139.217.131.52

基本信息:

城市(city): Shanghai

省份(region): Shanghai

国家(country): China

运营商(isp): Microsoft (China) Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Oct 27 14:53:23 server sshd\[30158\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.217.131.52 user=root Oct 27 14:53:25 server sshd\[30158\]: Failed password for root from 139.217.131.52 port 1152 ssh2 Oct 27 15:05:08 server sshd\[32742\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.217.131.52 user=root Oct 27 15:05:10 server sshd\[32742\]: Failed password for root from 139.217.131.52 port 1152 ssh2 Oct 27 15:09:48 server sshd\[1051\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.217.131.52 user=root ...	2019-10-27 21:56:06
attackspam	Invalid user test from 139.217.131.52 port 1152	2019-10-21 01:57:05
attack	Oct 15 04:07:17 elenin sshd[5090]: Invalid user r.rme from 139.217.131.52 Oct 15 04:07:17 elenin sshd[5090]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.217.131.52 Oct 15 04:07:20 elenin sshd[5090]: Failed password for invalid user r.rme from 139.217.131.52 port 1152 ssh2 Oct 15 04:07:20 elenin sshd[5090]: Received disconnect from 139.217.131.52: 11: Bye Bye [preauth] Oct 15 04:13:06 elenin sshd[5135]: Invalid user fang from 139.217.131.52 Oct 15 04:13:06 elenin sshd[5135]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.217.131.52 Oct 15 04:13:08 elenin sshd[5135]: Failed password for invalid user fang from 139.217.131.52 port 1152 ssh2 Oct 15 04:13:08 elenin sshd[5135]: Received disconnect from 139.217.131.52: 11: Bye Bye [preauth] Oct 15 04:18:04 elenin sshd[5194]: User r.r from 139.217.131.52 not allowed because not listed in AllowUsers Oct 15 04:18:04 elenin sshd[5194]: pa........ -------------------------------	2019-10-19 19:59:24
attackspam	Oct 17 01:30:35 wbs sshd\[11616\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.217.131.52 user=root Oct 17 01:30:38 wbs sshd\[11616\]: Failed password for root from 139.217.131.52 port 1152 ssh2 Oct 17 01:35:58 wbs sshd\[12058\]: Invalid user estheti from 139.217.131.52 Oct 17 01:35:58 wbs sshd\[12058\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.217.131.52 Oct 17 01:36:00 wbs sshd\[12058\]: Failed password for invalid user estheti from 139.217.131.52 port 1152 ssh2	2019-10-18 02:28:08

相同子网IP讨论:

IP	类型	评论内容	时间
139.217.131.17	attackbotsspam	Automatic report - Banned IP Access	2019-11-04 18:28:11

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.217.131.52
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 45343
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.217.131.52.			IN	A

;; AUTHORITY SECTION:
.			279	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019101700 1800 900 604800 86400

;; Query time: 105 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Oct 18 02:28:04 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 52.131.217.139.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 52.131.217.139.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
119.90.61.10	attackspam	Aug 7 15:43:30 santamaria sshd\[20247\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.90.61.10 user=root Aug 7 15:43:32 santamaria sshd\[20247\]: Failed password for root from 119.90.61.10 port 48220 ssh2 Aug 7 15:48:40 santamaria sshd\[20282\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.90.61.10 user=root ...	2020-08-07 22:39:55
170.254.226.100	attackbots	Aug 7 16:11:03 pve1 sshd[14215]: Failed password for root from 170.254.226.100 port 59382 ssh2 ...	2020-08-07 22:51:26
80.244.179.6	attackbots	2020-08-07T14:30:02.124864shield sshd\[12342\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=school.asazs.co.uk user=root 2020-08-07T14:30:03.998207shield sshd\[12342\]: Failed password for root from 80.244.179.6 port 51420 ssh2 2020-08-07T14:33:17.555643shield sshd\[12627\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=school.asazs.co.uk user=root 2020-08-07T14:33:19.530047shield sshd\[12627\]: Failed password for root from 80.244.179.6 port 46382 ssh2 2020-08-07T14:36:36.920445shield sshd\[12833\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=school.asazs.co.uk user=root	2020-08-07 22:44:32
178.62.99.47	attack	firewall-block, port(s): 12072/tcp	2020-08-07 22:40:59
222.186.169.192	attackbots	Aug 7 07:18:13 dignus sshd[13962]: Failed password for root from 222.186.169.192 port 33962 ssh2 Aug 7 07:18:17 dignus sshd[13962]: Failed password for root from 222.186.169.192 port 33962 ssh2 Aug 7 07:18:21 dignus sshd[13962]: Failed password for root from 222.186.169.192 port 33962 ssh2 Aug 7 07:18:24 dignus sshd[13962]: Failed password for root from 222.186.169.192 port 33962 ssh2 Aug 7 07:18:28 dignus sshd[13962]: Failed password for root from 222.186.169.192 port 33962 ssh2 ...	2020-08-07 22:22:17
98.167.124.171	attack	SSH Brute Force	2020-08-07 22:53:34
112.85.42.229	attackbotsspam	Aug 7 14:07:08 plex-server sshd[842738]: Failed password for root from 112.85.42.229 port 50954 ssh2 Aug 7 14:08:27 plex-server sshd[843196]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.229 user=root Aug 7 14:08:29 plex-server sshd[843196]: Failed password for root from 112.85.42.229 port 36435 ssh2 Aug 7 14:09:48 plex-server sshd[843744]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.229 user=root Aug 7 14:09:50 plex-server sshd[843744]: Failed password for root from 112.85.42.229 port 30456 ssh2 ...	2020-08-07 22:32:32
34.77.127.43	attackspambots	2020-08-07T13:59:27.891804shield sshd\[9759\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.127.77.34.bc.googleusercontent.com user=root 2020-08-07T13:59:29.517138shield sshd\[9759\]: Failed password for root from 34.77.127.43 port 59994 ssh2 2020-08-07T14:03:33.149510shield sshd\[10087\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.127.77.34.bc.googleusercontent.com user=root 2020-08-07T14:03:35.220667shield sshd\[10087\]: Failed password for root from 34.77.127.43 port 48044 ssh2 2020-08-07T14:07:48.873511shield sshd\[10495\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.127.77.34.bc.googleusercontent.com user=root	2020-08-07 22:36:23
27.156.119.179	attackspambots	Aug 6 15:37:12 our-server-hostname sshd[29032]: reveeclipse mapping checking getaddrinfo for 179.119.156.27.broad.fz.fj.dynamic.163data.com.cn [27.156.119.179] failed - POSSIBLE BREAK-IN ATTEMPT! Aug 6 15:37:12 our-server-hostname sshd[29032]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.156.119.179 user=r.r Aug 6 15:37:15 our-server-hostname sshd[29032]: Failed password for r.r from 27.156.119.179 port 51996 ssh2 Aug 6 15:40:00 our-server-hostname sshd[29796]: reveeclipse mapping checking getaddrinfo for 179.119.156.27.broad.fz.fj.dynamic.163data.com.cn [27.156.119.179] failed - POSSIBLE BREAK-IN ATTEMPT! Aug 6 15:40:00 our-server-hostname sshd[29796]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.156.119.179 user=r.r Aug 6 15:40:02 our-server-hostname sshd[29796]: Failed password for r.r from 27.156.119.179 port 48608 ssh2 Aug 6 15:40:57 our-server-hostname sshd[30075]:........ -------------------------------	2020-08-07 22:39:30
2.57.122.186	attackbotsspam	Aug 6 10:05:59 zimbra sshd[15678]: Did not receive identification string from 2.57.122.186 Aug 6 10:06:15 zimbra sshd[16197]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.57.122.186 user=r.r Aug 6 10:06:17 zimbra sshd[16197]: Failed password for r.r from 2.57.122.186 port 45176 ssh2 Aug 6 10:06:17 zimbra sshd[16197]: Received disconnect from 2.57.122.186 port 45176:11: Normal Shutdown, Thank you for playing [preauth] Aug 6 10:06:17 zimbra sshd[16197]: Disconnected from 2.57.122.186 port 45176 [preauth] Aug 6 10:06:35 zimbra sshd[16672]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.57.122.186 user=r.r Aug 6 10:06:37 zimbra sshd[16672]: Failed password for r.r from 2.57.122.186 port 58480 ssh2 Aug 6 10:06:37 zimbra sshd[16672]: Received disconnect from 2.57.122.186 port 58480:11: Normal Shutdown, Thank you for playing [preauth] Aug 6 10:06:37 zimbra sshd[16672]: Disconnect........ -------------------------------	2020-08-07 22:45:24
50.236.62.30	attack	SSH Login Bruteforce	2020-08-07 22:15:16
125.165.107.233	attackbots	Aug 6 09:16:06 carla sshd[19676]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.165.107.233 user=r.r Aug 6 09:16:08 carla sshd[19676]: Failed password for r.r from 125.165.107.233 port 30918 ssh2 Aug 6 09:16:08 carla sshd[19677]: Received disconnect from 125.165.107.233: 11: Bye Bye Aug 6 09:21:04 carla sshd[19721]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.165.107.233 user=r.r Aug 6 09:21:06 carla sshd[19721]: Failed password for r.r from 125.165.107.233 port 37938 ssh2 Aug 6 09:21:06 carla sshd[19722]: Received disconnect from 125.165.107.233: 11: Bye Bye Aug 6 09:24:01 carla sshd[19742]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.165.107.233 user=r.r Aug 6 09:24:02 carla sshd[19742]: Failed password for r.r from 125.165.107.233 port 13639 ssh2 Aug 6 09:24:03 carla sshd[19743]: Received disconnect from 125.165.107........ -------------------------------	2020-08-07 22:43:42
180.76.167.78	attackspambots	k+ssh-bruteforce	2020-08-07 22:42:45
94.25.181.154	attack	Brute force attempt	2020-08-07 22:18:37
58.240.196.6	attackbots	k+ssh-bruteforce	2020-08-07 22:26:40

最近上报的IP列表

50.47.89.24	5.15.129.76	98.243.164.84	23.67.49.84
174.246.137.166	97.154.119.91	90.65.253.225	187.56.68.159
90.19.53.153	76.175.206.123	109.175.9.33	177.250.180.201
222.34.158.192	206.253.175.149	79.180.86.34	198.53.251.2
216.245.196.6	113.74.66.12	176.62.3.186	106.111.215.215