147.139.132.52

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Indonesia

运营商(isp): Alibaba.com LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Aug 2 01:15:14 srv206 sshd[31818]: Invalid user sphinx from 147.139.132.52 Aug 2 01:15:14 srv206 sshd[31818]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.139.132.52 Aug 2 01:15:14 srv206 sshd[31818]: Invalid user sphinx from 147.139.132.52 Aug 2 01:15:15 srv206 sshd[31818]: Failed password for invalid user sphinx from 147.139.132.52 port 50966 ssh2 ...	2019-08-02 14:35:47

类型

评论内容

时间

attackspambots

Aug  2 01:15:14 srv206 sshd[31818]: Invalid user sphinx from 147.139.132.52
Aug  2 01:15:14 srv206 sshd[31818]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.139.132.52
Aug  2 01:15:14 srv206 sshd[31818]: Invalid user sphinx from 147.139.132.52
Aug  2 01:15:15 srv206 sshd[31818]: Failed password for invalid user sphinx from 147.139.132.52 port 50966 ssh2
...

2019-08-02 14:35:47

相同子网IP讨论:

IP	类型	评论内容	时间
147.139.132.12	attackbotsspam	Jul 27 13:35:52 myhostname sshd[19591]: Invalid user user from 147.139.132.12 Jul 27 13:35:52 myhostname sshd[19591]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.139.132.12 Jul 27 13:35:54 myhostname sshd[19591]: Failed password for invalid user user from 147.139.132.12 port 42814 ssh2 Jul 27 13:35:54 myhostname sshd[19591]: Received disconnect from 147.139.132.12 port 42814:11: Bye Bye [preauth] Jul 27 13:35:54 myhostname sshd[19591]: Disconnected from 147.139.132.12 port 42814 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=147.139.132.12	2020-07-28 02:53:01
147.139.132.238	attackspam	Invalid user sshvpn from 147.139.132.238 port 38648	2020-02-28 09:23:35
147.139.132.146	attackspambots	SSH login attempts brute force.	2020-02-24 03:14:59
147.139.132.146	attackbots	Feb 2 14:38:40 sd-53420 sshd\[23527\]: Invalid user support from 147.139.132.146 Feb 2 14:38:40 sd-53420 sshd\[23527\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.139.132.146 Feb 2 14:38:42 sd-53420 sshd\[23527\]: Failed password for invalid user support from 147.139.132.146 port 36490 ssh2 Feb 2 14:41:21 sd-53420 sshd\[23941\]: Invalid user 1qaz@WSX from 147.139.132.146 Feb 2 14:41:21 sd-53420 sshd\[23941\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.139.132.146 ...	2020-02-02 21:59:37
147.139.132.146	attack	Jan 21 09:55:36 v22018076590370373 sshd[22185]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.139.132.146 ...	2020-02-02 00:28:29
147.139.132.146	attack	Unauthorized connection attempt detected from IP address 147.139.132.146 to port 2220 [J]	2020-01-21 20:22:04
147.139.132.146	attack	Jan 14 18:09:24 firewall sshd[16186]: Invalid user webadmin from 147.139.132.146 Jan 14 18:09:25 firewall sshd[16186]: Failed password for invalid user webadmin from 147.139.132.146 port 45546 ssh2 Jan 14 18:16:40 firewall sshd[16356]: Invalid user sapdb from 147.139.132.146 ...	2020-01-15 06:14:31
147.139.132.146	attackbots	Jan 5 19:40:36 vps46666688 sshd[27454]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.139.132.146 Jan 5 19:40:38 vps46666688 sshd[27454]: Failed password for invalid user sysadmin from 147.139.132.146 port 49658 ssh2 ...	2020-01-06 07:01:17
147.139.132.146	attackbotsspam	Jan 1 23:39:49 server sshd[37817]: Failed password for invalid user pracownik from 147.139.132.146 port 38630 ssh2 Jan 1 23:46:22 server sshd[38176]: Failed password for invalid user oracle from 147.139.132.146 port 50114 ssh2 Jan 1 23:50:46 server sshd[38423]: Failed password for root from 147.139.132.146 port 51552 ssh2	2020-01-02 09:22:28
147.139.132.146	attack	$f2bV_matches	2019-12-30 05:44:38
147.139.132.146	attack	Dec 29 13:52:50 server sshd\[9298\]: Invalid user menashi from 147.139.132.146 Dec 29 13:52:50 server sshd\[9298\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.139.132.146 Dec 29 13:52:53 server sshd\[9298\]: Failed password for invalid user menashi from 147.139.132.146 port 33044 ssh2 Dec 29 14:05:18 server sshd\[12226\]: Invalid user ach from 147.139.132.146 Dec 29 14:05:18 server sshd\[12226\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.139.132.146 ...	2019-12-29 22:41:10
147.139.132.146	attackspam	Dec 8 15:45:05 firewall sshd[22286]: Invalid user suer from 147.139.132.146 Dec 8 15:45:07 firewall sshd[22286]: Failed password for invalid user suer from 147.139.132.146 port 44958 ssh2 Dec 8 15:53:11 firewall sshd[22493]: Invalid user ftp from 147.139.132.146 ...	2019-12-09 05:57:36
147.139.132.146	attackbots	Dec 6 06:30:31 eddieflores sshd\[13356\]: Invalid user Sporting2016 from 147.139.132.146 Dec 6 06:30:31 eddieflores sshd\[13356\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.139.132.146 Dec 6 06:30:33 eddieflores sshd\[13356\]: Failed password for invalid user Sporting2016 from 147.139.132.146 port 45514 ssh2 Dec 6 06:39:51 eddieflores sshd\[14217\]: Invalid user test222 from 147.139.132.146 Dec 6 06:39:51 eddieflores sshd\[14217\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.139.132.146	2019-12-07 01:25:45
147.139.132.146	attackspam	Invalid user jaquier from 147.139.132.146 port 57298	2019-11-29 21:19:06
147.139.132.146	attack	Nov 25 01:08:13 Aberdeen-m4-Access auth.info sshd[5160]: Invalid user samsudin from 147.139.132.146 port 34206 Nov 25 01:08:13 Aberdeen-m4-Access auth.info sshd[5160]: Failed password for invalid user samsudin from 147.139.132.146 port 34206 ssh2 Nov 25 01:08:13 Aberdeen-m4-Access auth.notice sshguard[12566]: Attack from "147.139.132.146" on service 100 whostnameh danger 10. Nov 25 01:08:13 Aberdeen-m4-Access auth.notice sshguard[12566]: Attack from "147.139.132.146" on service 100 whostnameh danger 10. Nov 25 01:08:13 Aberdeen-m4-Access auth.info sshd[5160]: Received disconnect from 147.139.132.146 port 34206:11: Bye Bye [preauth] Nov 25 01:08:13 Aberdeen-m4-Access auth.info sshd[5160]: Disconnected from 147.139.132.146 port 34206 [preauth] Nov 25 01:08:14 Aberdeen-m4-Access auth.notice sshguard[12566]: Attack from "147.139.132.146" on service 100 whostnameh danger 10. Nov 25 01:08:14 Aberdeen-m4-Access auth.warn sshguard[12566]: Blocking "147.139.132.146/32" for 240 se........ ------------------------------	2019-11-25 17:23:26

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 147.139.132.52
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 17704
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;147.139.132.52.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019080200 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Aug 02 14:35:40 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 52.132.139.147.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 52.132.139.147.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
117.221.55.28	attack	Unauthorized connection attempt from IP address 117.221.55.28 on Port 445(SMB)	2020-08-01 02:31:47
129.226.61.157	attackspam	SSH Brute Force	2020-08-01 02:27:13
95.71.166.65	attack	Unauthorized connection attempt from IP address 95.71.166.65 on Port 445(SMB)	2020-08-01 02:32:51
51.144.3.140	attack	(mod_security) mod_security (id:20000005) triggered by 51.144.3.140 (NL/Netherlands/-): 5 in the last 300 secs	2020-08-01 02:19:28
79.134.211.250	attack	20/7/31@08:02:49: FAIL: Alarm-Network address from=79.134.211.250 ...	2020-08-01 02:20:18
101.89.201.250	attackbots	SSH Brute Force	2020-08-01 02:39:20
192.99.5.123	attack	Port scan on 1 port(s): 21	2020-08-01 02:18:39
165.3.86.68	attackbots	2020-07-31T15:06:47.233100+02:00 lumpi kernel: [21490412.884937] INPUT:DROP:SPAMHAUS_DROP:IN=eth0 OUT= MAC=52:54:a2:01:a5:04:d2:74:7f:6e:37:e3:08:00 SRC=165.3.86.68 DST=78.46.199.189 LEN=48 TOS=0x00 PREC=0x00 TTL=115 ID=27208 DF PROTO=TCP SPT=17845 DPT=445 WINDOW=8192 RES=0x00 SYN URGP=0 ...	2020-08-01 02:14:59
181.214.99.153	attackbots	(From jumpstart.1@hotmail.com) Hi, I thought you may be interested in our services. Would you like thousands of interested people coming to your website every day? People will come to your site from the exact online publications in your niche. We are the only service out there who drives visitors to you like this. Starter campaigns of 5,000 visitors just 57.99. Larger campaigns are available. For more info please visit us at https://traffic-stampede.com Thank you for your time and hope to see you there. Kind regards, Jodie TS	2020-08-01 02:00:36
18.162.126.3	attackbots	Jul 31 19:46:49 sshd\[28540\]: User root from ec2-18-162-126-3.ap-east-1.compute.amazonaws.com not allowed because not listed in AllowUsersJul 31 19:46:50 sshd\[28540\]: Failed password for invalid user root from 18.162.126.3 port 37654 ssh2 ...	2020-08-01 02:03:56
37.49.230.126	attackspam	Jul 31 18:42:13 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3f:fd:58:00:08:e3:ff:fd:90:08:00 SRC=37.49.230.126 DST=79.143.186.54 LEN=52 TOS=0x02 PREC=0x00 TTL=122 ID=11465 DF PROTO=TCP SPT=62372 DPT=25 WINDOW=8192 RES=0x00 CWR ECE SYN URGP=0 Jul 31 18:42:16 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3f:fd:58:00:08:e3:ff:fd:90:08:00 SRC=37.49.230.126 DST=79.143.186.54 LEN=52 TOS=0x02 PREC=0x00 TTL=122 ID=11466 DF PROTO=TCP SPT=62372 DPT=25 WINDOW=8192 RES=0x00 CWR ECE SYN URGP=0 Jul 31 18:42:22 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3f:fd:58:00:08:e3:ff:fd:90:08:00 SRC=37.49.230.126 DST=79.143.186.54 LEN=48 TOS=0x00 PREC=0x00 TTL=122 ID=11467 DF PROTO=TCP SPT=62372 DPT=25 WINDOW=8192 RES=0x00 SYN URGP=0	2020-08-01 02:31:20
46.229.168.141	attackbotsspam	SQL injection attempt.	2020-08-01 02:02:21
27.128.168.225	attack	2020-07-31T19:40:13.532833galaxy.wi.uni-potsdam.de sshd[4123]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.128.168.225 user=root 2020-07-31T19:40:15.089544galaxy.wi.uni-potsdam.de sshd[4123]: Failed password for root from 27.128.168.225 port 35365 ssh2 2020-07-31T19:41:13.503140galaxy.wi.uni-potsdam.de sshd[4201]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.128.168.225 user=root 2020-07-31T19:41:15.295891galaxy.wi.uni-potsdam.de sshd[4201]: Failed password for root from 27.128.168.225 port 40293 ssh2 2020-07-31T19:42:15.716618galaxy.wi.uni-potsdam.de sshd[4383]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.128.168.225 user=root 2020-07-31T19:42:18.021137galaxy.wi.uni-potsdam.de sshd[4383]: Failed password for root from 27.128.168.225 port 45220 ssh2 2020-07-31T19:43:25.422177galaxy.wi.uni-potsdam.de sshd[4661]: pam_unix(sshd:auth): authenticatio ...	2020-08-01 02:32:04
182.122.115.116	attackbots	TCP (SYN) 182.122.115.116:39340 -> port 8080, len 40	2020-08-01 01:57:27
213.108.161.39	attackbotsspam	failed_logins	2020-08-01 02:13:56

最近上报的IP列表

104.163.48.225	228.93.56.77	198.108.66.41	143.137.127.46
85.206.38.111	185.106.29.70	117.2.133.106	13.230.189.119
81.17.143.10	45.82.33.61	125.124.167.213	81.30.208.30
87.244.116.238	187.162.51.224	103.93.96.26	149.140.193.138
41.169.151.90	202.91.89.164	190.225.135.187	2400:8901::f03c:91ff:fe41:5944