139.59.4.145 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): India

运营商(isp): Digital Ocean Inc.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	139.59.4.145 - - [04/Oct/2020:17:02:07 +0100] "POST /wp-login.php HTTP/1.1" 200 2463 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.4.145 - - [04/Oct/2020:17:02:10 +0100] "POST /wp-login.php HTTP/1.1" 200 2407 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.4.145 - - [04/Oct/2020:17:02:11 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-05 03:38:34
attackspambots	139.59.4.145 - - [04/Oct/2020:09:50:37 +0100] "POST /wp-login.php HTTP/1.1" 200 2217 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.4.145 - - [04/Oct/2020:09:50:40 +0100] "POST /wp-login.php HTTP/1.1" 200 2242 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.4.145 - - [04/Oct/2020:09:50:40 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-04 19:26:48
attackbotsspam	xmlrpc attack	2020-08-14 18:39:51
attackbots	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-07-13 20:18:33
attack	139.59.4.145 - - [11/Jul/2020:08:33:03 +0100] "POST /wp-login.php HTTP/1.1" 200 1807 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.4.145 - - [11/Jul/2020:08:33:03 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.4.145 - - [11/Jul/2020:08:41:05 +0100] "POST /wp-login.php HTTP/1.1" 200 1933 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-07-11 18:07:24
attackbotsspam	139.59.4.145 - - [26/Jun/2020:13:28:10 +0200] "POST /wp-login.php HTTP/1.1" 200 3434 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.4.145 - - [26/Jun/2020:13:28:12 +0200] "POST /wp-login.php HTTP/1.1" 200 3433 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-06-26 22:28:40
attackbots	139.59.4.145 - - [23/Jun/2020:10:00:21 +0200] "POST /xmlrpc.php HTTP/1.1" 403 613 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.4.145 - - [23/Jun/2020:10:11:54 +0200] "POST /xmlrpc.php HTTP/1.1" 403 613 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-06-23 18:04:57
attackspam	CMS (WordPress or Joomla) login attempt.	2020-06-09 02:56:33
attackspam	CMS (WordPress or Joomla) login attempt.	2020-06-06 23:28:19
attackbotsspam	Automatic report - WordPress Brute Force	2020-05-13 17:56:02
attackbots	port scan and connect, tcp 3306 (mysql)	2020-04-28 20:00:34
attack	CMS (WordPress or Joomla) login attempt.	2020-04-06 19:12:56
attackbots	WordPress wp-login brute force :: 139.59.4.145 0.076 BYPASS [21/Feb/2020:13:11:23 0000] [censored_2] "POST /wp-login.php HTTP/1.1" 200 2287 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-02-22 04:29:00
attack	WordPress login Brute force / Web App Attack on client site.	2020-01-13 23:48:06
attackbotsspam	Automatic report - Banned IP Access	2020-01-01 18:40:59
attackspam	notenschluessel-fulda.de 139.59.4.145 \[01/Oct/2019:05:49:07 +0200\] "POST /wp-login.php HTTP/1.1" 200 5903 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" notenschluessel-fulda.de 139.59.4.145 \[01/Oct/2019:05:49:09 +0200\] "POST /wp-login.php HTTP/1.1" 200 5860 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2019-10-01 17:30:57

相同子网IP讨论:

IP	类型	评论内容	时间
139.59.41.222	attack	Fraud connect	2024-05-17 13:22:44
139.59.40.233	attackspambots	139.59.40.233 - - [12/Oct/2020:13:00:34 +0000] "POST /wp-login.php HTTP/1.1" 200 2077 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 139.59.40.233 - - [12/Oct/2020:13:00:37 +0000] "POST /wp-login.php HTTP/1.1" 200 2055 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 139.59.40.233 - - [12/Oct/2020:13:00:41 +0000] "POST /wp-login.php HTTP/1.1" 200 2052 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 139.59.40.233 - - [12/Oct/2020:13:00:44 +0000] "POST /wp-login.php HTTP/1.1" 200 2052 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 139.59.40.233 - - [12/Oct/2020:13:00:45 +0000] "POST /xmlrpc.php HTTP/1.1" 200 236 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-"	2020-10-13 00:00:47
139.59.40.233	attack	139.59.40.233 - - [12/Oct/2020:04:39:08 +0100] "POST /wp-login.php HTTP/1.1" 200 2141 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.40.233 - - [12/Oct/2020:04:39:11 +0100] "POST /wp-login.php HTTP/1.1" 200 2125 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.40.233 - - [12/Oct/2020:04:39:11 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-12 15:24:37
139.59.43.196	attackspambots	139.59.43.196 is unauthorized and has been banned by fail2ban	2020-10-10 04:25:38
139.59.46.167	attackspam	Oct 9 18:04:57 cho sshd[306173]: Failed password for root from 139.59.46.167 port 47238 ssh2 Oct 9 18:09:02 cho sshd[306376]: Invalid user vagrant from 139.59.46.167 port 51624 Oct 9 18:09:02 cho sshd[306376]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.46.167 Oct 9 18:09:02 cho sshd[306376]: Invalid user vagrant from 139.59.46.167 port 51624 Oct 9 18:09:03 cho sshd[306376]: Failed password for invalid user vagrant from 139.59.46.167 port 51624 ssh2 ...	2020-10-10 02:06:29
139.59.43.196	attack	probing for vulnerabilities, found a honeypot	2020-10-09 20:23:36
139.59.46.167	attackbots	5x Failed Password	2020-10-09 17:51:12
139.59.43.196	attack	Automatic report - XMLRPC Attack	2020-10-09 12:11:21
139.59.42.174	attackbotsspam	non-SMTP command used ...	2020-10-09 02:13:07
139.59.42.174	attackspambots	non-SMTP command used ...	2020-10-08 18:11:01
139.59.40.240	attackbotsspam	Oct 6 00:07:06 rancher-0 sshd[488183]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.40.240 user=root Oct 6 00:07:08 rancher-0 sshd[488183]: Failed password for root from 139.59.40.240 port 56898 ssh2 ...	2020-10-06 06:15:31
139.59.40.240	attackbots	$f2bV_matches	2020-10-05 22:20:50
139.59.40.240	attackbots	2020-10-05T05:20:09.281796randservbullet-proofcloud-66.localdomain sshd[29534]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.40.240 user=root 2020-10-05T05:20:11.144033randservbullet-proofcloud-66.localdomain sshd[29534]: Failed password for root from 139.59.40.240 port 49718 ssh2 2020-10-05T05:24:42.393105randservbullet-proofcloud-66.localdomain sshd[29566]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.40.240 user=root 2020-10-05T05:24:44.064917randservbullet-proofcloud-66.localdomain sshd[29566]: Failed password for root from 139.59.40.240 port 46138 ssh2 ...	2020-10-05 14:14:28
139.59.46.226	attackspam	[N3.H3.VM3] Port Scanner Detected Blocked by UFW	2020-10-05 05:52:34
139.59.46.226	attack	Fail2Ban Ban Triggered	2020-10-04 21:49:55

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.59.4.145
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1717
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.59.4.145.			IN	A

;; AUTHORITY SECTION:
.			221	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019100101 1800 900 604800 86400

;; Query time: 52 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Oct 01 17:30:54 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

145.4.59.139.in-addr.arpa domain name pointer 82409-64157.cloudwaysapps.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
145.4.59.139.in-addr.arpa	name = 82409-64157.cloudwaysapps.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
66.249.64.30	attackbots	Unauthorized access detected from black listed ip!	2020-06-14 00:02:13
209.97.138.167	attack	Jun 13 17:22:56 mail sshd\[18581\]: Invalid user contec from 209.97.138.167 Jun 13 17:22:56 mail sshd\[18581\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=209.97.138.167 Jun 13 17:22:57 mail sshd\[18581\]: Failed password for invalid user contec from 209.97.138.167 port 56702 ssh2 ...	2020-06-14 00:34:07
167.99.170.91	attack	Jun 13 21:35:38 webhost01 sshd[30893]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.170.91 Jun 13 21:35:39 webhost01 sshd[30893]: Failed password for invalid user fulgencia from 167.99.170.91 port 34606 ssh2 ...	2020-06-14 00:35:15
206.81.12.209	attackspam	Jun 13 14:24:32 ourumov-web sshd\[24400\]: Invalid user anonymous from 206.81.12.209 port 52214 Jun 13 14:24:32 ourumov-web sshd\[24400\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.81.12.209 Jun 13 14:24:34 ourumov-web sshd\[24400\]: Failed password for invalid user anonymous from 206.81.12.209 port 52214 ssh2 ...	2020-06-14 00:28:31
222.186.30.218	attackspam	2020-06-13T19:18:27.823299lavrinenko.info sshd[17094]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.218 user=root 2020-06-13T19:18:30.205760lavrinenko.info sshd[17094]: Failed password for root from 222.186.30.218 port 26190 ssh2 2020-06-13T19:18:27.823299lavrinenko.info sshd[17094]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.218 user=root 2020-06-13T19:18:30.205760lavrinenko.info sshd[17094]: Failed password for root from 222.186.30.218 port 26190 ssh2 2020-06-13T19:18:33.791236lavrinenko.info sshd[17094]: Failed password for root from 222.186.30.218 port 26190 ssh2 ...	2020-06-14 00:21:18
51.38.236.221	attack	Jun 13 16:38:40 minden010 sshd[27406]: Failed password for root from 51.38.236.221 port 55558 ssh2 Jun 13 16:44:20 minden010 sshd[29482]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.236.221 Jun 13 16:44:22 minden010 sshd[29482]: Failed password for invalid user slujbot from 51.38.236.221 port 55040 ssh2 ...	2020-06-14 00:34:28
103.145.12.168	attackspam	[2020-06-13 12:09:02] NOTICE[1273] chan_sip.c: Registration from '"2008" ' failed for '103.145.12.168:5297' - Wrong password [2020-06-13 12:09:02] SECURITY[1288] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-06-13T12:09:02.944-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="2008",SessionID="0x7f31c0334138",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/103.145.12.168/5297",Challenge="39fed0db",ReceivedChallenge="39fed0db",ReceivedHash="6cba6dbf821d5fbc68c36c7b07711e9e" [2020-06-13 12:09:03] NOTICE[1273] chan_sip.c: Registration from '"2008" ' failed for '103.145.12.168:5297' - Wrong password [2020-06-13 12:09:03] SECURITY[1288] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-06-13T12:09:03.062-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="2008",SessionID="0x7f31c02ff098",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP ...	2020-06-14 00:38:49
69.180.156.84	attackbots	Automatic report - Port Scan Attack	2020-06-13 23:52:36
46.101.100.227	attackbotsspam	Jun 13 15:10:26 cosmoit sshd[8705]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.100.227	2020-06-13 23:56:10
43.255.140.218	attack	Automatic report - Banned IP Access	2020-06-14 00:11:12
218.92.0.212	attackbotsspam	Jun 13 18:12:35 home sshd[1357]: Failed password for root from 218.92.0.212 port 20519 ssh2 Jun 13 18:12:49 home sshd[1357]: error: maximum authentication attempts exceeded for root from 218.92.0.212 port 20519 ssh2 [preauth] Jun 13 18:13:00 home sshd[1389]: Failed password for root from 218.92.0.212 port 59999 ssh2 ...	2020-06-14 00:22:20
203.54.221.218	attack	Lines containing failures of 203.54.221.218 Jun 12 12:51:44 shared04 sshd[10923]: Invalid user smmsp from 203.54.221.218 port 35390 Jun 12 12:51:44 shared04 sshd[10923]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.54.221.218 Jun 12 12:51:46 shared04 sshd[10923]: Failed password for invalid user smmsp from 203.54.221.218 port 35390 ssh2 Jun 12 12:51:46 shared04 sshd[10923]: Received disconnect from 203.54.221.218 port 35390:11: Bye Bye [preauth] Jun 12 12:51:46 shared04 sshd[10923]: Disconnected from invalid user smmsp 203.54.221.218 port 35390 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=203.54.221.218	2020-06-13 23:50:39
119.29.119.151	attackbotsspam	sshd	2020-06-14 00:37:03
165.227.62.103	attackbots	sshd	2020-06-14 00:31:19
187.163.71.130	attackbotsspam	Automatic report - Port Scan Attack	2020-06-14 00:30:59

最近上报的IP列表

160.70.94.54	210.188.13.79	1.58.105.170	171.227.94.162
230.221.198.112	174.97.187.157	165.22.127.25	45.40.57.177
189.210.129.20	185.170.131.9	181.126.157.40	180.92.87.20
178.217.205.144	176.125.54.41	159.192.247.6	87.201.164.247
87.197.43.249	86.135.162.50	82.130.238.149	123.233.73.95