Go
139.220.192.57
is a
Hacker
100 %
China
Report Abuse
1018attacks reported
248Port Scan
170Port ScanSSH
165Port ScanHackingBrute-ForceSSH
135
124Port ScanHacking
57Port ScanHackingSpoofingSSH
35Brute-Force
28Brute-ForceSSH
11HackingBrute-ForceSSH
10SSH
...
5reputation reported
4uncategorized
1Brute-ForceMailserver Attack
1abuse reported
1Email Spam
from 41 distinct reporters
and 10 distinct sources : BadIPs.com, blocklist.net.ua, FireHOL, GreenSnow.co, Charles Haley, NormShield.com, VoIPBL.org, NoThink.org, Taichung Education Center, AbuseIPDB
139.220.192.57 was first signaled at 2017-12-02 23:00 and last record was at 2019-07-27 21:40.
IP

139.220.192.57

Organization
China Unicom Beijing Province Network
Localisation
China
Beijing, Beijing
NetRange : First & Last IP
139.220.192.0 - 139.220.255.255
Network CIDR
139.220.192.0/18

Cybercrime IP Feeds

Date UTC Category Sub Categories Source List Source Logs
2019-04-07 12:35 attacks Port Scan AbuseIPDB firewall-block, port(s): 22/tcp
2019-04-07 07:15 attacks Port ScanSSH AbuseIPDB 07.04.2019 16:15:47 SSH access blocked by firewall
2019-04-07 06:14 attacks Port Scan AbuseIPDB 22/tcp 22/tcp 22/tcp... [2019-02-07/04-07]525pkt,1pt.(tcp)
2019-04-06 23:27 attacks Port ScanSSH AbuseIPDB 07.04.2019 08:27:12 SSH access blocked by firewall
2019-04-06 15:14 attacks Port ScanHackingSpoofingSSH AbuseIPDB ports scanning
2019-04-05 22:00 attacks Brute-ForceSSH AbuseIPDB Attempted to connect 2 times to port 22 TCP
2019-04-05 14:16 attacks Port ScanSSH AbuseIPDB 05.04.2019 23:16:52 SSH access blocked by firewall
2019-04-05 04:42 attacks Port Scan AbuseIPDB 22/tcp 22/tcp 22/tcp... [2019-02-04/04-05]528pkt,1pt.(tcp)
2019-04-05 02:06 attacks Port ScanHacking AbuseIPDB MultiHost/MultiPort Probe, Scan, Hack -
2019-04-04 15:15 attacks Port ScanHackingSpoofingSSH AbuseIPDB ports scanning
2019-04-04 12:31 attacks Port Scan AbuseIPDB firewall-block, port(s): 22/tcp
2019-04-03 18:25 attacks Port Scan AbuseIPDB firewall-block, port(s): 22/tcp
2019-04-03 15:15 attacks Port ScanHackingSpoofingSSH AbuseIPDB ports scanning
2019-04-03 02:40 attacks Port Scan AbuseIPDB 22/tcp 22/tcp 22/tcp... [2019-02-04/04-03]522pkt,1pt.(tcp)
2019-04-03 00:28 attacks Port ScanHacking AbuseIPDB MultiHost/MultiPort Probe, Scan, Hack -
2019-04-02 17:02 attacks Port Scan AbuseIPDB firewall-block, port(s): 22/tcp
2019-04-02 15:10 attacks Port ScanHackingSpoofingSSH AbuseIPDB ports scanning
2019-04-01 04:02 attacks Port Scan AbuseIPDB firewall-block, port(s): 22/tcp
2019-03-31 22:42 attacks Port Scan AbuseIPDB 22/tcp 22/tcp 22/tcp... [2019-02-01/04-01]516pkt,1pt.(tcp)
2019-03-31 22:30 attacks Port Scan AbuseIPDB Port scan attempt detected by AWS-CCS, CTS, India
2019-03-30 15:12 attacks Port ScanHackingSpoofingSSH AbuseIPDB ports scanning
2019-03-29 18:47 attacks Port Scan AbuseIPDB 22/tcp 22/tcp 22/tcp... [2019-02-01/03-30]492pkt,1pt.(tcp)
2019-03-29 07:49 attacks Port ScanHackingBrute-ForceSSH AbuseIPDB [portscan] tcp/22 [SSH] [scan/connect: 3 time(s)] *(RWIN=65535)(03291029)
2019-03-29 02:04 attacks Port ScanHacking AbuseIPDB MultiHost/MultiPort Probe, Scan, Hack -
2019-03-28 23:02 attacks Port Scan AbuseIPDB firewall-block, port(s): 22/tcp
2019-03-27 23:45 attacks Port ScanHackingBrute-ForceSSH AbuseIPDB [portscan] tcp/22 [SSH] *(RWIN=65535)(03281130)
2019-03-27 23:41 attacks Port ScanHacking AbuseIPDB MultiHost/MultiPort Probe, Scan, Hack -
2019-03-27 17:14 attacks Port Scan AbuseIPDB 22/tcp 22/tcp 22/tcp... [2019-02-01/03-27]480pkt,1pt.(tcp)
2019-03-27 13:57 attacks Port ScanSSH AbuseIPDB 27.03.2019 22:57:01 SSH access blocked by firewall
2019-03-26 23:20 attacks Port Scan AbuseIPDB firewall-block, port(s): 22/tcp
2019-03-26 05:22 attacks Hacking AbuseIPDB port 22
2019-03-26 04:52 attacks Port ScanHackingBrute-ForceSSH AbuseIPDB [portscan] tcp/22 [SSH] *(RWIN=65535)(03261516)
2019-03-25 20:02 attacks Port Scan AbuseIPDB firewall-block, port(s): 22/tcp
2019-03-25 16:13 attacks Port Scan AbuseIPDB 22/tcp 22/tcp 22/tcp... [2019-02-01/03-26]468pkt,1pt.(tcp)
2019-03-25 15:11 attacks Port ScanHackingSpoofingSSH AbuseIPDB ports scanning
2019-03-25 04:37 attacks Port ScanHacking AbuseIPDB MultiHost/MultiPort Probe, Scan, Hack -
2019-03-24 15:10 attacks Port ScanHackingSpoofingSSH AbuseIPDB ports scanning
2019-03-24 12:02 attacks Port ScanSSH AbuseIPDB 24.03.2019 21:00:36 SSH access blocked by firewall
2019-03-24 07:02 attacks Port ScanHackingBrute-ForceSSH AbuseIPDB Unauthorized access on Port 22 [ssh]
2019-03-23 22:02 attacks Port ScanHacking AbuseIPDB MultiHost/MultiPort Probe, Scan, Hack -
2019-03-23 21:40 attacks Port Scan AbuseIPDB firewall-block, port(s): 22/tcp
2019-03-23 15:13 attacks Port Scan AbuseIPDB 22/tcp 22/tcp 22/tcp... [2019-02-01/03-23]450pkt,1pt.(tcp)
2019-03-23 13:53 attacks Port Scan AbuseIPDB firewall-block, port(s): 22/tcp
2019-03-22 20:20 attacks Port ScanSSH AbuseIPDB 23.03.2019 05:20:01 SSH access blocked by firewall
2019-03-22 16:02 attacks Port ScanHacking AbuseIPDB MultiHost/MultiPort Probe, Scan, Hack -
2019-03-22 15:20 attacks Port Scan AbuseIPDB firewall-block, port(s): 22/tcp
2019-03-22 15:11 attacks Port ScanHackingSpoofingSSH AbuseIPDB ports scanning
2019-03-21 21:53 attacks Port ScanHackingBrute-ForceSSH AbuseIPDB [portscan] tcp/22 [SSH] *(RWIN=65535)(03220933)
2019-03-21 13:57 attacks Port Scan AbuseIPDB Blocked_by_firewall_on_my_AS24940_VPS
2019-03-21 12:43 attacks Port Scan AbuseIPDB 22/tcp 22/tcp 22/tcp... [2019-02-01/03-21]432pkt,1pt.(tcp)
2017-12-02 23:00 attacks FTP Brute-ForceHacking AbuseIPDB Sep 8 20:05:10 kunden sshd[23458]: Address 139.220.192.57 maps to user.192.126.222.zhong-ren.net, but this does not map back to the address - POSSIBLE
2017-12-09 04:47 attacks Brute-ForceSSH AbuseIPDB SSH/22 MH Probe, BF -
2017-12-09 05:02 attacks Brute-ForceSSH AbuseIPDB SSH/22 MH Probe, BF -
2017-12-09 10:17 attacks Brute-ForceSSH AbuseIPDB SSH/22 MH Probe, BF -
2017-12-10 04:47 attacks Brute-ForceSSH AbuseIPDB SSH/22 MH Probe, BF -
2018-08-03 18:42 attacks Port Scan AbuseIPDB 22/tcp 22/tcp 22/tcp... [2018-06-04/08-03]270pkt,1pt.(tcp)
2018-08-04 02:21 attacks Port ScanSSH AbuseIPDB 04.08.2018 11:21:32 SSH access blocked by firewall
2018-08-04 19:41 attacks Port Scan AbuseIPDB 22/tcp 22/tcp 22/tcp... [2018-06-04/08-04]270pkt,1pt.(tcp)
2018-08-04 21:07 attacks Port ScanSSH AbuseIPDB Firewall - block on port TCP 22 {ssh}
2018-08-05 11:31 attacks Brute-ForceSSH AbuseIPDB Aug 5 21:31:20 vps1652342 sshd\[16117\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.220.192.57 use
2019-03-29 18:18 reputation alienvault_reputation  
2019-03-29 18:19 attacks bi_any_1_7d BadIPs.com  
2019-03-29 18:19 attacks bi_any_2_30d BadIPs.com  
2019-03-29 18:19 attacks bi_any_2_7d BadIPs.com  
2019-03-29 18:20 attacks SSH bi_ssh_1_7d BadIPs.com  
2019-03-29 18:20 attacks SSH bi_ssh_2_30d BadIPs.com  
2019-03-29 18:21 abuse Email Spam blocklist_net_ua blocklist.net.ua  
2019-03-29 18:22 reputation ciarmy  
2019-03-29 18:27 attacks firehol_level2 FireHOL  
2019-03-29 18:27 attacks firehol_level3 FireHOL  
2019-03-29 18:28 attacks firehol_level4 FireHOL  
2019-03-29 18:34 attacks greensnow GreenSnow.co  
2019-03-29 18:34 attacks SSH haley_ssh Charles Haley  
2019-03-29 18:36 reputation iblocklist_ciarmy_malicious  
2019-03-29 18:41 attacks Brute-Force normshield_all_bruteforce NormShield.com  
2019-03-29 18:41 attacks Brute-Force normshield_high_bruteforce NormShield.com  
2019-03-29 18:41 reputation Brute-ForceMailserver Attack packetmail  
2019-03-29 18:53 reputation turris_greylist  
2019-03-29 18:53 attacks Fraud VoIP voipbl VoIPBL.org  
2019-06-03 23:00 attacks SSH nt_ssh_7d NoThink.org  
2019-06-04 22:17 attacks bi_any_0_1d BadIPs.com  
2019-06-04 22:17 attacks bi_any_2_1d BadIPs.com  
2019-06-04 22:18 attacks SSH bi_ssh_0_1d BadIPs.com  
2019-07-27 21:40 attacks taichung Taichung Education Center  
only last 50 and first 10 AbuseIPDB logs are shown

Threats Categories :

abuse
IPs used to spam forum, boards, blogs or smtp servers, automated web scripts or scrappers (bad bots)
anonymizer
Onion Router IP addresses. TOR network IPs, TOR exit points, socks or ssl proxy.
attacks
bruteforce ssh/ftp/system account, IPs that have been detected by fail2ban, ports scan, vulnerabilities scan, DDoS.
malware
Addresses that have been identified distributing malware, form-grabber and stealer, Viruses, Worms, Trojans, Ransomware, Adware, Spyware

Whois

whois.apnic.net.



inetnum: 139.220.192.0 - 139.220.255.255
netname: shinenet
descr: Beijing flash newsletter cas telecommunication
descr: technology Co., LTD
descr: Beijing 3-3-102 valley in xuanwu district
country: CN
admin-c: ZW1689-AP
tech-c: ZW1689-AP
mnt-by: MAINT-CNNIC-AP
mnt-lower: MAINT-CNNIC-AP
mnt-routes: MAINT-CNNIC-AP
mnt-irt: IRT-CNNIC-CN
status: ALLOCATED PORTABLE
last-modified: 2017-03-23T07:20:01Z
source: APNIC

irt: IRT-CNNIC-CN
address: Beijing, China
e-mail: ipas@cnnic.cn
abuse-mailbox: ipas@cnnic.cn
admin-c: IP50-AP
tech-c: IP50-AP
auth: # Filtered
remarks: Please note that CNNIC is not an ISP and is not
remarks: empowered to investigate complaints of network abuse.
remarks: Please contact the tech-c or admin-c of the network.
mnt-by: MAINT-CNNIC-AP
last-modified: 2017-11-01T08:57:39Z
source: APNIC

person: Zheng Wen
address: Beijing 3-3-102 valley in xuanwu district
country: CN
phone: +8610-13381105405
e-mail: vipzhengwen@163.com
nic-hdl: ZW1689-AP
mnt-by: MAINT-CNNIC-AP
last-modified: 2011-01-20T07:58:02Z
source: APNIC
most specific ip range is highlighted
Updated : 2019-08-11