147.139.132.238

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Indonesia

运营商(isp): Alibaba.com LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Invalid user sshvpn from 147.139.132.238 port 38648	2020-02-28 09:23:35

相同子网IP讨论:

IP	类型	评论内容	时间
147.139.132.12	attackbotsspam	Jul 27 13:35:52 myhostname sshd[19591]: Invalid user user from 147.139.132.12 Jul 27 13:35:52 myhostname sshd[19591]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.139.132.12 Jul 27 13:35:54 myhostname sshd[19591]: Failed password for invalid user user from 147.139.132.12 port 42814 ssh2 Jul 27 13:35:54 myhostname sshd[19591]: Received disconnect from 147.139.132.12 port 42814:11: Bye Bye [preauth] Jul 27 13:35:54 myhostname sshd[19591]: Disconnected from 147.139.132.12 port 42814 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=147.139.132.12	2020-07-28 02:53:01
147.139.132.146	attackspambots	SSH login attempts brute force.	2020-02-24 03:14:59
147.139.132.146	attackbots	Feb 2 14:38:40 sd-53420 sshd\[23527\]: Invalid user support from 147.139.132.146 Feb 2 14:38:40 sd-53420 sshd\[23527\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.139.132.146 Feb 2 14:38:42 sd-53420 sshd\[23527\]: Failed password for invalid user support from 147.139.132.146 port 36490 ssh2 Feb 2 14:41:21 sd-53420 sshd\[23941\]: Invalid user 1qaz@WSX from 147.139.132.146 Feb 2 14:41:21 sd-53420 sshd\[23941\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.139.132.146 ...	2020-02-02 21:59:37
147.139.132.146	attack	Jan 21 09:55:36 v22018076590370373 sshd[22185]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.139.132.146 ...	2020-02-02 00:28:29
147.139.132.146	attack	Unauthorized connection attempt detected from IP address 147.139.132.146 to port 2220 [J]	2020-01-21 20:22:04
147.139.132.146	attack	Jan 14 18:09:24 firewall sshd[16186]: Invalid user webadmin from 147.139.132.146 Jan 14 18:09:25 firewall sshd[16186]: Failed password for invalid user webadmin from 147.139.132.146 port 45546 ssh2 Jan 14 18:16:40 firewall sshd[16356]: Invalid user sapdb from 147.139.132.146 ...	2020-01-15 06:14:31
147.139.132.146	attackbots	Jan 5 19:40:36 vps46666688 sshd[27454]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.139.132.146 Jan 5 19:40:38 vps46666688 sshd[27454]: Failed password for invalid user sysadmin from 147.139.132.146 port 49658 ssh2 ...	2020-01-06 07:01:17
147.139.132.146	attackbotsspam	Jan 1 23:39:49 server sshd[37817]: Failed password for invalid user pracownik from 147.139.132.146 port 38630 ssh2 Jan 1 23:46:22 server sshd[38176]: Failed password for invalid user oracle from 147.139.132.146 port 50114 ssh2 Jan 1 23:50:46 server sshd[38423]: Failed password for root from 147.139.132.146 port 51552 ssh2	2020-01-02 09:22:28
147.139.132.146	attack	$f2bV_matches	2019-12-30 05:44:38
147.139.132.146	attack	Dec 29 13:52:50 server sshd\[9298\]: Invalid user menashi from 147.139.132.146 Dec 29 13:52:50 server sshd\[9298\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.139.132.146 Dec 29 13:52:53 server sshd\[9298\]: Failed password for invalid user menashi from 147.139.132.146 port 33044 ssh2 Dec 29 14:05:18 server sshd\[12226\]: Invalid user ach from 147.139.132.146 Dec 29 14:05:18 server sshd\[12226\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.139.132.146 ...	2019-12-29 22:41:10
147.139.132.146	attackspam	Dec 8 15:45:05 firewall sshd[22286]: Invalid user suer from 147.139.132.146 Dec 8 15:45:07 firewall sshd[22286]: Failed password for invalid user suer from 147.139.132.146 port 44958 ssh2 Dec 8 15:53:11 firewall sshd[22493]: Invalid user ftp from 147.139.132.146 ...	2019-12-09 05:57:36
147.139.132.146	attackbots	Dec 6 06:30:31 eddieflores sshd\[13356\]: Invalid user Sporting2016 from 147.139.132.146 Dec 6 06:30:31 eddieflores sshd\[13356\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.139.132.146 Dec 6 06:30:33 eddieflores sshd\[13356\]: Failed password for invalid user Sporting2016 from 147.139.132.146 port 45514 ssh2 Dec 6 06:39:51 eddieflores sshd\[14217\]: Invalid user test222 from 147.139.132.146 Dec 6 06:39:51 eddieflores sshd\[14217\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.139.132.146	2019-12-07 01:25:45
147.139.132.146	attackspam	Invalid user jaquier from 147.139.132.146 port 57298	2019-11-29 21:19:06
147.139.132.146	attack	Nov 25 01:08:13 Aberdeen-m4-Access auth.info sshd[5160]: Invalid user samsudin from 147.139.132.146 port 34206 Nov 25 01:08:13 Aberdeen-m4-Access auth.info sshd[5160]: Failed password for invalid user samsudin from 147.139.132.146 port 34206 ssh2 Nov 25 01:08:13 Aberdeen-m4-Access auth.notice sshguard[12566]: Attack from "147.139.132.146" on service 100 whostnameh danger 10. Nov 25 01:08:13 Aberdeen-m4-Access auth.notice sshguard[12566]: Attack from "147.139.132.146" on service 100 whostnameh danger 10. Nov 25 01:08:13 Aberdeen-m4-Access auth.info sshd[5160]: Received disconnect from 147.139.132.146 port 34206:11: Bye Bye [preauth] Nov 25 01:08:13 Aberdeen-m4-Access auth.info sshd[5160]: Disconnected from 147.139.132.146 port 34206 [preauth] Nov 25 01:08:14 Aberdeen-m4-Access auth.notice sshguard[12566]: Attack from "147.139.132.146" on service 100 whostnameh danger 10. Nov 25 01:08:14 Aberdeen-m4-Access auth.warn sshguard[12566]: Blocking "147.139.132.146/32" for 240 se........ ------------------------------	2019-11-25 17:23:26
147.139.132.146	attackspam	Nov 20 08:23:46 web1 sshd\[14839\]: Invalid user odroid from 147.139.132.146 Nov 20 08:23:46 web1 sshd\[14839\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.139.132.146 Nov 20 08:23:48 web1 sshd\[14839\]: Failed password for invalid user odroid from 147.139.132.146 port 54626 ssh2 Nov 20 08:30:34 web1 sshd\[15408\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.139.132.146 user=root Nov 20 08:30:36 web1 sshd\[15408\]: Failed password for root from 147.139.132.146 port 33688 ssh2	2019-11-21 06:34:45

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 147.139.132.238
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2124
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;147.139.132.238.		IN	A

;; AUTHORITY SECTION:
.			499	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020022701 1800 900 604800 86400

;; Query time: 116 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 28 09:23:32 CST 2020
;; MSG SIZE  rcvd: 119

HOST信息:

Host 238.132.139.147.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 238.132.139.147.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
203.57.58.124	attackbotsspam	2020-05-10T12:47:39.423622shield sshd\[16838\]: Invalid user ubuntu from 203.57.58.124 port 57166 2020-05-10T12:47:39.427346shield sshd\[16838\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.57.58.124 2020-05-10T12:47:41.478326shield sshd\[16838\]: Failed password for invalid user ubuntu from 203.57.58.124 port 57166 ssh2 2020-05-10T12:50:37.207074shield sshd\[17629\]: Invalid user greg from 203.57.58.124 port 60048 2020-05-10T12:50:37.210678shield sshd\[17629\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.57.58.124	2020-05-10 21:00:03
83.241.232.51	attack	May 10 14:14:21 meumeu sshd[7176]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=83.241.232.51 May 10 14:14:22 meumeu sshd[7176]: Failed password for invalid user teacher from 83.241.232.51 port 43881 ssh2 May 10 14:19:56 meumeu sshd[8010]: Failed password for jenkins from 83.241.232.51 port 55297 ssh2 ...	2020-05-10 20:29:10
59.54.88.224	attack	May 10 14:15:20 debian-2gb-nbg1-2 kernel: \[11371792.728842\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=59.54.88.224 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=50 ID=65285 PROTO=TCP SPT=48085 DPT=26 WINDOW=42205 RES=0x00 SYN URGP=0	2020-05-10 21:00:23
67.70.142.247	attackspambots	May 10 14:37:30 haigwepa sshd[26106]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=67.70.142.247 May 10 14:37:32 haigwepa sshd[26106]: Failed password for invalid user hvisage from 67.70.142.247 port 37544 ssh2 ...	2020-05-10 20:38:41
14.18.109.9	attackspam	May 10 06:43:03 server1 sshd\[31678\]: Failed password for invalid user zito from 14.18.109.9 port 46432 ssh2 May 10 06:47:19 server1 sshd\[3958\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.18.109.9 user=root May 10 06:47:21 server1 sshd\[3958\]: Failed password for root from 14.18.109.9 port 37352 ssh2 May 10 06:51:46 server1 sshd\[9615\]: Invalid user prueba from 14.18.109.9 May 10 06:51:46 server1 sshd\[9615\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.18.109.9 ...	2020-05-10 20:57:14
41.41.232.128	attackbots	Automatic report - Banned IP Access	2020-05-10 20:36:48
49.232.160.134	attack	Attempted connection to port 6379.	2020-05-10 20:14:54
106.13.38.246	attackbots	May 10 14:15:49 tuxlinux sshd[55621]: Invalid user admin from 106.13.38.246 port 45084 May 10 14:15:49 tuxlinux sshd[55621]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.38.246 May 10 14:15:49 tuxlinux sshd[55621]: Invalid user admin from 106.13.38.246 port 45084 May 10 14:15:49 tuxlinux sshd[55621]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.38.246 May 10 14:15:49 tuxlinux sshd[55621]: Invalid user admin from 106.13.38.246 port 45084 May 10 14:15:49 tuxlinux sshd[55621]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.38.246 May 10 14:15:52 tuxlinux sshd[55621]: Failed password for invalid user admin from 106.13.38.246 port 45084 ssh2 ...	2020-05-10 20:25:38
88.198.33.145	attackspambots	20 attempts against mh-misbehave-ban on twig	2020-05-10 20:47:43
43.226.49.23	attackbots	May 10 14:15:57 vpn01 sshd[6845]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.226.49.23 May 10 14:16:00 vpn01 sshd[6845]: Failed password for invalid user bay from 43.226.49.23 port 2058 ssh2 ...	2020-05-10 20:18:41
220.135.42.216	attack	Attempted connection to port 80.	2020-05-10 20:17:08
84.241.25.141	attack	DATE:2020-05-10 14:15:41, IP:84.241.25.141, PORT:1433 MSSQL brute force auth on honeypot server (epe-honey1-hq)	2020-05-10 20:35:29
188.163.99.212	attack	May 10 14:15:10 ArkNodeAT sshd\[17327\]: Invalid user admin from 188.163.99.212 May 10 14:15:10 ArkNodeAT sshd\[17327\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.163.99.212 May 10 14:15:11 ArkNodeAT sshd\[17327\]: Failed password for invalid user admin from 188.163.99.212 port 54750 ssh2	2020-05-10 20:43:48
209.126.4.80	attackspambots	DATE:2020-05-10 14:15:40, IP:209.126.4.80, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-05-10 20:37:47
62.171.176.180	attack	70 attempts from this IP to logon to my SFTP server	2020-05-10 20:29:53

最近上报的IP列表

87.179.138.176	224.0.133.26	33.229.61.242	47.172.126.193
182.88.124.132	174.27.152.105	206.89.36.12	116.1.180.22
55.6.13.228	60.133.52.171	33.166.81.104	33.161.62.106
115.29.246.243	153.135.141.183	252.125.255.40	153.246.155.78
0.10.149.81	202.33.104.159	32.249.47.31	41.42.129.80