139.193.21.153

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Indonesia

运营商(isp): PT. First Media TBK

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Automatic report - XMLRPC Attack	2020-06-12 16:10:31

相同子网IP讨论:

IP	类型	评论内容	时间
139.193.214.10	attack	2019-04-10 01:18:19 H=\(fm-dyn-139-193-214-10.fast.net.id\) \[139.193.214.10\]:25038 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed 2019-04-10 01:18:33 H=\(fm-dyn-139-193-214-10.fast.net.id\) \[139.193.214.10\]:25135 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed 2019-04-10 01:18:39 H=\(fm-dyn-139-193-214-10.fast.net.id\) \[139.193.214.10\]:25195 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed 2019-04-10 09:59:06 1hE88P-0005cr-Bp SMTP connection from \(fm-dyn-139-193-214-10.fast.net.id\) \[139.193.214.10\]:17713 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-04-10 09:59:17 1hE88a-0005dA-TC SMTP connection from \(fm-dyn-139-193-214-10.fast.net.id\) \[139.193.214.10\]:17802 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-04-10 09:59:29 1hE88n-0005dP-4D SMTP connection from \(fm-dyn-139-193-214-10.fast.net.id ...	2020-02-05 01:03:25

类型

评论内容

时间

139.193.214.10

attack

2019-04-10 01:18:19 H=\(fm-dyn-139-193-214-10.fast.net.id\) \[139.193.214.10\]:25038 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed
2019-04-10 01:18:33 H=\(fm-dyn-139-193-214-10.fast.net.id\) \[139.193.214.10\]:25135 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed
2019-04-10 01:18:39 H=\(fm-dyn-139-193-214-10.fast.net.id\) \[139.193.214.10\]:25195 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed
2019-04-10 09:59:06 1hE88P-0005cr-Bp SMTP connection from \(fm-dyn-139-193-214-10.fast.net.id\) \[139.193.214.10\]:17713 I=\[193.107.88.166\]:25 closed by DROP in ACL
2019-04-10 09:59:17 1hE88a-0005dA-TC SMTP connection from \(fm-dyn-139-193-214-10.fast.net.id\) \[139.193.214.10\]:17802 I=\[193.107.88.166\]:25 closed by DROP in ACL
2019-04-10 09:59:29 1hE88n-0005dP-4D SMTP connection from \(fm-dyn-139-193-214-10.fast.net.id
...

2020-02-05 01:03:25

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.193.21.153
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 41701
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.193.21.153.			IN	A

;; AUTHORITY SECTION:
.			440	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020061200 1800 900 604800 86400

;; Query time: 105 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jun 12 16:10:27 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

153.21.193.139.in-addr.arpa domain name pointer fm-dyn-139-193-21-153.fast.net.id.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
153.21.193.139.in-addr.arpa	name = fm-dyn-139-193-21-153.fast.net.id.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
219.149.220.82	attack	Sep 19 12:50:12 xeon cyrus/imap[58962]: badlogin: [219.149.220.82] plain [SASL(-13): authentication failure: Password verification failed]	2019-09-19 23:44:05
139.59.76.139	attack	WordPress login Brute force / Web App Attack on client site.	2019-09-19 23:54:33
104.244.79.242	attackbots	Sep 19 17:56:12 server2 sshd\[18804\]: Invalid user ubnt from 104.244.79.242 Sep 19 17:56:13 server2 sshd\[18806\]: Invalid user admin from 104.244.79.242 Sep 19 17:56:13 server2 sshd\[18808\]: User root from 104.244.79.242 not allowed because not listed in AllowUsers Sep 19 17:56:13 server2 sshd\[18810\]: Invalid user 1234 from 104.244.79.242 Sep 19 17:56:13 server2 sshd\[18812\]: Invalid user usuario from 104.244.79.242 Sep 19 17:56:13 server2 sshd\[18814\]: Invalid user support from 104.244.79.242	2019-09-20 00:10:52
37.187.17.58	attackbotsspam	F2B jail: sshd. Time: 2019-09-19 17:32:23, Reported by: VKReport	2019-09-19 23:47:57
171.238.39.126	attackspambots	Attempt to attack host OS, exploiting network vulnerabilities, on 19-09-2019 11:52:09.	2019-09-19 23:34:19
14.248.24.215	attackspambots	Attempt to attack host OS, exploiting network vulnerabilities, on 19-09-2019 11:52:05.	2019-09-19 23:42:48
171.67.70.101	attackbotsspam	firewall-block, port(s): 22/tcp, 80/tcp, 443/tcp, 7547/tcp, 39052/tcp, 43969/tcp	2019-09-19 23:53:43
112.217.150.113	attack	k+ssh-bruteforce	2019-09-19 23:55:14
220.92.16.78	attackbots	Sep 19 13:18:19 MK-Soft-VM7 sshd\[5310\]: Invalid user a from 220.92.16.78 port 41524 Sep 19 13:18:19 MK-Soft-VM7 sshd\[5310\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.92.16.78 Sep 19 13:18:21 MK-Soft-VM7 sshd\[5310\]: Failed password for invalid user a from 220.92.16.78 port 41524 ssh2 ...	2019-09-19 23:43:37
51.83.41.120	attack	Sep 19 17:27:30 vps647732 sshd[3401]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.83.41.120 Sep 19 17:27:32 vps647732 sshd[3401]: Failed password for invalid user postgres from 51.83.41.120 port 36902 ssh2 ...	2019-09-19 23:42:23
68.183.65.165	attackspam	Sep 19 01:55:08 hiderm sshd\[15626\]: Invalid user mcserver from 68.183.65.165 Sep 19 01:55:08 hiderm sshd\[15626\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.65.165 Sep 19 01:55:09 hiderm sshd\[15626\]: Failed password for invalid user mcserver from 68.183.65.165 port 54322 ssh2 Sep 19 01:59:18 hiderm sshd\[16024\]: Invalid user rt from 68.183.65.165 Sep 19 01:59:18 hiderm sshd\[16024\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.65.165	2019-09-20 00:12:43
54.37.129.235	attackspam	Sep 19 17:21:49 vmanager6029 sshd\[1077\]: Invalid user edata from 54.37.129.235 port 43696 Sep 19 17:21:49 vmanager6029 sshd\[1077\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.129.235 Sep 19 17:21:50 vmanager6029 sshd\[1077\]: Failed password for invalid user edata from 54.37.129.235 port 43696 ssh2	2019-09-19 23:56:42
145.239.180.96	attackbots	Automatic report - Banned IP Access	2019-09-19 23:23:50
185.222.211.18	attack	port scan and connect, tcp 990 (ftps)	2019-09-20 00:04:48
222.186.15.160	attack	Sep 19 17:46:54 root sshd[5399]: Failed password for root from 222.186.15.160 port 14302 ssh2 Sep 19 17:46:56 root sshd[5399]: Failed password for root from 222.186.15.160 port 14302 ssh2 Sep 19 17:46:59 root sshd[5399]: Failed password for root from 222.186.15.160 port 14302 ssh2 ...	2019-09-20 00:04:12

最近上报的IP列表

5.253.86.187	40.85.206.253	124.196.11.6	13.233.91.146
183.105.115.204	122.117.11.140	182.75.133.108	34.204.189.232
123.203.177.229	171.103.37.114	176.240.187.59	34.239.166.25
23.24.132.13	54.153.84.168	161.35.104.69	147.135.253.94
141.211.240.249	112.198.115.36	27.24.46.40	106.52.47.233