52.202.2.139 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States of America

运营商(isp): Amazon Technologies Inc.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Mar 22 09:35:49 ns392434 sshd[5139]: Invalid user fujimoto from 52.202.2.139 port 52444 Mar 22 09:35:49 ns392434 sshd[5139]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.202.2.139 Mar 22 09:35:49 ns392434 sshd[5139]: Invalid user fujimoto from 52.202.2.139 port 52444 Mar 22 09:35:51 ns392434 sshd[5139]: Failed password for invalid user fujimoto from 52.202.2.139 port 52444 ssh2 Mar 22 09:50:56 ns392434 sshd[5549]: Invalid user plp from 52.202.2.139 port 34776 Mar 22 09:50:56 ns392434 sshd[5549]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.202.2.139 Mar 22 09:50:56 ns392434 sshd[5549]: Invalid user plp from 52.202.2.139 port 34776 Mar 22 09:50:58 ns392434 sshd[5549]: Failed password for invalid user plp from 52.202.2.139 port 34776 ssh2 Mar 22 10:04:30 ns392434 sshd[5952]: Invalid user sheyenne from 52.202.2.139 port 42374	2020-03-22 17:50:38

类型

评论内容

时间

attackspambots

Mar 22 09:35:49 ns392434 sshd[5139]: Invalid user fujimoto from 52.202.2.139 port 52444
Mar 22 09:35:49 ns392434 sshd[5139]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.202.2.139
Mar 22 09:35:49 ns392434 sshd[5139]: Invalid user fujimoto from 52.202.2.139 port 52444
Mar 22 09:35:51 ns392434 sshd[5139]: Failed password for invalid user fujimoto from 52.202.2.139 port 52444 ssh2
Mar 22 09:50:56 ns392434 sshd[5549]: Invalid user plp from 52.202.2.139 port 34776
Mar 22 09:50:56 ns392434 sshd[5549]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.202.2.139
Mar 22 09:50:56 ns392434 sshd[5549]: Invalid user plp from 52.202.2.139 port 34776
Mar 22 09:50:58 ns392434 sshd[5549]: Failed password for invalid user plp from 52.202.2.139 port 34776 ssh2
Mar 22 10:04:30 ns392434 sshd[5952]: Invalid user sheyenne from 52.202.2.139 port 42374

2020-03-22 17:50:38

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 52.202.2.139
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 62018
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;52.202.2.139.			IN	A

;; AUTHORITY SECTION:
.			561	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020032200 1800 900 604800 86400

;; Query time: 97 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Mar 22 17:50:34 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

139.2.202.52.in-addr.arpa domain name pointer ec2-52-202-2-139.compute-1.amazonaws.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
139.2.202.52.in-addr.arpa	name = ec2-52-202-2-139.compute-1.amazonaws.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
123.207.211.71	attackbots	Aug 15 16:39:27 NPSTNNYC01T sshd[14771]: Failed password for root from 123.207.211.71 port 51314 ssh2 Aug 15 16:43:17 NPSTNNYC01T sshd[15064]: Failed password for root from 123.207.211.71 port 57490 ssh2 ...	2020-08-16 04:47:44
222.186.42.137	attack	Failed password for invalid user from 222.186.42.137 port 56066 ssh2	2020-08-16 05:02:06
45.136.108.67	attack	Unauthorized connection attempt detected from IP address 45.136.108.67 to port 2261 [T]	2020-08-16 04:36:18
111.77.205.81	attack	Aug 15 22:51:54 nas sshd[32198]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.77.205.81 Aug 15 22:51:56 nas sshd[32198]: Failed password for invalid user guest from 111.77.205.81 port 41686 ssh2 Aug 15 22:52:07 nas sshd[32205]: Failed password for root from 111.77.205.81 port 36686 ssh2 ...	2020-08-16 04:52:34
34.87.171.184	attackbots	Aug 15 20:39:21 rush sshd[12985]: Failed password for root from 34.87.171.184 port 52854 ssh2 Aug 15 20:43:04 rush sshd[13125]: Failed password for root from 34.87.171.184 port 54882 ssh2 ...	2020-08-16 05:03:46
218.92.0.191	attackbots	Aug 15 23:02:29 dcd-gentoo sshd[19240]: User root from 218.92.0.191 not allowed because none of user's groups are listed in AllowGroups Aug 15 23:02:32 dcd-gentoo sshd[19240]: error: PAM: Authentication failure for illegal user root from 218.92.0.191 Aug 15 23:02:32 dcd-gentoo sshd[19240]: Failed keyboard-interactive/pam for invalid user root from 218.92.0.191 port 15904 ssh2 ...	2020-08-16 05:05:01
92.118.161.61	attackspam	TCP (SYN) 92.118.161.61:34247 -> port 8082, len 44	2020-08-16 04:30:34
185.153.196.243	attack	Unauthorized connection attempt detected from IP address 185.153.196.243 to port 3389 [T]	2020-08-16 04:41:38
83.146.113.7	attack	Unauthorized connection attempt detected from IP address 83.146.113.7 to port 445 [T]	2020-08-16 04:31:21
54.39.51.192	attack	[2020-08-15 08:18:30] NOTICE[1185][C-00002753] chan_sip.c: Call from '' (54.39.51.192:38411) to extension '+48323395006' rejected because extension not found in context 'public'. [2020-08-15 08:18:30] SECURITY[1203] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-08-15T08:18:30.016-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="+48323395006",SessionID="0x7f10c43e3a48",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/54.39.51.192/5060",ACLName="no_extension_match" [2020-08-15 08:19:16] NOTICE[1185][C-00002754] chan_sip.c: Call from '' (54.39.51.192:20791) to extension '+48323395006' rejected because extension not found in context 'public'. [2020-08-15 08:19:16] SECURITY[1203] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-08-15T08:19:16.022-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="+48323395006",SessionID="0x7f10c4320288",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/54.39.51.192/506 ...	2020-08-16 04:34:16
137.220.178.26	attackspambots	Unauthorized connection attempt detected from IP address 137.220.178.26 to port 3389 [T]	2020-08-16 04:26:19
222.186.175.148	attackspam	2020-08-15T20:46:49.691485shield sshd\[5889\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.148 user=root 2020-08-15T20:46:52.157404shield sshd\[5889\]: Failed password for root from 222.186.175.148 port 51500 ssh2 2020-08-15T20:46:55.412435shield sshd\[5889\]: Failed password for root from 222.186.175.148 port 51500 ssh2 2020-08-15T20:46:57.746076shield sshd\[5889\]: Failed password for root from 222.186.175.148 port 51500 ssh2 2020-08-15T20:47:01.022104shield sshd\[5889\]: Failed password for root from 222.186.175.148 port 51500 ssh2	2020-08-16 04:53:31
122.236.130.167	attack	Unauthorized connection attempt detected from IP address 122.236.130.167 to port 445 [T]	2020-08-16 04:27:05
64.227.50.96	attackbots	www.handydirektreparatur.de 64.227.50.96 [15/Aug/2020:22:47:08 +0200] "POST /wp-login.php HTTP/1.1" 200 6643 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" www.handydirektreparatur.de 64.227.50.96 [15/Aug/2020:22:47:09 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4081 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-08-16 04:48:31
43.230.141.75	attack	Unauthorized connection attempt detected from IP address 43.230.141.75 to port 1433 [T]	2020-08-16 04:36:55

最近上报的IP列表

34.91.145.90	121.25.112.130	217.70.191.164	80.85.152.60
49.232.141.44	218.153.177.153	162.34.220.202	150.196.194.188
238.227.78.198	192.144.230.221	180.218.104.22	102.200.231.92
14.170.160.198	152.158.158.181	178.46.214.247	157.91.181.122
177.188.195.116	120.213.123.68	20.56.231.198	88.88.255.41