52.139.39.220 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Canada

Internet Service Provider: Microsoft Corporation

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Jul 22 13:11:26 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3f:fd:58:00:08:e3:ff:fd:90:08:00 SRC=52.139.39.220 DST=79.143.186.54 LEN=40 TOS=0x00 PREC=0x00 TTL=45 ID=55928 PROTO=TCP SPT=32684 DPT=23 WINDOW=55247 RES=0x00 SYN URGP=0 Jul 22 13:36:36 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3f:fd:58:00:08:e3:ff:fd:90:08:00 SRC=52.139.39.220 DST=79.143.186.54 LEN=40 TOS=0x00 PREC=0x00 TTL=45 ID=55928 PROTO=TCP SPT=32684 DPT=23 WINDOW=55247 RES=0x00 SYN URGP=0 Jul 22 13:41:27 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3f:fd:58:00:08:e3:ff:fd:90:08:00 SRC=52.139.39.220 DST=79.143.186.54 LEN=40 TOS=0x00 PREC=0x00 TTL=45 ID=55928 PROTO=TCP SPT=32684 DPT=23 WINDOW=55247 RES=0x00 SYN URGP=0	2020-07-22 22:28:09

Type

Details

Datetime

attackspambots

Jul 22 13:11:26 *hidden* kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3f:fd:58:00:08:e3:ff:fd:90:08:00 SRC=52.139.39.220 DST=79.143.186.54 LEN=40 TOS=0x00 PREC=0x00 TTL=45 ID=55928 PROTO=TCP SPT=32684 DPT=23 WINDOW=55247 RES=0x00 SYN URGP=0 Jul 22 13:36:36 *hidden* kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3f:fd:58:00:08:e3:ff:fd:90:08:00 SRC=52.139.39.220 DST=79.143.186.54 LEN=40 TOS=0x00 PREC=0x00 TTL=45 ID=55928 PROTO=TCP SPT=32684 DPT=23 WINDOW=55247 RES=0x00 SYN URGP=0 Jul 22 13:41:27 *hidden* kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3f:fd:58:00:08:e3:ff:fd:90:08:00 SRC=52.139.39.220 DST=79.143.186.54 LEN=40 TOS=0x00 PREC=0x00 TTL=45 ID=55928 PROTO=TCP SPT=32684 DPT=23 WINDOW=55247 RES=0x00 SYN URGP=0

2020-07-22 22:28:09

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 52.139.39.220
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 26076
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;52.139.39.220.			IN	A

;; AUTHORITY SECTION:
.			551	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020072200 1800 900 604800 86400

;; Query time: 41 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jul 22 22:28:00 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 220.39.139.52.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 220.39.139.52.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
104.41.33.227	attackbots	Multiple SSH login attempts.	2020-09-28 22:34:24
180.76.55.119	attack	Time: Sun Sep 27 01:17:43 2020 +0000 IP: 180.76.55.119 (CN/China/-) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Sep 27 01:09:07 activeserver sshd[363]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.55.119 user=git Sep 27 01:09:09 activeserver sshd[363]: Failed password for git from 180.76.55.119 port 39794 ssh2 Sep 27 01:14:15 activeserver sshd[15264]: Invalid user qbtuser from 180.76.55.119 port 57994 Sep 27 01:14:17 activeserver sshd[15264]: Failed password for invalid user qbtuser from 180.76.55.119 port 57994 ssh2 Sep 27 01:17:41 activeserver sshd[25396]: Invalid user joao from 180.76.55.119 port 41904	2020-09-28 22:13:33
91.134.13.250	attackbotsspam	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-09-28T13:28:29Z and 2020-09-28T13:35:39Z	2020-09-28 22:25:20
152.170.65.133	attack	(sshd) Failed SSH login from 152.170.65.133 (AR/Argentina/133-65-170-152.fibertel.com.ar): 5 in the last 3600 secs	2020-09-28 22:12:23
180.76.174.39	attackspambots	Sep 28 00:05:43 web9 sshd\[11845\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.174.39 user=root Sep 28 00:05:45 web9 sshd\[11845\]: Failed password for root from 180.76.174.39 port 50742 ssh2 Sep 28 00:08:58 web9 sshd\[12254\]: Invalid user alex from 180.76.174.39 Sep 28 00:08:58 web9 sshd\[12254\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.174.39 Sep 28 00:09:00 web9 sshd\[12254\]: Failed password for invalid user alex from 180.76.174.39 port 59608 ssh2	2020-09-28 22:27:49
142.93.213.91	attackspambots	142.93.213.91 - - [28/Sep/2020:14:51:03 +0100] "POST /wp-login.php HTTP/1.1" 200 2426 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.213.91 - - [28/Sep/2020:14:51:05 +0100] "POST /wp-login.php HTTP/1.1" 200 2443 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.213.91 - - [28/Sep/2020:14:51:06 +0100] "POST /wp-login.php HTTP/1.1" 200 2405 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-28 22:11:05
202.184.30.216	attack	(sshd) Failed SSH login from 202.184.30.216 (MY/Malaysia/Selangor/Shah Alam (Hicom-glenmarie Industrial Park)/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 28 09:19:02 atlas sshd[25331]: Invalid user sl from 202.184.30.216 port 43122 Sep 28 09:19:04 atlas sshd[25331]: Failed password for invalid user sl from 202.184.30.216 port 43122 ssh2 Sep 28 09:30:22 atlas sshd[28517]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.184.30.216 user=root Sep 28 09:30:24 atlas sshd[28517]: Failed password for root from 202.184.30.216 port 35824 ssh2 Sep 28 09:36:46 atlas sshd[30142]: Invalid user team1 from 202.184.30.216 port 40052	2020-09-28 22:02:25
106.75.132.3	attackspambots	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-09-28T11:36:41Z and 2020-09-28T11:40:01Z	2020-09-28 22:32:33
45.248.68.153	attackbotsspam	Sep 28 15:51:27 melroy-server sshd[29174]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.248.68.153 Sep 28 15:51:29 melroy-server sshd[29174]: Failed password for invalid user ircd from 45.248.68.153 port 52602 ssh2 ...	2020-09-28 22:06:00
119.28.4.215	attackbotsspam	Sep 28 16:12:45 hidden sshd[11991]: Failed password for invalid user jiaxing from 119.28.4.215 port 33496 ssh2 Sep 28 16:14:41 hidden sshd[12875]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.28.4.215 user=ftp Sep 28 16:14:43 hidden sshd[12875]: Failed password for hidden from 119.28.4.215 port 55930 ssh2	2020-09-28 22:14:50
119.29.173.247	attackbotsspam	Invalid user ryan from 119.29.173.247 port 44940	2020-09-28 21:58:07
51.158.70.82	attackbots	Sep 28 14:23:59 nas sshd[12350]: Failed password for root from 51.158.70.82 port 37244 ssh2 Sep 28 14:32:02 nas sshd[12785]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.158.70.82 Sep 28 14:32:04 nas sshd[12785]: Failed password for invalid user wang from 51.158.70.82 port 52194 ssh2 ...	2020-09-28 22:20:15
222.186.175.154	attack	Time: Sun Sep 27 15:50:48 2020 +0000 IP: 222.186.175.154 (CN/China/-) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Sep 27 15:50:32 29-1 sshd[6481]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.154 user=root Sep 27 15:50:34 29-1 sshd[6481]: Failed password for root from 222.186.175.154 port 42658 ssh2 Sep 27 15:50:38 29-1 sshd[6481]: Failed password for root from 222.186.175.154 port 42658 ssh2 Sep 27 15:50:41 29-1 sshd[6481]: Failed password for root from 222.186.175.154 port 42658 ssh2 Sep 27 15:50:44 29-1 sshd[6481]: Failed password for root from 222.186.175.154 port 42658 ssh2	2020-09-28 22:31:22
106.12.198.236	attack	Time: Sun Sep 27 06:48:14 2020 +0000 IP: 106.12.198.236 (CN/China/-) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Sep 27 06:42:19 3 sshd[27802]: Failed password for invalid user nfs from 106.12.198.236 port 44712 ssh2 Sep 27 06:46:13 3 sshd[5611]: Invalid user s from 106.12.198.236 port 55754 Sep 27 06:46:15 3 sshd[5611]: Failed password for invalid user s from 106.12.198.236 port 55754 ssh2 Sep 27 06:48:08 3 sshd[10485]: Invalid user vmware from 106.12.198.236 port 33042 Sep 27 06:48:10 3 sshd[10485]: Failed password for invalid user vmware from 106.12.198.236 port 33042 ssh2	2020-09-28 22:32:51
135.181.10.182	attackbotsspam	Time: Sat Sep 26 21:30:04 2020 +0000 IP: 135.181.10.182 (DE/Germany/static.182.10.181.135.clients.your-server.de) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Sep 26 21:07:27 activeserver sshd[3337]: Invalid user lankacom from 135.181.10.182 port 40064 Sep 26 21:07:29 activeserver sshd[3337]: Failed password for invalid user lankacom from 135.181.10.182 port 40064 ssh2 Sep 26 21:26:23 activeserver sshd[15901]: Invalid user dockeradmin from 135.181.10.182 port 52244 Sep 26 21:26:25 activeserver sshd[15901]: Failed password for invalid user dockeradmin from 135.181.10.182 port 52244 ssh2 Sep 26 21:30:03 activeserver sshd[24248]: Invalid user jason from 135.181.10.182 port 37292	2020-09-28 22:21:07

Recently Reported IPs

97.242.177.63	111.80.94.233	16.239.223.220	176.151.183.61
179.43.113.4	180.127.48.158	185.227.81.20	93.78.33.58
94.84.162.81	171.244.68.24	83.157.193.119	239.186.230.177
76.243.242.16	88.1.20.203	137.59.177.94	212.219.84.167
15.154.121.196	172.159.198.161	165.22.118.137	165.22.114.210