139.255.13.209

基本信息:

城市(city): Jakarta

省份(region): Jakarta

国家(country): Indonesia

运营商(isp): PT. First Media TBK

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	[portscan] tcp/23 [TELNET] *(RWIN=13179)(10120855)	2020-10-12 21:11:29
attack	TCP (SYN) 139.255.13.209:1655 -> port 23, len 40	2020-10-12 12:41:13

相同子网IP讨论:

IP	类型	评论内容	时间
139.255.134.111	attackbots	2019-02-07 02:50:00 H=\(ln-static-139-255-134-111.link.net.id\) \[139.255.134.111\]:14607 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed 2019-02-07 02:50:15 H=\(ln-static-139-255-134-111.link.net.id\) \[139.255.134.111\]:14726 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed 2019-02-07 02:50:24 H=\(ln-static-139-255-134-111.link.net.id\) \[139.255.134.111\]:14788 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed ...	2020-02-05 00:48:55

类型

评论内容

时间

139.255.134.111

attackbots

2019-02-07 02:50:00 H=\(ln-static-139-255-134-111.link.net.id\) \[139.255.134.111\]:14607 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed
2019-02-07 02:50:15 H=\(ln-static-139-255-134-111.link.net.id\) \[139.255.134.111\]:14726 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed
2019-02-07 02:50:24 H=\(ln-static-139-255-134-111.link.net.id\) \[139.255.134.111\]:14788 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed
...

2020-02-05 00:48:55

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.255.13.209
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44114
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.255.13.209.			IN	A

;; AUTHORITY SECTION:
.			270	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020101101 1800 900 604800 86400

;; Query time: 64 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Oct 12 12:41:10 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

209.13.255.139.in-addr.arpa domain name pointer ln-static-139-255-13-209.link.net.id.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
209.13.255.139.in-addr.arpa	name = ln-static-139-255-13-209.link.net.id.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
92.118.38.37	attack	Oct 22 14:38:48 mail postfix/smtpd\[30749\]: warning: unknown\[92.118.38.37\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Oct 22 15:08:58 mail postfix/smtpd\[1929\]: warning: unknown\[92.118.38.37\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Oct 22 15:09:32 mail postfix/smtpd\[2515\]: warning: unknown\[92.118.38.37\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Oct 22 15:10:07 mail postfix/smtpd\[2515\]: warning: unknown\[92.118.38.37\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\	2019-10-22 21:11:18
118.25.103.132	attackspam	Oct 22 02:43:15 eddieflores sshd\[26891\]: Invalid user gwjones from 118.25.103.132 Oct 22 02:43:15 eddieflores sshd\[26891\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.103.132 Oct 22 02:43:17 eddieflores sshd\[26891\]: Failed password for invalid user gwjones from 118.25.103.132 port 46604 ssh2 Oct 22 02:48:17 eddieflores sshd\[27235\]: Invalid user 1qaz@QWEasd from 118.25.103.132 Oct 22 02:48:17 eddieflores sshd\[27235\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.103.132	2019-10-22 20:49:57
202.175.46.170	attack	Invalid user nagios from 202.175.46.170 port 51490	2019-10-22 20:51:03
164.68.103.171	attackbots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/164.68.103.171/ DE - 1H : (59) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : DE NAME ASN : ASN51167 IP : 164.68.103.171 CIDR : 164.68.102.0/23 PREFIX COUNT : 228 UNIQUE IP COUNT : 158976 ATTACKS DETECTED ASN51167 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 5 DateTime : 2019-10-22 13:52:49 INFO : Looking for resource vulnerabilities 403 Detected and Blocked by ADMIN - data recovery	2019-10-22 20:46:19
182.50.132.116	attack	abcdata-sys.de:80 182.50.132.116 - - \[22/Oct/2019:13:52:10 +0200\] "POST /xmlrpc.php HTTP/1.1" 301 441 "-" "Windows Live Writter" www.goldgier.de 182.50.132.116 \[22/Oct/2019:13:52:12 +0200\] "POST /xmlrpc.php HTTP/1.1" 200 4484 "-" "Windows Live Writter"	2019-10-22 21:12:59
93.34.85.54	attack	ENG,WP GET /wp-login.php	2019-10-22 20:55:29
110.249.254.66	attackspam	2019-10-22T13:04:22.159390abusebot-5.cloudsearch.cf sshd\[20381\]: Invalid user administrador from 110.249.254.66 port 34164	2019-10-22 21:08:38
104.168.134.59	attackspambots	2019-10-22T12:59:11.701316abusebot-5.cloudsearch.cf sshd\[20301\]: Invalid user letmein123 from 104.168.134.59 port 41806	2019-10-22 21:23:00
46.36.219.108	attack	2019-10-22T12:24:46.774033abusebot-5.cloudsearch.cf sshd\[19920\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=s2e24db6c.fastvps-server.com user=root	2019-10-22 20:54:49
51.75.205.122	attack	Oct 22 15:42:52 sauna sshd[136497]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.205.122 Oct 22 15:42:54 sauna sshd[136497]: Failed password for invalid user 123456 from 51.75.205.122 port 49248 ssh2 ...	2019-10-22 20:52:00
130.61.88.249	attack	Oct 22 08:48:09 firewall sshd[10596]: Invalid user nc from 130.61.88.249 Oct 22 08:48:11 firewall sshd[10596]: Failed password for invalid user nc from 130.61.88.249 port 27142 ssh2 Oct 22 08:52:35 firewall sshd[10673]: Invalid user minecraft from 130.61.88.249 ...	2019-10-22 20:59:44
91.90.190.130	attackbotsspam	$f2bV_matches	2019-10-22 20:44:33
49.88.112.70	attackspam	Oct 22 14:15:51 MK-Soft-VM3 sshd[24718]: Failed password for root from 49.88.112.70 port 38404 ssh2 Oct 22 14:15:54 MK-Soft-VM3 sshd[24718]: Failed password for root from 49.88.112.70 port 38404 ssh2 ...	2019-10-22 21:06:47
45.136.109.215	attackbotsspam	Oct 22 14:51:26 mc1 kernel: \[3035036.798871\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=45.136.109.215 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=38672 PROTO=TCP SPT=43015 DPT=3881 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 22 14:55:24 mc1 kernel: \[3035274.290419\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=45.136.109.215 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=22136 PROTO=TCP SPT=43015 DPT=3173 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 22 14:56:51 mc1 kernel: \[3035362.117446\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=45.136.109.215 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=1997 PROTO=TCP SPT=43015 DPT=4432 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-10-22 21:14:23
37.139.21.75	attack	Invalid user admin from 37.139.21.75 port 48052	2019-10-22 20:38:42

最近上报的IP列表

139.138.65.250	152.136.90.84	124.104.208.34	188.166.91.52
210.82.30.186	188.255.131.102	142.93.237.57	188.166.255.77
47.93.235.139	167.99.235.21	85.97.197.121	115.249.50.242
69.94.46.58	191.239.246.25	139.155.34.181	5.3.69.43
3.22.223.189	88.249.36.10	172.217.10.142	59.50.17.5