139.219.6.52 - IPInfo

基本信息:

城市(city): Beijing

省份(region): Beijing

国家(country): China

运营商(isp): Microsoft (China) Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	SSH Brute Force	2020-03-07 20:52:47
attackspambots	Feb 16 07:27:46 sachi sshd\[15659\]: Invalid user crew from 139.219.6.52 Feb 16 07:27:46 sachi sshd\[15659\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.219.6.52 Feb 16 07:27:49 sachi sshd\[15659\]: Failed password for invalid user crew from 139.219.6.52 port 36706 ssh2 Feb 16 07:31:03 sachi sshd\[15981\]: Invalid user r3dmine from 139.219.6.52 Feb 16 07:31:03 sachi sshd\[15981\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.219.6.52	2020-02-17 04:47:53
attackbots	$f2bV_matches	2020-02-09 05:09:56

类型

评论内容

时间

attack

SSH Brute Force

2020-03-07 20:52:47

attackspambots

Feb 16 07:27:46 sachi sshd\[15659\]: Invalid user crew from 139.219.6.52
Feb 16 07:27:46 sachi sshd\[15659\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.219.6.52
Feb 16 07:27:49 sachi sshd\[15659\]: Failed password for invalid user crew from 139.219.6.52 port 36706 ssh2
Feb 16 07:31:03 sachi sshd\[15981\]: Invalid user r3dmine from 139.219.6.52
Feb 16 07:31:03 sachi sshd\[15981\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.219.6.52

2020-02-17 04:47:53

attackbots

$f2bV_matches

2020-02-09 05:09:56

相同子网IP讨论:

IP	类型	评论内容	时间
139.219.6.50	attackspam	Unauthorized connection attempt detected from IP address 139.219.6.50 to port 2838 [T]	2020-05-09 03:59:22
139.219.6.50	attackbots	Unauthorized connection attempt detected from IP address 139.219.6.50 to port 8251 [T]	2020-03-25 19:51:52
139.219.6.50	attackspam	1184/tcp 51111/tcp 25375/tcp... [2020-01-17/03-16]30pkt,30pt.(tcp)	2020-03-17 09:54:35
139.219.6.50	attackbotsspam	Unauthorized connection attempt detected from IP address 139.219.6.50 to port 6820 [J]	2020-03-03 01:07:17
139.219.6.50	attackbotsspam	" "	2020-02-18 04:47:58
139.219.6.50	attackbots	Unauthorized connection attempt detected from IP address 139.219.6.50 to port 5774 [J]	2020-02-01 17:13:30
139.219.6.50	attack	Unauthorized connection attempt detected from IP address 139.219.6.50 to port 5985 [J]	2020-01-30 16:25:29
139.219.6.50	attackbots	Portscan or hack attempt detected by psad/fwsnort	2020-01-20 23:22:05
139.219.6.50	attackspam	Unauthorized connection attempt detected from IP address 139.219.6.50 to port 12713 [T]	2020-01-20 08:50:15
139.219.6.50	attackbots	Unauthorized connection attempt detected from IP address 139.219.6.50 to port 12713 [T]	2020-01-11 00:53:04
139.219.6.50	attackbotsspam	Unauthorized connection attempt detected from IP address 139.219.6.50 to port 10628 [T]	2020-01-10 18:45:32
139.219.6.50	attackbotsspam	Unauthorized connection attempt detected from IP address 139.219.6.50 to port 8304 [T]	2020-01-09 05:23:45
139.219.6.50	attackspambots	Unauthorized connection attempt detected from IP address 139.219.6.50 to port 1325 [J]	2020-01-07 03:58:53
139.219.6.50	attackbots	Unauthorized connection attempt detected from IP address 139.219.6.50 to port 6169	2020-01-02 20:43:54
139.219.6.50	attack	Unauthorized connection attempt detected from IP address 139.219.6.50 to port 6169	2020-01-01 21:23:21

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.219.6.52
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 65473
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.219.6.52.			IN	A

;; AUTHORITY SECTION:
.			124	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020020800 1800 900 604800 86400

;; Query time: 251 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 09 05:09:53 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 52.6.219.139.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 52.6.219.139.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
101.255.44.14	attackbotsspam	Unauthorized connection attempt from IP address 101.255.44.14 on Port 445(SMB)	2020-01-11 19:57:52
60.13.172.9	attack	Unauthorized connection attempt detected from IP address 60.13.172.9 to port 22 [T]	2020-01-11 19:59:40
54.37.233.192	attack	SSH bruteforce	2020-01-11 20:01:20
185.209.0.92	attack	firewall-block, port(s): 26389/tcp	2020-01-11 19:45:54
143.176.230.43	attackspambots	3x Failed Password	2020-01-11 19:50:00
89.244.78.185	attackspambots	Jan 11 15:02:59 server sshd\[24814\]: Invalid user pi from 89.244.78.185 Jan 11 15:02:59 server sshd\[24814\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=i59f44eb9.versanet.de Jan 11 15:02:59 server sshd\[24813\]: Invalid user pi from 89.244.78.185 Jan 11 15:02:59 server sshd\[24813\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=i59f44eb9.versanet.de Jan 11 15:03:01 server sshd\[24814\]: Failed password for invalid user pi from 89.244.78.185 port 39422 ssh2 ...	2020-01-11 20:12:39
91.93.69.82	attackbotsspam	Unauthorized connection attempt from IP address 91.93.69.82 on Port 445(SMB)	2020-01-11 20:18:37
1.20.238.112	attackbots	Unauthorized connection attempt from IP address 1.20.238.112 on Port 445(SMB)	2020-01-11 20:14:50
61.2.133.1	attack	Automatic report - Port Scan Attack	2020-01-11 20:25:37
62.210.205.155	attackspambots	Jan 11 09:11:39 host sshd[63489]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62-210-205-155.rev.poneytelecom.eu user=root Jan 11 09:11:41 host sshd[63489]: Failed password for root from 62.210.205.155 port 44128 ssh2 ...	2020-01-11 19:55:10
188.133.90.94	attack	SSH-bruteforce attempts	2020-01-11 20:10:59
54.38.18.211	attack	Automatic report - SSH Brute-Force Attack	2020-01-11 20:15:16
91.148.75.73	attackbots	Jan 11 05:47:13 grey postfix/smtpd\[9288\]: NOQUEUE: reject: RCPT from unknown\[91.148.75.73\]: 554 5.7.1 Service unavailable\; Client host \[91.148.75.73\] blocked using cbl.abuseat.org\; Blocked - see http://www.abuseat.org/lookup.cgi\?ip=91.148.75.73\; from=\ to=\ proto=ESMTP helo=\<73-75.static.nscable.net\> ...	2020-01-11 20:25:05
42.118.54.62	attackbots	Unauthorized connection attempt from IP address 42.118.54.62 on Port 445(SMB)	2020-01-11 20:22:51
61.79.157.173	attackbotsspam	Jan 11 05:47:29 grey postfix/smtpd\[9275\]: NOQUEUE: reject: RCPT from unknown\[61.79.157.173\]: 554 5.7.1 Service unavailable\; Client host \[61.79.157.173\] blocked using dul.dnsbl.sorbs.net\; Dynamic IP Addresses See: http://www.sorbs.net/lookup.shtml\?61.79.157.173\; from=\ to=\ proto=ESMTP helo=\<\[61.79.157.173\]\> ...	2020-01-11 20:13:28

最近上报的IP列表

206.103.150.101	62.215.176.225	198.13.207.101	70.129.153.214
147.253.166.190	162.243.128.48	186.20.130.183	12.27.148.134
88.250.254.90	99.3.152.248	122.104.120.103	62.155.135.218
187.18.199.19	95.15.40.3	68.177.42.143	3.30.8.6
157.41.190.242	7.24.84.49	223.14.61.2	113.234.172.246