必须是合法有效的IP地址, 可以是IPv4或者是IPv6, 例如127.0.0.1或者2001:DB8:0:0:8:800:200C:417A
基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Australia

运营商(isp): OVH Australia Pty Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:
类型 评论内容 时间
attackbots
139.99.148.4 - - [07/Oct/2020:15:35:38 +0200] "POST /xmlrpc.php HTTP/1.1" 403 146 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
139.99.148.4 - - [07/Oct/2020:16:01:07 +0200] "POST /xmlrpc.php HTTP/1.1" 403 146 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
...
2020-10-08 04:29:11
attack
Attempted WordPress login: "GET /wp-login.php"
2020-10-07 20:48:50
attackspam
139.99.148.4 - - [07/Oct/2020:02:44:52 +0100] "POST /wp-login.php HTTP/1.1" 200 2394 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
139.99.148.4 - - [07/Oct/2020:02:44:54 +0100] "POST /wp-login.php HTTP/1.1" 200 2328 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
139.99.148.4 - - [07/Oct/2020:02:44:56 +0100] "POST /wp-login.php HTTP/1.1" 200 2376 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
...
2020-10-07 12:33:19
attackspambots
Automatic report - XMLRPC Attack
2020-09-21 01:35:44
attack
139.99.148.4 - - [20/Sep/2020:09:02:17 +0200] "GET /wp-login.php HTTP/1.1" 200 8558 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
139.99.148.4 - - [20/Sep/2020:09:02:19 +0200] "POST /wp-login.php HTTP/1.1" 200 8809 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
139.99.148.4 - - [20/Sep/2020:09:02:20 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
2020-09-20 17:34:25
attackbotsspam
php WP PHPmyadamin ABUSE blocked for 12h
2020-09-12 23:56:56
attackspam
139.99.148.4 - - [12/Sep/2020:07:11:02 +0200] "GET /wp-login.php HTTP/1.1" 200 8796 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
139.99.148.4 - - [12/Sep/2020:07:11:04 +0200] "POST /wp-login.php HTTP/1.1" 200 9047 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
139.99.148.4 - - [12/Sep/2020:07:11:06 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
2020-09-12 15:59:01
attackspam
139.99.148.4 - - [11/Sep/2020:17:53:47 +0100] "POST /wp-login.php HTTP/1.1" 200 2221 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
139.99.148.4 - - [11/Sep/2020:17:53:49 +0100] "POST /wp-login.php HTTP/1.1" 200 2147 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
139.99.148.4 - - [11/Sep/2020:17:53:50 +0100] "POST /xmlrpc.php HTTP/1.1" 200 247 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
...
2020-09-12 07:46:05
attackspambots
Automatic report - XMLRPC Attack
2020-09-09 02:41:56
attack
139.99.148.4 has been banned for [WebApp Attack]
...
2020-09-08 18:12:42
attack
139.99.148.4 - - [14/Aug/2020:12:21:41 +0100] "POST /wp-login.php HTTP/1.1" 200 1875 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
139.99.148.4 - - [14/Aug/2020:12:21:45 +0100] "POST /wp-login.php HTTP/1.1" 200 1875 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
139.99.148.4 - - [14/Aug/2020:12:21:50 +0100] "POST /wp-login.php HTTP/1.1" 200 1875 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
...
2020-08-14 20:21:14
attackspam
139.99.148.4 - - [07/Aug/2020:06:52:42 +0200] "POST /xmlrpc.php HTTP/1.1" 403 461 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
139.99.148.4 - - [07/Aug/2020:07:05:56 +0200] "POST /xmlrpc.php HTTP/1.1" 403 10519 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
...
2020-08-07 13:49:44
attackbots
139.99.148.4 - - [31/Jul/2020:15:11:09 +0100] "POST /wp-login.php HTTP/1.1" 302 5 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
139.99.148.4 - - [31/Jul/2020:15:11:16 +0100] "POST /wp-login.php HTTP/1.1" 302 5 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
139.99.148.4 - - [31/Jul/2020:15:11:22 +0100] "POST /wp-login.php HTTP/1.1" 302 5 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
...
2020-08-01 02:05:11
attackbotsspam
CMS (WordPress or Joomla) login attempt.
2020-07-30 07:41:44
attackbots
139.99.148.4 - - [27/Jul/2020:15:16:18 +0100] "POST /wp-login.php HTTP/1.1" 200 1968 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
139.99.148.4 - - [27/Jul/2020:15:16:21 +0100] "POST /wp-login.php HTTP/1.1" 200 1972 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
139.99.148.4 - - [27/Jul/2020:15:16:22 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
...
2020-07-27 23:21:14
attack
php WP PHPmyadamin ABUSE blocked for 12h
2020-07-11 04:17:51
attackspam
139.99.148.4 - - [24/Jun/2020:08:46:38 +0100] "POST /wp-login.php HTTP/1.1" 200 1791 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
139.99.148.4 - - [24/Jun/2020:08:46:40 +0100] "POST /wp-login.php HTTP/1.1" 200 1772 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
139.99.148.4 - - [24/Jun/2020:08:46:42 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
...
2020-06-24 16:18:46
attackspam
09.06.2020 22:19:30 - Wordpress fail 
Detected by ELinOX-ALM
2020-06-10 05:52:51
attackspambots
"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:
2020-06-10 01:09:00
attack
Automatic report - XMLRPC Attack
2020-06-06 03:35:07
attackbots
Automatic report - Banned IP Access
2020-05-11 23:50:20
attack
Automatic report - Banned IP Access
2020-05-04 12:30:04
attack
Attempted WordPress login: "GET /wp-login.php"
2020-03-14 05:10:03
attackbots
CMS (WordPress or Joomla) login attempt.
2020-03-08 18:53:36
attackbots
xmlrpc attack
2020-02-12 18:23:19
attackbotsspam
WordPress login Brute force / Web App Attack on client site.
2020-02-09 02:04:06
attackspambots
This client attempted to login to an administrator account on a Website, or abused from another resource.
2020-01-13 16:58:08
attackbotsspam
139.99.148.4 - - [07/Jan/2020:22:19:32 +0100] "GET /wp-login.php HTTP/1.1" 200 1901 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
139.99.148.4 - - [07/Jan/2020:22:19:33 +0100] "POST /wp-login.php HTTP/1.1" 200 2298 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
139.99.148.4 - - [07/Jan/2020:22:19:33 +0100] "GET /wp-login.php HTTP/1.1" 200 1901 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
139.99.148.4 - - [07/Jan/2020:22:19:34 +0100] "POST /wp-login.php HTTP/1.1" 200 2272 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
139.99.148.4 - - [07/Jan/2020:22:19:34 +0100] "GET /wp-login.php HTTP/1.1" 200 1901 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
139.99.148.4 - - [07/Jan/2020:22:19:35 +0100] "POST /wp-login.php HTTP/1.1" 200 2273 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
...
2020-01-08 06:22:25
attack
Automatic report - Banned IP Access
2019-11-29 13:47:38
attack
139.99.148.4 - - \[26/Nov/2019:11:17:16 +0000\] "POST /wp-login.php HTTP/1.1" 200 6393 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
139.99.148.4 - - \[26/Nov/2019:11:17:18 +0000\] "POST /wp-login.php HTTP/1.1" 200 6254 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
...
2019-11-26 21:46:10
相同子网IP讨论:
暂无关于此IP所属子网相关IP的讨论.
WHOIS信息:
b
DIG信息:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.99.148.4
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 26616
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.99.148.4.			IN	A

;; AUTHORITY SECTION:
.			125	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019092400 1800 900 604800 86400

;; Query time: 346 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Sep 25 00:25:36 CST 2019
;; MSG SIZE  rcvd: 116
HOST信息:
4.148.99.139.in-addr.arpa domain name pointer fashion.zebrano.co.nz.
NSLOOKUP信息:
Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
4.148.99.139.in-addr.arpa	name = fashion.zebrano.co.nz.

Authoritative answers can be found from:
相关IP信息:
最新评论:
IP 类型 评论内容 时间
156.96.157.238 attackbotsspam
[2020-03-07 01:12:20] NOTICE[1148][C-0000f226] chan_sip.c: Call from '' (156.96.157.238:62210) to extension '00441472928301' rejected because extension not found in context 'public'.
[2020-03-07 01:12:20] SECURITY[1163] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-03-07T01:12:20.809-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="00441472928301",SessionID="0x7fd82c40d3d8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/156.96.157.238/62210",ACLName="no_extension_match"
[2020-03-07 01:13:42] NOTICE[1148][C-0000f229] chan_sip.c: Call from '' (156.96.157.238:61976) to extension '000441472928301' rejected because extension not found in context 'public'.
[2020-03-07 01:13:42] SECURITY[1163] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-03-07T01:13:42.622-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="000441472928301",SessionID="0x7fd82c43c848",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP
...
2020-03-07 14:17:02
221.195.1.201 attackspam
Mar  7 11:34:49 areeb-Workstation sshd[9123]: Failed password for root from 221.195.1.201 port 36992 ssh2
...
2020-03-07 14:50:21
185.220.103.9 attack
SSH bruteforce
2020-03-07 14:57:47
46.172.67.89 attack
Honeypot attack, port: 5555, PTR: PTR record not found
2020-03-07 14:50:56
140.143.133.134 attack
Mar  7 06:57:05 MK-Soft-Root1 sshd[10812]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.133.134 
Mar  7 06:57:07 MK-Soft-Root1 sshd[10812]: Failed password for invalid user mapred from 140.143.133.134 port 51440 ssh2
...
2020-03-07 14:45:00
47.16.175.111 attackspam
Honeypot attack, port: 81, PTR: ool-2f10af6f.dyn.optonline.net.
2020-03-07 14:18:35
107.170.49.174 attackspam
Mar  6 18:53:06 php1 sshd\[9081\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.170.49.174  user=root
Mar  6 18:53:08 php1 sshd\[9081\]: Failed password for root from 107.170.49.174 port 54776 ssh2
Mar  6 18:56:33 php1 sshd\[9441\]: Invalid user ubuntu from 107.170.49.174
Mar  6 18:56:33 php1 sshd\[9441\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.170.49.174
Mar  6 18:56:35 php1 sshd\[9441\]: Failed password for invalid user ubuntu from 107.170.49.174 port 52546 ssh2
2020-03-07 14:56:11
59.126.130.205 attackspambots
Honeypot attack, port: 81, PTR: 59-126-130-205.HINET-IP.hinet.net.
2020-03-07 14:06:30
79.124.62.66 attackspambots
Portscan or hack attempt detected by psad/fwsnort
2020-03-07 14:59:15
51.68.226.159 attack
Mar  7 01:45:02 NPSTNNYC01T sshd[7169]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.226.159
Mar  7 01:45:04 NPSTNNYC01T sshd[7169]: Failed password for invalid user postgres from 51.68.226.159 port 51542 ssh2
Mar  7 01:49:13 NPSTNNYC01T sshd[7386]: Failed password for root from 51.68.226.159 port 39928 ssh2
...
2020-03-07 14:53:09
92.50.249.92 attack
Mar  6 20:49:34 hanapaa sshd\[10469\]: Invalid user cnc from 92.50.249.92
Mar  6 20:49:34 hanapaa sshd\[10469\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.50.249.92
Mar  6 20:49:37 hanapaa sshd\[10469\]: Failed password for invalid user cnc from 92.50.249.92 port 47882 ssh2
Mar  6 20:53:29 hanapaa sshd\[10847\]: Invalid user ali from 92.50.249.92
Mar  6 20:53:29 hanapaa sshd\[10847\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.50.249.92
2020-03-07 14:56:34
51.68.38.228 attack
2020-03-07T07:00:42.651244vps751288.ovh.net sshd\[14404\]: Invalid user support from 51.68.38.228 port 48796
2020-03-07T07:00:42.661513vps751288.ovh.net sshd\[14404\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns3129268.ip-51-68-38.eu
2020-03-07T07:00:44.583219vps751288.ovh.net sshd\[14404\]: Failed password for invalid user support from 51.68.38.228 port 48796 ssh2
2020-03-07T07:05:02.991505vps751288.ovh.net sshd\[14446\]: Invalid user hive from 51.68.38.228 port 37246
2020-03-07T07:05:02.998372vps751288.ovh.net sshd\[14446\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns3129268.ip-51-68-38.eu
2020-03-07 14:17:28
222.186.173.226 attack
Mar  7 11:53:56 areeb-Workstation sshd[13024]: Failed password for root from 222.186.173.226 port 42299 ssh2
Mar  7 11:54:02 areeb-Workstation sshd[13024]: Failed password for root from 222.186.173.226 port 42299 ssh2
...
2020-03-07 14:27:36
193.112.173.211 attackspam
2020-03-07T05:21:41.823314shield sshd\[4254\]: Invalid user admin from 193.112.173.211 port 58746
2020-03-07T05:21:41.827455shield sshd\[4254\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.173.211
2020-03-07T05:21:44.032469shield sshd\[4254\]: Failed password for invalid user admin from 193.112.173.211 port 58746 ssh2
2020-03-07T05:24:25.819306shield sshd\[4891\]: Invalid user cpanelcabcache from 193.112.173.211 port 60378
2020-03-07T05:24:25.826096shield sshd\[4891\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.173.211
2020-03-07 14:10:56
134.209.102.95 attack
Mar  7 00:59:55 plusreed sshd[10203]: Invalid user hduser from 134.209.102.95
...
2020-03-07 14:10:27

最近上报的IP列表

85.114.207.10 91.179.237.93 51.68.226.66 40.114.126.73
101.228.122.53 83.234.244.77 138.184.138.110 212.7.220.20
27.76.243.60 166.62.121.76 60.174.20.214 141.255.150.34
1.169.141.180 103.206.129.211 177.157.89.103 123.21.104.145
49.67.111.135 54.36.250.123 68.100.119.84 77.34.178.80