139.0.12.19 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Indonesia

运营商(isp): PT. First Media TBK

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	20/6/21@23:47:59: FAIL: Alarm-Network address from=139.0.12.19 ...	2020-06-22 19:14:39
attackspambots	unauthorized connection attempt	2020-02-04 13:50:40
attackspambots	Unauthorized connection attempt detected from IP address 139.0.12.19 to port 445	2019-12-12 20:11:21
attackspambots	Unauthorized connection attempt from IP address 139.0.12.19 on Port 445(SMB)	2019-08-25 22:13:06

相同子网IP讨论:

IP	类型	评论内容	时间
139.0.126.193	attack	Dec 19 15:39:51 grey postfix/smtpd\[23398\]: NOQUEUE: reject: RCPT from unknown\[139.0.126.193\]: 554 5.7.1 Service unavailable\; Client host \[139.0.126.193\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[139.0.126.193\]\; from=\ to=\ proto=ESMTP helo=\ ...	2019-12-19 22:40:00

类型

评论内容

时间

139.0.126.193

attack

Dec 19 15:39:51 grey postfix/smtpd\[23398\]: NOQUEUE: reject: RCPT from unknown\[139.0.126.193\]: 554 5.7.1 Service unavailable\; Client host \[139.0.126.193\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[139.0.126.193\]\; from=\ to=\ proto=ESMTP helo=\
...

2019-12-19 22:40:00

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.0.12.19
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 11715
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.0.12.19.			IN	A

;; AUTHORITY SECTION:
.			1319	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019051700 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri May 17 16:11:36 CST 2019
;; MSG SIZE  rcvd: 115

HOST信息:

19.12.0.139.in-addr.arpa domain name pointer ln-static-139-0-12-19.link.net.id.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
19.12.0.139.in-addr.arpa	name = ln-static-139-0-12-19.link.net.id.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
165.232.44.157	attackspam	Oct 1 17:49:20 r.ca sshd[12455]: Failed password for invalid user user1 from 165.232.44.157 port 39614 ssh2	2020-10-02 17:09:14
182.121.96.204	attackbotsspam	" "	2020-10-02 17:08:06
118.25.150.183	attackbots	Oct 2 10:02:04 con01 sshd[396077]: Invalid user mario from 118.25.150.183 port 43870 Oct 2 10:02:04 con01 sshd[396077]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.150.183 Oct 2 10:02:04 con01 sshd[396077]: Invalid user mario from 118.25.150.183 port 43870 Oct 2 10:02:06 con01 sshd[396077]: Failed password for invalid user mario from 118.25.150.183 port 43870 ssh2 Oct 2 10:06:11 con01 sshd[402964]: Invalid user sarah from 118.25.150.183 port 34424 ...	2020-10-02 16:52:06
49.235.16.103	attackspambots	Invalid user cloud from 49.235.16.103 port 49830	2020-10-02 16:45:31
185.136.52.158	attack	Oct 2 08:33:15 game-panel sshd[28690]: Failed password for root from 185.136.52.158 port 35044 ssh2 Oct 2 08:39:28 game-panel sshd[29017]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.136.52.158 Oct 2 08:39:29 game-panel sshd[29017]: Failed password for invalid user j from 185.136.52.158 port 41468 ssh2	2020-10-02 16:52:42
173.206.143.242	attackspam	Telnet Honeypot -> Telnet Bruteforce / Login	2020-10-02 17:07:37
212.70.149.83	attackspam	2020-10-02 12:15:13 auth_plain authenticator failed for (User) [212.70.149.83]: 535 Incorrect authentication data (set_id=ab@com.ua) 2020-10-02 12:15:39 auth_plain authenticator failed for (User) [212.70.149.83]: 535 Incorrect authentication data (set_id=dns03@com.ua) ...	2020-10-02 17:17:44
76.69.154.149	attackspambots	trying to access non-authorized port	2020-10-02 17:20:55
120.53.31.96	attack	Invalid user guest from 120.53.31.96 port 49448	2020-10-02 16:50:41
117.50.20.76	attackbotsspam	Oct 2 04:01:33 Tower sshd[41397]: Connection from 117.50.20.76 port 37428 on 192.168.10.220 port 22 rdomain "" Oct 2 04:01:34 Tower sshd[41397]: Failed password for root from 117.50.20.76 port 37428 ssh2 Oct 2 04:01:34 Tower sshd[41397]: Received disconnect from 117.50.20.76 port 37428:11: Bye Bye [preauth] Oct 2 04:01:34 Tower sshd[41397]: Disconnected from authenticating user root 117.50.20.76 port 37428 [preauth]	2020-10-02 17:01:36
122.51.64.115	attack	SSH login attempts.	2020-10-02 16:48:55
123.21.81.118	attackbotsspam	Bruteforce detected by fail2ban	2020-10-02 16:58:18
125.121.135.81	attackspambots	Oct 1 20:37:50 CT3029 sshd[7789]: Invalid user ubuntu from 125.121.135.81 port 39566 Oct 1 20:37:50 CT3029 sshd[7789]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.121.135.81 Oct 1 20:37:52 CT3029 sshd[7789]: Failed password for invalid user ubuntu from 125.121.135.81 port 39566 ssh2 Oct 1 20:37:53 CT3029 sshd[7789]: Received disconnect from 125.121.135.81 port 39566:11: Bye Bye [preauth] Oct 1 20:37:53 CT3029 sshd[7789]: Disconnected from 125.121.135.81 port 39566 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=125.121.135.81	2020-10-02 16:52:58
46.105.31.249	attack	Invalid user apache2 from 46.105.31.249 port 45928	2020-10-02 16:57:03
149.129.136.90	attack	20 attempts against mh-ssh on cloud	2020-10-02 17:20:09

最近上报的IP列表

208.45.190.24	248.123.97.82	187.169.80.209	111.85.11.22
60.194.21.73	188.108.142.99	9.239.2.28	119.58.93.107
235.91.23.78	117.74.125.192	240.193.214.63	19.49.88.232
231.70.115.249	37.63.142.251	27.208.59.235	239.61.233.84
214.224.175.80	138.216.229.64	115.216.58.144	114.142.219.243