139.59.4.145 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): India

运营商(isp): Digital Ocean Inc.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	139.59.4.145 - - [04/Oct/2020:17:02:07 +0100] "POST /wp-login.php HTTP/1.1" 200 2463 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.4.145 - - [04/Oct/2020:17:02:10 +0100] "POST /wp-login.php HTTP/1.1" 200 2407 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.4.145 - - [04/Oct/2020:17:02:11 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-05 03:38:34
attackspambots	139.59.4.145 - - [04/Oct/2020:09:50:37 +0100] "POST /wp-login.php HTTP/1.1" 200 2217 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.4.145 - - [04/Oct/2020:09:50:40 +0100] "POST /wp-login.php HTTP/1.1" 200 2242 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.4.145 - - [04/Oct/2020:09:50:40 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-04 19:26:48
attackbotsspam	xmlrpc attack	2020-08-14 18:39:51
attackbots	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-07-13 20:18:33
attack	139.59.4.145 - - [11/Jul/2020:08:33:03 +0100] "POST /wp-login.php HTTP/1.1" 200 1807 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.4.145 - - [11/Jul/2020:08:33:03 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.4.145 - - [11/Jul/2020:08:41:05 +0100] "POST /wp-login.php HTTP/1.1" 200 1933 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-07-11 18:07:24
attackbotsspam	139.59.4.145 - - [26/Jun/2020:13:28:10 +0200] "POST /wp-login.php HTTP/1.1" 200 3434 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.4.145 - - [26/Jun/2020:13:28:12 +0200] "POST /wp-login.php HTTP/1.1" 200 3433 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-06-26 22:28:40
attackbots	139.59.4.145 - - [23/Jun/2020:10:00:21 +0200] "POST /xmlrpc.php HTTP/1.1" 403 613 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.4.145 - - [23/Jun/2020:10:11:54 +0200] "POST /xmlrpc.php HTTP/1.1" 403 613 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-06-23 18:04:57
attackspam	CMS (WordPress or Joomla) login attempt.	2020-06-09 02:56:33
attackspam	CMS (WordPress or Joomla) login attempt.	2020-06-06 23:28:19
attackbotsspam	Automatic report - WordPress Brute Force	2020-05-13 17:56:02
attackbots	port scan and connect, tcp 3306 (mysql)	2020-04-28 20:00:34
attack	CMS (WordPress or Joomla) login attempt.	2020-04-06 19:12:56
attackbots	WordPress wp-login brute force :: 139.59.4.145 0.076 BYPASS [21/Feb/2020:13:11:23 0000] [censored_2] "POST /wp-login.php HTTP/1.1" 200 2287 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-02-22 04:29:00
attack	WordPress login Brute force / Web App Attack on client site.	2020-01-13 23:48:06
attackbotsspam	Automatic report - Banned IP Access	2020-01-01 18:40:59
attackspam	notenschluessel-fulda.de 139.59.4.145 \[01/Oct/2019:05:49:07 +0200\] "POST /wp-login.php HTTP/1.1" 200 5903 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" notenschluessel-fulda.de 139.59.4.145 \[01/Oct/2019:05:49:09 +0200\] "POST /wp-login.php HTTP/1.1" 200 5860 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2019-10-01 17:30:57

相同子网IP讨论:

IP	类型	评论内容	时间
139.59.41.222	attack	Fraud connect	2024-05-17 13:22:44
139.59.40.233	attackspambots	139.59.40.233 - - [12/Oct/2020:13:00:34 +0000] "POST /wp-login.php HTTP/1.1" 200 2077 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 139.59.40.233 - - [12/Oct/2020:13:00:37 +0000] "POST /wp-login.php HTTP/1.1" 200 2055 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 139.59.40.233 - - [12/Oct/2020:13:00:41 +0000] "POST /wp-login.php HTTP/1.1" 200 2052 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 139.59.40.233 - - [12/Oct/2020:13:00:44 +0000] "POST /wp-login.php HTTP/1.1" 200 2052 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 139.59.40.233 - - [12/Oct/2020:13:00:45 +0000] "POST /xmlrpc.php HTTP/1.1" 200 236 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-"	2020-10-13 00:00:47
139.59.40.233	attack	139.59.40.233 - - [12/Oct/2020:04:39:08 +0100] "POST /wp-login.php HTTP/1.1" 200 2141 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.40.233 - - [12/Oct/2020:04:39:11 +0100] "POST /wp-login.php HTTP/1.1" 200 2125 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.40.233 - - [12/Oct/2020:04:39:11 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-12 15:24:37
139.59.43.196	attackspambots	139.59.43.196 is unauthorized and has been banned by fail2ban	2020-10-10 04:25:38
139.59.46.167	attackspam	Oct 9 18:04:57 cho sshd[306173]: Failed password for root from 139.59.46.167 port 47238 ssh2 Oct 9 18:09:02 cho sshd[306376]: Invalid user vagrant from 139.59.46.167 port 51624 Oct 9 18:09:02 cho sshd[306376]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.46.167 Oct 9 18:09:02 cho sshd[306376]: Invalid user vagrant from 139.59.46.167 port 51624 Oct 9 18:09:03 cho sshd[306376]: Failed password for invalid user vagrant from 139.59.46.167 port 51624 ssh2 ...	2020-10-10 02:06:29
139.59.43.196	attack	probing for vulnerabilities, found a honeypot	2020-10-09 20:23:36
139.59.46.167	attackbots	5x Failed Password	2020-10-09 17:51:12
139.59.43.196	attack	Automatic report - XMLRPC Attack	2020-10-09 12:11:21
139.59.42.174	attackbotsspam	non-SMTP command used ...	2020-10-09 02:13:07
139.59.42.174	attackspambots	non-SMTP command used ...	2020-10-08 18:11:01
139.59.40.240	attackbotsspam	Oct 6 00:07:06 rancher-0 sshd[488183]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.40.240 user=root Oct 6 00:07:08 rancher-0 sshd[488183]: Failed password for root from 139.59.40.240 port 56898 ssh2 ...	2020-10-06 06:15:31
139.59.40.240	attackbots	$f2bV_matches	2020-10-05 22:20:50
139.59.40.240	attackbots	2020-10-05T05:20:09.281796randservbullet-proofcloud-66.localdomain sshd[29534]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.40.240 user=root 2020-10-05T05:20:11.144033randservbullet-proofcloud-66.localdomain sshd[29534]: Failed password for root from 139.59.40.240 port 49718 ssh2 2020-10-05T05:24:42.393105randservbullet-proofcloud-66.localdomain sshd[29566]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.40.240 user=root 2020-10-05T05:24:44.064917randservbullet-proofcloud-66.localdomain sshd[29566]: Failed password for root from 139.59.40.240 port 46138 ssh2 ...	2020-10-05 14:14:28
139.59.46.226	attackspam	[N3.H3.VM3] Port Scanner Detected Blocked by UFW	2020-10-05 05:52:34
139.59.46.226	attack	Fail2Ban Ban Triggered	2020-10-04 21:49:55

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.59.4.145
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1717
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.59.4.145.			IN	A

;; AUTHORITY SECTION:
.			221	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019100101 1800 900 604800 86400

;; Query time: 52 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Oct 01 17:30:54 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

145.4.59.139.in-addr.arpa domain name pointer 82409-64157.cloudwaysapps.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
145.4.59.139.in-addr.arpa	name = 82409-64157.cloudwaysapps.com.

Authoritative answers can be found from:

IP	类型	评论内容	时间
78.95.97.80	attackspambots	Unauthorized connection attempt from IP address 78.95.97.80 on Port 445(SMB)	2020-06-28 06:47:00
111.231.226.87	attackbots	Attempted connection to port 17091.	2020-06-28 06:34:29
89.179.125.71	attackspambots	Jun 28 00:16:10 OPSO sshd\[29187\]: Invalid user oracle from 89.179.125.71 port 36750 Jun 28 00:16:10 OPSO sshd\[29187\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.179.125.71 Jun 28 00:16:12 OPSO sshd\[29187\]: Failed password for invalid user oracle from 89.179.125.71 port 36750 ssh2 Jun 28 00:19:21 OPSO sshd\[29540\]: Invalid user deploy2 from 89.179.125.71 port 34816 Jun 28 00:19:21 OPSO sshd\[29540\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.179.125.71	2020-06-28 06:32:53
163.24.30.124	attackspam	Attempted connection to port 88.	2020-06-28 06:31:30
103.70.32.113	attackbots	WordPress brute force	2020-06-28 06:39:57
182.71.135.170	attack	Unauthorized connection attempt from IP address 182.71.135.170 on Port 445(SMB)	2020-06-28 06:24:23
132.232.10.144	attackbotsspam	Jun 28 00:01:08 home sshd[18134]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.10.144 Jun 28 00:01:10 home sshd[18134]: Failed password for invalid user deploy from 132.232.10.144 port 59100 ssh2 Jun 28 00:03:48 home sshd[18483]: Failed password for mysql from 132.232.10.144 port 60326 ssh2 ...	2020-06-28 06:28:30
118.25.74.199	attackspambots	Invalid user vendas from 118.25.74.199 port 56004	2020-06-28 06:25:47
193.160.32.157	attackspambots	Attempted connection to port 11211.	2020-06-28 06:19:24
51.68.94.177	attack	Invalid user bao from 51.68.94.177 port 42732	2020-06-28 06:29:58
103.137.93.73	attackspambots	WordPress brute force	2020-06-28 06:42:02
49.207.133.165	attack	Unauthorized connection attempt from IP address 49.207.133.165 on Port 445(SMB)	2020-06-28 06:42:43
190.147.192.113	attackspambots	Attempted connection to port 26.	2020-06-28 06:23:54
116.233.211.37	attackspambots	Unauthorized connection attempt from IP address 116.233.211.37 on Port 445(SMB)	2020-06-28 06:17:07
121.45.248.22	attackspam	WordPress brute force	2020-06-28 06:28:51

最近上报的IP列表

160.70.94.54	210.188.13.79	1.58.105.170	171.227.94.162
230.221.198.112	174.97.187.157	165.22.127.25	45.40.57.177
189.210.129.20	185.170.131.9	181.126.157.40	180.92.87.20
178.217.205.144	176.125.54.41	159.192.247.6	87.201.164.247
87.197.43.249	86.135.162.50	82.130.238.149	123.233.73.95