139.255.52.203

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Indonesia

运营商(isp): PT. First Media TBK

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	2019-07-09 06:35:35 1hkhqo-0006V5-70 SMTP connection from \(ln-static-139-255-52-203.link.net.id\) \[139.255.52.203\]:39249 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-07-09 06:35:46 1hkhqz-0006VG-2e SMTP connection from \(ln-static-139-255-52-203.link.net.id\) \[139.255.52.203\]:36139 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-07-09 06:35:54 1hkhr7-0006VN-HF SMTP connection from \(ln-static-139-255-52-203.link.net.id\) \[139.255.52.203\]:48745 I=\[193.107.88.166\]:25 closed by DROP in ACL ...	2020-02-05 00:47:16
attackbots	Mail sent to address hacked/leaked from Last.fm	2019-07-15 14:19:36

类型

评论内容

时间

attack

2019-07-09 06:35:35 1hkhqo-0006V5-70 SMTP connection from \(ln-static-139-255-52-203.link.net.id\) \[139.255.52.203\]:39249 I=\[193.107.88.166\]:25 closed by DROP in ACL
2019-07-09 06:35:46 1hkhqz-0006VG-2e SMTP connection from \(ln-static-139-255-52-203.link.net.id\) \[139.255.52.203\]:36139 I=\[193.107.88.166\]:25 closed by DROP in ACL
2019-07-09 06:35:54 1hkhr7-0006VN-HF SMTP connection from \(ln-static-139-255-52-203.link.net.id\) \[139.255.52.203\]:48745 I=\[193.107.88.166\]:25 closed by DROP in ACL
...

2020-02-05 00:47:16

attackbots

Mail sent to address hacked/leaked from Last.fm

2019-07-15 14:19:36

相同子网IP讨论:

IP	类型	评论内容	时间
139.255.52.58	attackbotsspam	445/tcp [2020-10-03]1pkt	2020-10-05 08:03:32
139.255.52.58	attackbotsspam	445/tcp [2020-10-03]1pkt	2020-10-05 00:25:34
139.255.52.58	attackbotsspam	445/tcp [2020-10-03]1pkt	2020-10-04 16:08:24
139.255.52.218	attackspam	Unauthorized connection attempt from IP address 139.255.52.218 on Port 445(SMB)	2020-02-08 04:49:50
139.255.52.98	attackbotsspam	Unauthorized connection attempt from IP address 139.255.52.98 on Port 445(SMB)	2020-01-17 23:50:34
139.255.52.68	attackbots	445/tcp [2019-07-30]1pkt	2019-07-31 03:27:38
139.255.52.218	attackspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-06 00:20:46,229 INFO [shellcode_manager] (139.255.52.218) no match, writing hexdump (7edbc2fd47b865f111efd673b193f6b5 :2164185) - MS17010 (EternalBlue)	2019-07-06 13:28:06

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.255.52.203
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 9219
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.255.52.203.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019071500 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Jul 15 14:19:30 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

203.52.255.139.in-addr.arpa domain name pointer ln-static-139-255-52-203.link.net.id.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
203.52.255.139.in-addr.arpa	name = ln-static-139-255-52-203.link.net.id.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
106.52.4.104	attackbotsspam	Jan 10 23:56:00 mout sshd[939]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.4.104 user=root Jan 10 23:56:02 mout sshd[939]: Failed password for root from 106.52.4.104 port 40842 ssh2	2020-01-11 07:35:07
196.52.43.103	attackspam	Unauthorized connection attempt detected from IP address 196.52.43.103 to port 5904	2020-01-11 07:55:53
27.157.90.76	attackspam	2020-01-10 15:08:43 dovecot_login authenticator failed for (jwicp) [27.157.90.76]:61923 I=[192.147.25.65]:25: 535 Incorrect authentication data (set_id=liuyufeng@lerctr.org) 2020-01-10 15:08:50 dovecot_login authenticator failed for (bfbho) [27.157.90.76]:61923 I=[192.147.25.65]:25: 535 Incorrect authentication data (set_id=liuyufeng@lerctr.org) 2020-01-10 15:09:01 dovecot_login authenticator failed for (zdmmg) [27.157.90.76]:61923 I=[192.147.25.65]:25: 535 Incorrect authentication data (set_id=liuyufeng@lerctr.org) ...	2020-01-11 08:05:13
94.130.10.131	attackbotsspam	RDP Brute-Force (honeypot 7)	2020-01-11 07:30:25
222.186.52.86	attackspam	Jan 10 18:10:00 ny01 sshd[23174]: Failed password for root from 222.186.52.86 port 54724 ssh2 Jan 10 18:12:28 ny01 sshd[23408]: Failed password for root from 222.186.52.86 port 63751 ssh2	2020-01-11 07:32:02
158.140.122.138	attackbotsspam	Jan 10 22:09:26 grey postfix/smtpd\[27527\]: NOQUEUE: reject: RCPT from unknown\[158.140.122.138\]: 554 5.7.1 Service unavailable\; Client host \[158.140.122.138\] blocked using cbl.abuseat.org\; Blocked - see http://www.abuseat.org/lookup.cgi\?ip=158.140.122.138\; from=\ to=\<3dpalur@fasor.hu\> proto=ESMTP helo=\<\[158.140.122.138\]\> ...	2020-01-11 07:40:42
125.123.77.234	attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-01-11 07:42:44
168.187.140.171	attackspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-01-11 07:55:19
81.215.226.142	attackspam	1578690528 - 01/10/2020 22:08:48 Host: 81.215.226.142/81.215.226.142 Port: 445 TCP Blocked	2020-01-11 07:47:44
54.39.215.240	attackspam	Lines containing failures of 54.39.215.240 Jan 7 08:18:17 keyhelp sshd[17042]: Invalid user opfor from 54.39.215.240 port 44248 Jan 7 08:18:17 keyhelp sshd[17042]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.215.240 Jan 7 08:18:19 keyhelp sshd[17042]: Failed password for invalid user opfor from 54.39.215.240 port 44248 ssh2 Jan 7 08:18:19 keyhelp sshd[17042]: Received disconnect from 54.39.215.240 port 44248:11: Bye Bye [preauth] Jan 7 08:18:19 keyhelp sshd[17042]: Disconnected from invalid user opfor 54.39.215.240 port 44248 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=54.39.215.240	2020-01-11 07:39:01
107.173.231.143	attackspambots	Honeypot attack, port: 445, PTR: 107-173-231-143-host.colocrossing.com.	2020-01-11 08:02:29
142.93.211.44	attack	Jan 11 00:13:53 MK-Soft-VM7 sshd[31067]: Failed password for root from 142.93.211.44 port 38260 ssh2 Jan 11 00:17:01 MK-Soft-VM7 sshd[31126]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.211.44 ...	2020-01-11 07:46:29
124.107.57.216	attack	01/10/2020-22:09:01.295806 124.107.57.216 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2020-01-11 08:05:46
81.215.47.254	attackspambots	B: Magento admin pass test (wrong country)	2020-01-11 07:45:07
81.0.3.93	attackspam	Jan 10 22:09:12 grey postfix/smtpd\[31080\]: NOQUEUE: reject: RCPT from static.93.3.0.81.ibercom.com\[81.0.3.93\]: 554 5.7.1 Service unavailable\; Client host \[81.0.3.93\] blocked using dul.dnsbl.sorbs.net\; Dynamic IP Addresses See: http://www.sorbs.net/lookup.shtml\?81.0.3.93\; from=\ to=\ proto=ESMTP helo=\ ...	2020-01-11 07:55:39

最近上报的IP列表

181.93.199.248	176.125.36.171	114.32.200.188	174.108.135.33
115.61.113.6	179.211.64.199	123.152.151.219	191.217.123.155
177.106.90.115	178.219.113.38	178.140.201.153	73.22.172.242
222.208.137.202	180.171.114.95	83.134.109.47	131.100.77.132
77.242.215.201	82.102.18.43	76.224.225.216	85.99.50.194