必须是合法有效的IP地址, 可以是IPv4或者是IPv6, 例如127.0.0.1或者2001:DB8:0:0:8:800:200C:417A
基本信息:

城市(city): unknown

省份(region): unknown

国家(country): unknown

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:
暂无关于此IP的讨论, 沙发请点上方按钮
相同子网IP讨论:
IP 类型 评论内容 时间
139.59.141.196 attack
139.59.141.196 - - [11/Oct/2020:16:45:30 +0100] "POST /wp-login.php HTTP/1.1" 200 2520 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
139.59.141.196 - - [11/Oct/2020:16:45:31 +0100] "POST /wp-login.php HTTP/1.1" 200 2478 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
139.59.141.196 - - [11/Oct/2020:16:45:32 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
...
2020-10-12 00:48:43
139.59.141.196 attack
139.59.141.196 - - [10/Oct/2020:22:54:38 +0100] "POST /wp-login.php HTTP/1.1" 200 2398 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
139.59.141.196 - - [10/Oct/2020:22:54:39 +0100] "POST /wp-login.php HTTP/1.1" 200 2375 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
139.59.141.196 - - [10/Oct/2020:22:54:39 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
...
2020-10-11 16:44:14
139.59.141.196 attackspambots
139.59.141.196 - - [10/Oct/2020:22:54:38 +0100] "POST /wp-login.php HTTP/1.1" 200 2398 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
139.59.141.196 - - [10/Oct/2020:22:54:39 +0100] "POST /wp-login.php HTTP/1.1" 200 2375 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
139.59.141.196 - - [10/Oct/2020:22:54:39 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
...
2020-10-11 10:04:07
139.59.141.196 attackspam
139.59.141.196 - - [28/Sep/2020:21:42:48 +0100] "POST /wp-login.php HTTP/1.1" 200 2340 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
139.59.141.196 - - [28/Sep/2020:21:42:48 +0100] "POST /wp-login.php HTTP/1.1" 200 2319 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
139.59.141.196 - - [28/Sep/2020:21:42:49 +0100] "POST /wp-login.php HTTP/1.1" 200 2324 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
...
2020-09-29 05:30:47
139.59.141.196 attackspambots
139.59.141.196 - - [28/Sep/2020:13:25:38 +0100] "POST /wp-login.php HTTP/1.1" 200 2862 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
139.59.141.196 - - [28/Sep/2020:13:25:39 +0100] "POST /wp-login.php HTTP/1.1" 200 2831 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
139.59.141.196 - - [28/Sep/2020:13:25:40 +0100] "POST /wp-login.php HTTP/1.1" 200 2866 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
...
2020-09-28 21:51:17
139.59.141.196 attack
WordPress wp-login brute force :: 139.59.141.196 0.116 - [28/Sep/2020:05:49:23  0000] [censored_1] "POST /wp-login.php HTTP/1.1" 200 2414 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "HTTP/1.1"
2020-09-28 13:58:01
139.59.141.196 attackbots
139.59.141.196 - - [13/Sep/2020:19:05:10 +0000] "POST /wp-login.php HTTP/1.1" 200 2077 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-"
139.59.141.196 - - [13/Sep/2020:19:05:11 +0000] "POST /wp-login.php HTTP/1.1" 200 2055 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-"
139.59.141.196 - - [13/Sep/2020:19:05:13 +0000] "POST /wp-login.php HTTP/1.1" 200 2052 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-"
139.59.141.196 - - [13/Sep/2020:19:05:15 +0000] "POST /wp-login.php HTTP/1.1" 200 2052 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-"
139.59.141.196 - - [13/Sep/2020:19:05:16 +0000] "POST /xmlrpc.php HTTP/1.1" 200 236 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-"
2020-09-14 03:29:50
139.59.141.196 attack
Automatic report generated by Wazuh
2020-09-13 19:29:40
139.59.141.196 attackbots
139.59.141.196 - - [27/Aug/2020:05:38:48 +0200] "GET /wp-login.php HTTP/1.1" 200 9040 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
139.59.141.196 - - [27/Aug/2020:05:38:50 +0200] "POST /wp-login.php HTTP/1.1" 200 9291 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
139.59.141.196 - - [27/Aug/2020:05:38:51 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
2020-08-27 20:52:21
139.59.141.196 attackspambots
139.59.141.196 - - [23/Aug/2020:05:55:43 +0200] "GET /wp-login.php HTTP/1.1" 200 8775 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
139.59.141.196 - - [23/Aug/2020:05:55:44 +0200] "POST /wp-login.php HTTP/1.1" 200 9026 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
139.59.141.196 - - [23/Aug/2020:05:55:45 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
2020-08-23 12:11:51
139.59.141.196 attackbots
CMS (WordPress or Joomla) login attempt.
2020-08-20 13:14:37
139.59.141.196 attackbots
139.59.141.196 - - [01/Aug/2020:12:37:12 +0200] "GET /wp-login.php HTTP/1.1" 200 1689 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
139.59.141.196 - - [01/Aug/2020:12:37:13 +0200] "POST /wp-login.php HTTP/1.1" 200 1819 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
139.59.141.196 - - [01/Aug/2020:12:37:13 +0200] "GET /wp-login.php HTTP/1.1" 200 1689 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
139.59.141.196 - - [01/Aug/2020:12:37:14 +0200] "POST /wp-login.php HTTP/1.1" 200 1816 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
139.59.141.196 - - [01/Aug/2020:12:37:14 +0200] "GET /wp-login.php HTTP/1.1" 200 1689 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
139.59.141.196 - - [01/Aug/2020:12:37:14 +0200] "POST /wp-login.php HTTP/1.1" 200 1818 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/201001
...
2020-08-01 19:47:41
139.59.141.196 attack
CMS (WordPress or Joomla) login attempt.
2020-07-14 12:59:01
139.59.141.196 attackbots
139.59.141.196 - - \[06/Jul/2020:16:56:09 +0200\] "POST /wp-login.php HTTP/1.0" 200 4128 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
139.59.141.196 - - \[06/Jul/2020:16:56:10 +0200\] "POST /wp-login.php HTTP/1.0" 200 3955 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
139.59.141.196 - - \[06/Jul/2020:16:56:10 +0200\] "POST /xmlrpc.php HTTP/1.0" 200 736 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
2020-07-06 23:03:42
139.59.141.196 attack
xmlrpc attack
2020-06-24 12:28:21
WHOIS信息:
b
DIG信息:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.59.141.115
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 14082
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;139.59.141.115.			IN	A

;; AUTHORITY SECTION:
.			405	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022030803 1800 900 604800 86400

;; Query time: 24 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Mar 09 08:34:50 CST 2022
;; MSG SIZE  rcvd: 107
HOST信息:
Host 115.141.59.139.in-addr.arpa. not found: 3(NXDOMAIN)
NSLOOKUP信息:
Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 115.141.59.139.in-addr.arpa: NXDOMAIN
相关IP信息:
最新评论:
IP 类型 评论内容 时间
115.159.93.67 attackspambots
May 24 09:04:38 firewall sshd[19742]: Invalid user jax from 115.159.93.67
May 24 09:04:40 firewall sshd[19742]: Failed password for invalid user jax from 115.159.93.67 port 33571 ssh2
May 24 09:13:18 firewall sshd[19907]: Invalid user lvu from 115.159.93.67
...
2020-05-24 23:03:56
178.33.45.156 attackbotsspam
May 24 14:13:25 odroid64 sshd\[2098\]: User root from 178.33.45.156 not allowed because not listed in AllowUsers
May 24 14:13:25 odroid64 sshd\[2098\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.33.45.156  user=root
...
2020-05-24 22:58:30
14.215.51.241 attackspam
May 24 17:31:05 hosting sshd[3877]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.215.51.241  user=root
May 24 17:31:07 hosting sshd[3877]: Failed password for root from 14.215.51.241 port 60168 ssh2
...
2020-05-24 23:34:16
54.39.104.201 attackbotsspam
[2020-05-24 11:18:42] NOTICE[1157][C-00008dee] chan_sip.c: Call from '' (54.39.104.201:38874) to extension '700441519460088' rejected because extension not found in context 'public'.
[2020-05-24 11:18:42] SECURITY[1173] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-05-24T11:18:42.041-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="700441519460088",SessionID="0x7f5f1039ca78",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/54.39.104.201/5060",ACLName="no_extension_match"
[2020-05-24 11:19:49] NOTICE[1157][C-00008df1] chan_sip.c: Call from '' (54.39.104.201:25990) to extension '7001441519460088' rejected because extension not found in context 'public'.
[2020-05-24 11:19:49] SECURITY[1173] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-05-24T11:19:49.546-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="7001441519460088",SessionID="0x7f5f10678288",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP
...
2020-05-24 23:34:49
138.197.196.208 attack
(sshd) Failed SSH login from 138.197.196.208 (US/United States/-): 5 in the last 3600 secs
2020-05-24 23:14:58
128.199.44.102 attackbotsspam
May 24 16:34:41 santamaria sshd\[20049\]: Invalid user sato from 128.199.44.102
May 24 16:34:41 santamaria sshd\[20049\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.44.102
May 24 16:34:43 santamaria sshd\[20049\]: Failed password for invalid user sato from 128.199.44.102 port 41740 ssh2
...
2020-05-24 23:16:44
182.153.232.117 attack
Port probing on unauthorized port 23
2020-05-24 22:54:17
179.98.133.64 attackspam
1590322400 - 05/24/2020 14:13:20 Host: 179.98.133.64/179.98.133.64 Port: 445 TCP Blocked
2020-05-24 23:03:12
101.227.34.23 attack
Brute force SMTP login attempted.
...
2020-05-24 23:03:38
222.102.106.79 attack
May 24 16:06:44 mout sshd[19494]: Invalid user 212.237.30.66 - SSH-2.0-Ope.SSH_7.6p1 Ubuntu-4ubuntu0.3\r from 222.102.106.79 port 60388
2020-05-24 23:38:12
60.24.250.79 attackspambots
2020-05-24 22:59:21
35.245.33.180 attackspambots
May 24 16:10:59 vps sshd[1003045]: Failed password for invalid user ozj from 35.245.33.180 port 42250 ssh2
May 24 16:16:17 vps sshd[1025293]: Invalid user fsc from 35.245.33.180 port 48320
May 24 16:16:17 vps sshd[1025293]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.33.245.35.bc.googleusercontent.com
May 24 16:16:19 vps sshd[1025293]: Failed password for invalid user fsc from 35.245.33.180 port 48320 ssh2
May 24 16:21:41 vps sshd[1045934]: Invalid user igg from 35.245.33.180 port 54388
...
2020-05-24 23:12:17
216.254.186.76 attack
SSH brutforce
2020-05-24 23:15:52
58.87.76.77 attackspambots
May 24 13:59:15 ns392434 sshd[28374]: Invalid user marc from 58.87.76.77 port 34732
May 24 13:59:15 ns392434 sshd[28374]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.87.76.77
May 24 13:59:15 ns392434 sshd[28374]: Invalid user marc from 58.87.76.77 port 34732
May 24 13:59:17 ns392434 sshd[28374]: Failed password for invalid user marc from 58.87.76.77 port 34732 ssh2
May 24 14:07:40 ns392434 sshd[28754]: Invalid user esv from 58.87.76.77 port 35208
May 24 14:07:40 ns392434 sshd[28754]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.87.76.77
May 24 14:07:40 ns392434 sshd[28754]: Invalid user esv from 58.87.76.77 port 35208
May 24 14:07:42 ns392434 sshd[28754]: Failed password for invalid user esv from 58.87.76.77 port 35208 ssh2
May 24 14:13:16 ns392434 sshd[28887]: Invalid user hji from 58.87.76.77 port 56184
2020-05-24 23:04:53
80.211.240.161 attack
May 24 14:05:06 srv-ubuntu-dev3 sshd[45482]: Invalid user fji from 80.211.240.161
May 24 14:05:06 srv-ubuntu-dev3 sshd[45482]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.240.161
May 24 14:05:06 srv-ubuntu-dev3 sshd[45482]: Invalid user fji from 80.211.240.161
May 24 14:05:08 srv-ubuntu-dev3 sshd[45482]: Failed password for invalid user fji from 80.211.240.161 port 59630 ssh2
May 24 14:09:07 srv-ubuntu-dev3 sshd[46083]: Invalid user gha from 80.211.240.161
May 24 14:09:07 srv-ubuntu-dev3 sshd[46083]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.240.161
May 24 14:09:07 srv-ubuntu-dev3 sshd[46083]: Invalid user gha from 80.211.240.161
May 24 14:09:09 srv-ubuntu-dev3 sshd[46083]: Failed password for invalid user gha from 80.211.240.161 port 37510 ssh2
May 24 14:13:14 srv-ubuntu-dev3 sshd[46774]: Invalid user uhu from 80.211.240.161
...
2020-05-24 23:08:30

最近上报的IP列表

139.59.140.252 139.59.140.180 139.59.140.236 139.59.140.234
139.59.140.116 139.59.140.209 139.59.141.126 139.59.14.85
139.59.14.97 139.59.141.186 118.254.157.223 139.59.141.228
139.59.141.235 139.59.142.43 139.59.142.167 139.59.141.31
139.59.141.246 118.254.157.228 139.59.142.77 139.59.142.185