139.99.148.4 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Australia

运营商(isp): OVH Australia Pty Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	139.99.148.4 - - [07/Oct/2020:15:35:38 +0200] "POST /xmlrpc.php HTTP/1.1" 403 146 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.99.148.4 - - [07/Oct/2020:16:01:07 +0200] "POST /xmlrpc.php HTTP/1.1" 403 146 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-08 04:29:11
attack	Attempted WordPress login: "GET /wp-login.php"	2020-10-07 20:48:50
attackspam	139.99.148.4 - - [07/Oct/2020:02:44:52 +0100] "POST /wp-login.php HTTP/1.1" 200 2394 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.99.148.4 - - [07/Oct/2020:02:44:54 +0100] "POST /wp-login.php HTTP/1.1" 200 2328 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.99.148.4 - - [07/Oct/2020:02:44:56 +0100] "POST /wp-login.php HTTP/1.1" 200 2376 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-07 12:33:19
attackspambots	Automatic report - XMLRPC Attack	2020-09-21 01:35:44
attack	139.99.148.4 - - [20/Sep/2020:09:02:17 +0200] "GET /wp-login.php HTTP/1.1" 200 8558 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.99.148.4 - - [20/Sep/2020:09:02:19 +0200] "POST /wp-login.php HTTP/1.1" 200 8809 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.99.148.4 - - [20/Sep/2020:09:02:20 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-09-20 17:34:25
attackbotsspam	php WP PHPmyadamin ABUSE blocked for 12h	2020-09-12 23:56:56
attackspam	139.99.148.4 - - [12/Sep/2020:07:11:02 +0200] "GET /wp-login.php HTTP/1.1" 200 8796 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.99.148.4 - - [12/Sep/2020:07:11:04 +0200] "POST /wp-login.php HTTP/1.1" 200 9047 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.99.148.4 - - [12/Sep/2020:07:11:06 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-09-12 15:59:01
attackspam	139.99.148.4 - - [11/Sep/2020:17:53:47 +0100] "POST /wp-login.php HTTP/1.1" 200 2221 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.99.148.4 - - [11/Sep/2020:17:53:49 +0100] "POST /wp-login.php HTTP/1.1" 200 2147 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.99.148.4 - - [11/Sep/2020:17:53:50 +0100] "POST /xmlrpc.php HTTP/1.1" 200 247 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-12 07:46:05
attackspambots	Automatic report - XMLRPC Attack	2020-09-09 02:41:56
attack	139.99.148.4 has been banned for [WebApp Attack] ...	2020-09-08 18:12:42
attack	139.99.148.4 - - [14/Aug/2020:12:21:41 +0100] "POST /wp-login.php HTTP/1.1" 200 1875 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.99.148.4 - - [14/Aug/2020:12:21:45 +0100] "POST /wp-login.php HTTP/1.1" 200 1875 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.99.148.4 - - [14/Aug/2020:12:21:50 +0100] "POST /wp-login.php HTTP/1.1" 200 1875 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-14 20:21:14
attackspam	139.99.148.4 - - [07/Aug/2020:06:52:42 +0200] "POST /xmlrpc.php HTTP/1.1" 403 461 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.99.148.4 - - [07/Aug/2020:07:05:56 +0200] "POST /xmlrpc.php HTTP/1.1" 403 10519 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-07 13:49:44
attackbots	139.99.148.4 - - [31/Jul/2020:15:11:09 +0100] "POST /wp-login.php HTTP/1.1" 302 5 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.99.148.4 - - [31/Jul/2020:15:11:16 +0100] "POST /wp-login.php HTTP/1.1" 302 5 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.99.148.4 - - [31/Jul/2020:15:11:22 +0100] "POST /wp-login.php HTTP/1.1" 302 5 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-01 02:05:11
attackbotsspam	CMS (WordPress or Joomla) login attempt.	2020-07-30 07:41:44
attackbots	139.99.148.4 - - [27/Jul/2020:15:16:18 +0100] "POST /wp-login.php HTTP/1.1" 200 1968 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.99.148.4 - - [27/Jul/2020:15:16:21 +0100] "POST /wp-login.php HTTP/1.1" 200 1972 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.99.148.4 - - [27/Jul/2020:15:16:22 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-07-27 23:21:14
attack	php WP PHPmyadamin ABUSE blocked for 12h	2020-07-11 04:17:51
attackspam	139.99.148.4 - - [24/Jun/2020:08:46:38 +0100] "POST /wp-login.php HTTP/1.1" 200 1791 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.99.148.4 - - [24/Jun/2020:08:46:40 +0100] "POST /wp-login.php HTTP/1.1" 200 1772 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.99.148.4 - - [24/Jun/2020:08:46:42 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-06-24 16:18:46
attackspam	09.06.2020 22:19:30 - Wordpress fail Detected by ELinOX-ALM	2020-06-10 05:52:51
attackspambots	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-06-10 01:09:00
attack	Automatic report - XMLRPC Attack	2020-06-06 03:35:07
attackbots	Automatic report - Banned IP Access	2020-05-11 23:50:20
attack	Automatic report - Banned IP Access	2020-05-04 12:30:04
attack	Attempted WordPress login: "GET /wp-login.php"	2020-03-14 05:10:03
attackbots	CMS (WordPress or Joomla) login attempt.	2020-03-08 18:53:36
attackbots	xmlrpc attack	2020-02-12 18:23:19
attackbotsspam	WordPress login Brute force / Web App Attack on client site.	2020-02-09 02:04:06
attackspambots	This client attempted to login to an administrator account on a Website, or abused from another resource.	2020-01-13 16:58:08
attackbotsspam	139.99.148.4 - - [07/Jan/2020:22:19:32 +0100] "GET /wp-login.php HTTP/1.1" 200 1901 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.99.148.4 - - [07/Jan/2020:22:19:33 +0100] "POST /wp-login.php HTTP/1.1" 200 2298 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.99.148.4 - - [07/Jan/2020:22:19:33 +0100] "GET /wp-login.php HTTP/1.1" 200 1901 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.99.148.4 - - [07/Jan/2020:22:19:34 +0100] "POST /wp-login.php HTTP/1.1" 200 2272 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.99.148.4 - - [07/Jan/2020:22:19:34 +0100] "GET /wp-login.php HTTP/1.1" 200 1901 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.99.148.4 - - [07/Jan/2020:22:19:35 +0100] "POST /wp-login.php HTTP/1.1" 200 2273 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-01-08 06:22:25
attack	Automatic report - Banned IP Access	2019-11-29 13:47:38
attack	139.99.148.4 - - \[26/Nov/2019:11:17:16 +0000\] "POST /wp-login.php HTTP/1.1" 200 6393 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 139.99.148.4 - - \[26/Nov/2019:11:17:18 +0000\] "POST /wp-login.php HTTP/1.1" 200 6254 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" ...	2019-11-26 21:46:10

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.99.148.4
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 26616
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.99.148.4.			IN	A

;; AUTHORITY SECTION:
.			125	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019092400 1800 900 604800 86400

;; Query time: 346 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Sep 25 00:25:36 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

4.148.99.139.in-addr.arpa domain name pointer fashion.zebrano.co.nz.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
4.148.99.139.in-addr.arpa	name = fashion.zebrano.co.nz.

Authoritative answers can be found from:

IP	类型	评论内容	时间
105.247.231.148	attack	Unauthorized connection attempt from IP address 105.247.231.148 on Port 445(SMB)	2019-11-05 01:08:42
117.48.208.71	attackbotsspam	Nov 4 18:06:56 vps01 sshd[28592]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.48.208.71 Nov 4 18:06:58 vps01 sshd[28592]: Failed password for invalid user 1234567 from 117.48.208.71 port 56758 ssh2	2019-11-05 01:15:49
172.94.24.71	attackbotsspam	Abuse	2019-11-05 01:17:28
77.40.3.183	attack	11/04/2019-17:47:18.671481 77.40.3.183 Protocol: 6 SURICATA SMTP tls rejected	2019-11-05 01:23:21
106.75.122.202	attack	Nov 4 17:51:45 MK-Soft-VM7 sshd[3652]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.122.202 Nov 4 17:51:47 MK-Soft-VM7 sshd[3652]: Failed password for invalid user ospite from 106.75.122.202 port 57826 ssh2 ...	2019-11-05 01:27:17
185.176.27.118	attackspam	11/04/2019-12:03:59.965774 185.176.27.118 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-11-05 01:32:06
54.39.129.162	attackbotsspam	CloudCIX Reconnaissance Scan Detected, PTR: ns563649.ip-54-39-129.net.	2019-11-05 01:19:47
49.234.51.242	attackbots	Nov 4 16:22:57 dedicated sshd[13960]: Invalid user fh from 49.234.51.242 port 51880	2019-11-05 01:42:24
61.161.125.1	attack	Nov 4 15:25:48 jane sshd[14347]: Failed password for www-data from 61.161.125.1 port 37294 ssh2 ...	2019-11-05 01:31:02
142.93.141.35	attackbots	Nov 4 13:00:57 ws22vmsma01 sshd[150155]: Failed password for root from 142.93.141.35 port 48180 ssh2 ...	2019-11-05 01:28:29
118.70.190.188	attackbots	Nov 4 15:28:40 serwer sshd\[24498\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.70.190.188 user=root Nov 4 15:28:42 serwer sshd\[24498\]: Failed password for root from 118.70.190.188 port 59912 ssh2 Nov 4 15:33:01 serwer sshd\[25096\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.70.190.188 user=root ...	2019-11-05 01:13:08
51.75.190.151	attackbots	Nov 4 19:06:58 www sshd\[60408\]: Invalid user suzanne from 51.75.190.151Nov 4 19:07:00 www sshd\[60408\]: Failed password for invalid user suzanne from 51.75.190.151 port 55378 ssh2Nov 4 19:10:52 www sshd\[60548\]: Invalid user zang from 51.75.190.151 ...	2019-11-05 01:33:08
177.189.210.217	attackspam	Unauthorized connection attempt from IP address 177.189.210.217 on Port 445(SMB)	2019-11-05 01:05:57
106.12.56.143	attack	Nov 4 04:47:13 sachi sshd\[2000\]: Invalid user ftpuser123 from 106.12.56.143 Nov 4 04:47:13 sachi sshd\[2000\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.56.143 Nov 4 04:47:15 sachi sshd\[2000\]: Failed password for invalid user ftpuser123 from 106.12.56.143 port 43322 ssh2 Nov 4 04:52:26 sachi sshd\[2415\]: Invalid user Stone123 from 106.12.56.143 Nov 4 04:52:26 sachi sshd\[2415\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.56.143	2019-11-05 01:22:01
178.32.219.209	attack	Automatic report - Banned IP Access	2019-11-05 01:44:31

最近上报的IP列表

85.114.207.10	91.179.237.93	51.68.226.66	40.114.126.73
101.228.122.53	83.234.244.77	138.184.138.110	212.7.220.20
27.76.243.60	166.62.121.76	60.174.20.214	141.255.150.34
1.169.141.180	103.206.129.211	177.157.89.103	123.21.104.145
49.67.111.135	54.36.250.123	68.100.119.84	77.34.178.80