139.255.13.209

基本信息:

城市(city): Jakarta

省份(region): Jakarta

国家(country): Indonesia

运营商(isp): PT. First Media TBK

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	[portscan] tcp/23 [TELNET] *(RWIN=13179)(10120855)	2020-10-12 21:11:29
attack	TCP (SYN) 139.255.13.209:1655 -> port 23, len 40	2020-10-12 12:41:13

相同子网IP讨论:

IP	类型	评论内容	时间
139.255.134.111	attackbots	2019-02-07 02:50:00 H=\(ln-static-139-255-134-111.link.net.id\) \[139.255.134.111\]:14607 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed 2019-02-07 02:50:15 H=\(ln-static-139-255-134-111.link.net.id\) \[139.255.134.111\]:14726 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed 2019-02-07 02:50:24 H=\(ln-static-139-255-134-111.link.net.id\) \[139.255.134.111\]:14788 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed ...	2020-02-05 00:48:55

类型

评论内容

时间

139.255.134.111

attackbots

2019-02-07 02:50:00 H=\(ln-static-139-255-134-111.link.net.id\) \[139.255.134.111\]:14607 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed
2019-02-07 02:50:15 H=\(ln-static-139-255-134-111.link.net.id\) \[139.255.134.111\]:14726 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed
2019-02-07 02:50:24 H=\(ln-static-139-255-134-111.link.net.id\) \[139.255.134.111\]:14788 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed
...

2020-02-05 00:48:55

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.255.13.209
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44114
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.255.13.209.			IN	A

;; AUTHORITY SECTION:
.			270	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020101101 1800 900 604800 86400

;; Query time: 64 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Oct 12 12:41:10 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

209.13.255.139.in-addr.arpa domain name pointer ln-static-139-255-13-209.link.net.id.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
209.13.255.139.in-addr.arpa	name = ln-static-139-255-13-209.link.net.id.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
45.134.179.57	attack	Feb 14 23:32:16 h2177944 kernel: \[4917485.974326\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.134.179.57 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=44013 PROTO=TCP SPT=46149 DPT=61389 WINDOW=1024 RES=0x00 SYN URGP=0 Feb 14 23:32:16 h2177944 kernel: \[4917485.974339\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.134.179.57 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=44013 PROTO=TCP SPT=46149 DPT=61389 WINDOW=1024 RES=0x00 SYN URGP=0 Feb 14 23:34:26 h2177944 kernel: \[4917615.319900\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.134.179.57 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=64919 PROTO=TCP SPT=46149 DPT=51789 WINDOW=1024 RES=0x00 SYN URGP=0 Feb 14 23:34:26 h2177944 kernel: \[4917615.319913\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.134.179.57 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=64919 PROTO=TCP SPT=46149 DPT=51789 WINDOW=1024 RES=0x00 SYN URGP=0 Feb 14 23:38:35 h2177944 kernel: \[4917864.004213\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.134.179.57 DST=85.214.1	2020-02-15 06:42:48
1.246.222.165	attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-15 07:12:19
1.246.222.20	attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-15 07:03:54
81.165.86.44	attack	Feb 14 23:49:54 vps647732 sshd[26655]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.165.86.44 Feb 14 23:49:56 vps647732 sshd[26655]: Failed password for invalid user hadoop from 81.165.86.44 port 34230 ssh2 ...	2020-02-15 06:54:00
222.186.175.151	attackbots	Feb 14 23:42:30 amit sshd\[12113\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.151 user=root Feb 14 23:42:33 amit sshd\[12113\]: Failed password for root from 222.186.175.151 port 30022 ssh2 Feb 14 23:43:01 amit sshd\[12115\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.151 user=root ...	2020-02-15 06:44:39
182.72.154.30	attackspambots	Feb 14 12:50:02 auw2 sshd\[22068\]: Invalid user gitdaemon from 182.72.154.30 Feb 14 12:50:02 auw2 sshd\[22068\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.72.154.30 Feb 14 12:50:04 auw2 sshd\[22068\]: Failed password for invalid user gitdaemon from 182.72.154.30 port 49892 ssh2 Feb 14 12:53:34 auw2 sshd\[22490\]: Invalid user ripel from 182.72.154.30 Feb 14 12:53:34 auw2 sshd\[22490\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.72.154.30	2020-02-15 07:04:47
198.144.149.228	attackspam	2020-02-14 16:01:21 H=(vv2.vvsedm.info) [198.144.149.228]:60757 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.3, 127.0.0.2) (https://www.spamhaus.org/sbl/query/SBLCSS) 2020-02-14 16:22:30 H=(vv2.vvsedm.info) [198.144.149.228]:36526 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.2, 127.0.0.3) (https://www.spamhaus.org/sbl/query/SBL464347) 2020-02-14 16:25:13 H=(vv2.vvsedm.info) [198.144.149.228]:34810 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.3, 127.0.0.2) (https://www.spamhaus.org/sbl/query/SBL464347) ...	2020-02-15 07:19:18
5.135.185.27	attackspambots	Invalid user hqn from 5.135.185.27 port 50850	2020-02-15 07:01:07
185.244.213.235	attackbotsspam	Honeypot attack, port: 445, PTR: no-mans-land.m247.com.	2020-02-15 06:41:16
171.243.58.180	attackspambots	Honeypot attack, port: 81, PTR: dynamic-ip-adsl.viettel.vn.	2020-02-15 06:48:31
132.232.73.142	attackspam	Feb 14 23:25:37 v22018076590370373 sshd[25830]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.73.142 ...	2020-02-15 06:55:14
187.32.120.215	attackbots	Feb 14 23:25:37 sso sshd[16718]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.32.120.215 Feb 14 23:25:40 sso sshd[16718]: Failed password for invalid user rimantas from 187.32.120.215 port 48090 ssh2 ...	2020-02-15 06:51:19
222.186.31.166	attackspam	Feb 14 23:42:15 h2177944 sshd\[5371\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.31.166 user=root Feb 14 23:42:16 h2177944 sshd\[5371\]: Failed password for root from 222.186.31.166 port 21815 ssh2 Feb 14 23:42:19 h2177944 sshd\[5371\]: Failed password for root from 222.186.31.166 port 21815 ssh2 Feb 14 23:42:20 h2177944 sshd\[5371\]: Failed password for root from 222.186.31.166 port 21815 ssh2 ...	2020-02-15 06:51:01
200.116.226.180	attackspam	Honeypot attack, port: 445, PTR: static-200-116-226-180.une.net.co.	2020-02-15 06:54:48
106.54.235.94	attackspambots	Feb 13 07:52:29 finn sshd[17880]: Invalid user edison from 106.54.235.94 port 58028 Feb 13 07:52:29 finn sshd[17880]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.235.94 Feb 13 07:52:31 finn sshd[17880]: Failed password for invalid user edison from 106.54.235.94 port 58028 ssh2 Feb 13 07:52:31 finn sshd[17880]: Received disconnect from 106.54.235.94 port 58028:11: Bye Bye [preauth] Feb 13 07:52:31 finn sshd[17880]: Disconnected from 106.54.235.94 port 58028 [preauth] Feb 13 08:22:37 finn sshd[24992]: Invalid user sailer from 106.54.235.94 port 48386 Feb 13 08:22:37 finn sshd[24992]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.235.94 Feb 13 08:22:39 finn sshd[24992]: Failed password for invalid user sailer from 106.54.235.94 port 48386 ssh2 Feb 13 08:22:39 finn sshd[24992]: Received disconnect from 106.54.235.94 port 48386:11: Bye Bye [preauth] Feb 13 08:22:39 finn sshd[2........ -------------------------------	2020-02-15 07:14:20

最近上报的IP列表

139.138.65.250	152.136.90.84	124.104.208.34	188.166.91.52
210.82.30.186	188.255.131.102	142.93.237.57	188.166.255.77
47.93.235.139	167.99.235.21	85.97.197.121	115.249.50.242
69.94.46.58	191.239.246.25	139.155.34.181	5.3.69.43
3.22.223.189	88.249.36.10	172.217.10.142	59.50.17.5