157.245.139.32

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States of America

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Automatic report - Banned IP Access	2020-09-13 23:41:00
attack	Automatic report - Banned IP Access	2020-09-13 15:33:24
attackspam	Automatic report - Banned IP Access	2020-09-13 07:18:04
attackbots	157.245.139.32 - - [30/Jul/2020:05:39:31 +0100] "POST /wp-login.php HTTP/1.1" 200 2261 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 157.245.139.32 - - [30/Jul/2020:05:39:33 +0100] "POST /wp-login.php HTTP/1.1" 200 2234 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 157.245.139.32 - - [30/Jul/2020:05:39:34 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-07-30 15:25:03
attackspambots	157.245.139.32 - - [26/Jul/2020:21:16:25 +0200] "GET /wp-login.php HTTP/1.1" 200 6060 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 157.245.139.32 - - [26/Jul/2020:21:16:27 +0200] "POST /wp-login.php HTTP/1.1" 200 6311 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 157.245.139.32 - - [26/Jul/2020:21:16:33 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-07-27 03:41:48

相同子网IP讨论:

IP	类型	评论内容	时间
157.245.139.159	attackspambots	DATE:2019-11-21 23:57:31, IP:157.245.139.159, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2019-11-22 08:20:01
157.245.139.186	attackspam	Nov 5 21:41:34 MK-Soft-Root1 sshd[11065]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.139.186 Nov 5 21:41:37 MK-Soft-Root1 sshd[11065]: Failed password for invalid user Rupesh from 157.245.139.186 port 52698 ssh2 ...	2019-11-06 04:50:24
157.245.139.37	attackspam	(from noreply@business-loan-funding.pro) Hi, letting you know that http://Business-Loan-Funding.pro?url=ocfrw.org can find your business a SBA or private loan for $2,000 - $350K Without high credit or collateral. Find Out how much you qualify for by clicking here: http://Business-Loan-Funding.pro?url=ocfrw.org Minimum requirements include your company being established for at least a year and with current gross revenue of at least 120K. Eligibility and funding can be completed in as fast as 48hrs. Terms are personalized for each business so I suggest applying to find out exactly how much you can get on various terms. This is a free service from a qualified lender and the approval will be based on the annual revenue of your business. These funds are Non-Restrictive, allowing you to spend the full amount in any way you require including business debt consolidation, hiring, marketing, or Absolutely Any Other expense. If you need fast and easy business funding take a look at these program	2019-10-08 23:12:17

类型

评论内容

时间

157.245.139.159

attackspambots

DATE:2019-11-21 23:57:31, IP:157.245.139.159, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)

2019-11-22 08:20:01

157.245.139.186

attackspam

Nov  5 21:41:34 MK-Soft-Root1 sshd[11065]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.139.186 
Nov  5 21:41:37 MK-Soft-Root1 sshd[11065]: Failed password for invalid user Rupesh from 157.245.139.186 port 52698 ssh2
...

2019-11-06 04:50:24

157.245.139.37

attackspam

(from noreply@business-loan-funding.pro) Hi, letting you know that http://Business-Loan-Funding.pro?url=ocfrw.org can find your business a SBA or private loan for $2,000 - $350K Without high credit or collateral. 
 
Find Out how much you qualify for by clicking here: 
 
http://Business-Loan-Funding.pro?url=ocfrw.org 
 
Minimum requirements include your company being established for at least a year and with current gross revenue of at least 120K. Eligibility and funding can be completed in as fast as 48hrs. Terms are personalized for each business so I suggest applying to find out exactly how much you can get on various terms. 
 
This is a free service from a qualified lender and the approval will be based on the annual revenue of your business. These funds are Non-Restrictive, allowing you to spend the full amount in any way you require including business debt consolidation, hiring, marketing, or Absolutely Any Other expense. 
 
If you need fast and easy business funding take a look at these program

2019-10-08 23:12:17

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 157.245.139.32
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 20932
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;157.245.139.32.			IN	A

;; AUTHORITY SECTION:
.			179	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020072601 1800 900 604800 86400

;; Query time: 16 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jul 27 03:41:45 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 32.139.245.157.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 32.139.245.157.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
122.195.200.148	attack	Jul 20 04:43:49 minden010 sshd[30341]: Failed password for root from 122.195.200.148 port 17943 ssh2 Jul 20 04:43:52 minden010 sshd[30341]: Failed password for root from 122.195.200.148 port 17943 ssh2 Jul 20 04:43:54 minden010 sshd[30341]: Failed password for root from 122.195.200.148 port 17943 ssh2 ...	2019-07-20 10:44:23
41.234.67.40	attackbots	(pop3d) Failed POP3 login from 41.234.67.40 (EG/Egypt/host-41.234.67.40.tedata.net): 1 in the last 3600 secs	2019-07-20 10:25:33
180.250.205.114	attack	Jul 20 02:40:44 MK-Soft-VM7 sshd\[8803\]: Invalid user sagar from 180.250.205.114 port 56537 Jul 20 02:40:44 MK-Soft-VM7 sshd\[8803\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.250.205.114 Jul 20 02:40:45 MK-Soft-VM7 sshd\[8803\]: Failed password for invalid user sagar from 180.250.205.114 port 56537 ssh2 ...	2019-07-20 10:52:58
81.22.45.54	attack	Unauthorised access (Jul 20) SRC=81.22.45.54 LEN=40 TTL=247 ID=18728 TCP DPT=3389 WINDOW=1024 SYN Unauthorised access (Jul 16) SRC=81.22.45.54 LEN=40 TTL=247 ID=41495 TCP DPT=3389 WINDOW=1024 SYN	2019-07-20 10:56:49
134.175.120.173	attackbotsspam	Jul 20 03:57:28 vps647732 sshd[21111]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.120.173 Jul 20 03:57:30 vps647732 sshd[21111]: Failed password for invalid user fei from 134.175.120.173 port 34682 ssh2 ...	2019-07-20 10:16:17
118.24.119.135	attack	118.24.119.135 - - [20/Jul/2019:03:37:21 +0200] "POST [munged]wp-login.php HTTP/1.1" 444 0 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 0.000	2019-07-20 10:38:59
193.70.0.93	attackspam	2019-07-20T02:09:03.542293abusebot-4.cloudsearch.cf sshd\[17075\]: Invalid user web from 193.70.0.93 port 50072	2019-07-20 10:23:21
92.11.85.58	attack	Jul 20 09:27:25 webhost01 sshd[31539]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.11.85.58 Jul 20 09:27:27 webhost01 sshd[31539]: Failed password for invalid user nadine from 92.11.85.58 port 54404 ssh2 ...	2019-07-20 10:33:30
188.191.9.211	attackbotsspam	[portscan] Port scan	2019-07-20 10:57:20
106.51.33.29	attackspam	Jul 20 04:41:25 localhost sshd\[7939\]: Invalid user nishi from 106.51.33.29 port 53522 Jul 20 04:41:25 localhost sshd\[7939\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.51.33.29 Jul 20 04:41:27 localhost sshd\[7939\]: Failed password for invalid user nishi from 106.51.33.29 port 53522 ssh2	2019-07-20 10:51:13
122.195.200.36	attack	2019-07-20T02:35:15.463025hub.schaetter.us sshd\[5143\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.195.200.36 user=root 2019-07-20T02:35:17.385906hub.schaetter.us sshd\[5143\]: Failed password for root from 122.195.200.36 port 39223 ssh2 2019-07-20T02:35:19.818502hub.schaetter.us sshd\[5143\]: Failed password for root from 122.195.200.36 port 39223 ssh2 2019-07-20T02:35:22.006705hub.schaetter.us sshd\[5143\]: Failed password for root from 122.195.200.36 port 39223 ssh2 2019-07-20T02:35:24.790962hub.schaetter.us sshd\[5145\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.195.200.36 user=root ...	2019-07-20 10:54:25
5.173.184.199	attackspambots	$f2bV_matches	2019-07-20 10:51:41
190.85.234.215	attack	Jul 20 03:37:11 mail sshd\[16900\]: Invalid user deploy from 190.85.234.215 Jul 20 03:37:11 mail sshd\[16900\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.85.234.215 Jul 20 03:37:13 mail sshd\[16900\]: Failed password for invalid user deploy from 190.85.234.215 port 38120 ssh2 ...	2019-07-20 10:45:20
153.36.236.35	attackspambots	Jul 19 21:14:40 aat-srv002 sshd[22953]: Failed password for root from 153.36.236.35 port 36638 ssh2 Jul 19 21:14:49 aat-srv002 sshd[22959]: Failed password for root from 153.36.236.35 port 59944 ssh2 Jul 19 21:15:01 aat-srv002 sshd[22961]: Failed password for root from 153.36.236.35 port 30108 ssh2 ...	2019-07-20 10:24:07
206.214.12.112	attack	(pop3d) Failed POP3 login from 206.214.12.112 (AG/Antigua and Barbuda/206-214-12-112.candw.ag): 1 in the last 3600 secs	2019-07-20 10:31:32

最近上报的IP列表

14.247.239.122	196.219.66.215	24.2.9.149	41.236.153.23
10.35.204.40	103.54.202.221	209.97.132.66	136.124.143.124
109.99.116.44	40.93.170.137	68.253.115.8	196.31.232.182
117.42.9.175	116.68.205.75	46.248.51.232	78.186.88.195
162.158.63.233	160.120.3.77	61.167.152.217	187.167.203.175