147.139.132.52

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Indonesia

运营商(isp): Alibaba.com LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Aug 2 01:15:14 srv206 sshd[31818]: Invalid user sphinx from 147.139.132.52 Aug 2 01:15:14 srv206 sshd[31818]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.139.132.52 Aug 2 01:15:14 srv206 sshd[31818]: Invalid user sphinx from 147.139.132.52 Aug 2 01:15:15 srv206 sshd[31818]: Failed password for invalid user sphinx from 147.139.132.52 port 50966 ssh2 ...	2019-08-02 14:35:47

类型

评论内容

时间

attackspambots

Aug  2 01:15:14 srv206 sshd[31818]: Invalid user sphinx from 147.139.132.52
Aug  2 01:15:14 srv206 sshd[31818]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.139.132.52
Aug  2 01:15:14 srv206 sshd[31818]: Invalid user sphinx from 147.139.132.52
Aug  2 01:15:15 srv206 sshd[31818]: Failed password for invalid user sphinx from 147.139.132.52 port 50966 ssh2
...

2019-08-02 14:35:47

相同子网IP讨论:

IP	类型	评论内容	时间
147.139.132.12	attackbotsspam	Jul 27 13:35:52 myhostname sshd[19591]: Invalid user user from 147.139.132.12 Jul 27 13:35:52 myhostname sshd[19591]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.139.132.12 Jul 27 13:35:54 myhostname sshd[19591]: Failed password for invalid user user from 147.139.132.12 port 42814 ssh2 Jul 27 13:35:54 myhostname sshd[19591]: Received disconnect from 147.139.132.12 port 42814:11: Bye Bye [preauth] Jul 27 13:35:54 myhostname sshd[19591]: Disconnected from 147.139.132.12 port 42814 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=147.139.132.12	2020-07-28 02:53:01
147.139.132.238	attackspam	Invalid user sshvpn from 147.139.132.238 port 38648	2020-02-28 09:23:35
147.139.132.146	attackspambots	SSH login attempts brute force.	2020-02-24 03:14:59
147.139.132.146	attackbots	Feb 2 14:38:40 sd-53420 sshd\[23527\]: Invalid user support from 147.139.132.146 Feb 2 14:38:40 sd-53420 sshd\[23527\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.139.132.146 Feb 2 14:38:42 sd-53420 sshd\[23527\]: Failed password for invalid user support from 147.139.132.146 port 36490 ssh2 Feb 2 14:41:21 sd-53420 sshd\[23941\]: Invalid user 1qaz@WSX from 147.139.132.146 Feb 2 14:41:21 sd-53420 sshd\[23941\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.139.132.146 ...	2020-02-02 21:59:37
147.139.132.146	attack	Jan 21 09:55:36 v22018076590370373 sshd[22185]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.139.132.146 ...	2020-02-02 00:28:29
147.139.132.146	attack	Unauthorized connection attempt detected from IP address 147.139.132.146 to port 2220 [J]	2020-01-21 20:22:04
147.139.132.146	attack	Jan 14 18:09:24 firewall sshd[16186]: Invalid user webadmin from 147.139.132.146 Jan 14 18:09:25 firewall sshd[16186]: Failed password for invalid user webadmin from 147.139.132.146 port 45546 ssh2 Jan 14 18:16:40 firewall sshd[16356]: Invalid user sapdb from 147.139.132.146 ...	2020-01-15 06:14:31
147.139.132.146	attackbots	Jan 5 19:40:36 vps46666688 sshd[27454]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.139.132.146 Jan 5 19:40:38 vps46666688 sshd[27454]: Failed password for invalid user sysadmin from 147.139.132.146 port 49658 ssh2 ...	2020-01-06 07:01:17
147.139.132.146	attackbotsspam	Jan 1 23:39:49 server sshd[37817]: Failed password for invalid user pracownik from 147.139.132.146 port 38630 ssh2 Jan 1 23:46:22 server sshd[38176]: Failed password for invalid user oracle from 147.139.132.146 port 50114 ssh2 Jan 1 23:50:46 server sshd[38423]: Failed password for root from 147.139.132.146 port 51552 ssh2	2020-01-02 09:22:28
147.139.132.146	attack	$f2bV_matches	2019-12-30 05:44:38
147.139.132.146	attack	Dec 29 13:52:50 server sshd\[9298\]: Invalid user menashi from 147.139.132.146 Dec 29 13:52:50 server sshd\[9298\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.139.132.146 Dec 29 13:52:53 server sshd\[9298\]: Failed password for invalid user menashi from 147.139.132.146 port 33044 ssh2 Dec 29 14:05:18 server sshd\[12226\]: Invalid user ach from 147.139.132.146 Dec 29 14:05:18 server sshd\[12226\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.139.132.146 ...	2019-12-29 22:41:10
147.139.132.146	attackspam	Dec 8 15:45:05 firewall sshd[22286]: Invalid user suer from 147.139.132.146 Dec 8 15:45:07 firewall sshd[22286]: Failed password for invalid user suer from 147.139.132.146 port 44958 ssh2 Dec 8 15:53:11 firewall sshd[22493]: Invalid user ftp from 147.139.132.146 ...	2019-12-09 05:57:36
147.139.132.146	attackbots	Dec 6 06:30:31 eddieflores sshd\[13356\]: Invalid user Sporting2016 from 147.139.132.146 Dec 6 06:30:31 eddieflores sshd\[13356\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.139.132.146 Dec 6 06:30:33 eddieflores sshd\[13356\]: Failed password for invalid user Sporting2016 from 147.139.132.146 port 45514 ssh2 Dec 6 06:39:51 eddieflores sshd\[14217\]: Invalid user test222 from 147.139.132.146 Dec 6 06:39:51 eddieflores sshd\[14217\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.139.132.146	2019-12-07 01:25:45
147.139.132.146	attackspam	Invalid user jaquier from 147.139.132.146 port 57298	2019-11-29 21:19:06
147.139.132.146	attack	Nov 25 01:08:13 Aberdeen-m4-Access auth.info sshd[5160]: Invalid user samsudin from 147.139.132.146 port 34206 Nov 25 01:08:13 Aberdeen-m4-Access auth.info sshd[5160]: Failed password for invalid user samsudin from 147.139.132.146 port 34206 ssh2 Nov 25 01:08:13 Aberdeen-m4-Access auth.notice sshguard[12566]: Attack from "147.139.132.146" on service 100 whostnameh danger 10. Nov 25 01:08:13 Aberdeen-m4-Access auth.notice sshguard[12566]: Attack from "147.139.132.146" on service 100 whostnameh danger 10. Nov 25 01:08:13 Aberdeen-m4-Access auth.info sshd[5160]: Received disconnect from 147.139.132.146 port 34206:11: Bye Bye [preauth] Nov 25 01:08:13 Aberdeen-m4-Access auth.info sshd[5160]: Disconnected from 147.139.132.146 port 34206 [preauth] Nov 25 01:08:14 Aberdeen-m4-Access auth.notice sshguard[12566]: Attack from "147.139.132.146" on service 100 whostnameh danger 10. Nov 25 01:08:14 Aberdeen-m4-Access auth.warn sshguard[12566]: Blocking "147.139.132.146/32" for 240 se........ ------------------------------	2019-11-25 17:23:26

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 147.139.132.52
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 17704
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;147.139.132.52.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019080200 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Aug 02 14:35:40 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 52.132.139.147.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 52.132.139.147.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
187.162.51.63	attackspambots	SSH Login Bruteforce	2020-02-13 18:14:20
222.189.206.51	attackbots	Brute force attempt	2020-02-13 18:27:10
116.211.118.249	attackbots	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-13 18:05:48
151.0.51.26	attackbots	Automatic report - Port Scan Attack	2020-02-13 18:09:52
112.85.42.176	attackspam	Feb 13 11:41:32 nextcloud sshd\[4579\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.176 user=root Feb 13 11:41:34 nextcloud sshd\[4579\]: Failed password for root from 112.85.42.176 port 43518 ssh2 Feb 13 11:41:55 nextcloud sshd\[4992\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.176 user=root	2020-02-13 18:43:14
113.165.235.62	attack	Feb 13 05:48:16 mars sshd[36902]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.165.235.62 Feb 13 05:48:19 mars sshd[36902]: Failed password for invalid user admina from 113.165.235.62 port 55159 ssh2 ...	2020-02-13 18:37:24
206.189.85.31	attack	Feb 13 00:06:07 sachi sshd\[2272\]: Invalid user kevin from 206.189.85.31 Feb 13 00:06:07 sachi sshd\[2272\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.85.31 Feb 13 00:06:09 sachi sshd\[2272\]: Failed password for invalid user kevin from 206.189.85.31 port 39546 ssh2 Feb 13 00:08:26 sachi sshd\[2553\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.85.31 user=root Feb 13 00:08:28 sachi sshd\[2553\]: Failed password for root from 206.189.85.31 port 57416 ssh2	2020-02-13 18:10:42
187.120.144.52	attackspambots	DATE:2020-02-13 10:39:22, IP:187.120.144.52, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-02-13 18:05:22
106.13.78.180	attackspambots	Feb 13 07:33:10 plex sshd[25105]: Invalid user bedrifts from 106.13.78.180 port 53186	2020-02-13 17:54:57
165.227.41.202	attackspam	Feb 13 09:35:26 icinga sshd[18537]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.41.202 Feb 13 09:35:28 icinga sshd[18537]: Failed password for invalid user rozum from 165.227.41.202 port 57206 ssh2 Feb 13 09:51:17 icinga sshd[33576]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.41.202 ...	2020-02-13 18:40:18
180.137.29.123	attack	Telnet/23 MH Probe, BF, Hack -	2020-02-13 18:00:25
180.244.16.134	attackbots	Feb 13 04:10:31 server sshd\[18747\]: Invalid user admin from 180.244.16.134 Feb 13 04:10:31 server sshd\[18747\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.244.16.134 Feb 13 04:10:33 server sshd\[18747\]: Failed password for invalid user admin from 180.244.16.134 port 58748 ssh2 Feb 13 07:48:57 server sshd\[24014\]: Invalid user test from 180.244.16.134 Feb 13 07:48:58 server sshd\[24014\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.244.16.134 ...	2020-02-13 18:07:32
196.113.82.16	attackbots	Telnet/23 MH Probe, BF, Hack -	2020-02-13 17:45:05
189.16.0.30	attack	1581569307 - 02/13/2020 05:48:27 Host: 189.16.0.30/189.16.0.30 Port: 445 TCP Blocked	2020-02-13 18:29:41
194.26.29.121	attack	unauthorized connection attempt	2020-02-13 18:36:49

最近上报的IP列表

104.163.48.225	228.93.56.77	198.108.66.41	143.137.127.46
85.206.38.111	185.106.29.70	117.2.133.106	13.230.189.119
81.17.143.10	45.82.33.61	125.124.167.213	81.30.208.30
87.244.116.238	187.162.51.224	103.93.96.26	149.140.193.138
41.169.151.90	202.91.89.164	190.225.135.187	2400:8901::f03c:91ff:fe41:5944