139.59.140.44 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Germany

运营商(isp): Digital Ocean Inc.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Automatic report - XMLRPC Attack	2020-07-04 14:32:11
attackbotsspam	Automatic report - XMLRPC Attack	2020-04-03 08:57:07
attackbots	WordPress login Brute force / Web App Attack on client site.	2020-03-20 02:55:48

相同子网IP讨论:

IP	类型	评论内容	时间
139.59.140.133	attackbots	139.59.140.133 - - [20/Aug/2020:05:26:43 +0100] "POST /wp-login.php HTTP/1.1" 200 2604 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.140.133 - - [20/Aug/2020:05:26:44 +0100] "POST /wp-login.php HTTP/1.1" 200 2580 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.140.133 - - [20/Aug/2020:05:26:45 +0100] "POST /wp-login.php HTTP/1.1" 200 2577 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-20 13:12:31
139.59.140.199	attackbots	port scan and connect, tcp 80 (http)	2020-02-18 07:20:51
139.59.140.199	attackbots	(mod_security) mod_security (id:949110) triggered by 139.59.140.199 (DE/Germany/-): 5 in the last 3600 secs (CF_ENABLE)	2020-02-10 13:59:41
139.59.140.65	attack	detected by Fail2Ban	2019-11-15 01:57:47
139.59.140.65	attackbots	Nov 8 18:00:07 vpn01 sshd[11516]: Failed password for root from 139.59.140.65 port 52657 ssh2 ...	2019-11-09 03:24:47
139.59.140.65	attackbots	Nov 2 21:17:46 vpn01 sshd[13800]: Failed password for root from 139.59.140.65 port 60800 ssh2 ...	2019-11-03 05:53:55
139.59.140.65	attack	Oct 25 14:08:46 vpn01 sshd[2039]: Failed password for root from 139.59.140.65 port 46571 ssh2 Oct 25 14:08:46 vpn01 sshd[2038]: Failed password for root from 139.59.140.65 port 46555 ssh2 ...	2019-10-25 22:16:09
139.59.140.65	attackspambots	...	2019-10-20 15:54:30
139.59.140.55	attackbotsspam	Sep 7 04:10:21 dedicated sshd[9154]: Invalid user test from 139.59.140.55 port 57918	2019-09-07 10:32:09
139.59.140.55	attackbots	Jan 23 00:58:59 vtv3 sshd\[32428\]: Invalid user openerp from 139.59.140.55 port 43880 Jan 23 00:58:59 vtv3 sshd\[32428\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.140.55 Jan 23 00:59:01 vtv3 sshd\[32428\]: Failed password for invalid user openerp from 139.59.140.55 port 43880 ssh2 Jan 23 01:02:46 vtv3 sshd\[1300\]: Invalid user angela from 139.59.140.55 port 46186 Jan 23 01:02:46 vtv3 sshd\[1300\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.140.55 Feb 13 12:16:23 vtv3 sshd\[6878\]: Invalid user test from 139.59.140.55 port 50592 Feb 13 12:16:23 vtv3 sshd\[6878\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.140.55 Feb 13 12:16:25 vtv3 sshd\[6878\]: Failed password for invalid user test from 139.59.140.55 port 50592 ssh2 Feb 13 12:21:07 vtv3 sshd\[8214\]: Invalid user ubuntu from 139.59.140.55 port 40658 Feb 13 12:21:07 vtv3 sshd\[8214\]: pam_unix	2019-08-31 12:18:38
139.59.140.55	attack	Automatic report - Banned IP Access	2019-08-28 18:06:12
139.59.140.55	attackbots	Aug 22 09:39:30 vps200512 sshd\[24057\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.140.55 user=ubuntu Aug 22 09:39:32 vps200512 sshd\[24057\]: Failed password for ubuntu from 139.59.140.55 port 59768 ssh2 Aug 22 09:43:55 vps200512 sshd\[24175\]: Invalid user customer from 139.59.140.55 Aug 22 09:43:55 vps200512 sshd\[24175\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.140.55 Aug 22 09:43:57 vps200512 sshd\[24175\]: Failed password for invalid user customer from 139.59.140.55 port 48168 ssh2	2019-08-23 01:39:16
139.59.140.55	attack	Aug 20 11:19:30 wbs sshd\[13109\]: Invalid user magic from 139.59.140.55 Aug 20 11:19:30 wbs sshd\[13109\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.140.55 Aug 20 11:19:32 wbs sshd\[13109\]: Failed password for invalid user magic from 139.59.140.55 port 46670 ssh2 Aug 20 11:23:40 wbs sshd\[13499\]: Invalid user oratest from 139.59.140.55 Aug 20 11:23:40 wbs sshd\[13499\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.140.55	2019-08-21 07:43:33
139.59.140.55	attackbots	Aug 18 06:52:08 ks10 sshd[15065]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.140.55 Aug 18 06:52:10 ks10 sshd[15065]: Failed password for invalid user sy from 139.59.140.55 port 34730 ssh2 ...	2019-08-18 15:18:43
139.59.140.55	attackspambots	2019-08-15T19:02:04.833509abusebot-2.cloudsearch.cf sshd\[27314\]: Invalid user es from 139.59.140.55 port 58968	2019-08-16 03:36:15

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.59.140.44
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 30977
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.59.140.44.			IN	A

;; AUTHORITY SECTION:
.			116	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020031901 1800 900 604800 86400

;; Query time: 154 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Mar 20 02:55:44 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 44.140.59.139.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 44.140.59.139.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
41.111.133.103	attackspam	2020-06-08T08:12:20.692335devel sshd[3974]: Failed password for root from 41.111.133.103 port 4558 ssh2 2020-06-08T08:15:48.534473devel sshd[4247]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.111.133.103 user=root 2020-06-08T08:15:50.480855devel sshd[4247]: Failed password for root from 41.111.133.103 port 17720 ssh2	2020-06-08 22:12:34
157.41.196.18	attackspambots	ENG,WP GET /wp-login.php	2020-06-08 22:26:03
51.159.54.121	attackspam	Jun 8 08:58:24 vps46666688 sshd[12661]: Failed password for root from 51.159.54.121 port 54844 ssh2 ...	2020-06-08 21:47:55
122.51.41.44	attack	Jun 8 14:25:04 prod4 sshd\[7637\]: Failed password for root from 122.51.41.44 port 59320 ssh2 Jun 8 14:29:38 prod4 sshd\[9291\]: Failed password for root from 122.51.41.44 port 45668 ssh2 Jun 8 14:32:35 prod4 sshd\[10193\]: Failed password for root from 122.51.41.44 port 46110 ssh2 ...	2020-06-08 22:17:54
92.222.92.64	attack	Jun 8 05:22:24 propaganda sshd[9625]: Connection from 92.222.92.64 port 54852 on 10.0.0.160 port 22 rdomain "" Jun 8 05:22:25 propaganda sshd[9625]: Connection closed by 92.222.92.64 port 54852 [preauth]	2020-06-08 21:57:13
196.37.111.217	attackspambots	$f2bV_matches	2020-06-08 22:21:05
45.227.255.208	attackspambots	Cowrie Honeypot: 10 unauthorised SSH/Telnet login attempts between 2020-06-08T10:19:41Z and 2020-06-08T12:08:23Z	2020-06-08 21:43:27
54.38.183.181	attack	Jun 8 16:04:33 OPSO sshd\[15130\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.183.181 user=root Jun 8 16:04:35 OPSO sshd\[15130\]: Failed password for root from 54.38.183.181 port 52298 ssh2 Jun 8 16:08:02 OPSO sshd\[15487\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.183.181 user=root Jun 8 16:08:05 OPSO sshd\[15487\]: Failed password for root from 54.38.183.181 port 54798 ssh2 Jun 8 16:11:32 OPSO sshd\[15947\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.183.181 user=root	2020-06-08 22:17:01
112.85.42.195	attackbotsspam	Jun 8 15:57:25 vmi345603 sshd[28513]: Failed password for root from 112.85.42.195 port 19943 ssh2 Jun 8 15:57:28 vmi345603 sshd[28513]: Failed password for root from 112.85.42.195 port 19943 ssh2 ...	2020-06-08 22:09:13
47.42.167.100	attackspam	Jun 8 13:04:17 sigma sshd\[23505\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=047-042-167-100.res.spectrum.com user=rootJun 8 13:08:08 sigma sshd\[23558\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=047-042-167-100.res.spectrum.com user=root ...	2020-06-08 22:00:30
134.175.236.42	attackspambots	Jun 8 14:18:28 django sshd[10335]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.236.42 user=r.r Jun 8 14:18:30 django sshd[10335]: Failed password for r.r from 134.175.236.42 port 47104 ssh2 Jun 8 14:18:30 django sshd[10336]: Received disconnect from 134.175.236.42: 11: Bye Bye Jun 8 14:28:03 django sshd[12240]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.236.42 user=r.r Jun 8 14:28:04 django sshd[12240]: Failed password for r.r from 134.175.236.42 port 39708 ssh2 Jun 8 14:28:04 django sshd[12242]: Received disconnect from 134.175.236.42: 11: Bye Bye Jun 8 14:31:55 django sshd[12617]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.236.42 user=r.r Jun 8 14:31:57 django sshd[12617]: Failed password for r.r from 134.175.236.42 port 57152 ssh2 Jun 8 14:31:57 django sshd[12619]: Received disconnect from 134.175.23........ -------------------------------	2020-06-08 21:56:42
45.112.205.175	attack	" "	2020-06-08 21:44:04
222.186.30.167	attackbots	Jun 8 16:12:45 abendstille sshd\[15499\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.167 user=root Jun 8 16:12:48 abendstille sshd\[15499\]: Failed password for root from 222.186.30.167 port 33470 ssh2 Jun 8 16:12:54 abendstille sshd\[15572\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.167 user=root Jun 8 16:12:57 abendstille sshd\[15572\]: Failed password for root from 222.186.30.167 port 61373 ssh2 Jun 8 16:12:59 abendstille sshd\[15572\]: Failed password for root from 222.186.30.167 port 61373 ssh2 ...	2020-06-08 22:15:06
87.246.7.66	attackspam	Jun 8 15:50:36 websrv1.derweidener.de postfix/smtpd[465744]: warning: unknown[87.246.7.66]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 8 15:51:09 websrv1.derweidener.de postfix/smtpd[465744]: warning: unknown[87.246.7.66]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 8 15:51:52 websrv1.derweidener.de postfix/smtpd[465744]: warning: unknown[87.246.7.66]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 8 15:52:20 websrv1.derweidener.de postfix/smtpd[465964]: warning: unknown[87.246.7.66]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 8 15:52:48 websrv1.derweidener.de postfix/smtpd[465744]: warning: unknown[87.246.7.66]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2020-06-08 22:09:43
142.93.121.47	attackspambots	2020-06-08T15:08:10.037818sd-86998 sshd[2285]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.121.47 user=root 2020-06-08T15:08:12.659626sd-86998 sshd[2285]: Failed password for root from 142.93.121.47 port 48022 ssh2 2020-06-08T15:11:38.357556sd-86998 sshd[2805]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.121.47 user=root 2020-06-08T15:11:39.865570sd-86998 sshd[2805]: Failed password for root from 142.93.121.47 port 50234 ssh2 2020-06-08T15:15:15.420057sd-86998 sshd[3410]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.121.47 user=root 2020-06-08T15:15:17.384739sd-86998 sshd[3410]: Failed password for root from 142.93.121.47 port 52448 ssh2 ...	2020-06-08 22:20:11

最近上报的IP列表

180.171.31.229	46.239.232.96	144.217.5.235	123.114.123.97
110.185.227.204	106.75.45.177	92.222.156.151	89.230.15.3
89.189.222.150	148.78.119.241	88.217.79.96	80.211.55.234
49.234.163.142	45.138.72.41	45.55.88.16	37.204.15.96
13.80.139.118	201.219.242.22	189.22.248.112	165.22.212.151