213.139.52.43 - IPInfo

基本信息:

城市(city): Amman

省份(region): Amman Governorate

国家(country): Jordan

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
213.139.52.65	attack	Brute force attack against VPN service	2020-04-02 07:00:42
213.139.52.7	attack	Autoban 213.139.52.7 AUTH/CONNECT	2019-06-21 19:39:30

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 213.139.52.43
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 20125
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;213.139.52.43.			IN	A

;; AUTHORITY SECTION:
.			23	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2021100201 1800 900 604800 86400

;; Query time: 22 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Oct 03 06:16:27 CST 2021
;; MSG SIZE  rcvd: 106

HOST信息:

43.52.139.213.in-addr.arpa domain name pointer 213.139.x.43.go.com.jo.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
43.52.139.213.in-addr.arpa	name = 213.139.x.43.go.com.jo.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
50.127.71.5	attackspambots	pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=50.127.71.5 user=root Failed password for root from 50.127.71.5 port 40514 ssh2 Invalid user cj from 50.127.71.5 port 7437 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=50.127.71.5 Failed password for invalid user cj from 50.127.71.5 port 7437 ssh2	2020-01-09 22:33:01
91.232.96.9	attack	Jan 9 14:09:26 exim[3588]: [1\52] 1ipXYy-0000vs-G0 H=(sacred.rarakas.com) [91.232.96.9] F= rejected after DATA: This message scored 104.9 spam points.	2020-01-09 22:26:08
222.112.107.46	attackspam	Jan 9 15:23:04 debian-2gb-nbg1-2 kernel: \[839096.867702\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=222.112.107.46 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=238 ID=33787 PROTO=TCP SPT=32767 DPT=8545 WINDOW=1024 RES=0x00 SYN URGP=0	2020-01-09 22:43:41
200.89.159.52	attackbotsspam	Jan 9 15:15:50 pornomens sshd\[21352\]: Invalid user testing from 200.89.159.52 port 34950 Jan 9 15:15:50 pornomens sshd\[21352\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.89.159.52 Jan 9 15:15:52 pornomens sshd\[21352\]: Failed password for invalid user testing from 200.89.159.52 port 34950 ssh2 ...	2020-01-09 22:41:58
141.105.50.33	attackbotsspam	1578575381 - 01/09/2020 14:09:41 Host: 141.105.50.33/141.105.50.33 Port: 445 TCP Blocked	2020-01-09 22:45:55
220.255.123.33	attackspam	Telnet/23 MH Probe, BF, Hack -	2020-01-09 23:10:50
106.52.234.191	attackbots	$f2bV_matches	2020-01-09 22:25:32
222.186.180.147	attack	Jan 9 15:23:43 dcd-gentoo sshd[25906]: User root from 222.186.180.147 not allowed because none of user's groups are listed in AllowGroups Jan 9 15:23:46 dcd-gentoo sshd[25906]: error: PAM: Authentication failure for illegal user root from 222.186.180.147 Jan 9 15:23:43 dcd-gentoo sshd[25906]: User root from 222.186.180.147 not allowed because none of user's groups are listed in AllowGroups Jan 9 15:23:46 dcd-gentoo sshd[25906]: error: PAM: Authentication failure for illegal user root from 222.186.180.147 Jan 9 15:23:43 dcd-gentoo sshd[25906]: User root from 222.186.180.147 not allowed because none of user's groups are listed in AllowGroups Jan 9 15:23:46 dcd-gentoo sshd[25906]: error: PAM: Authentication failure for illegal user root from 222.186.180.147 Jan 9 15:23:46 dcd-gentoo sshd[25906]: Failed keyboard-interactive/pam for invalid user root from 222.186.180.147 port 20042 ssh2 ...	2020-01-09 22:24:42
188.138.187.105	attackspambots	[ThuJan0914:09:54.5722512020][:error][pid16607:tid47483121682176][client188.138.187.105:62864][client188.138.187.105]ModSecurity:Accessdeniedwithcode403$phase2$.Matchof"rx$MSWebServicesClientProtocol\\|WormlyBot\\|webauth@cmcm\\\\\\\\.com$"against"REQUEST_HEADERS:User-Agent"required.[file"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf"][line"402"][id"397989"][rev"1"][msg"Atomicorp.comWAFRules:MSIE6.0detected$DisableifyouwanttoallowMSIE6$"][severity"WARNING"][hostname"giornaledelticino.ch"][uri"/"][unique_id"XhcmIs@eW8kD26s1WI0z5wAAABE"][ThuJan0914:09:55.8322392020][:error][pid9661:tid47483090163456][client188.138.187.105:62910][client188.138.187.105]ModSecurity:Accessdeniedwithcode403$phase2$.Matchof"rx$MSWebServicesClientProtocol\\|WormlyBot\\|webauth@cmcm\\\\\\\\.com$"against"REQUEST_HEADERS:User-Agent"required.[file"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf"][line"402"][id"397989"][rev"1"][msg"Atomicorp.comWAFRules:MSIE6.0detected\(Disableifyo	2020-01-09 22:32:08
200.77.186.206	attack	2020-01-09 07:09:27 H=(timwheatcpa.com) [200.77.186.206]:56921 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.4, 127.0.0.3) (https://www.spamhaus.org/query/ip/200.77.186.206) 2020-01-09 07:09:28 H=(timwheatcpa.com) [200.77.186.206]:56921 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.3, 127.0.0.4) (https://www.spamhaus.org/query/ip/200.77.186.206) 2020-01-09 07:09:29 H=(timwheatcpa.com) [200.77.186.206]:56921 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.4, 127.0.0.3) (https://www.spamhaus.org/query/ip/200.77.186.206) ...	2020-01-09 22:56:45
220.134.131.160	attack	Telnet/23 MH Probe, BF, Hack -	2020-01-09 23:09:20
177.91.112.46	attack	Jan 9 14:23:09 * sshd[13803]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.91.112.46 Jan 9 14:23:12 * sshd[13803]: Failed password for invalid user test from 177.91.112.46 port 47782 ssh2	2020-01-09 22:59:47
191.30.222.43	attack	Telnet/23 MH Probe, BF, Hack -	2020-01-09 22:28:34
185.156.73.54	attack	01/09/2020-09:53:16.725778 185.156.73.54 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-01-09 23:07:01
115.57.127.137	attack	Jan 9 15:17:06 mintao sshd\[21249\]: Invalid user dotfile-tester from 115.57.127.137\ Jan 9 15:23:56 mintao sshd\[21278\]: Invalid user freshmeat from 115.57.127.137\	2020-01-09 23:09:37

最近上报的IP列表

159.238.186.252	159.89.175.135	95.108.213.26	66.249.66.16
95.91.76.35	181.46.138.39	197.235.205.13	187.252.206.209
187.252.205.93	177.236.116.136	189.215.55.71	81.185.174.29
84.192.70.144	2a02:1810:9d28:5300:8e:2775:45da:57a6	95.82.114.40	95.82.114.224
90.249.248.225	90.249.248.254	185.93.237.74	45.5.179.151

IP	类型	评论内容	时间
50.127.71.5	attackspambots	pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=50.127.71.5 user=root Failed password for root from 50.127.71.5 port 40514 ssh2 Invalid user cj from 50.127.71.5 port 7437 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=50.127.71.5 Failed password for invalid user cj from 50.127.71.5 port 7437 ssh2	2020-01-09 22:33:01
91.232.96.9	attack	Jan 9 14:09:26 exim[3588]: [1\52] 1ipXYy-0000vs-G0 H=(sacred.rarakas.com) [91.232.96.9] F= rejected after DATA: This message scored 104.9 spam points.	2020-01-09 22:26:08
222.112.107.46	attackspam	Jan 9 15:23:04 debian-2gb-nbg1-2 kernel: \[839096.867702\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=222.112.107.46 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=238 ID=33787 PROTO=TCP SPT=32767 DPT=8545 WINDOW=1024 RES=0x00 SYN URGP=0	2020-01-09 22:43:41
200.89.159.52	attackbotsspam	Jan 9 15:15:50 pornomens sshd\[21352\]: Invalid user testing from 200.89.159.52 port 34950 Jan 9 15:15:50 pornomens sshd\[21352\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.89.159.52 Jan 9 15:15:52 pornomens sshd\[21352\]: Failed password for invalid user testing from 200.89.159.52 port 34950 ssh2 ...	2020-01-09 22:41:58
141.105.50.33	attackbotsspam	1578575381 - 01/09/2020 14:09:41 Host: 141.105.50.33/141.105.50.33 Port: 445 TCP Blocked	2020-01-09 22:45:55
220.255.123.33	attackspam	Telnet/23 MH Probe, BF, Hack -	2020-01-09 23:10:50
106.52.234.191	attackbots	$f2bV_matches	2020-01-09 22:25:32
222.186.180.147	attack	Jan 9 15:23:43 dcd-gentoo sshd[25906]: User root from 222.186.180.147 not allowed because none of user's groups are listed in AllowGroups Jan 9 15:23:46 dcd-gentoo sshd[25906]: error: PAM: Authentication failure for illegal user root from 222.186.180.147 Jan 9 15:23:43 dcd-gentoo sshd[25906]: User root from 222.186.180.147 not allowed because none of user's groups are listed in AllowGroups Jan 9 15:23:46 dcd-gentoo sshd[25906]: error: PAM: Authentication failure for illegal user root from 222.186.180.147 Jan 9 15:23:43 dcd-gentoo sshd[25906]: User root from 222.186.180.147 not allowed because none of user's groups are listed in AllowGroups Jan 9 15:23:46 dcd-gentoo sshd[25906]: error: PAM: Authentication failure for illegal user root from 222.186.180.147 Jan 9 15:23:46 dcd-gentoo sshd[25906]: Failed keyboard-interactive/pam for invalid user root from 222.186.180.147 port 20042 ssh2 ...	2020-01-09 22:24:42
188.138.187.105	attackspambots	[ThuJan0914:09:54.5722512020][:error][pid16607:tid47483121682176][client188.138.187.105:62864][client188.138.187.105]ModSecurity:Accessdeniedwithcode403\(phase2\).Matchof"rx\(MSWebServicesClientProtocol\\|WormlyBot\\|webauth@cmcm\\\\\\\\.com\)"against"REQUEST_HEADERS:User-Agent"required.[file"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf"][line"402"][id"397989"][rev"1"][msg"Atomicorp.comWAFRules:MSIE6.0detected\(DisableifyouwanttoallowMSIE6\)"][severity"WARNING"][hostname"giornaledelticino.ch"][uri"/"][unique_id"XhcmIs@eW8kD26s1WI0z5wAAABE"][ThuJan0914:09:55.8322392020][:error][pid9661:tid47483090163456][client188.138.187.105:62910][client188.138.187.105]ModSecurity:Accessdeniedwithcode403\(phase2\).Matchof"rx\(MSWebServicesClientProtocol\\|WormlyBot\\|webauth@cmcm\\\\\\\\.com\)"against"REQUEST_HEADERS:User-Agent"required.[file"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf"][line"402"][id"397989"][rev"1"][msg"Atomicorp.comWAFRules:MSIE6.0detected\(Disableifyo	2020-01-09 22:32:08
200.77.186.206	attack	2020-01-09 07:09:27 H=(timwheatcpa.com) [200.77.186.206]:56921 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.4, 127.0.0.3) (https://www.spamhaus.org/query/ip/200.77.186.206) 2020-01-09 07:09:28 H=(timwheatcpa.com) [200.77.186.206]:56921 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.3, 127.0.0.4) (https://www.spamhaus.org/query/ip/200.77.186.206) 2020-01-09 07:09:29 H=(timwheatcpa.com) [200.77.186.206]:56921 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.4, 127.0.0.3) (https://www.spamhaus.org/query/ip/200.77.186.206) ...	2020-01-09 22:56:45
220.134.131.160	attack	Telnet/23 MH Probe, BF, Hack -	2020-01-09 23:09:20
177.91.112.46	attack	Jan 9 14:23:09 * sshd[13803]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.91.112.46 Jan 9 14:23:12 * sshd[13803]: Failed password for invalid user test from 177.91.112.46 port 47782 ssh2	2020-01-09 22:59:47
191.30.222.43	attack	Telnet/23 MH Probe, BF, Hack -	2020-01-09 22:28:34
185.156.73.54	attack	01/09/2020-09:53:16.725778 185.156.73.54 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-01-09 23:07:01
115.57.127.137	attack	Jan 9 15:17:06 mintao sshd\[21249\]: Invalid user dotfile-tester from 115.57.127.137\ Jan 9 15:23:56 mintao sshd\[21278\]: Invalid user freshmeat from 115.57.127.137\	2020-01-09 23:09:37