147.139.132.52

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Indonesia

运营商(isp): Alibaba.com LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Aug 2 01:15:14 srv206 sshd[31818]: Invalid user sphinx from 147.139.132.52 Aug 2 01:15:14 srv206 sshd[31818]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.139.132.52 Aug 2 01:15:14 srv206 sshd[31818]: Invalid user sphinx from 147.139.132.52 Aug 2 01:15:15 srv206 sshd[31818]: Failed password for invalid user sphinx from 147.139.132.52 port 50966 ssh2 ...	2019-08-02 14:35:47

类型

评论内容

时间

attackspambots

Aug  2 01:15:14 srv206 sshd[31818]: Invalid user sphinx from 147.139.132.52
Aug  2 01:15:14 srv206 sshd[31818]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.139.132.52
Aug  2 01:15:14 srv206 sshd[31818]: Invalid user sphinx from 147.139.132.52
Aug  2 01:15:15 srv206 sshd[31818]: Failed password for invalid user sphinx from 147.139.132.52 port 50966 ssh2
...

2019-08-02 14:35:47

相同子网IP讨论:

IP	类型	评论内容	时间
147.139.132.12	attackbotsspam	Jul 27 13:35:52 myhostname sshd[19591]: Invalid user user from 147.139.132.12 Jul 27 13:35:52 myhostname sshd[19591]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.139.132.12 Jul 27 13:35:54 myhostname sshd[19591]: Failed password for invalid user user from 147.139.132.12 port 42814 ssh2 Jul 27 13:35:54 myhostname sshd[19591]: Received disconnect from 147.139.132.12 port 42814:11: Bye Bye [preauth] Jul 27 13:35:54 myhostname sshd[19591]: Disconnected from 147.139.132.12 port 42814 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=147.139.132.12	2020-07-28 02:53:01
147.139.132.238	attackspam	Invalid user sshvpn from 147.139.132.238 port 38648	2020-02-28 09:23:35
147.139.132.146	attackspambots	SSH login attempts brute force.	2020-02-24 03:14:59
147.139.132.146	attackbots	Feb 2 14:38:40 sd-53420 sshd\[23527\]: Invalid user support from 147.139.132.146 Feb 2 14:38:40 sd-53420 sshd\[23527\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.139.132.146 Feb 2 14:38:42 sd-53420 sshd\[23527\]: Failed password for invalid user support from 147.139.132.146 port 36490 ssh2 Feb 2 14:41:21 sd-53420 sshd\[23941\]: Invalid user 1qaz@WSX from 147.139.132.146 Feb 2 14:41:21 sd-53420 sshd\[23941\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.139.132.146 ...	2020-02-02 21:59:37
147.139.132.146	attack	Jan 21 09:55:36 v22018076590370373 sshd[22185]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.139.132.146 ...	2020-02-02 00:28:29
147.139.132.146	attack	Unauthorized connection attempt detected from IP address 147.139.132.146 to port 2220 [J]	2020-01-21 20:22:04
147.139.132.146	attack	Jan 14 18:09:24 firewall sshd[16186]: Invalid user webadmin from 147.139.132.146 Jan 14 18:09:25 firewall sshd[16186]: Failed password for invalid user webadmin from 147.139.132.146 port 45546 ssh2 Jan 14 18:16:40 firewall sshd[16356]: Invalid user sapdb from 147.139.132.146 ...	2020-01-15 06:14:31
147.139.132.146	attackbots	Jan 5 19:40:36 vps46666688 sshd[27454]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.139.132.146 Jan 5 19:40:38 vps46666688 sshd[27454]: Failed password for invalid user sysadmin from 147.139.132.146 port 49658 ssh2 ...	2020-01-06 07:01:17
147.139.132.146	attackbotsspam	Jan 1 23:39:49 server sshd[37817]: Failed password for invalid user pracownik from 147.139.132.146 port 38630 ssh2 Jan 1 23:46:22 server sshd[38176]: Failed password for invalid user oracle from 147.139.132.146 port 50114 ssh2 Jan 1 23:50:46 server sshd[38423]: Failed password for root from 147.139.132.146 port 51552 ssh2	2020-01-02 09:22:28
147.139.132.146	attack	$f2bV_matches	2019-12-30 05:44:38
147.139.132.146	attack	Dec 29 13:52:50 server sshd\[9298\]: Invalid user menashi from 147.139.132.146 Dec 29 13:52:50 server sshd\[9298\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.139.132.146 Dec 29 13:52:53 server sshd\[9298\]: Failed password for invalid user menashi from 147.139.132.146 port 33044 ssh2 Dec 29 14:05:18 server sshd\[12226\]: Invalid user ach from 147.139.132.146 Dec 29 14:05:18 server sshd\[12226\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.139.132.146 ...	2019-12-29 22:41:10
147.139.132.146	attackspam	Dec 8 15:45:05 firewall sshd[22286]: Invalid user suer from 147.139.132.146 Dec 8 15:45:07 firewall sshd[22286]: Failed password for invalid user suer from 147.139.132.146 port 44958 ssh2 Dec 8 15:53:11 firewall sshd[22493]: Invalid user ftp from 147.139.132.146 ...	2019-12-09 05:57:36
147.139.132.146	attackbots	Dec 6 06:30:31 eddieflores sshd\[13356\]: Invalid user Sporting2016 from 147.139.132.146 Dec 6 06:30:31 eddieflores sshd\[13356\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.139.132.146 Dec 6 06:30:33 eddieflores sshd\[13356\]: Failed password for invalid user Sporting2016 from 147.139.132.146 port 45514 ssh2 Dec 6 06:39:51 eddieflores sshd\[14217\]: Invalid user test222 from 147.139.132.146 Dec 6 06:39:51 eddieflores sshd\[14217\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.139.132.146	2019-12-07 01:25:45
147.139.132.146	attackspam	Invalid user jaquier from 147.139.132.146 port 57298	2019-11-29 21:19:06
147.139.132.146	attack	Nov 25 01:08:13 Aberdeen-m4-Access auth.info sshd[5160]: Invalid user samsudin from 147.139.132.146 port 34206 Nov 25 01:08:13 Aberdeen-m4-Access auth.info sshd[5160]: Failed password for invalid user samsudin from 147.139.132.146 port 34206 ssh2 Nov 25 01:08:13 Aberdeen-m4-Access auth.notice sshguard[12566]: Attack from "147.139.132.146" on service 100 whostnameh danger 10. Nov 25 01:08:13 Aberdeen-m4-Access auth.notice sshguard[12566]: Attack from "147.139.132.146" on service 100 whostnameh danger 10. Nov 25 01:08:13 Aberdeen-m4-Access auth.info sshd[5160]: Received disconnect from 147.139.132.146 port 34206:11: Bye Bye [preauth] Nov 25 01:08:13 Aberdeen-m4-Access auth.info sshd[5160]: Disconnected from 147.139.132.146 port 34206 [preauth] Nov 25 01:08:14 Aberdeen-m4-Access auth.notice sshguard[12566]: Attack from "147.139.132.146" on service 100 whostnameh danger 10. Nov 25 01:08:14 Aberdeen-m4-Access auth.warn sshguard[12566]: Blocking "147.139.132.146/32" for 240 se........ ------------------------------	2019-11-25 17:23:26

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 147.139.132.52
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 17704
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;147.139.132.52.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019080200 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Aug 02 14:35:40 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 52.132.139.147.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 52.132.139.147.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
129.211.13.164	attackbotsspam	Nov 26 21:06:04 vibhu-HP-Z238-Microtower-Workstation sshd\[6138\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.13.164 user=root Nov 26 21:06:05 vibhu-HP-Z238-Microtower-Workstation sshd\[6138\]: Failed password for root from 129.211.13.164 port 34466 ssh2 Nov 26 21:10:30 vibhu-HP-Z238-Microtower-Workstation sshd\[6384\]: Invalid user harshman from 129.211.13.164 Nov 26 21:10:30 vibhu-HP-Z238-Microtower-Workstation sshd\[6384\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.13.164 Nov 26 21:10:32 vibhu-HP-Z238-Microtower-Workstation sshd\[6384\]: Failed password for invalid user harshman from 129.211.13.164 port 41270 ssh2 ...	2019-11-26 23:53:11
120.31.140.51	attack	(sshd) Failed SSH login from 120.31.140.51 (CN/China/ns2.eflydns.net): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Nov 26 15:08:10 elude sshd[22144]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.31.140.51 user=root Nov 26 15:08:12 elude sshd[22144]: Failed password for root from 120.31.140.51 port 35336 ssh2 Nov 26 15:37:12 elude sshd[26464]: Invalid user catarina from 120.31.140.51 port 52126 Nov 26 15:37:14 elude sshd[26464]: Failed password for invalid user catarina from 120.31.140.51 port 52126 ssh2 Nov 26 15:46:16 elude sshd[27912]: Invalid user nfs from 120.31.140.51 port 56916	2019-11-26 23:50:34
218.92.0.171	attackbots	Nov 26 20:34:39 areeb-Workstation sshd[22445]: Failed password for root from 218.92.0.171 port 52099 ssh2 Nov 26 20:34:44 areeb-Workstation sshd[22445]: Failed password for root from 218.92.0.171 port 52099 ssh2 ...	2019-11-26 23:11:08
61.191.252.118	attackspambots	port scan and connect, tcp 1433 (ms-sql-s)	2019-11-26 23:51:56
218.92.0.141	attack	Too many connections or unauthorized access detected from Arctic banned ip	2019-11-26 23:15:17
95.9.237.99	attackspam	Unauthorized connection attempt from IP address 95.9.237.99 on Port 445(SMB)	2019-11-26 23:41:38
109.75.36.60	attackbotsspam	Unauthorized connection attempt from IP address 109.75.36.60 on Port 445(SMB)	2019-11-26 23:09:01
114.219.84.68	attackspambots	SASL broute force	2019-11-26 23:05:16
113.175.155.50	attackspambots	Unauthorized connection attempt from IP address 113.175.155.50 on Port 445(SMB)	2019-11-26 23:48:04
203.112.130.102	attackspambots	Unauthorized connection attempt from IP address 203.112.130.102 on Port 445(SMB)	2019-11-26 23:16:07
40.73.65.160	attack	Nov 26 15:39:11 v22019058497090703 sshd[23817]: Failed password for root from 40.73.65.160 port 42116 ssh2 Nov 26 15:46:41 v22019058497090703 sshd[24373]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.73.65.160 Nov 26 15:46:43 v22019058497090703 sshd[24373]: Failed password for invalid user guest from 40.73.65.160 port 50062 ssh2 ...	2019-11-26 23:26:33
103.99.151.145	attackspam	Unauthorized connection attempt from IP address 103.99.151.145 on Port 445(SMB)	2019-11-26 23:35:32
222.186.180.223	attackbotsspam	Nov 26 16:10:25 MK-Soft-Root1 sshd[29710]: Failed password for root from 222.186.180.223 port 41576 ssh2 Nov 26 16:10:29 MK-Soft-Root1 sshd[29710]: Failed password for root from 222.186.180.223 port 41576 ssh2 ...	2019-11-26 23:13:14
218.92.0.138	attackbotsspam	Nov 26 05:05:40 hanapaa sshd\[18962\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.138 user=root Nov 26 05:05:42 hanapaa sshd\[18962\]: Failed password for root from 218.92.0.138 port 64704 ssh2 Nov 26 05:05:55 hanapaa sshd\[18962\]: Failed password for root from 218.92.0.138 port 64704 ssh2 Nov 26 05:05:59 hanapaa sshd\[19003\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.138 user=root Nov 26 05:06:01 hanapaa sshd\[19003\]: Failed password for root from 218.92.0.138 port 29391 ssh2	2019-11-26 23:15:37
106.13.98.217	attackbotsspam	2019-11-26T14:46:57.691719abusebot-6.cloudsearch.cf sshd\[29397\]: Invalid user server from 106.13.98.217 port 36462	2019-11-26 23:09:59

最近上报的IP列表

104.163.48.225	228.93.56.77	198.108.66.41	143.137.127.46
85.206.38.111	185.106.29.70	117.2.133.106	13.230.189.119
81.17.143.10	45.82.33.61	125.124.167.213	81.30.208.30
87.244.116.238	187.162.51.224	103.93.96.26	149.140.193.138
41.169.151.90	202.91.89.164	190.225.135.187	2400:8901::f03c:91ff:fe41:5944