52.2.148.139 - IPInfo

基本信息:

城市(city): Ashburn

省份(region): Virginia

国家(country): United States

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 52.2.148.139
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 45902
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;52.2.148.139.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019071401 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Jul 15 11:20:19 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

139.148.2.52.in-addr.arpa domain name pointer ec2-52-2-148-139.compute-1.amazonaws.com.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
139.148.2.52.in-addr.arpa	name = ec2-52-2-148-139.compute-1.amazonaws.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
68.183.62.56	attackspambots	Mar 14 00:09:23 odroid64 sshd\[26799\]: Invalid user rstudio from 68.183.62.56 Mar 14 00:09:23 odroid64 sshd\[26799\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.62.56 ...	2020-03-14 07:40:35
185.234.6.243	attackbots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/185.234.6.243/ RO - 1H : (53) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : RO NAME ASN : ASN48095 IP : 185.234.6.243 CIDR : 185.234.4.0/22 PREFIX COUNT : 153 UNIQUE IP COUNT : 112384 ATTACKS DETECTED ASN48095 : 1H - 4 3H - 6 6H - 6 12H - 13 24H - 13 DateTime : 2020-03-13 21:14:15 INFO : Looking for resource vulnerabilities 403 Detected and Blocked by ADMIN - data recovery	2020-03-14 07:13:37
222.186.175.148	attackbotsspam	Mar 14 00:12:02 nextcloud sshd\[4608\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.148 user=root Mar 14 00:12:03 nextcloud sshd\[4608\]: Failed password for root from 222.186.175.148 port 57510 ssh2 Mar 14 00:12:07 nextcloud sshd\[4608\]: Failed password for root from 222.186.175.148 port 57510 ssh2	2020-03-14 07:14:42
95.27.70.193	attackspambots	Attempt to attack host OS, exploiting network vulnerabilities, on 13-03-2020 21:15:15.	2020-03-14 07:18:56
52.198.153.157	attackspam	[portscan] Port scan	2020-03-14 07:42:34
123.194.35.190	attackspam	Unauthorized connection attempt from IP address 123.194.35.190 on Port 445(SMB)	2020-03-14 07:34:40
218.78.30.224	attackbots	2020-03-13T22:18:37.759043abusebot-3.cloudsearch.cf sshd[5299]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.78.30.224 user=root 2020-03-13T22:18:39.687677abusebot-3.cloudsearch.cf sshd[5299]: Failed password for root from 218.78.30.224 port 45864 ssh2 2020-03-13T22:24:43.108017abusebot-3.cloudsearch.cf sshd[5767]: Invalid user rajesh from 218.78.30.224 port 37240 2020-03-13T22:24:43.115014abusebot-3.cloudsearch.cf sshd[5767]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.78.30.224 2020-03-13T22:24:43.108017abusebot-3.cloudsearch.cf sshd[5767]: Invalid user rajesh from 218.78.30.224 port 37240 2020-03-13T22:24:45.289482abusebot-3.cloudsearch.cf sshd[5767]: Failed password for invalid user rajesh from 218.78.30.224 port 37240 ssh2 2020-03-13T22:26:06.568008abusebot-3.cloudsearch.cf sshd[5883]: Invalid user gpadmin from 218.78.30.224 port 45722 ...	2020-03-14 07:41:59
123.16.92.96	attackbotsspam	Unauthorized connection attempt from IP address 123.16.92.96 on Port 445(SMB)	2020-03-14 07:16:08
117.90.63.192	attackbotsspam	GPON Home Routers Remote Code Execution Vulnerability	2020-03-14 07:16:29
35.153.28.247	spam	AGAIN and AGAIN and ALWAYS the same REGISTRARS as namecheap.com, uniregistry.com and name.com TO STOP IMMEDIATELY for keeping LIERS, ROBERS and else since too many years ! The cheapest service, as usual... And Link as usual by bit.ly to delette IMMEDIATELY too ! MARRE de ces ORDURES et autres FILS de PUTE genre SOUS MERDES capables de POLLUER STUPIDEMENT pour ne pas dire CONNEMENT la Planète par des POURRIELS INUTILES sur des listes VOLÉES on ne sait où et SANS notre accord ! From: newmask.online@gmail.com Reply-To: newmask.online@gmail.com To: ffd-dd-llpm-4+owners@marketnetweb.uno Message-Id: <39b17b4d-be1b-4671-aa46-866d49418462@marketnetweb.uno> marketnetweb.uno => namecheap.com => whoisguard.com marketnetweb.uno => 162.255.119.206 162.255.119.206 => namecheap.com https://www.mywot.com/scorecard/marketnetweb.uno https://www.mywot.com/scorecard/namecheap.com https://www.mywot.com/scorecard/whoisguard.com https://en.asytech.cn/check-ip/162.255.119.206 AS USUAL since few days for PHISHING and SCAM send to : http://bit.ly/2IJ16gn which resend to : https://www.getsafemask.com/checkout?cop_id=kkvvg&aff_id=6468&image={image}&txid=10200a76ef1f9dca79a129309817e4&offer_id=4737&tpl={tpl}&lang={lang}&cur={aff_currency}&preload={preload}&show_timer={timer}&aff_sub=16T&aff_sub2=c0cc55c7-9401-4820-b2d3-bd712f691b9b&aff_sub3=&aff_sub4=&aff_sub5=&aff_click_id= getsafemask.com => namecheap.com getsafemask.com => 35.153.28.247 35.153.28.247 => amazon.com https://www.mywot.com/scorecard/getsafemask.com https://www.mywot.com/scorecard/namecheap.com https://www.mywot.com/scorecard/whoisguard.com https://www.mywot.com/scorecard/amazon.com https://en.asytech.cn/check-ip/35.153.28.247	2020-03-14 07:10:14
176.113.115.11	attackspam	RDP brute forcing (r)	2020-03-14 07:38:41
196.52.43.98	attackspambots	Port scan: Attack repeated for 24 hours	2020-03-14 07:39:45
185.175.93.14	attackbots	Mar 14 00:00:58 debian-2gb-nbg1-2 kernel: \[6399589.829954\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=185.175.93.14 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=17587 PROTO=TCP SPT=55463 DPT=7544 WINDOW=1024 RES=0x00 SYN URGP=0	2020-03-14 07:47:10
222.218.248.42	attack	B: Magento admin pass test (abusive)	2020-03-14 07:21:17
51.75.162.4	attack	Mar 14 00:28:30 ArkNodeAT sshd\[19197\]: Invalid user lomerezco from 51.75.162.4 Mar 14 00:28:30 ArkNodeAT sshd\[19197\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.162.4 Mar 14 00:28:32 ArkNodeAT sshd\[19197\]: Failed password for invalid user lomerezco from 51.75.162.4 port 44470 ssh2	2020-03-14 07:32:21

最近上报的IP列表

78.178.206.159	68.201.167.201	179.95.247.90	66.188.137.189
47.204.164.27	193.174.233.203	78.110.212.48	119.113.84.245
86.101.35.186	49.117.142.127	125.76.192.143	166.111.228.33
162.0.12.139	107.204.30.136	222.84.169.59	212.252.82.152
219.202.220.143	177.92.245.226	187.114.14.104	98.201.189.16