139.194.20.198

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Indonesia

运营商(isp): PT. First Media TBK

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Unauthorized connection attempt detected from IP address 139.194.20.198 to port 4567 [J]	2020-01-29 02:35:18

相同子网IP讨论:

IP	类型	评论内容	时间
139.194.20.239	attackbotsspam	2019-07-07 19:15:33 1hkAl8-00063y-7m SMTP connection from \(fm-dyn-139-194-20-239.fast.net.id\) \[139.194.20.239\]:43362 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-07-07 19:15:56 1hkAlX-00064X-7D SMTP connection from \(fm-dyn-139-194-20-239.fast.net.id\) \[139.194.20.239\]:43560 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-07-07 19:16:09 1hkAlk-00064r-RQ SMTP connection from \(fm-dyn-139-194-20-239.fast.net.id\) \[139.194.20.239\]:43667 I=\[193.107.88.166\]:25 closed by DROP in ACL ...	2020-02-05 00:59:58
139.194.209.123	attackbots	Honeypot attack, port: 445, PTR: fm-dyn-139-194-209-123.fast.net.id.	2020-01-13 15:00:10
139.194.207.158	attackbotsspam	Sun, 21 Jul 2019 18:28:30 +0000 likely compromised host or open proxy. ddos rate spidering	2019-07-22 04:50:29

类型

评论内容

时间

139.194.20.239

attackbotsspam

2019-07-07 19:15:33 1hkAl8-00063y-7m SMTP connection from \(fm-dyn-139-194-20-239.fast.net.id\) \[139.194.20.239\]:43362 I=\[193.107.88.166\]:25 closed by DROP in ACL
2019-07-07 19:15:56 1hkAlX-00064X-7D SMTP connection from \(fm-dyn-139-194-20-239.fast.net.id\) \[139.194.20.239\]:43560 I=\[193.107.88.166\]:25 closed by DROP in ACL
2019-07-07 19:16:09 1hkAlk-00064r-RQ SMTP connection from \(fm-dyn-139-194-20-239.fast.net.id\) \[139.194.20.239\]:43667 I=\[193.107.88.166\]:25 closed by DROP in ACL
...

2020-02-05 00:59:58

139.194.209.123

attackbots

Honeypot attack, port: 445, PTR: fm-dyn-139-194-209-123.fast.net.id.

2020-01-13 15:00:10

139.194.207.158

attackbotsspam

Sun, 21 Jul 2019 18:28:30 +0000 likely compromised host or open proxy. ddos rate spidering

2019-07-22 04:50:29

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.194.20.198
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 17193
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.194.20.198.			IN	A

;; AUTHORITY SECTION:
.			301	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020012801 1800 900 604800 86400

;; Query time: 130 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jan 29 02:35:13 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

198.20.194.139.in-addr.arpa domain name pointer fm-dyn-139-194-20-198.fast.net.id.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
198.20.194.139.in-addr.arpa	name = fm-dyn-139-194-20-198.fast.net.id.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
49.234.92.209	attack	Rate limit reached on private web app ( > 100 requests in 15 minutes)	2019-07-14 02:02:58
190.147.159.34	attackspam	Jul 13 19:17:28 legacy sshd[24795]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.147.159.34 Jul 13 19:17:30 legacy sshd[24795]: Failed password for invalid user svn from 190.147.159.34 port 43218 ssh2 Jul 13 19:23:39 legacy sshd[24963]: Failed password for games from 190.147.159.34 port 43793 ssh2 ...	2019-07-14 01:33:08
94.251.62.141	attackspambots	Port scan on 1 port(s): 9527	2019-07-14 01:11:51
185.189.115.24	attack	(From sharma751@yahoo.com) Trouvez les femmes les plus chaudes pour les rencontres sexuelles: https://hec.su/jVX6?LwFm6B	2019-07-14 01:48:02
66.70.189.236	attackbots	Jul 13 18:06:44 localhost sshd\[3381\]: Invalid user rs from 66.70.189.236 port 33378 Jul 13 18:06:44 localhost sshd\[3381\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.70.189.236 ...	2019-07-14 01:24:46
207.46.13.128	attack	Automatic report - Banned IP Access	2019-07-14 01:30:15
213.79.68.70	attack	Autoban 213.79.68.70 AUTH/CONNECT	2019-07-14 01:14:42
2.38.90.101	attack	Jul 13 18:37:31 localhost sshd\[7192\]: Invalid user ftpuser from 2.38.90.101 port 54594 Jul 13 18:37:31 localhost sshd\[7192\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.38.90.101 ...	2019-07-14 01:48:33
114.96.63.235	attack	smtp brute force login	2019-07-14 01:40:33
142.93.103.103	attackspam	Automatic report - Banned IP Access	2019-07-14 01:22:46
159.147.165.203	attackbotsspam	3389BruteforceIDS	2019-07-14 01:07:08
94.39.248.202	attackbotsspam	Jul 13 16:14:45 debian sshd\[21880\]: Invalid user eas from 94.39.248.202 port 50591 Jul 13 16:14:45 debian sshd\[21880\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.39.248.202 ...	2019-07-14 01:26:33
185.2.5.13	attack	masters-of-media.de 185.2.5.13 \[13/Jul/2019:18:09:52 +0200\] "POST /wp-login.php HTTP/1.1" 200 5855 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" masters-of-media.de 185.2.5.13 \[13/Jul/2019:18:09:53 +0200\] "POST /wp-login.php HTTP/1.1" 200 5854 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" masters-of-media.de 185.2.5.13 \[13/Jul/2019:18:09:53 +0200\] "POST /xmlrpc.php HTTP/1.1" 200 4102 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-07-14 01:35:08
120.157.12.197	attackspambots	23/tcp 23/tcp 23/tcp [2019-07-06/13]3pkt	2019-07-14 01:38:07
63.143.35.146	attackspambots	\[2019-07-13 13:05:04\] NOTICE\[22786\] chan_sip.c: Registration from '\' failed for '63.143.35.146:62420' - Wrong password \[2019-07-13 13:05:04\] SECURITY\[22794\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-07-13T13:05:04.827-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="4416",SessionID="0x7f75441d3078",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/63.143.35.146/62420",Challenge="61e672bf",ReceivedChallenge="61e672bf",ReceivedHash="9570846ae26e5b944654469fd52f742e" \[2019-07-13 13:05:46\] NOTICE\[22786\] chan_sip.c: Registration from '\' failed for '63.143.35.146:59039' - Wrong password \[2019-07-13 13:05:46\] SECURITY\[22794\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-07-13T13:05:46.312-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="6006",SessionID="0x7f75441d3078",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/63.14	2019-07-14 01:21:05

最近上报的IP列表

47.20.196.134	45.230.101.158	5.236.183.96	1.53.86.180
220.135.23.173	210.22.98.4	195.228.197.60	188.114.223.149
185.6.8.7	138.19.130.254	119.9.94.145	116.98.171.98
114.35.118.5	108.58.89.114	97.105.61.172	87.251.165.78
85.225.85.159	227.155.78.73	230.205.172.128	5.101.193.75