139.180.175.134

基本信息:

城市(city): Heiwajima

省份(region): Tokyo

国家(country): Japan

运营商(isp): Vultr Holdings LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	139.180.175.134 - - [05/Oct/2020:07:11:06 +0100] "POST /wp-login.php HTTP/1.1" 200 2548 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.180.175.134 - - [05/Oct/2020:07:11:09 +0100] "POST /wp-login.php HTTP/1.1" 200 2517 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.180.175.134 - - [05/Oct/2020:07:11:11 +0100] "POST /xmlrpc.php HTTP/1.1" 200 247 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-06 02:28:11
attack	139.180.175.134 - - [05/Oct/2020:07:11:06 +0100] "POST /wp-login.php HTTP/1.1" 200 2548 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.180.175.134 - - [05/Oct/2020:07:11:09 +0100] "POST /wp-login.php HTTP/1.1" 200 2517 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.180.175.134 - - [05/Oct/2020:07:11:11 +0100] "POST /xmlrpc.php HTTP/1.1" 200 247 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-05 18:15:32
attackbotsspam	139.180.175.134 - - [04/Oct/2020:21:18:18 +0200] "GET /wp-login.php HTTP/1.1" 200 8796 "http://b-kits.com/wp-login.php" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.180.175.134 - - [04/Oct/2020:23:25:30 +0200] "GET /wp-login.php HTTP/1.1" 200 8558 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.180.175.134 - - [04/Oct/2020:23:25:32 +0200] "POST /wp-login.php HTTP/1.1" 200 8875 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-10-05 06:02:28
attackbotsspam	139.180.175.134 - - [04/Oct/2020:15:32:06 +0200] "GET /wp-login.php HTTP/1.1" 200 8796 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.180.175.134 - - [04/Oct/2020:15:32:08 +0200] "POST /wp-login.php HTTP/1.1" 200 9047 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.180.175.134 - - [04/Oct/2020:15:32:10 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-10-04 22:01:11
attackspambots	139.180.175.134 - - [04/Oct/2020:05:11:04 +0200] "GET /wp-login.php HTTP/1.1" 200 9061 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.180.175.134 - - [04/Oct/2020:05:11:07 +0200] "POST /wp-login.php HTTP/1.1" 200 9312 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.180.175.134 - - [04/Oct/2020:05:11:09 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-10-04 13:47:13
attack	Automatic report generated by Wazuh	2020-09-25 08:46:01

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.180.175.134
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 62787
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.180.175.134.		IN	A

;; AUTHORITY SECTION:
.			427	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020092402 1800 900 604800 86400

;; Query time: 72 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Sep 25 08:45:56 CST 2020
;; MSG SIZE  rcvd: 119

HOST信息:

134.175.180.139.in-addr.arpa domain name pointer 139.180.175.134.vultr.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
134.175.180.139.in-addr.arpa	name = 139.180.175.134.vultr.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
58.64.215.154	attackspam	(smtpauth) Failed SMTP AUTH login from 58.64.215.154 (HK/Hong Kong/mail.hkas.edu.hk): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SMTPAUTH; Logs: 2020-04-19 05:33:29 login authenticator failed for mail.hkas.edu.hk (USER) [58.64.215.154]: 535 Incorrect authentication data (set_id=info@27mc-radio.nl) 2020-04-19 05:33:56 login authenticator failed for mail.hkas.edu.hk (USER) [58.64.215.154]: 535 Incorrect authentication data (set_id=info@msfish-hunter.nl) 2020-04-19 05:40:28 login authenticator failed for mail.hkas.edu.hk (USER) [58.64.215.154]: 535 Incorrect authentication data (set_id=info@dekoningbouw.nl) 2020-04-19 06:09:26 login authenticator failed for mail.hkas.edu.hk (USER) [58.64.215.154]: 535 Incorrect authentication data (set_id=info@brict.it) 2020-04-19 06:19:41 login authenticator failed for mail.hkas.edu.hk (USER) [58.64.215.154]: 535 Incorrect authentication data (set_id=info@elitehosting.nl)	2020-04-19 13:12:11
159.203.219.38	attackbotsspam	Apr 19 06:22:55 OPSO sshd\[7877\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.219.38 user=root Apr 19 06:22:57 OPSO sshd\[7877\]: Failed password for root from 159.203.219.38 port 56556 ssh2 Apr 19 06:26:55 OPSO sshd\[8744\]: Invalid user gnat from 159.203.219.38 port 34402 Apr 19 06:26:55 OPSO sshd\[8744\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.219.38 Apr 19 06:26:57 OPSO sshd\[8744\]: Failed password for invalid user gnat from 159.203.219.38 port 34402 ssh2	2020-04-19 13:04:23
125.91.126.97	attackspambots	$f2bV_matches	2020-04-19 13:29:10
120.132.13.206	attackspam	Apr 19 00:25:19 ny01 sshd[13364]: Failed password for root from 120.132.13.206 port 53888 ssh2 Apr 19 00:29:14 ny01 sshd[14041]: Failed password for root from 120.132.13.206 port 45080 ssh2	2020-04-19 13:29:45
220.76.205.178	attackspambots	Apr 19 06:59:22 [host] sshd[15310]: Invalid user t Apr 19 06:59:22 [host] sshd[15310]: pam_unix(sshd: Apr 19 06:59:24 [host] sshd[15310]: Failed passwor	2020-04-19 13:33:04
212.237.42.86	attackbots	Apr 19 09:37:52 gw1 sshd[31419]: Failed password for root from 212.237.42.86 port 48422 ssh2 ...	2020-04-19 13:03:34
203.86.235.91	attack	$f2bV_matches	2020-04-19 13:24:20
77.244.26.125	attackspam	Apr 19 05:39:57 mail.srvfarm.net postfix/smtpd[439234]: NOQUEUE: reject: RCPT from unknown[77.244.26.125]: 554 5.7.1 Service unavailable; Client host [77.244.26.125] blocked using bl.spamcop.net; Blocked - see https://www.spamcop.net/bl.shtml?77.244.26.125; from= to= proto=ESMTP helo=<77-244-26-125.westcall.net> Apr 19 05:39:58 mail.srvfarm.net postfix/smtpd[439234]: NOQUEUE: reject: RCPT from unknown[77.244.26.125]: 554 5.7.1 Service unavailable; Client host [77.244.26.125] blocked using bl.spamcop.net; Blocked - see https://www.spamcop.net/bl.shtml?77.244.26.125; from= to= proto=ESMTP helo=<77-244-26-125.westcall.net> Apr 19 05:39:59 mail.srvfarm.net postfix/smtpd[439234]: NOQUEUE: reject: RCPT from unknown[77.244.26.125]: 554 5.7.1 Service unavailable; Client host [77.244.26.125] blocked using bl.spamcop.net; Blocked - see https://www.spamcop.net/bl.shtml?77.244.26.125; from=	2020-04-19 13:11:29
222.186.31.83	attackspambots	Apr 19 07:28:59 vmd38886 sshd\[6778\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.31.83 user=root Apr 19 07:29:01 vmd38886 sshd\[6778\]: Failed password for root from 222.186.31.83 port 48004 ssh2 Apr 19 07:29:04 vmd38886 sshd\[6778\]: Failed password for root from 222.186.31.83 port 48004 ssh2	2020-04-19 13:32:35
192.99.15.15	attackbotsspam	Automatic report - WordPress Brute Force	2020-04-19 13:39:42
198.108.66.240	attackspambots	SSH-bruteforce attempts	2020-04-19 13:26:32
45.169.24.2	attack	Apr 19 05:37:20 mail.srvfarm.net postfix/smtpd[439139]: NOQUEUE: reject: RCPT from unknown[45.169.24.2]: 554 5.7.1 Service unavailable; Client host [45.169.24.2] blocked using bl.spamcop.net; Blocked - see https://www.spamcop.net/bl.shtml?45.169.24.2; from= to= proto=ESMTP helo= Apr 19 05:37:21 mail.srvfarm.net postfix/smtpd[439139]: NOQUEUE: reject: RCPT from unknown[45.169.24.2]: 554 5.7.1 Service unavailable; Client host [45.169.24.2] blocked using bl.spamcop.net; Blocked - see https://www.spamcop.net/bl.shtml?45.169.24.2; from= to= proto=ESMTP helo= Apr 19 05:37:22 mail.srvfarm.net postfix/smtpd[439139]: NOQUEUE: reject: RCPT from unknown[45.169.24.2]: 554 5.7.1 Service unavailable; Client host [45.169.24.2] blocked using bl.spamcop.net; Blocked - see https://www.spamcop.net/bl.shtml?45.169.24.2; from= to= proto=ESMTP helo=	2020-04-19 13:17:36
45.143.220.209	attack	[2020-04-19 01:22:44] NOTICE[1170][C-00001fa7] chan_sip.c: Call from '' (45.143.220.209:58605) to extension '441205804657' rejected because extension not found in context 'public'. [2020-04-19 01:22:44] SECURITY[1184] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-04-19T01:22:44.657-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="441205804657",SessionID="0x7f6c082b17a8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/45.143.220.209/58605",ACLName="no_extension_match" [2020-04-19 01:23:31] NOTICE[1170][C-00001fa9] chan_sip.c: Call from '' (45.143.220.209:49297) to extension '00441205804657' rejected because extension not found in context 'public'. [2020-04-19 01:23:31] SECURITY[1184] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-04-19T01:23:31.987-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="00441205804657",SessionID="0x7f6c082b17a8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/45.14 ...	2020-04-19 13:30:07
120.92.133.32	attackbotsspam	Apr 19 12:02:22 webhost01 sshd[16507]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.133.32 Apr 19 12:02:24 webhost01 sshd[16507]: Failed password for invalid user ubuntu from 120.92.133.32 port 6522 ssh2 ...	2020-04-19 13:40:36
106.124.142.30	attack	Apr 19 05:48:26 MainVPS sshd[8120]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.124.142.30 user=root Apr 19 05:48:28 MainVPS sshd[8120]: Failed password for root from 106.124.142.30 port 41814 ssh2 Apr 19 05:55:28 MainVPS sshd[14060]: Invalid user qa from 106.124.142.30 port 36206 Apr 19 05:55:28 MainVPS sshd[14060]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.124.142.30 Apr 19 05:55:28 MainVPS sshd[14060]: Invalid user qa from 106.124.142.30 port 36206 Apr 19 05:55:29 MainVPS sshd[14060]: Failed password for invalid user qa from 106.124.142.30 port 36206 ssh2 ...	2020-04-19 13:22:28

最近上报的IP列表

176.46.228.96	112.236.0.184	74.103.135.34	41.134.230.74
73.202.250.217	181.23.44.137	206.213.223.128	45.56.110.165
92.222.140.217	125.129.131.60	213.141.58.152	128.199.198.138
108.162.220.155	123.230.25.120	74.126.52.76	27.7.183.103
171.216.41.103	189.188.136.0	121.230.131.122	5.174.201.117