 43572 ssh2	2020-04-27 20:12:01
attackbots	Apr 24 12:31:56 game-panel sshd[19152]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.75.111 Apr 24 12:31:57 game-panel sshd[19152]: Failed password for invalid user limorov from 139.59.75.111 port 46934 ssh2 Apr 24 12:36:07 game-panel sshd[19374]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.75.111	2020-04-25 01:28:33
attackbots	Automatic report BANNED IP	2020-04-23 03:32:46
attack	Apr 2 01:09:32 vmd26974 sshd[6698]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.75.111 Apr 2 01:09:34 vmd26974 sshd[6698]: Failed password for invalid user gj from 139.59.75.111 port 36352 ssh2 ...	2020-04-02 08:49:35
attackspambots	leo_www	2020-04-01 15:56:11
attackspam	SSH login attempts.	2020-03-22 19:53:54

相同子网IP讨论:

IP	类型	评论内容	时间
139.59.75.74	attack	SSH Honeypot -> SSH Bruteforce / Login	2020-09-28 06:36:17
139.59.75.74	attackbots	Automatic report - Banned IP Access	2020-09-27 23:01:45
139.59.75.74	attack	[f2b] sshd bruteforce, retries: 1	2020-09-17 20:27:33
139.59.75.74	attackspam	Aug 24 13:55:43 ajax sshd[28815]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.75.74 Aug 24 13:55:46 ajax sshd[28815]: Failed password for invalid user tom1 from 139.59.75.74 port 53416 ssh2	2020-08-24 21:20:31
139.59.75.74	attackspambots	Aug 17 15:57:21 nextcloud sshd\[5707\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.75.74 user=root Aug 17 15:57:23 nextcloud sshd\[5707\]: Failed password for root from 139.59.75.74 port 40878 ssh2 Aug 17 16:02:49 nextcloud sshd\[12933\]: Invalid user fabrice from 139.59.75.74	2020-08-17 23:20:41
139.59.75.74	attackbots	2020-08-16T20:49:22+0000 Failed SSH Authentication/Brute Force Attack. (Server 6)	2020-08-17 05:07:48
139.59.75.162	attackbots	139.59.75.162 - - [18/Jul/2020:10:48:23 +0100] "POST /wp-login.php HTTP/1.1" 200 1996 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.75.162 - - [18/Jul/2020:10:48:36 +0100] "POST /wp-login.php HTTP/1.1" 200 1970 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.75.162 - - [18/Jul/2020:10:48:45 +0100] "POST /wp-login.php HTTP/1.1" 200 1928 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-07-18 18:16:55
139.59.75.162	attackspam	Website hacking attempt: Wordpress admin access [wp-login.php]	2020-07-02 02:30:43
139.59.75.162	attackspambots	Automatic report - XMLRPC Attack	2020-06-29 06:36:47
139.59.75.162	attackspam	xmlrpc attack	2020-06-19 13:09:14
139.59.75.162	attackspam	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-06-05 23:26:50
139.59.75.162	attack	Automatic report - XMLRPC Attack	2020-06-02 20:16:07
139.59.75.162	attackspambots	139.59.75.162 - - [15/May/2020:12:50:19 +0200] "GET /wp-login.php HTTP/1.1" 200 6539 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.75.162 - - [15/May/2020:12:50:24 +0200] "POST /wp-login.php HTTP/1.1" 200 6790 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.75.162 - - [15/May/2020:12:50:25 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-05-15 19:13:49
139.59.75.162	attack	xmlrpc attack	2020-05-04 15:02:33
139.59.75.53	attackspam	139.59.75.53 - - [12/Nov/2019:07:39:21 +0100] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.75.53 - - [12/Nov/2019:07:39:28 +0100] "POST /wp-login.php HTTP/1.1" 200 1503 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.75.53 - - [12/Nov/2019:07:39:33 +0100] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.75.53 - - [12/Nov/2019:07:39:39 +0100] "POST /wp-login.php HTTP/1.1" 200 1486 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.75.53 - - [12/Nov/2019:07:39:40 +0100] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.75.53 - - [12/Nov/2019:07:39:46 +0100] "POST /wp-login.php HTTP/1.1" 200 1486 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-11-12 15:41:56

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.59.75.111
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 8474
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.59.75.111.			IN	A

;; AUTHORITY SECTION:
.			368	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020032200 1800 900 604800 86400

;; Query time: 41 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Mar 22 19:53:45 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 111.75.59.139.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 111.75.59.139.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
222.110.187.131	attackbots	1583673369 - 03/08/2020 14:16:09 Host: 222.110.187.131/222.110.187.131 Port: 23 TCP Blocked	2020-03-09 01:57:26
222.186.175.23	attackspam	Mar 8 18:57:22 srv01 sshd[12549]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.23 user=root Mar 8 18:57:24 srv01 sshd[12549]: Failed password for root from 222.186.175.23 port 63577 ssh2 Mar 8 18:57:27 srv01 sshd[12549]: Failed password for root from 222.186.175.23 port 63577 ssh2 Mar 8 18:57:22 srv01 sshd[12549]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.23 user=root Mar 8 18:57:24 srv01 sshd[12549]: Failed password for root from 222.186.175.23 port 63577 ssh2 Mar 8 18:57:27 srv01 sshd[12549]: Failed password for root from 222.186.175.23 port 63577 ssh2 Mar 8 18:57:22 srv01 sshd[12549]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.23 user=root Mar 8 18:57:24 srv01 sshd[12549]: Failed password for root from 222.186.175.23 port 63577 ssh2 Mar 8 18:57:27 srv01 sshd[12549]: Failed password for root from 222.186. ...	2020-03-09 02:04:24
123.27.146.1	attackspambots	Unauthorized connection attempt from IP address 123.27.146.1 on Port 445(SMB)	2020-03-09 01:56:07
113.65.23.126	attack	Brute force blocker - service: proftpd1 - aantal: 47 - Sat Apr 21 03:20:18 2018	2020-03-09 02:30:30
59.124.166.120	attack	Unauthorized connection attempt from IP address 59.124.166.120 on Port 445(SMB)	2020-03-09 02:01:42
112.16.80.154	attack	Brute force blocker - service: proftpd1 - aantal: 115 - Sat Apr 21 04:05:14 2018	2020-03-09 02:22:14
212.64.0.183	attackbots	Feb 3 01:57:25 ms-srv sshd[34892]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.0.183 Feb 3 01:57:27 ms-srv sshd[34892]: Failed password for invalid user sammy from 212.64.0.183 port 42034 ssh2	2020-03-09 02:20:35
212.64.29.78	attackbots	Feb 14 11:12:02 ms-srv sshd[36758]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.29.78 Feb 14 11:12:04 ms-srv sshd[36758]: Failed password for invalid user zhouh from 212.64.29.78 port 43920 ssh2	2020-03-09 02:02:22
41.38.89.26	attack	Honeypot attack, port: 445, PTR: host-41.38.89.26.tedata.net.	2020-03-09 02:06:49
212.64.105.196	attackspambots	Apr 9 02:00:31 ms-srv sshd[45468]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.105.196 user=root Apr 9 02:00:32 ms-srv sshd[45468]: Failed password for invalid user root from 212.64.105.196 port 43880 ssh2	2020-03-09 02:17:31
212.64.11.188	attackspam	Jan 26 19:45:00 ms-srv sshd[61878]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.11.188 user=backup Jan 26 19:45:02 ms-srv sshd[61878]: Failed password for invalid user backup from 212.64.11.188 port 46272 ssh2	2020-03-09 02:15:58
49.231.222.5	attack	Unauthorized connection attempt from IP address 49.231.222.5 on Port 445(SMB)	2020-03-09 01:58:28
212.64.11.64	attackbotsspam	Jan 23 03:00:42 ms-srv sshd[7607]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.11.64 Jan 23 03:00:44 ms-srv sshd[7607]: Failed password for invalid user ey from 212.64.11.64 port 46526 ssh2	2020-03-09 02:11:52
138.97.221.20	attackspam	Honeypot attack, port: 445, PTR: 20.221.97.138.linkfort.com.br.	2020-03-09 02:01:07
212.64.127.106	attackspambots	Mar 8 18:35:23 server sshd\[10818\]: Invalid user support from 212.64.127.106 Mar 8 18:35:23 server sshd\[10818\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.127.106 Mar 8 18:35:25 server sshd\[10818\]: Failed password for invalid user support from 212.64.127.106 port 48028 ssh2 Mar 8 18:45:01 server sshd\[12238\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.127.106 user=root Mar 8 18:45:03 server sshd\[12238\]: Failed password for root from 212.64.127.106 port 38554 ssh2 ...	2020-03-09 02:07:14

最近上报的IP列表

106.13.19.145	24.54.44.91	114.143.153.138	112.84.61.217
211.253.9.49	24.30.91.171	1.52.134.46	115.126.226.134
14.161.160.43	80.85.154.247	101.201.130.127	58.246.94.230
128.132.68.84	71.231.227.201	2.174.215.19	128.201.75.39
106.54.60.40	181.84.177.250	40.15.243.253	127.174.15.233