147.139.136.77

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Indonesia

运营商(isp): Alibaba.com LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Jan 19 06:39:58 dedicated sshd[17232]: Invalid user deploy from 147.139.136.77 port 40940	2020-01-19 13:41:46

相同子网IP讨论:

IP	类型	评论内容	时间
147.139.136.237	attackspambots	Automatic report - Banned IP Access	2020-02-11 00:24:52
147.139.136.237	attackspambots	Unauthorized connection attempt detected from IP address 147.139.136.237 to port 2220 [J]	2020-02-02 00:26:43
147.139.136.237	attackspam	Unauthorized connection attempt detected from IP address 147.139.136.237 to port 2220 [J]	2020-01-29 01:31:30
147.139.136.237	attackspambots	Dec 26 08:59:41 sd-53420 sshd\[17767\]: Invalid user rashawn from 147.139.136.237 Dec 26 08:59:41 sd-53420 sshd\[17767\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.139.136.237 Dec 26 08:59:43 sd-53420 sshd\[17767\]: Failed password for invalid user rashawn from 147.139.136.237 port 38948 ssh2 Dec 26 09:01:49 sd-53420 sshd\[18592\]: Invalid user sidarta from 147.139.136.237 Dec 26 09:01:49 sd-53420 sshd\[18592\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.139.136.237 ...	2019-12-26 16:52:01
147.139.136.237	attack	Dec 14 04:30:34 TORMINT sshd\[18951\]: Invalid user albina from 147.139.136.237 Dec 14 04:30:34 TORMINT sshd\[18951\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.139.136.237 Dec 14 04:30:35 TORMINT sshd\[18951\]: Failed password for invalid user albina from 147.139.136.237 port 57512 ssh2 ...	2019-12-14 17:32:22
147.139.136.237	attackspam	Tried sshing with brute force.	2019-11-22 17:40:33
147.139.136.237	attackspam	Nov 16 00:44:29 dallas01 sshd[12318]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.139.136.237 Nov 16 00:44:31 dallas01 sshd[12318]: Failed password for invalid user ftp from 147.139.136.237 port 38624 ssh2 Nov 16 00:51:40 dallas01 sshd[13517]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.139.136.237	2019-11-16 19:15:11
147.139.136.237	attackspam	2019-11-10T07:02:27.202273abusebot-8.cloudsearch.cf sshd\[16889\]: Invalid user pessoal from 147.139.136.237 port 58276	2019-11-10 19:40:01
147.139.136.237	attackbots	SSH Brute Force, server-1 sshd[31736]: Failed password for invalid user andromada from 147.139.136.237 port 55026 ssh2	2019-11-07 08:33:23
147.139.136.237	attack	Nov 1 07:04:46 debian sshd\[7546\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.139.136.237 user=root Nov 1 07:04:48 debian sshd\[7546\]: Failed password for root from 147.139.136.237 port 36042 ssh2 Nov 1 07:12:12 debian sshd\[7631\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.139.136.237 user=root ...	2019-11-01 19:28:27
147.139.136.237	attackspam	2019-10-31T19:06:10.279349abusebot-2.cloudsearch.cf sshd\[5135\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.139.136.237 user=root	2019-11-01 03:31:31
147.139.136.237	attackbots	2019-10-21T12:04:22.080528shield sshd\[9108\]: Invalid user wangbo from 147.139.136.237 port 40218 2019-10-21T12:04:22.084579shield sshd\[9108\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.139.136.237 2019-10-21T12:04:24.809578shield sshd\[9108\]: Failed password for invalid user wangbo from 147.139.136.237 port 40218 ssh2 2019-10-21T12:13:54.086843shield sshd\[10958\]: Invalid user dereco from 147.139.136.237 port 50474 2019-10-21T12:13:54.090230shield sshd\[10958\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.139.136.237	2019-10-21 20:22:00
147.139.136.237	attackbots	Sep 30 12:28:50 localhost sshd\[15696\]: Invalid user nimda123 from 147.139.136.237 port 39702 Sep 30 12:28:50 localhost sshd\[15696\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.139.136.237 Sep 30 12:28:51 localhost sshd\[15696\]: Failed password for invalid user nimda123 from 147.139.136.237 port 39702 ssh2 Sep 30 12:38:48 localhost sshd\[16000\]: Invalid user 123 from 147.139.136.237 port 52402 Sep 30 12:38:48 localhost sshd\[16000\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.139.136.237 ...	2019-09-30 20:42:59
147.139.136.237	attackspam	Sep 30 10:00:38 localhost sshd\[10673\]: Invalid user henry from 147.139.136.237 port 46768 Sep 30 10:00:38 localhost sshd\[10673\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.139.136.237 Sep 30 10:00:40 localhost sshd\[10673\]: Failed password for invalid user henry from 147.139.136.237 port 46768 ssh2 Sep 30 10:10:35 localhost sshd\[11080\]: Invalid user test from 147.139.136.237 port 59470 Sep 30 10:10:35 localhost sshd\[11080\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.139.136.237 ...	2019-09-30 18:19:44
147.139.136.237	attack	Invalid user design from 147.139.136.237 port 55750	2019-09-27 18:26:51

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 147.139.136.77
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 30934
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;147.139.136.77.			IN	A

;; AUTHORITY SECTION:
.			529	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020011900 1800 900 604800 86400

;; Query time: 108 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jan 19 13:41:42 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 77.136.139.147.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 77.136.139.147.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
61.147.53.136	attack	Cowrie Honeypot: Unauthorised SSH/Telnet login attempt with user "plexuser" at 2020-09-05T16:49:16Z	2020-09-06 07:03:12
106.8.164.185	attackspam	2020-08-31 07:02:10 login_virtual_exim authenticator failed for (Qb2PqNspx) [106.8.164.185]: 535 Incorrect authentication data (set_id=strueber.stellpflug) ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=106.8.164.185	2020-09-06 06:59:18
185.59.139.99	attackbots	SSH Invalid Login	2020-09-06 06:31:24
82.64.83.141	attackspambots	Sep 6 00:38:03 Ubuntu-1404-trusty-64-minimal sshd\[7153\]: Invalid user pi from 82.64.83.141 Sep 6 00:38:03 Ubuntu-1404-trusty-64-minimal sshd\[7154\]: Invalid user pi from 82.64.83.141 Sep 6 00:38:04 Ubuntu-1404-trusty-64-minimal sshd\[7154\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.64.83.141 Sep 6 00:38:04 Ubuntu-1404-trusty-64-minimal sshd\[7153\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.64.83.141 Sep 6 00:38:05 Ubuntu-1404-trusty-64-minimal sshd\[7153\]: Failed password for invalid user pi from 82.64.83.141 port 60256 ssh2 Sep 6 00:38:05 Ubuntu-1404-trusty-64-minimal sshd\[7154\]: Failed password for invalid user pi from 82.64.83.141 port 60258 ssh2	2020-09-06 06:41:23
104.244.79.241	attackspambots	(sshd) Failed SSH login from 104.244.79.241 (LU/Luxembourg/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 5 17:44:12 server2 sshd[13186]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.244.79.241 user=root Sep 5 17:44:14 server2 sshd[13186]: Failed password for root from 104.244.79.241 port 45566 ssh2 Sep 5 17:44:15 server2 sshd[13186]: Failed password for root from 104.244.79.241 port 45566 ssh2 Sep 5 17:44:18 server2 sshd[13186]: Failed password for root from 104.244.79.241 port 45566 ssh2 Sep 5 17:44:20 server2 sshd[13186]: Failed password for root from 104.244.79.241 port 45566 ssh2	2020-09-06 06:41:07
45.142.120.36	attack	(smtpauth) Failed SMTP AUTH login from 45.142.120.36 (RU/Russia/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SMTPAUTH; Logs: 2020-09-05 18:24:13 dovecot_login authenticator failed for (User) [45.142.120.36]:35824: 535 Incorrect authentication data (set_id=department@xeoserver.com) 2020-09-05 18:24:20 dovecot_login authenticator failed for (User) [45.142.120.36]:37392: 535 Incorrect authentication data (set_id=department@xeoserver.com) 2020-09-05 18:24:30 dovecot_login authenticator failed for (User) [45.142.120.36]:47262: 535 Incorrect authentication data (set_id=tabid@xeoserver.com) 2020-09-05 18:24:38 dovecot_login authenticator failed for (User) [45.142.120.36]:3510: 535 Incorrect authentication data (set_id=tabid@xeoserver.com) 2020-09-05 18:24:49 dovecot_login authenticator failed for (User) [45.142.120.36]:44402: 535 Incorrect authentication data (set_id=tabid@xeoserver.com)	2020-09-06 06:47:12
54.36.241.186	attack	2020-09-06T00:03:17.730400snf-827550 sshd[6944]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip186.ip-54-36-241.eu user=root 2020-09-06T00:03:19.356502snf-827550 sshd[6944]: Failed password for root from 54.36.241.186 port 58458 ssh2 2020-09-06T00:05:37.112104snf-827550 sshd[6966]: Invalid user 8r>bzvCUd_zH*9 from 54.36.241.186 port 55898 ...	2020-09-06 07:04:28
66.230.230.230	attack	Unauthorised connection attempt detected at AUO NODE 4. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-09-06 06:39:47
185.220.101.9	attackspambots	$lgm	2020-09-06 06:30:31
192.3.204.194	attack	scanning for potential vulnerable apps (wordpress etc.) and database accesses. Requested URI: /wp/wp-admin/	2020-09-06 06:31:41
217.13.222.164	attackbots	Icarus honeypot on github	2020-09-06 06:50:48
185.147.212.8	attack	[2020-09-05 18:25:57] NOTICE[1194] chan_sip.c: Registration from '' failed for '185.147.212.8:49692' - Wrong password [2020-09-05 18:25:57] SECURITY[1233] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-09-05T18:25:57.257-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="338",SessionID="0x7f2ddc04e988",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.147.212.8/49692",Challenge="76837c96",ReceivedChallenge="76837c96",ReceivedHash="c4b900d6af0f448b2b2a5815bd5643ff" [2020-09-05 18:28:51] NOTICE[1194] chan_sip.c: Registration from '' failed for '185.147.212.8:53766' - Wrong password [2020-09-05 18:28:51] SECURITY[1233] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-09-05T18:28:51.105-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="1894",SessionID="0x7f2ddc3127f8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.147.212.8/5 ...	2020-09-06 06:34:10
98.176.168.11	attackspambots	firewall-block, port(s): 81/tcp	2020-09-06 06:34:47
166.62.80.165	attackbotsspam	166.62.80.165 - - [06/Sep/2020:00:25:41 +0200] "GET /wp-login.php HTTP/1.1" 200 9184 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 166.62.80.165 - - [06/Sep/2020:00:25:42 +0200] "POST /wp-login.php HTTP/1.1" 200 9435 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 166.62.80.165 - - [06/Sep/2020:00:25:44 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-09-06 07:06:56
68.228.215.87	attackbotsspam	Aug 31 07:08:28 h1946882 sshd[20654]: pam_unix(sshd:auth): authenticati= on failure; logname=3D uid=3D0 euid=3D0 tty=3Dssh ruser=3D rhost=3Dip68= -228-215-87.ph.ph.cox.net=20 Aug 31 07:08:30 h1946882 sshd[20654]: Failed password for invalid user = admin from 68.228.215.87 port 49694 ssh2 Aug 31 07:08:30 h1946882 sshd[20654]: Received disconnect from 68.228.2= 15.87: 11: Bye Bye [preauth] Aug 31 07:08:32 h1946882 sshd[20656]: pam_unix(sshd:auth): authenticati= on failure; logname=3D uid=3D0 euid=3D0 tty=3Dssh ruser=3D rhost=3Dip68= -228-215-87.ph.ph.cox.net=20 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=68.228.215.87	2020-09-06 07:04:57

最近上报的IP列表

60.218.191.118	47.93.117.195	183.220.146.251	45.72.3.160
79.143.29.251	77.43.92.29	1.246.223.92	86.47.114.118
204.93.154.209	204.93.154.208	198.98.55.82	191.37.51.98
189.141.104.187	187.162.49.98	183.80.240.195	179.127.166.83
178.252.170.198	175.141.209.124	168.232.13.14	125.165.56.60