139.59.153.117

基本信息:

城市(city): Frankfurt am Main

省份(region): Hessen

国家(country): Germany

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
139.59.153.133	attack	CMS (WordPress or Joomla) login attempt.	2020-09-11 01:50:36
139.59.153.133	attackspambots	CMS (WordPress or Joomla) login attempt.	2020-09-10 17:11:48
139.59.153.133	attackbots	/wp-login.php	2020-09-10 07:45:25
139.59.153.133	attack	xmlrpc attack	2020-08-11 18:30:36
139.59.153.133	attackspambots	139.59.153.133 - - [18/Jul/2020:04:52:24 +0100] "POST /wp-login.php HTTP/1.1" 200 1954 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.153.133 - - [18/Jul/2020:04:52:25 +0100] "POST /wp-login.php HTTP/1.1" 200 1997 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.153.133 - - [18/Jul/2020:04:52:26 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-07-18 16:27:19
139.59.153.133	attackbotsspam	139.59.153.133 has been banned for [WebApp Attack] ...	2020-07-17 21:26:28
139.59.153.133	attackspam	139.59.153.133 - - [05/Jul/2020:19:36:03 +0100] "POST /wp-login.php HTTP/1.1" 200 1968 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.153.133 - - [05/Jul/2020:19:36:10 +0100] "POST /wp-login.php HTTP/1.1" 200 1952 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.153.133 - - [05/Jul/2020:19:36:10 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-07-06 03:24:22
139.59.153.133	attackbots	139.59.153.133 - - [25/Jun/2020:01:13:02 -0600] "GET /wp-login.php HTTP/1.1" 301 460 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-06-25 19:34:58
139.59.153.133	attackbotsspam	139.59.153.133 - - [19/Jun/2020:14:10:57 +0200] "GET /wp-login.php HTTP/1.1" 200 2010 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.153.133 - - [19/Jun/2020:14:10:58 +0200] "POST /wp-login.php HTTP/1.1" 200 2143 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.153.133 - - [19/Jun/2020:14:10:58 +0200] "GET /wp-login.php HTTP/1.1" 200 2010 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.153.133 - - [19/Jun/2020:14:11:04 +0200] "POST /wp-login.php HTTP/1.1" 200 2144 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.153.133 - - [19/Jun/2020:14:11:09 +0200] "GET /wp-login.php HTTP/1.1" 200 2010 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.153.133 - - [19/Jun/2020:14:11:14 +0200] "POST /wp-login.php HTTP/1.1" 200 2144 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/201001 ...	2020-06-20 03:50:27
139.59.153.133	attack	139.59.153.133 - - \[02/Jun/2020:23:48:33 +0200\] "POST /wp-login.php HTTP/1.0" 200 5748 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 139.59.153.133 - - \[02/Jun/2020:23:48:35 +0200\] "POST /wp-login.php HTTP/1.0" 200 5737 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 139.59.153.133 - - \[02/Jun/2020:23:48:35 +0200\] "POST /xmlrpc.php HTTP/1.0" 200 736 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2020-06-03 05:55:30
139.59.153.133	attackspam	Automatic report - XMLRPC Attack	2020-03-16 20:23:41
139.59.153.133	attackspam	WordPress wp-login brute force :: 139.59.153.133 0.084 BYPASS [28/Feb/2020:13:24:55 0000] [censored_2] "POST /wp-login.php HTTP/1.1" 200 2287 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-02-29 05:21:49
139.59.153.133	attackbots	Automatic report - XMLRPC Attack	2020-02-20 14:41:45
139.59.153.133	attackspambots	Automatic report - XMLRPC Attack	2020-02-03 14:19:30
139.59.153.133	attack	139.59.153.133 - - [09/Jan/2020:13:10:59 +0000] "POST /wp-login.php HTTP/1.1" 200 6409 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.153.133 - - [09/Jan/2020:13:10:59 +0000] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-01-09 21:28:24

WHOIS信息:

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2025, American Registry for Internet Numbers, Ltd.
#


NetRange:       139.59.0.0 - 139.59.255.255
CIDR:           139.59.0.0/16
NetName:        APNIC-ERX-139-59-0-0
NetHandle:      NET-139-59-0-0-1
Parent:         NET139 (NET-139-0-0-0-0)
NetType:        Early Registrations, Transferred to APNIC
OriginAS:       
Organization:   Asia Pacific Network Information Centre (APNIC)
RegDate:        2004-03-03
Updated:        2009-10-08
Comment:        This IP address range is not registered in the ARIN database.
Comment:        This range was transferred to the APNIC Whois Database as
Comment:        part of the ERX (Early Registration Transfer) project.
Comment:        For details, refer to the APNIC Whois Database via
Comment:        WHOIS.APNIC.NET or http://wq.apnic.net/apnic-bin/whois.pl
Comment:        
Comment:        ** IMPORTANT NOTE: APNIC is the Regional Internet Registry
Comment:        for the Asia Pacific region.  APNIC does not operate networks
Comment:        using this IP address range and is not able to investigate
Comment:        spam or abuse reports relating to these addresses.  For more
Comment:        help, refer to http://www.apnic.net/apnic-info/whois_search2/abuse-and-spamming
Ref:            https://rdap.arin.net/registry/ip/139.59.0.0

ResourceLink:  https://apps.db.ripe.net/db-web-ui/query
ResourceLink:  whois.apnic.net


OrgName:        Asia Pacific Network Information Centre
OrgId:          APNIC
Address:        PO Box 3646
City:           South Brisbane
StateProv:      QLD
PostalCode:     4101
Country:        AU
RegDate:        
Updated:        2012-01-24
Ref:            https://rdap.arin.net/registry/entity/APNIC

ReferralServer:  whois://whois.apnic.net
ResourceLink:  https://apps.db.ripe.net/db-web-ui/query

OrgAbuseHandle: AWC12-ARIN
OrgAbuseName:   APNIC Whois Contact
OrgAbusePhone:  +61 7 3858 3188 
OrgAbuseEmail:  search-apnic-not-arin@apnic.net
OrgAbuseRef:    https://rdap.arin.net/registry/entity/AWC12-ARIN

OrgTechHandle: AWC12-ARIN
OrgTechName:   APNIC Whois Contact
OrgTechPhone:  +61 7 3858 3188 
OrgTechEmail:  search-apnic-not-arin@apnic.net
OrgTechRef:    https://rdap.arin.net/registry/entity/AWC12-ARIN


#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2025, American Registry for Internet Numbers, Ltd.
#



Found a referral to whois.apnic.net.

% [whois.apnic.net]
% Whois data copyright terms    http://www.apnic.net/db/dbcopyright.html

% Information related to '139.59.128.0 - 139.59.159.255'

% Abuse contact for '139.59.128.0 - 139.59.159.255' is 'abuse@digitalocean.com'

inetnum:        139.59.128.0 - 139.59.159.255
netname:        DIGITALOCEAN-AP
descr:          DigitalOcean, LLC
country:        DE
admin-c:        DOIA2-AP
tech-c:         DOIA2-AP
abuse-c:        AD699-AP
status:         ASSIGNED NON-PORTABLE
mnt-by:         MAINT-DIGITALOCEAN-AP
mnt-irt:        IRT-DIGITALOCEAN-AP
last-modified:  2020-05-31T21:37:28Z
source:         APNIC

irt:            IRT-DIGITALOCEAN-AP
address:        105 Edgeview Drive, Suite 425, Broomfield, Colorado 80021
e-mail:         noc@digitalocean.com
abuse-mailbox:  abuse@digitalocean.com
admin-c:        DOIA2-AP
tech-c:         DOIA2-AP
auth:           # Filtered
remarks:        noc@digitalocean.com was validated on 2025-05-20
remarks:        abuse@digitalocean.com was validated on 2025-08-14
mnt-by:         MAINT-DIGITALOCEAN-AP
last-modified:  2025-09-04T07:01:35Z
source:         APNIC

role:           ABUSE DIGITALOCEANAP
country:        ZZ
address:        105 Edgeview Drive, Suite 425, Broomfield, Colorado 80021
phone:          +000000000
e-mail:         noc@digitalocean.com
admin-c:        DOIA2-AP
tech-c:         DOIA2-AP
nic-hdl:        AD699-AP
remarks:        Generated from irt object IRT-DIGITALOCEAN-AP
remarks:        noc@digitalocean.com was validated on 2025-05-20
remarks:        abuse@digitalocean.com was validated on 2025-08-14
abuse-mailbox:  abuse@digitalocean.com
mnt-by:         APNIC-ABUSE
last-modified:  2025-08-14T13:27:09Z
source:         APNIC

role:           Digital Ocean Inc administrator
address:        105 Edgeview Drive, Suite 425, Broomfield, Colorado 80021
country:        US
phone:          +1 646-827-4366
fax-no:         +1 646-827-4366
e-mail:         abuse@digitalocean.com
admin-c:        DOIA2-AP
tech-c:         DOIA2-AP
nic-hdl:        DOIA2-AP
mnt-by:         MAINT-DIGITALOCEAN-AP
last-modified:  2025-04-11T18:24:27Z
source:         APNIC

% This query was served by the APNIC Whois Service version 1.88.36-SNAPSHOT (WHOIS-AU5)

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.59.153.117
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 34537
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;139.59.153.117.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025100701 1800 900 604800 86400

;; Query time: 141 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Oct 08 00:38:31 CST 2025
;; MSG SIZE  rcvd: 107

HOST信息:

Host 117.153.59.139.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 117.153.59.139.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
76.74.170.93	attackbotsspam	Aug 20 20:23:15 vps691689 sshd[1419]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=76.74.170.93 Aug 20 20:23:17 vps691689 sshd[1419]: Failed password for invalid user er from 76.74.170.93 port 59072 ssh2 ...	2019-08-21 06:58:49
216.234.148.179	attackbotsspam	Aug 20 22:34:30 www_kotimaassa_fi sshd[13423]: Failed password for root from 216.234.148.179 port 46090 ssh2 Aug 20 22:38:13 www_kotimaassa_fi sshd[13438]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=216.234.148.179 ...	2019-08-21 06:49:57
51.68.81.112	attackspam	Aug 21 00:56:34 vps647732 sshd[31503]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.81.112 Aug 21 00:56:36 vps647732 sshd[31503]: Failed password for invalid user cacti from 51.68.81.112 port 39204 ssh2 ...	2019-08-21 07:00:09
106.13.87.170	attack	Aug 20 21:49:50 server01 sshd\[8420\]: Invalid user tanja from 106.13.87.170 Aug 20 21:49:50 server01 sshd\[8420\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.87.170 Aug 20 21:49:52 server01 sshd\[8420\]: Failed password for invalid user tanja from 106.13.87.170 port 45124 ssh2 ...	2019-08-21 06:39:49
179.124.21.10	attackbotsspam	2019-08-20 09:46:37 H=(livingwellness.it) [179.124.21.10]:43707 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.4, 127.0.0.3) (https://www.spamhaus.org/query/ip/179.124.21.10) 2019-08-20 09:46:38 H=(livingwellness.it) [179.124.21.10]:43707 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.4, 127.0.0.3) (https://www.spamhaus.org/query/ip/179.124.21.10) 2019-08-20 09:46:39 H=(livingwellness.it) [179.124.21.10]:43707 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.3, 127.0.0.4) (https://www.spamhaus.org/query/ip/179.124.21.10) ...	2019-08-21 06:45:31
217.112.128.75	attack	Sent Mail to address hacked/leaked/bought from crystalproductions.cz between 2011 and 2018	2019-08-21 06:32:32
119.29.65.240	attackspam	Aug 20 13:44:58 TORMINT sshd\[3282\]: Invalid user mxuser from 119.29.65.240 Aug 20 13:44:58 TORMINT sshd\[3282\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.65.240 Aug 20 13:44:59 TORMINT sshd\[3282\]: Failed password for invalid user mxuser from 119.29.65.240 port 36738 ssh2 ...	2019-08-21 07:00:31
68.183.179.142	attack	Aug 20 12:07:03 eddieflores sshd\[32080\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.179.142 user=root Aug 20 12:07:05 eddieflores sshd\[32080\]: Failed password for root from 68.183.179.142 port 49720 ssh2 Aug 20 12:11:49 eddieflores sshd\[32569\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.179.142 user=messagebus Aug 20 12:11:51 eddieflores sshd\[32569\]: Failed password for messagebus from 68.183.179.142 port 39674 ssh2 Aug 20 12:16:32 eddieflores sshd\[522\]: Invalid user lucky from 68.183.179.142 Aug 20 12:16:32 eddieflores sshd\[522\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.179.142	2019-08-21 06:28:10
187.58.232.216	attackbots	2019-08-20T17:13:16.182973abusebot-7.cloudsearch.cf sshd\[28223\]: Invalid user tafadzwa from 187.58.232.216 port 45654	2019-08-21 06:27:18
173.239.37.152	attackspam	Aug 20 23:59:00 [snip] sshd[29031]: Invalid user nvidia from 173.239.37.152 port 59492 Aug 20 23:59:00 [snip] sshd[29031]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=173.239.37.152 Aug 20 23:59:02 [snip] sshd[29031]: Failed password for invalid user nvidia from 173.239.37.152 port 59492 ssh2[...]	2019-08-21 07:00:50
185.243.152.163	attackspambots	Aug 20 22:25:07 majoron sshd[14902]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.243.152.163 user=r.r Aug 20 22:25:09 majoron sshd[14902]: Failed password for r.r from 185.243.152.163 port 44548 ssh2 Aug 20 22:25:09 majoron sshd[14902]: Received disconnect from 185.243.152.163 port 44548:11: Bye Bye [preauth] Aug 20 22:25:09 majoron sshd[14902]: Disconnected from 185.243.152.163 port 44548 [preauth] Aug 20 22:37:11 majoron sshd[16114]: Invalid user prieskorn from 185.243.152.163 port 44646 Aug 20 22:37:11 majoron sshd[16114]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.243.152.163 Aug 20 22:37:13 majoron sshd[16114]: Failed password for invalid user prieskorn from 185.243.152.163 port 44646 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=185.243.152.163	2019-08-21 06:33:00
111.230.228.113	attackspam	Aug 20 16:46:30 lnxded64 sshd[24510]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.230.228.113	2019-08-21 06:47:47
192.42.116.13	attackbots	Automated report - ssh fail2ban: Aug 20 16:46:42 wrong password, user=root, port=46096, ssh2 Aug 20 16:46:45 wrong password, user=root, port=46096, ssh2 Aug 20 16:46:49 wrong password, user=root, port=46096, ssh2 Aug 20 16:46:52 wrong password, user=root, port=46096, ssh2	2019-08-21 06:37:24
54.37.151.239	attackspambots	Aug 20 08:16:41 web1 sshd\[31668\]: Invalid user dbadmin from 54.37.151.239 Aug 20 08:16:41 web1 sshd\[31668\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.151.239 Aug 20 08:16:43 web1 sshd\[31668\]: Failed password for invalid user dbadmin from 54.37.151.239 port 42700 ssh2 Aug 20 08:21:58 web1 sshd\[32187\]: Invalid user ts3 from 54.37.151.239 Aug 20 08:21:58 web1 sshd\[32187\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.151.239	2019-08-21 06:24:09
5.39.67.154	attackbotsspam	Aug 20 16:46:48 icinga sshd[24002]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.39.67.154 Aug 20 16:46:50 icinga sshd[24002]: Failed password for invalid user deploy from 5.39.67.154 port 48981 ssh2 ...	2019-08-21 06:38:45

最近上报的IP列表

40.124.171.82	62.43.117.63	165.154.227.235	159.65.252.159
1.24.5.242	120.82.84.214	103.175.29.24	39.154.25.14
39.154.10.108	36.143.144.2	223.91.89.162	223.91.66.31
223.88.212.121	183.92.17.169	183.251.169.143	120.239.118.69
120.230.21.59	120.229.231.149	120.228.9.145	119.44.61.111