139.195.5.208 - IPInfo

基本信息:

城市(city): Jakarta

省份(region): Jakarta

国家(country): Indonesia

运营商(isp): PT. First Media TBK

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Jan 10 13:50:36 grey postfix/smtpd\[13994\]: NOQUEUE: reject: RCPT from unknown\[139.195.5.208\]: 554 5.7.1 Service unavailable\; Client host \[139.195.5.208\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[139.195.5.208\]\; from=\ to=\ proto=ESMTP helo=\<\[139.195.5.208\]\> ...	2020-01-11 05:10:34

类型

评论内容

时间

attack

Jan 10 13:50:36 grey postfix/smtpd\[13994\]: NOQUEUE: reject: RCPT from unknown\[139.195.5.208\]: 554 5.7.1 Service unavailable\; Client host \[139.195.5.208\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[139.195.5.208\]\; from=\ to=\ proto=ESMTP helo=\<\[139.195.5.208\]\>
...

2020-01-11 05:10:34

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.195.5.208
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 13550
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.195.5.208.			IN	A

;; AUTHORITY SECTION:
.			182	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020011001 1800 900 604800 86400

;; Query time: 52 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Jan 11 05:10:31 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 208.5.195.139.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 208.5.195.139.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
60.167.177.172	attackspambots	Oct 7 16:34:22 lanister sshd[21890]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.167.177.172 user=root Oct 7 16:34:24 lanister sshd[21890]: Failed password for root from 60.167.177.172 port 36250 ssh2 Oct 7 16:46:32 lanister sshd[22095]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.167.177.172 user=root Oct 7 16:46:35 lanister sshd[22095]: Failed password for root from 60.167.177.172 port 42776 ssh2	2020-10-08 21:24:19
118.25.133.220	attack	Oct 8 01:48:53 amit sshd\[7289\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.133.220 user=root Oct 8 01:48:55 amit sshd\[7289\]: Failed password for root from 118.25.133.220 port 52020 ssh2 Oct 8 01:54:13 amit sshd\[7353\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.133.220 user=root ...	2020-10-08 21:13:09
119.45.39.188	attackbotsspam	Oct 8 06:21:57 v2202009116398126984 sshd[2166273]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.39.188 user=root Oct 8 06:22:00 v2202009116398126984 sshd[2166273]: Failed password for root from 119.45.39.188 port 48800 ssh2 ...	2020-10-08 21:06:57
180.250.108.130	attackspam	Oct 8 10:25:43 localhost sshd\[16575\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.250.108.130 user=root Oct 8 10:25:45 localhost sshd\[16575\]: Failed password for root from 180.250.108.130 port 51327 ssh2 Oct 8 10:30:07 localhost sshd\[16951\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.250.108.130 user=root Oct 8 10:30:09 localhost sshd\[16951\]: Failed password for root from 180.250.108.130 port 36291 ssh2 Oct 8 10:34:47 localhost sshd\[17160\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.250.108.130 user=root ...	2020-10-08 21:21:39
5.135.224.151	attack	(sshd) Failed SSH login from 5.135.224.151 (FR/France/ip151.ip-5-135-224.eu): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 8 03:56:13 server sshd[26067]: Failed password for root from 5.135.224.151 port 39060 ssh2 Oct 8 04:00:27 server sshd[27185]: Failed password for root from 5.135.224.151 port 51138 ssh2 Oct 8 04:03:46 server sshd[28062]: Failed password for root from 5.135.224.151 port 56080 ssh2 Oct 8 04:07:14 server sshd[28984]: Failed password for root from 5.135.224.151 port 32804 ssh2 Oct 8 04:10:32 server sshd[29805]: Failed password for root from 5.135.224.151 port 37748 ssh2	2020-10-08 21:07:36
187.58.65.21	attack	[f2b] sshd bruteforce, retries: 1	2020-10-08 21:27:56
117.1.239.101	attackbotsspam	Unauthorized connection attempt detected from IP address 117.1.239.101 to port 23 [T]	2020-10-08 21:25:24
62.171.162.136	attack	Oct 8 14:11:24 sip sshd[1863369]: Invalid user testing from 62.171.162.136 port 40452 Oct 8 14:11:27 sip sshd[1863369]: Failed password for invalid user testing from 62.171.162.136 port 40452 ssh2 Oct 8 14:15:34 sip sshd[1863392]: Invalid user tomcat from 62.171.162.136 port 45930 ...	2020-10-08 21:10:10
60.245.29.43	attackbots	Telnet Honeypot -> Telnet Bruteforce / Login	2020-10-08 21:05:59
185.142.236.35	attack	Oct 1 12:00:57 h2497892 dovecot: imap-login: Aborted login \(no auth attempts in 0 secs\): user=\<\>, rip=185.142.236.35, lip=85.214.205.138, session=\ Oct 1 12:00:59 h2497892 dovecot: imap-login: Disconnected \(no auth attempts in 0 secs\): user=\<\>, rip=185.142.236.35, lip=85.214.205.138, session=\<7Q3UF5mwZOq5juwj\> Oct 1 12:01:00 h2497892 dovecot: imap-login: Disconnected \(no auth attempts in 0 secs\): user=\<\>, rip=185.142.236.35, lip=85.214.205.138, session=\ ...	2020-10-08 21:05:05
211.193.253.14	attack	Icarus honeypot on github	2020-10-08 21:03:22
159.203.114.189	attackspam	159.203.114.189 - - [08/Oct/2020:11:56:42 +0100] "POST /wp-login.php HTTP/1.1" 200 2141 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 159.203.114.189 - - [08/Oct/2020:11:56:43 +0100] "POST /wp-login.php HTTP/1.1" 200 2125 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 159.203.114.189 - - [08/Oct/2020:11:56:43 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-08 21:22:30
189.231.111.68	attackspam	Unauthorized connection attempt from IP address 189.231.111.68 on Port 445(SMB)	2020-10-08 21:39:12
51.105.25.88	attack	Oct 7 21:51:56 ws22vmsma01 sshd[244472]: Failed password for root from 51.105.25.88 port 50950 ssh2 ...	2020-10-08 21:34:17
171.252.94.170	attackspam	23/tcp [2020-10-08]1pkt	2020-10-08 21:33:52

最近上报的IP列表

113.68.203.26	5.38.178.133	35.223.206.13	113.253.18.124
70.54.185.72	126.149.48.159	218.241.154.197	49.99.5.9
37.91.208.158	161.3.207.25	77.187.92.231	196.18.0.218
65.13.17.173	131.236.205.59	47.167.87.71	210.5.211.1
103.81.240.198	95.97.213.191	165.206.52.200	180.22.134.21