163.172.157.139

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): France

运营商(isp): Online S.A.S.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Apr 29 15:14:59 sd-126173 sshd[10431]: Invalid user rh from 163.172.157.139 port 46494 Apr 29 15:15:55 sd-126173 sshd[10446]: User root from 163.172.157.139 not allowed because not listed in AllowUsers	2020-04-30 02:03:31
attackbotsspam	prod3 ...	2020-04-27 02:39:08

类型

评论内容

时间

attack

Apr 29 15:14:59 sd-126173 sshd[10431]: Invalid user rh from 163.172.157.139 port 46494
Apr 29 15:15:55 sd-126173 sshd[10446]: User root from 163.172.157.139 not allowed because not listed in AllowUsers

2020-04-30 02:03:31

attackbotsspam

prod3
...

2020-04-27 02:39:08

相同子网IP讨论:

IP	类型	评论内容	时间
163.172.157.193	attack	2020-09-18T07:40:54.859224mail.thespaminator.com sshd[24903]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=163.172.157.193 user=root 2020-09-18T07:40:56.618932mail.thespaminator.com sshd[24903]: Failed password for root from 163.172.157.193 port 52664 ssh2 ...	2020-09-19 03:12:50
163.172.157.193	attackspam	Sep 18 10:32:22 Ubuntu-1404-trusty-64-minimal sshd\[23543\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=163.172.157.193 user=root Sep 18 10:32:24 Ubuntu-1404-trusty-64-minimal sshd\[23543\]: Failed password for root from 163.172.157.193 port 58698 ssh2 Sep 18 10:35:43 Ubuntu-1404-trusty-64-minimal sshd\[25078\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=163.172.157.193 user=root Sep 18 10:35:45 Ubuntu-1404-trusty-64-minimal sshd\[25078\]: Failed password for root from 163.172.157.193 port 34706 ssh2 Sep 18 10:38:22 Ubuntu-1404-trusty-64-minimal sshd\[26391\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=163.172.157.193 user=root	2020-09-18 19:14:46
163.172.157.193	attack	Automatic report - Banned IP Access	2020-09-02 04:36:08
163.172.157.193	attackspambots	Aug 19 15:20:12 electroncash sshd[12177]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=163.172.157.193 Aug 19 15:20:12 electroncash sshd[12177]: Invalid user student from 163.172.157.193 port 38040 Aug 19 15:20:14 electroncash sshd[12177]: Failed password for invalid user student from 163.172.157.193 port 38040 ssh2 Aug 19 15:24:03 electroncash sshd[13341]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=163.172.157.193 user=root Aug 19 15:24:05 electroncash sshd[13341]: Failed password for root from 163.172.157.193 port 45878 ssh2 ...	2020-08-19 21:32:21
163.172.157.193	attackspambots	Aug 17 20:14:06 pornomens sshd\[26982\]: Invalid user paul from 163.172.157.193 port 57032 Aug 17 20:14:06 pornomens sshd\[26982\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=163.172.157.193 Aug 17 20:14:08 pornomens sshd\[26982\]: Failed password for invalid user paul from 163.172.157.193 port 57032 ssh2 ...	2020-08-18 02:43:48
163.172.157.193	attackbots	Aug 4 21:19:49 Ubuntu-1404-trusty-64-minimal sshd\[5818\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=163.172.157.193 user=root Aug 4 21:19:50 Ubuntu-1404-trusty-64-minimal sshd\[5818\]: Failed password for root from 163.172.157.193 port 52236 ssh2 Aug 4 22:00:15 Ubuntu-1404-trusty-64-minimal sshd\[11602\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=163.172.157.193 user=root Aug 4 22:00:17 Ubuntu-1404-trusty-64-minimal sshd\[11602\]: Failed password for root from 163.172.157.193 port 46232 ssh2 Aug 4 22:03:55 Ubuntu-1404-trusty-64-minimal sshd\[31128\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=163.172.157.193 user=root	2020-08-05 07:19:22
163.172.157.193	attackbotsspam	Port Scan detected from 163.172.157.193 (FR/France/Île-de-France/Paris/193-157-172-163.instances.scw.cloud). 4 hits in the last 210 seconds	2020-08-02 13:04:23
163.172.157.193	attackbots	Jul 31 02:16:56 hidden sshd[11513]: Failed password for hidden from 163.172.157.193 port 58366 ssh2 Jul 31 02:20:04 hidden sshd[11937]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=163.172.157.193 user=root Jul 31 02:20:06 hidden sshd[11937]: Failed password for hidden from 163.172.157.193 port 56054 ssh2	2020-08-01 23:09:40
163.172.157.193	attackbots	Automatic report BANNED IP	2020-07-30 23:33:00
163.172.157.193	attackbotsspam	SSH authentication failure x 6 reported by Fail2Ban ...	2020-07-23 15:32:08
163.172.157.193	attackspambots	Invalid user daniel from 163.172.157.193 port 47092	2020-07-21 02:47:36
163.172.157.193	attackspam	Jul 20 01:37:06 vps647732 sshd[22638]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=163.172.157.193 Jul 20 01:37:08 vps647732 sshd[22638]: Failed password for invalid user test from 163.172.157.193 port 38756 ssh2 ...	2020-07-20 08:05:49
163.172.157.193	attack	Jul 18 14:27:32 santamaria sshd\[30975\]: Invalid user valter from 163.172.157.193 Jul 18 14:27:32 santamaria sshd\[30975\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=163.172.157.193 Jul 18 14:27:35 santamaria sshd\[30975\]: Failed password for invalid user valter from 163.172.157.193 port 34618 ssh2 ...	2020-07-18 21:14:58
163.172.157.193	attack	Jul 17 13:09:44 game-panel sshd[8637]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=163.172.157.193 Jul 17 13:09:46 game-panel sshd[8637]: Failed password for invalid user nic from 163.172.157.193 port 41610 ssh2 Jul 17 13:13:39 game-panel sshd[8799]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=163.172.157.193	2020-07-17 21:21:41
163.172.157.193	attack	Jul 9 15:25:11 ns382633 sshd\[28272\]: Invalid user harris from 163.172.157.193 port 48064 Jul 9 15:25:11 ns382633 sshd\[28272\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=163.172.157.193 Jul 9 15:25:12 ns382633 sshd\[28272\]: Failed password for invalid user harris from 163.172.157.193 port 48064 ssh2 Jul 9 15:36:09 ns382633 sshd\[30031\]: Invalid user bianka from 163.172.157.193 port 42284 Jul 9 15:36:09 ns382633 sshd\[30031\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=163.172.157.193	2020-07-10 01:28:20

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 163.172.157.139
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 37825
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;163.172.157.139.		IN	A

;; AUTHORITY SECTION:
.			324	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020042601 1800 900 604800 86400

;; Query time: 54 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Apr 27 02:39:03 CST 2020
;; MSG SIZE  rcvd: 119

HOST信息:

139.157.172.163.in-addr.arpa domain name pointer hosting.deflandre.eu.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
139.157.172.163.in-addr.arpa	name = hosting.deflandre.eu.

Authoritative answers can be found from:

IP	类型	评论内容	时间
194.87.139.159	attackspam	DATE:2020-09-03 21:38:21, IP:194.87.139.159, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-09-04 04:19:16
159.89.197.1	attack	Time: Thu Sep 3 19:21:20 2020 +0000 IP: 159.89.197.1 (SG/Singapore/-) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Sep 3 19:17:04 vps1 sshd[4202]: Invalid user jenkins from 159.89.197.1 port 46140 Sep 3 19:17:06 vps1 sshd[4202]: Failed password for invalid user jenkins from 159.89.197.1 port 46140 ssh2 Sep 3 19:19:12 vps1 sshd[4353]: Invalid user hyq from 159.89.197.1 port 50708 Sep 3 19:19:14 vps1 sshd[4353]: Failed password for invalid user hyq from 159.89.197.1 port 50708 ssh2 Sep 3 19:21:16 vps1 sshd[4477]: Invalid user soma from 159.89.197.1 port 55278	2020-09-04 04:21:01
220.113.7.43	attackspambots	TCP (SYN) 220.113.7.43:59516 -> port 1433, len 44	2020-09-04 03:59:45
178.19.166.228	attack	TCP (SYN) 178.19.166.228:44960 -> port 7547, len 44	2020-09-04 04:11:10
156.204.34.232	attackspambots	Port probing on unauthorized port 1433	2020-09-04 04:01:34
111.43.3.36	attackspambots	TCP (SYN) 111.43.3.36:19854 -> port 1433, len 44	2020-09-04 04:11:36
5.125.73.250	attack	TCP (SYN) 5.125.73.250:61597 -> port 445, len 52	2020-09-04 04:18:30
147.158.42.247	attackbots	SS5,WP GET /wp-login.php	2020-09-04 04:29:02
91.200.224.169	attackbotsspam	TCP (SYN) 91.200.224.169:19826 -> port 7547, len 40	2020-09-04 04:22:53
185.153.199.146	attackspambots	Port-scan: detected 442 distinct ports within a 24-hour window.	2020-09-04 04:20:10
165.22.42.154	attackbots	TCP (SYN) 165.22.42.154:51672 -> port 443, len 44	2020-09-04 04:06:16
138.246.253.15	attackbots	CF RAY ID: 5ccfd7a5f8c6eda7 IP Class: unknown URI: /	2020-09-04 04:21:27
178.19.250.44	attack	TCP (SYN) 178.19.250.44:64665 -> port 23, len 44	2020-09-04 04:10:30
41.130.228.49	attackbotsspam	TCP (SYN) 41.130.228.49:61590 -> port 445, len 52	2020-09-04 04:25:33
150.107.222.146	attack	TCP (SYN) 150.107.222.146:58583 -> port 445, len 40	2020-09-04 04:02:01

最近上报的IP列表

14.162.33.75	222.252.112.148	203.176.75.1	134.73.56.115
132.232.26.42	128.199.199.159	118.24.2.219	114.98.238.21
113.172.176.45	111.229.172.178	110.14.6.134	106.13.55.178
106.12.192.120	103.38.215.237	66.98.113.238	64.225.58.121
62.171.154.89	49.135.39.214	42.227.9.34	45.157.232.128