80.211.139.59 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Italy

运营商(isp): Aruba S.p.A. - Cloud Services Farm

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	[ 🧯 ] From mariolisboa_b3e@saude-acesso3.com Wed Aug 28 11:20:03 2019 Received: from lg76.saude-acesso3.com ([80.211.139.59]:46522)	2019-08-28 22:48:12

相同子网IP讨论:

IP	类型	评论内容	时间
80.211.139.7	attack	ssh brute force	2020-09-03 20:33:54
80.211.139.7	attackbotsspam	Sep 2 22:08:23 mail sshd\[61708\]: Invalid user yxu from 80.211.139.7 Sep 2 22:08:23 mail sshd\[61708\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.139.7 ...	2020-09-03 12:19:06
80.211.139.7	attackbotsspam	(sshd) Failed SSH login from 80.211.139.7 (IT/Italy/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 2 12:35:15 server4 sshd[19853]: Invalid user tzq from 80.211.139.7 Sep 2 12:35:15 server4 sshd[19853]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.139.7 Sep 2 12:35:18 server4 sshd[19853]: Failed password for invalid user tzq from 80.211.139.7 port 35404 ssh2 Sep 2 12:49:35 server4 sshd[27648]: Invalid user sofia from 80.211.139.7 Sep 2 12:49:35 server4 sshd[27648]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.139.7	2020-09-03 04:37:40
80.211.139.7	attackspambots	(sshd) Failed SSH login from 80.211.139.7 (IT/Italy/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 2 12:35:15 server4 sshd[19853]: Invalid user tzq from 80.211.139.7 Sep 2 12:35:15 server4 sshd[19853]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.139.7 Sep 2 12:35:18 server4 sshd[19853]: Failed password for invalid user tzq from 80.211.139.7 port 35404 ssh2 Sep 2 12:49:35 server4 sshd[27648]: Invalid user sofia from 80.211.139.7 Sep 2 12:49:35 server4 sshd[27648]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.139.7	2020-09-03 02:27:12
80.211.139.7	attackspambots	Invalid user monika from 80.211.139.7 port 46414	2020-08-29 06:24:04
80.211.139.7	attackbotsspam	SSH auth scanning - multiple failed logins	2020-08-22 07:03:08
80.211.139.7	attackbotsspam	Aug 20 05:59:37 h2646465 sshd[30955]: Invalid user ubuntu from 80.211.139.7 Aug 20 05:59:37 h2646465 sshd[30955]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.139.7 Aug 20 05:59:37 h2646465 sshd[30955]: Invalid user ubuntu from 80.211.139.7 Aug 20 05:59:39 h2646465 sshd[30955]: Failed password for invalid user ubuntu from 80.211.139.7 port 56510 ssh2 Aug 20 06:08:46 h2646465 sshd[32562]: Invalid user mono from 80.211.139.7 Aug 20 06:08:46 h2646465 sshd[32562]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.139.7 Aug 20 06:08:46 h2646465 sshd[32562]: Invalid user mono from 80.211.139.7 Aug 20 06:08:47 h2646465 sshd[32562]: Failed password for invalid user mono from 80.211.139.7 port 50650 ssh2 Aug 20 06:14:19 h2646465 sshd[785]: Invalid user ccf from 80.211.139.7 ...	2020-08-20 13:58:52
80.211.139.7	attackbots	" "	2020-08-07 00:13:07
80.211.139.7	attack	2020-08-05T22:37:28.374570v22018076590370373 sshd[13209]: Failed password for root from 80.211.139.7 port 51026 ssh2 2020-08-05T22:38:47.418836v22018076590370373 sshd[8018]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.139.7 user=root 2020-08-05T22:38:49.227399v22018076590370373 sshd[8018]: Failed password for root from 80.211.139.7 port 37466 ssh2 2020-08-05T22:40:04.174268v22018076590370373 sshd[991]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.139.7 user=root 2020-08-05T22:40:06.555429v22018076590370373 sshd[991]: Failed password for root from 80.211.139.7 port 52140 ssh2 ...	2020-08-06 05:59:04
80.211.139.7	attackspambots	$f2bV_matches	2020-07-24 07:27:27
80.211.139.7	attackspambots	Jul 12 08:49:09 srv-ubuntu-dev3 sshd[109862]: Invalid user analytics from 80.211.139.7 Jul 12 08:49:09 srv-ubuntu-dev3 sshd[109862]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.139.7 Jul 12 08:49:09 srv-ubuntu-dev3 sshd[109862]: Invalid user analytics from 80.211.139.7 Jul 12 08:49:11 srv-ubuntu-dev3 sshd[109862]: Failed password for invalid user analytics from 80.211.139.7 port 58928 ssh2 Jul 12 08:53:32 srv-ubuntu-dev3 sshd[110562]: Invalid user julio from 80.211.139.7 Jul 12 08:53:32 srv-ubuntu-dev3 sshd[110562]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.139.7 Jul 12 08:53:32 srv-ubuntu-dev3 sshd[110562]: Invalid user julio from 80.211.139.7 Jul 12 08:53:34 srv-ubuntu-dev3 sshd[110562]: Failed password for invalid user julio from 80.211.139.7 port 57242 ssh2 Jul 12 08:57:46 srv-ubuntu-dev3 sshd[111211]: Invalid user hphk from 80.211.139.7 ...	2020-07-12 16:05:35
80.211.139.7	attackbotsspam	$f2bV_matches	2020-07-11 21:58:19
80.211.139.7	attackspambots	Jul 7 22:09:42 db sshd[21332]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.139.7 Jul 7 22:09:43 db sshd[21332]: Failed password for invalid user simaqie from 80.211.139.7 port 41416 ssh2 Jul 7 22:14:40 db sshd[21576]: Invalid user cead from 80.211.139.7 port 40112 ...	2020-07-08 04:40:57
80.211.139.7	attackbotsspam	Jul 5 21:44:17 vps sshd[980795]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.139.7 Jul 5 21:44:19 vps sshd[980795]: Failed password for invalid user sekine from 80.211.139.7 port 44064 ssh2 Jul 5 21:48:38 vps sshd[1002810]: Invalid user lorna from 80.211.139.7 port 43244 Jul 5 21:48:38 vps sshd[1002810]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.139.7 Jul 5 21:48:40 vps sshd[1002810]: Failed password for invalid user lorna from 80.211.139.7 port 43244 ssh2 ...	2020-07-06 04:20:41
80.211.139.7	attackbotsspam	Jul 5 01:47:05 abendstille sshd\[6032\]: Invalid user preston from 80.211.139.7 Jul 5 01:47:05 abendstille sshd\[6032\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.139.7 Jul 5 01:47:07 abendstille sshd\[6032\]: Failed password for invalid user preston from 80.211.139.7 port 39804 ssh2 Jul 5 01:51:30 abendstille sshd\[10526\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.139.7 user=root Jul 5 01:51:33 abendstille sshd\[10526\]: Failed password for root from 80.211.139.7 port 37328 ssh2 ...	2020-07-05 08:06:06

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 80.211.139.59
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 54263
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;80.211.139.59.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019082800 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Aug 28 22:47:49 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

59.139.211.80.in-addr.arpa domain name pointer lg76.saude-acesso3.com.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
59.139.211.80.in-addr.arpa	name = lg76.saude-acesso3.com.

Authoritative answers can be found from:

IP	类型	评论内容	时间
107.179.19.68	attackspam	WordPress login Brute force / Web App Attack on client site.	2019-10-26 03:13:30
45.55.6.105	attack	Oct 25 09:52:07 TORMINT sshd\[9500\]: Invalid user foo from 45.55.6.105 Oct 25 09:52:07 TORMINT sshd\[9500\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.6.105 Oct 25 09:52:09 TORMINT sshd\[9500\]: Failed password for invalid user foo from 45.55.6.105 port 56782 ssh2 ...	2019-10-26 03:04:04
1.9.46.177	attack	Failed password for root from 1.9.46.177 port 59840 ssh2 Invalid user admin from 1.9.46.177 port 50763 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.9.46.177 Failed password for invalid user admin from 1.9.46.177 port 50763 ssh2 Invalid user renuka from 1.9.46.177 port 41679	2019-10-26 02:58:40
218.92.0.193	attackbotsspam	Oct 25 14:01:21 vps sshd[525]: Failed password for root from 218.92.0.193 port 10660 ssh2 Oct 25 14:01:25 vps sshd[525]: Failed password for root from 218.92.0.193 port 10660 ssh2 Oct 25 14:01:31 vps sshd[525]: Failed password for root from 218.92.0.193 port 10660 ssh2 Oct 25 14:01:34 vps sshd[525]: Failed password for root from 218.92.0.193 port 10660 ssh2 ...	2019-10-26 02:38:47
117.241.199.104	attackbots	RDP-Bruteforce \| Cancer2Ban-Autoban for Windows (see: https://github.com/Zeziroth/Cancer2Ban)	2019-10-26 02:56:12
187.49.85.2	attackbotsspam	Unauthorized connection attempt from IP address 187.49.85.2 on Port 445(SMB)	2019-10-26 02:57:41
94.66.57.5	attackbots	94.66.57.5 has been banned for [spam] ...	2019-10-26 03:09:11
83.12.244.50	attackspambots	2019-10-25T13:01:15.368258beta postfix/smtpd[11253]: NOQUEUE: reject: RCPT from gjk50.internetdsl.tpnet.pl[83.12.244.50]: 554 5.7.1 Service unavailable; Client host [83.12.244.50] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/83.12.244.50 / https://www.spamhaus.org/sbl/query/SBLCSS; from= to= proto=ESMTP helo= ...	2019-10-26 02:52:26
60.246.212.77	attack	Honeypot attack, port: 23, PTR: nz212l77.bb60246.ctm.net.	2019-10-26 02:52:47
187.110.227.57	attackbots	Unauthorized connection attempt from IP address 187.110.227.57 on Port 445(SMB)	2019-10-26 03:14:40
140.82.44.136	attackspambots	MYH,DEF GET /wp-login.php	2019-10-26 02:41:23
177.53.240.114	attack	Unauthorized connection attempt from IP address 177.53.240.114 on Port 445(SMB)	2019-10-26 02:38:27
103.21.12.132	attackspambots	Unauthorized connection attempt from IP address 103.21.12.132 on Port 445(SMB)	2019-10-26 03:03:14
152.136.225.47	attack	SSH invalid-user multiple login attempts	2019-10-26 02:45:32
123.185.8.207	attack	Automatic report - Port Scan Attack	2019-10-26 02:54:06

最近上报的IP列表

114.79.38.172	185.234.216.120	91.203.224.177	51.83.224.106
37.39.69.114	103.255.5.116	42.115.193.235	34.66.30.234
1.170.190.241	86.176.68.154	167.99.133.21	5.196.118.54
158.69.28.76	165.22.129.134	119.55.232.200	44.96.67.202
213.33.244.187	80.91.187.52	209.47.138.143	145.133.250.64