139.215.208.52

Basic Info

City: unknown

Region: Jilin

Country: China

Internet Service Provider: China Unicom

Hostname: unknown

Organization: CHINA UNICOM China169 Backbone

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
139.215.208.125	attackspam	prod11 ...	2020-09-23 20:35:57
139.215.208.125	attack	SSH Brute-Force Attack	2020-09-23 12:58:30
139.215.208.125	attackbotsspam	Sep 22 18:53:22 icinga sshd[51402]: Failed password for root from 139.215.208.125 port 44998 ssh2 Sep 22 19:05:11 icinga sshd[5933]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.215.208.125 Sep 22 19:05:12 icinga sshd[5933]: Failed password for invalid user cloud_user from 139.215.208.125 port 44757 ssh2 ...	2020-09-23 04:43:15
139.215.208.125	attack	Sep 18 17:37:36 serwer sshd\[5253\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.215.208.125 user=root Sep 18 17:37:37 serwer sshd\[5253\]: Failed password for root from 139.215.208.125 port 55743 ssh2 Sep 18 17:40:21 serwer sshd\[5759\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.215.208.125 user=root ...	2020-09-19 03:28:20
139.215.208.125	attack	2020-09-18 12:45:44,153 fail2ban.actions: WARNING [ssh] Ban 139.215.208.125	2020-09-18 19:30:53
139.215.208.74	attackbots	Port scan denied	2020-07-14 04:12:11
139.215.208.74	attackspam	firewall-block, port(s): 12589/tcp	2020-07-04 16:20:19
139.215.208.125	attackbots	Jun 29 14:16:08 lnxded63 sshd[28450]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.215.208.125	2020-06-30 02:57:13
139.215.208.125	attackspam	Invalid user nexus from 139.215.208.125 port 36108	2020-06-27 02:56:55
139.215.208.125	attackbotsspam	Jun 25 06:18:36 home sshd[11002]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.215.208.125 Jun 25 06:18:37 home sshd[11002]: Failed password for invalid user remote from 139.215.208.125 port 55575 ssh2 Jun 25 06:20:51 home sshd[11216]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.215.208.125 ...	2020-06-25 15:22:44
139.215.208.125	attackbots	Invalid user pentaho from 139.215.208.125 port 44814	2020-06-25 05:07:36
139.215.208.125	attackspam	Invalid user alex from 139.215.208.125 port 50239	2020-06-18 02:12:09
139.215.208.125	attackspam	Jun 16 05:51:48 mail sshd[11552]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.215.208.125 Jun 16 05:51:50 mail sshd[11552]: Failed password for invalid user test from 139.215.208.125 port 52232 ssh2 ...	2020-06-16 14:50:50
139.215.208.125	attackspambots	Lines containing failures of 139.215.208.125 (max 1000) Jun 15 12:56:37 localhost sshd[16996]: User r.r from 139.215.208.125 not allowed because listed in DenyUsers Jun 15 12:56:37 localhost sshd[16996]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.215.208.125 user=r.r Jun 15 12:56:39 localhost sshd[16996]: Failed password for invalid user r.r from 139.215.208.125 port 35145 ssh2 Jun 15 12:56:39 localhost sshd[16996]: Received disconnect from 139.215.208.125 port 35145:11: Bye Bye [preauth] Jun 15 12:56:39 localhost sshd[16996]: Disconnected from invalid user r.r 139.215.208.125 port 35145 [preauth] Jun 15 13:12:40 localhost sshd[20034]: Invalid user newuser from 139.215.208.125 port 38259 Jun 15 13:12:40 localhost sshd[20034]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.215.208.125 Jun 15 13:12:43 localhost sshd[20034]: Failed password for invalid user newuser from 139.215.2........ ------------------------------	2020-06-15 21:47:55
139.215.208.15	attackbotsspam	2019-11-20T14:42:39.341220abusebot-8.cloudsearch.cf sshd\[2837\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.215.208.15 user=root	2019-11-21 02:16:19

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.215.208.52
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 13810
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.215.208.52.			IN	A

;; AUTHORITY SECTION:
.			2847	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019040701 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Mon Apr 08 05:37:48 +08 2019
;; MSG SIZE  rcvd: 118

Host info

52.208.215.139.in-addr.arpa domain name pointer 52.208.215.139.adsl-pool.jlccptt.net.cn.

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
52.208.215.139.in-addr.arpa	name = 52.208.215.139.adsl-pool.jlccptt.net.cn.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
223.197.30.225	attackbotsspam	1598877327 - 08/31/2020 14:35:27 Host: 223.197.30.225/223.197.30.225 Port: 445 TCP Blocked	2020-08-31 22:39:54
59.144.139.18	attackbotsspam	Aug 31 15:24:48 h2829583 sshd[3408]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.144.139.18	2020-08-31 22:39:10
188.254.0.182	attackbots	2020-08-31T12:59:41.258447abusebot-8.cloudsearch.cf sshd[19837]: Invalid user dce from 188.254.0.182 port 51864 2020-08-31T12:59:41.264269abusebot-8.cloudsearch.cf sshd[19837]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.254.0.182 2020-08-31T12:59:41.258447abusebot-8.cloudsearch.cf sshd[19837]: Invalid user dce from 188.254.0.182 port 51864 2020-08-31T12:59:43.082363abusebot-8.cloudsearch.cf sshd[19837]: Failed password for invalid user dce from 188.254.0.182 port 51864 ssh2 2020-08-31T13:04:04.512580abusebot-8.cloudsearch.cf sshd[19900]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.254.0.182 user=root 2020-08-31T13:04:07.103462abusebot-8.cloudsearch.cf sshd[19900]: Failed password for root from 188.254.0.182 port 56558 ssh2 2020-08-31T13:08:32.991561abusebot-8.cloudsearch.cf sshd[19905]: Invalid user invite from 188.254.0.182 port 33026 ...	2020-08-31 22:22:17
181.174.144.90	attackbots	Unauthorized connection attempt from IP address 181.174.144.90 on Port 465(SMTPS)	2020-08-31 22:59:34
172.105.248.136	attack	Aug3114:35:17server6sshd[26938]:refusedconnectfrom172.105.248.136\(172.105.248.136\)Aug3114:35:22server6sshd[26948]:refusedconnectfrom172.105.248.136\(172.105.248.136\)Aug3114:35:27server6sshd[26958]:refusedconnectfrom172.105.248.136\(172.105.248.136\)Aug3114:35:32server6sshd[26967]:refusedconnectfrom172.105.248.136\(172.105.248.136\)Aug3114:35:37server6sshd[26982]:refusedconnectfrom172.105.248.136\(172.105.248.136\)	2020-08-31 22:23:56
222.186.30.57	attackspam	Aug 31 16:47:04 piServer sshd[7664]: Failed password for root from 222.186.30.57 port 38466 ssh2 Aug 31 16:47:08 piServer sshd[7664]: Failed password for root from 222.186.30.57 port 38466 ssh2 Aug 31 16:47:11 piServer sshd[7664]: Failed password for root from 222.186.30.57 port 38466 ssh2 ...	2020-08-31 22:53:42
94.2.79.92	attackbotsspam	Automatic report - Port Scan Attack	2020-08-31 22:44:37
199.19.226.35	attackspambots	2020-08-31T14:13:14.207417abusebot-8.cloudsearch.cf sshd[20291]: Invalid user admin from 199.19.226.35 port 56392 2020-08-31T14:13:14.210512abusebot-8.cloudsearch.cf sshd[20289]: Invalid user vagrant from 199.19.226.35 port 56396 2020-08-31T14:13:14.211853abusebot-8.cloudsearch.cf sshd[20290]: Invalid user oracle from 199.19.226.35 port 56400 2020-08-31T14:13:14.212721abusebot-8.cloudsearch.cf sshd[20287]: Invalid user ubuntu from 199.19.226.35 port 56394 ...	2020-08-31 22:17:04
46.148.43.21	attack	8080/tcp [2020-08-31]1pkt	2020-08-31 22:33:14
78.188.60.192	attack	20/8/31@08:35:22: FAIL: Alarm-Network address from=78.188.60.192 ...	2020-08-31 22:52:47
171.246.202.137	attack	445/tcp [2020-08-31]1pkt	2020-08-31 22:19:04
220.127.85.229	attackbots	Automatic report - Port Scan	2020-08-31 22:34:01
112.2.216.222	attack	DATE:2020-08-31 14:35:04, IP:112.2.216.222, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-08-31 22:13:59
189.1.142.31	attack	Unauthorized connection attempt from IP address 189.1.142.31 on Port 445(SMB)	2020-08-31 22:55:59
218.16.204.227	attack	123/udp 123/udp 123/udp [2020-08-31]3pkt	2020-08-31 22:36:58

Recently Reported IPs

36.91.154.82	178.135.94.55	121.173.123.157	36.239.160.173
1.9.138.178	190.7.139.90	102.165.50.30	14.204.84.65
159.65.230.184	112.85.42.238	59.93.166.245	93.157.62.237
5.63.151.102	180.250.58.162	121.239.88.110	116.203.120.207
89.110.21.63	54.39.191.188	14.98.161.46	110.37.216.114