139.255.52.203

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Indonesia

运营商(isp): PT. First Media TBK

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	2019-07-09 06:35:35 1hkhqo-0006V5-70 SMTP connection from \(ln-static-139-255-52-203.link.net.id\) \[139.255.52.203\]:39249 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-07-09 06:35:46 1hkhqz-0006VG-2e SMTP connection from \(ln-static-139-255-52-203.link.net.id\) \[139.255.52.203\]:36139 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-07-09 06:35:54 1hkhr7-0006VN-HF SMTP connection from \(ln-static-139-255-52-203.link.net.id\) \[139.255.52.203\]:48745 I=\[193.107.88.166\]:25 closed by DROP in ACL ...	2020-02-05 00:47:16
attackbots	Mail sent to address hacked/leaked from Last.fm	2019-07-15 14:19:36

类型

评论内容

时间

attack

2019-07-09 06:35:35 1hkhqo-0006V5-70 SMTP connection from \(ln-static-139-255-52-203.link.net.id\) \[139.255.52.203\]:39249 I=\[193.107.88.166\]:25 closed by DROP in ACL
2019-07-09 06:35:46 1hkhqz-0006VG-2e SMTP connection from \(ln-static-139-255-52-203.link.net.id\) \[139.255.52.203\]:36139 I=\[193.107.88.166\]:25 closed by DROP in ACL
2019-07-09 06:35:54 1hkhr7-0006VN-HF SMTP connection from \(ln-static-139-255-52-203.link.net.id\) \[139.255.52.203\]:48745 I=\[193.107.88.166\]:25 closed by DROP in ACL
...

2020-02-05 00:47:16

attackbots

Mail sent to address hacked/leaked from Last.fm

2019-07-15 14:19:36

相同子网IP讨论:

IP	类型	评论内容	时间
139.255.52.58	attackbotsspam	445/tcp [2020-10-03]1pkt	2020-10-05 08:03:32
139.255.52.58	attackbotsspam	445/tcp [2020-10-03]1pkt	2020-10-05 00:25:34
139.255.52.58	attackbotsspam	445/tcp [2020-10-03]1pkt	2020-10-04 16:08:24
139.255.52.218	attackspam	Unauthorized connection attempt from IP address 139.255.52.218 on Port 445(SMB)	2020-02-08 04:49:50
139.255.52.98	attackbotsspam	Unauthorized connection attempt from IP address 139.255.52.98 on Port 445(SMB)	2020-01-17 23:50:34
139.255.52.68	attackbots	445/tcp [2019-07-30]1pkt	2019-07-31 03:27:38
139.255.52.218	attackspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-06 00:20:46,229 INFO [shellcode_manager] (139.255.52.218) no match, writing hexdump (7edbc2fd47b865f111efd673b193f6b5 :2164185) - MS17010 (EternalBlue)	2019-07-06 13:28:06

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.255.52.203
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 9219
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.255.52.203.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019071500 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Jul 15 14:19:30 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

203.52.255.139.in-addr.arpa domain name pointer ln-static-139-255-52-203.link.net.id.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
203.52.255.139.in-addr.arpa	name = ln-static-139-255-52-203.link.net.id.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
45.142.195.5	attack	Apr 30 08:09:23 blackbee postfix/smtpd\[15721\]: warning: unknown\[45.142.195.5\]: SASL LOGIN authentication failed: authentication failure Apr 30 08:10:01 blackbee postfix/smtpd\[15721\]: warning: unknown\[45.142.195.5\]: SASL LOGIN authentication failed: authentication failure Apr 30 08:10:39 blackbee postfix/smtpd\[15721\]: warning: unknown\[45.142.195.5\]: SASL LOGIN authentication failed: authentication failure Apr 30 08:11:18 blackbee postfix/smtpd\[15721\]: warning: unknown\[45.142.195.5\]: SASL LOGIN authentication failed: authentication failure Apr 30 08:11:55 blackbee postfix/smtpd\[15721\]: warning: unknown\[45.142.195.5\]: SASL LOGIN authentication failed: authentication failure ...	2020-04-30 15:17:15
125.211.171.159	attackbotsspam	Brute force blocker - service: proftpd1, proftpd2 - aantal: 139 - Tue Jun 19 00:15:16 2018	2020-04-30 15:07:30
45.95.169.249	attackspam	Port scan on 1 port(s): 8088	2020-04-30 14:55:37
72.211.52.153	attackspam	RDP Brute-Force (honeypot 12)	2020-04-30 14:49:00
51.140.240.232	attackbotsspam	$f2bV_matches	2020-04-30 15:12:27
178.33.82.20	attack	Brute force blocker - service: exim2 - aantal: 25 - Wed Jun 20 19:30:13 2018	2020-04-30 14:45:35
5.188.207.21	attack	Brute force blocker - service: dovecot1 - aantal: 25 - Sun Jun 17 11:00:17 2018	2020-04-30 15:18:49
185.234.219.81	attack	2020-04-30T06:03:06.015544MailD postfix/smtpd[16031]: warning: unknown[185.234.219.81]: SASL LOGIN authentication failed: authentication failure 2020-04-30T06:14:30.904796MailD postfix/smtpd[16935]: warning: unknown[185.234.219.81]: SASL LOGIN authentication failed: authentication failure 2020-04-30T06:25:50.989052MailD postfix/smtpd[17757]: warning: unknown[185.234.219.81]: SASL LOGIN authentication failed: authentication failure	2020-04-30 14:45:06
178.62.104.58	attackbotsspam	Apr 30 08:20:17 server sshd[24185]: Failed password for root from 178.62.104.58 port 54420 ssh2 Apr 30 08:20:18 server sshd[24187]: Failed password for root from 178.62.104.58 port 54754 ssh2 Apr 30 08:24:25 server sshd[24425]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.62.104.58 ...	2020-04-30 14:52:11
149.56.142.198	attack	Apr 29 19:57:40 web1 sshd\[17360\]: Invalid user group3 from 149.56.142.198 Apr 29 19:57:40 web1 sshd\[17360\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.56.142.198 Apr 29 19:57:43 web1 sshd\[17360\]: Failed password for invalid user group3 from 149.56.142.198 port 45436 ssh2 Apr 29 20:03:07 web1 sshd\[17738\]: Invalid user fred from 149.56.142.198 Apr 29 20:03:07 web1 sshd\[17738\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.56.142.198	2020-04-30 15:23:01
49.235.100.58	attackspambots	Lines containing failures of 49.235.100.58 Apr 29 01:38:13 kmh-vmh-001-fsn03 sshd[16048]: Invalid user sv from 49.235.100.58 port 48432 Apr 29 01:38:13 kmh-vmh-001-fsn03 sshd[16048]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.100.58 Apr 29 01:38:15 kmh-vmh-001-fsn03 sshd[16048]: Failed password for invalid user sv from 49.235.100.58 port 48432 ssh2 Apr 29 01:38:16 kmh-vmh-001-fsn03 sshd[16048]: Received disconnect from 49.235.100.58 port 48432:11: Bye Bye [preauth] Apr 29 01:38:16 kmh-vmh-001-fsn03 sshd[16048]: Disconnected from invalid user sv 49.235.100.58 port 48432 [preauth] Apr 29 01:53:12 kmh-vmh-001-fsn03 sshd[13861]: Invalid user user100 from 49.235.100.58 port 33784 Apr 29 01:53:12 kmh-vmh-001-fsn03 sshd[13861]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.100.58 Apr 29 01:53:14 kmh-vmh-001-fsn03 sshd[13861]: Failed password for invalid user user100 from 49.23........ ------------------------------	2020-04-30 15:21:03
2001:d08:d9:7f8a:d534:5003:6551:5878	attackspambots	C1,WP GET /wp-login.php	2020-04-30 15:11:26
222.252.250.62	attackbotsspam	Brute force blocker - service: proftpd1 - aantal: 41 - Mon Jun 18 07:00:15 2018	2020-04-30 15:03:48
27.12.242.36	attackspambots	Brute force blocker - service: proftpd1, proftpd2 - aantal: 55 - Wed Jun 20 07:15:17 2018	2020-04-30 14:42:58
103.89.252.123	attackbotsspam	Invalid user cacti from 103.89.252.123 port 58276	2020-04-30 14:47:28

最近上报的IP列表

181.93.199.248	176.125.36.171	114.32.200.188	174.108.135.33
115.61.113.6	179.211.64.199	123.152.151.219	191.217.123.155
177.106.90.115	178.219.113.38	178.140.201.153	73.22.172.242
222.208.137.202	180.171.114.95	83.134.109.47	131.100.77.132
77.242.215.201	82.102.18.43	76.224.225.216	85.99.50.194