82.52.44.139 - IPInfo

基本信息:

城市(city): Lavis

省份(region): Trentino-Alto Adige

国家(country): Italy

运营商(isp): Telecom Italia S.p.A.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Dec 1 15:03:24 pi01 sshd[18581]: Connection from 82.52.44.139 port 53800 on 192.168.1.10 port 22 Dec 1 15:03:24 pi01 sshd[18582]: Connection from 82.52.44.139 port 53804 on 192.168.1.10 port 22 Dec 1 15:03:25 pi01 sshd[18581]: User pi from 82.52.44.139 not allowed because not listed in AllowUsers Dec 1 15:03:25 pi01 sshd[18582]: User pi from 82.52.44.139 not allowed because not listed in AllowUsers Dec 1 15:03:25 pi01 sshd[18582]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.52.44.139 user=pi Dec 1 15:03:25 pi01 sshd[18581]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.52.44.139 user=pi Dec 1 15:03:27 pi01 sshd[18582]: Failed password for invalid user pi from 82.52.44.139 port 53804 ssh2 Dec 1 15:03:27 pi01 sshd[18581]: Failed password for invalid user pi from 82.52.44.139 port 53800 ssh2 Dec 1 15:03:27 pi01 sshd[18582]: Connection closed by 82.52.44.139 port 53804 [pr........ -------------------------------	2019-12-02 02:53:40

类型

评论内容

时间

attack

Dec  1 15:03:24 pi01 sshd[18581]: Connection from 82.52.44.139 port 53800 on 192.168.1.10 port 22
Dec  1 15:03:24 pi01 sshd[18582]: Connection from 82.52.44.139 port 53804 on 192.168.1.10 port 22
Dec  1 15:03:25 pi01 sshd[18581]: User pi from 82.52.44.139 not allowed because not listed in AllowUsers
Dec  1 15:03:25 pi01 sshd[18582]: User pi from 82.52.44.139 not allowed because not listed in AllowUsers
Dec  1 15:03:25 pi01 sshd[18582]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.52.44.139  user=pi
Dec  1 15:03:25 pi01 sshd[18581]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.52.44.139  user=pi
Dec  1 15:03:27 pi01 sshd[18582]: Failed password for invalid user pi from 82.52.44.139 port 53804 ssh2
Dec  1 15:03:27 pi01 sshd[18581]: Failed password for invalid user pi from 82.52.44.139 port 53800 ssh2
Dec  1 15:03:27 pi01 sshd[18582]: Connection closed by 82.52.44.139 port 53804 [pr........
-------------------------------

2019-12-02 02:53:40

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 82.52.44.139
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 38884
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;82.52.44.139.			IN	A

;; AUTHORITY SECTION:
.			406	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019120101 1800 900 604800 86400

;; Query time: 106 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Dec 02 02:53:35 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

139.44.52.82.in-addr.arpa domain name pointer host139-44-dynamic.52-82-r.retail.telecomitalia.it.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
139.44.52.82.in-addr.arpa	name = host139-44-dynamic.52-82-r.retail.telecomitalia.it.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
97.90.133.4	attackbotsspam	Jun 22 10:39:03 ncomp sshd[18798]: Invalid user oracle from 97.90.133.4 Jun 22 10:39:03 ncomp sshd[18798]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=97.90.133.4 Jun 22 10:39:03 ncomp sshd[18798]: Invalid user oracle from 97.90.133.4 Jun 22 10:39:05 ncomp sshd[18798]: Failed password for invalid user oracle from 97.90.133.4 port 37120 ssh2	2019-06-22 18:10:48
168.228.149.226	attackbots	SMTP-sasl brute force ...	2019-06-22 18:30:57
80.82.77.33	attack	ZTE Router Exploit Scanner	2019-06-22 18:27:12
93.118.104.149	attack	Jun 19 12:07:07 our-server-hostname postfix/smtpd[5618]: connect from unknown[93.118.104.149] Jun x@x Jun 19 12:07:10 our-server-hostname postfix/smtpd[5618]: lost connection after RCPT from unknown[93.118.104.149] Jun 19 12:07:10 our-server-hostname postfix/smtpd[5618]: disconnect from unknown[93.118.104.149] Jun 19 12:39:24 our-server-hostname postfix/smtpd[16176]: connect from unknown[93.118.104.149] Jun x@x Jun x@x Jun x@x Jun 19 12:39:29 our-server-hostname postfix/smtpd[16176]: lost connection after RCPT from unknown[93.118.104.149] Jun 19 12:39:29 our-server-hostname postfix/smtpd[16176]: disconnect from unknown[93.118.104.149] Jun 19 12:52:13 our-server-hostname postfix/smtpd[24174]: connect from unknown[93.118.104.149] Jun 19 12:52:17 our-server-hostname postfix/smtpd[24044]: connect from unknown[93.118.104.149] Jun x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun 19 12:52:30 our-server-hostname postfix/smtpd[24174]: lost connecti........ -------------------------------	2019-06-22 17:56:24
89.103.27.45	attack	Jun 22 02:11:48 plusreed sshd[32320]: Invalid user marketing from 89.103.27.45 ...	2019-06-22 17:56:48
113.172.211.147	attackspam	Jun 22 07:26:41 srv-4 sshd\[29672\]: Invalid user admin from 113.172.211.147 Jun 22 07:26:41 srv-4 sshd\[29672\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.172.211.147 Jun 22 07:26:43 srv-4 sshd\[29672\]: Failed password for invalid user admin from 113.172.211.147 port 45346 ssh2 ...	2019-06-22 18:04:39
59.34.4.176	attackbots	From CCTV User Interface Log ...::ffff:59.34.4.176 - - [22/Jun/2019:00:26:06 +0000] "-" 400 0 ...	2019-06-22 18:19:42
171.241.60.190	attackspambots	SMB Server BruteForce Attack	2019-06-22 17:52:57
98.161.151.166	attackspam	IMAP brute force ...	2019-06-22 18:32:03
77.247.108.129	attack	\[2019-06-22 11:48:59\] SECURITY\[3671\] res_security_log.c: SecurityEvent="ChallengeResponseFailed",EventTV="2019-06-22T11:48:59.089+0200",Severity="Error",Service="PJSIP",EventVersion="1",AccountID="\",SessionID="1199709953-1636542436-1149734787",LocalAddress="IPV4/UDP/188.40.118.248/5060",RemoteAddress="IPV4/UDP/77.247.108.129/57505",Challenge="1561196938/779835dab7dd38e9e3a8af255c2bcf26",Response="1df4453e2a5c71b87a3009c701bc51c8",ExpectedResponse="" \[2019-06-22 11:48:59\] SECURITY\[3671\] res_security_log.c: SecurityEvent="ChallengeResponseFailed",EventTV="2019-06-22T11:48:59.177+0200",Severity="Error",Service="PJSIP",EventVersion="1",AccountID="\",SessionID="1199709953-1636542436-1149734787",LocalAddress="IPV4/UDP/188.40.118.248/5060",RemoteAddress="IPV4/UDP/77.247.108.129/57505",Challenge="1561196939/d15cdc8f78e4869cea89e7ac27b16a08",Response="abc425c8e24da0eb13a5b6523f67d037",ExpectedResponse="" \[2019-06-22 11:48:59\] SECURITY\[3671\] res_security_log.c: SecurityEvent="Challenge	2019-06-22 18:21:09
58.242.83.38	attack	Jun 22 04:26:20 **** sshd[22561]: User root from 58.242.83.38 not allowed because not listed in AllowUsers	2019-06-22 18:32:39
186.215.11.153	attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-06-22 18:27:45
49.83.37.160	attackbotsspam	Jun 22 10:08:22 mail2 sshd[31179]: Invalid user admin from 49.83.37.160 Jun 22 10:08:22 mail2 sshd[31179]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.83.37.160 Jun 22 10:08:23 mail2 sshd[31179]: Failed password for invalid user admin from 49.83.37.160 port 51435 ssh2 Jun 22 10:08:25 mail2 sshd[31179]: Failed password for invalid user admin from 49.83.37.160 port 51435 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=49.83.37.160	2019-06-22 18:11:28
58.242.83.37	attack	2019-06-22T06:58:56.414474Z \[cowrie.ssh.factory.CowrieSSHFactory\] New connection: 58.242.83.37:11745 \(107.175.91.48:22\) \[session: 37722ea3d8e6\] 2019-06-22T06:59:41.240465Z \[cowrie.ssh.factory.CowrieSSHFactory\] New connection: 58.242.83.37:49304 \(107.175.91.48:22\) \[session: 740fc06a61e2\] ...	2019-06-22 18:30:22
189.208.238.246	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-06-22 18:20:07

最近上报的IP列表

89.131.175.41	86.122.148.228	82.48.239.144	79.21.61.228
37.22.25.134	184.160.231.185	208.240.241.125	68.213.131.18
104.35.76.21	177.193.17.19	112.199.53.184	117.107.224.197
186.67.6.58	187.60.190.17	140.143.0.254	222.88.151.230
13.126.236.114	1.26.220.119	79.190.243.134	60.28.194.210