139.99.148.4 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Australia

运营商(isp): OVH Australia Pty Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	139.99.148.4 - - [07/Oct/2020:15:35:38 +0200] "POST /xmlrpc.php HTTP/1.1" 403 146 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.99.148.4 - - [07/Oct/2020:16:01:07 +0200] "POST /xmlrpc.php HTTP/1.1" 403 146 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-08 04:29:11
attack	Attempted WordPress login: "GET /wp-login.php"	2020-10-07 20:48:50
attackspam	139.99.148.4 - - [07/Oct/2020:02:44:52 +0100] "POST /wp-login.php HTTP/1.1" 200 2394 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.99.148.4 - - [07/Oct/2020:02:44:54 +0100] "POST /wp-login.php HTTP/1.1" 200 2328 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.99.148.4 - - [07/Oct/2020:02:44:56 +0100] "POST /wp-login.php HTTP/1.1" 200 2376 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-07 12:33:19
attackspambots	Automatic report - XMLRPC Attack	2020-09-21 01:35:44
attack	139.99.148.4 - - [20/Sep/2020:09:02:17 +0200] "GET /wp-login.php HTTP/1.1" 200 8558 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.99.148.4 - - [20/Sep/2020:09:02:19 +0200] "POST /wp-login.php HTTP/1.1" 200 8809 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.99.148.4 - - [20/Sep/2020:09:02:20 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-09-20 17:34:25
attackbotsspam	php WP PHPmyadamin ABUSE blocked for 12h	2020-09-12 23:56:56
attackspam	139.99.148.4 - - [12/Sep/2020:07:11:02 +0200] "GET /wp-login.php HTTP/1.1" 200 8796 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.99.148.4 - - [12/Sep/2020:07:11:04 +0200] "POST /wp-login.php HTTP/1.1" 200 9047 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.99.148.4 - - [12/Sep/2020:07:11:06 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-09-12 15:59:01
attackspam	139.99.148.4 - - [11/Sep/2020:17:53:47 +0100] "POST /wp-login.php HTTP/1.1" 200 2221 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.99.148.4 - - [11/Sep/2020:17:53:49 +0100] "POST /wp-login.php HTTP/1.1" 200 2147 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.99.148.4 - - [11/Sep/2020:17:53:50 +0100] "POST /xmlrpc.php HTTP/1.1" 200 247 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-12 07:46:05
attackspambots	Automatic report - XMLRPC Attack	2020-09-09 02:41:56
attack	139.99.148.4 has been banned for [WebApp Attack] ...	2020-09-08 18:12:42
attack	139.99.148.4 - - [14/Aug/2020:12:21:41 +0100] "POST /wp-login.php HTTP/1.1" 200 1875 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.99.148.4 - - [14/Aug/2020:12:21:45 +0100] "POST /wp-login.php HTTP/1.1" 200 1875 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.99.148.4 - - [14/Aug/2020:12:21:50 +0100] "POST /wp-login.php HTTP/1.1" 200 1875 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-14 20:21:14
attackspam	139.99.148.4 - - [07/Aug/2020:06:52:42 +0200] "POST /xmlrpc.php HTTP/1.1" 403 461 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.99.148.4 - - [07/Aug/2020:07:05:56 +0200] "POST /xmlrpc.php HTTP/1.1" 403 10519 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-07 13:49:44
attackbots	139.99.148.4 - - [31/Jul/2020:15:11:09 +0100] "POST /wp-login.php HTTP/1.1" 302 5 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.99.148.4 - - [31/Jul/2020:15:11:16 +0100] "POST /wp-login.php HTTP/1.1" 302 5 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.99.148.4 - - [31/Jul/2020:15:11:22 +0100] "POST /wp-login.php HTTP/1.1" 302 5 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-01 02:05:11
attackbotsspam	CMS (WordPress or Joomla) login attempt.	2020-07-30 07:41:44
attackbots	139.99.148.4 - - [27/Jul/2020:15:16:18 +0100] "POST /wp-login.php HTTP/1.1" 200 1968 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.99.148.4 - - [27/Jul/2020:15:16:21 +0100] "POST /wp-login.php HTTP/1.1" 200 1972 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.99.148.4 - - [27/Jul/2020:15:16:22 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-07-27 23:21:14
attack	php WP PHPmyadamin ABUSE blocked for 12h	2020-07-11 04:17:51
attackspam	139.99.148.4 - - [24/Jun/2020:08:46:38 +0100] "POST /wp-login.php HTTP/1.1" 200 1791 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.99.148.4 - - [24/Jun/2020:08:46:40 +0100] "POST /wp-login.php HTTP/1.1" 200 1772 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.99.148.4 - - [24/Jun/2020:08:46:42 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-06-24 16:18:46
attackspam	09.06.2020 22:19:30 - Wordpress fail Detected by ELinOX-ALM	2020-06-10 05:52:51
attackspambots	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-06-10 01:09:00
attack	Automatic report - XMLRPC Attack	2020-06-06 03:35:07
attackbots	Automatic report - Banned IP Access	2020-05-11 23:50:20
attack	Automatic report - Banned IP Access	2020-05-04 12:30:04
attack	Attempted WordPress login: "GET /wp-login.php"	2020-03-14 05:10:03
attackbots	CMS (WordPress or Joomla) login attempt.	2020-03-08 18:53:36
attackbots	xmlrpc attack	2020-02-12 18:23:19
attackbotsspam	WordPress login Brute force / Web App Attack on client site.	2020-02-09 02:04:06
attackspambots	This client attempted to login to an administrator account on a Website, or abused from another resource.	2020-01-13 16:58:08
attackbotsspam	139.99.148.4 - - [07/Jan/2020:22:19:32 +0100] "GET /wp-login.php HTTP/1.1" 200 1901 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.99.148.4 - - [07/Jan/2020:22:19:33 +0100] "POST /wp-login.php HTTP/1.1" 200 2298 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.99.148.4 - - [07/Jan/2020:22:19:33 +0100] "GET /wp-login.php HTTP/1.1" 200 1901 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.99.148.4 - - [07/Jan/2020:22:19:34 +0100] "POST /wp-login.php HTTP/1.1" 200 2272 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.99.148.4 - - [07/Jan/2020:22:19:34 +0100] "GET /wp-login.php HTTP/1.1" 200 1901 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.99.148.4 - - [07/Jan/2020:22:19:35 +0100] "POST /wp-login.php HTTP/1.1" 200 2273 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-01-08 06:22:25
attack	Automatic report - Banned IP Access	2019-11-29 13:47:38
attack	139.99.148.4 - - \[26/Nov/2019:11:17:16 +0000\] "POST /wp-login.php HTTP/1.1" 200 6393 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 139.99.148.4 - - \[26/Nov/2019:11:17:18 +0000\] "POST /wp-login.php HTTP/1.1" 200 6254 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" ...	2019-11-26 21:46:10

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.99.148.4
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 26616
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.99.148.4.			IN	A

;; AUTHORITY SECTION:
.			125	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019092400 1800 900 604800 86400

;; Query time: 346 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Sep 25 00:25:36 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

4.148.99.139.in-addr.arpa domain name pointer fashion.zebrano.co.nz.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
4.148.99.139.in-addr.arpa	name = fashion.zebrano.co.nz.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
156.96.157.238	attackbotsspam	[2020-03-07 01:12:20] NOTICE[1148][C-0000f226] chan_sip.c: Call from '' (156.96.157.238:62210) to extension '00441472928301' rejected because extension not found in context 'public'. [2020-03-07 01:12:20] SECURITY[1163] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-03-07T01:12:20.809-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="00441472928301",SessionID="0x7fd82c40d3d8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/156.96.157.238/62210",ACLName="no_extension_match" [2020-03-07 01:13:42] NOTICE[1148][C-0000f229] chan_sip.c: Call from '' (156.96.157.238:61976) to extension '000441472928301' rejected because extension not found in context 'public'. [2020-03-07 01:13:42] SECURITY[1163] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-03-07T01:13:42.622-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="000441472928301",SessionID="0x7fd82c43c848",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP ...	2020-03-07 14:17:02
221.195.1.201	attackspam	Mar 7 11:34:49 areeb-Workstation sshd[9123]: Failed password for root from 221.195.1.201 port 36992 ssh2 ...	2020-03-07 14:50:21
185.220.103.9	attack	SSH bruteforce	2020-03-07 14:57:47
46.172.67.89	attack	Honeypot attack, port: 5555, PTR: PTR record not found	2020-03-07 14:50:56
140.143.133.134	attack	Mar 7 06:57:05 MK-Soft-Root1 sshd[10812]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.133.134 Mar 7 06:57:07 MK-Soft-Root1 sshd[10812]: Failed password for invalid user mapred from 140.143.133.134 port 51440 ssh2 ...	2020-03-07 14:45:00
47.16.175.111	attackspam	Honeypot attack, port: 81, PTR: ool-2f10af6f.dyn.optonline.net.	2020-03-07 14:18:35
107.170.49.174	attackspam	Mar 6 18:53:06 php1 sshd\[9081\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.170.49.174 user=root Mar 6 18:53:08 php1 sshd\[9081\]: Failed password for root from 107.170.49.174 port 54776 ssh2 Mar 6 18:56:33 php1 sshd\[9441\]: Invalid user ubuntu from 107.170.49.174 Mar 6 18:56:33 php1 sshd\[9441\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.170.49.174 Mar 6 18:56:35 php1 sshd\[9441\]: Failed password for invalid user ubuntu from 107.170.49.174 port 52546 ssh2	2020-03-07 14:56:11
59.126.130.205	attackspambots	Honeypot attack, port: 81, PTR: 59-126-130-205.HINET-IP.hinet.net.	2020-03-07 14:06:30
79.124.62.66	attackspambots	Portscan or hack attempt detected by psad/fwsnort	2020-03-07 14:59:15
51.68.226.159	attack	Mar 7 01:45:02 NPSTNNYC01T sshd[7169]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.226.159 Mar 7 01:45:04 NPSTNNYC01T sshd[7169]: Failed password for invalid user postgres from 51.68.226.159 port 51542 ssh2 Mar 7 01:49:13 NPSTNNYC01T sshd[7386]: Failed password for root from 51.68.226.159 port 39928 ssh2 ...	2020-03-07 14:53:09
92.50.249.92	attack	Mar 6 20:49:34 hanapaa sshd\[10469\]: Invalid user cnc from 92.50.249.92 Mar 6 20:49:34 hanapaa sshd\[10469\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.50.249.92 Mar 6 20:49:37 hanapaa sshd\[10469\]: Failed password for invalid user cnc from 92.50.249.92 port 47882 ssh2 Mar 6 20:53:29 hanapaa sshd\[10847\]: Invalid user ali from 92.50.249.92 Mar 6 20:53:29 hanapaa sshd\[10847\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.50.249.92	2020-03-07 14:56:34
51.68.38.228	attack	2020-03-07T07:00:42.651244vps751288.ovh.net sshd\[14404\]: Invalid user support from 51.68.38.228 port 48796 2020-03-07T07:00:42.661513vps751288.ovh.net sshd\[14404\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns3129268.ip-51-68-38.eu 2020-03-07T07:00:44.583219vps751288.ovh.net sshd\[14404\]: Failed password for invalid user support from 51.68.38.228 port 48796 ssh2 2020-03-07T07:05:02.991505vps751288.ovh.net sshd\[14446\]: Invalid user hive from 51.68.38.228 port 37246 2020-03-07T07:05:02.998372vps751288.ovh.net sshd\[14446\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns3129268.ip-51-68-38.eu	2020-03-07 14:17:28
222.186.173.226	attack	Mar 7 11:53:56 areeb-Workstation sshd[13024]: Failed password for root from 222.186.173.226 port 42299 ssh2 Mar 7 11:54:02 areeb-Workstation sshd[13024]: Failed password for root from 222.186.173.226 port 42299 ssh2 ...	2020-03-07 14:27:36
193.112.173.211	attackspam	2020-03-07T05:21:41.823314shield sshd\[4254\]: Invalid user admin from 193.112.173.211 port 58746 2020-03-07T05:21:41.827455shield sshd\[4254\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.173.211 2020-03-07T05:21:44.032469shield sshd\[4254\]: Failed password for invalid user admin from 193.112.173.211 port 58746 ssh2 2020-03-07T05:24:25.819306shield sshd\[4891\]: Invalid user cpanelcabcache from 193.112.173.211 port 60378 2020-03-07T05:24:25.826096shield sshd\[4891\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.173.211	2020-03-07 14:10:56
134.209.102.95	attack	Mar 7 00:59:55 plusreed sshd[10203]: Invalid user hduser from 134.209.102.95 ...	2020-03-07 14:10:27

最近上报的IP列表

85.114.207.10	91.179.237.93	51.68.226.66	40.114.126.73
101.228.122.53	83.234.244.77	138.184.138.110	212.7.220.20
27.76.243.60	166.62.121.76	60.174.20.214	141.255.150.34
1.169.141.180	103.206.129.211	177.157.89.103	123.21.104.145
49.67.111.135	54.36.250.123	68.100.119.84	77.34.178.80