139.255.18.218

Basic Info

City: unknown

Region: unknown

Country: Indonesia

Internet Service Provider: PT. First Media TBK

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	ET SCAN Suspicious inbound to MSSQL port 1433 - port: 1433 proto: TCP cat: Potentially Bad Traffic	2020-05-17 08:07:37
attackspambots	Unauthorized connection attempt detected from IP address 139.255.18.218 to port 1433	2019-12-22 02:04:18
attackspambots	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-06-29 18:28:12,023 INFO [amun_request_handler] PortScan Detected on Port: 445 (139.255.18.218)	2019-06-30 08:54:54

Type

Details

Datetime

attackspambots

ET SCAN Suspicious inbound to MSSQL port 1433 - port: 1433 proto: TCP cat: Potentially Bad Traffic

2020-05-17 08:07:37

attackspambots

Unauthorized connection attempt detected from IP address 139.255.18.218 to port 1433

2019-12-22 02:04:18

attackspambots

@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-06-29 18:28:12,023 INFO [amun_request_handler] PortScan Detected on Port: 445 (139.255.18.218)

2019-06-30 08:54:54

Comments on same subnet:

IP	Type	Details	Datetime
139.255.181.180	attackspambots	Aug 10 13:54:30 mxgate1 postfix/postscreen[6092]: CONNECT from [139.255.181.180]:28992 to [176.31.12.44]:25 Aug 10 13:54:30 mxgate1 postfix/dnsblog[6112]: addr 139.255.181.180 listed by domain ix.dnsbl.xxxxxx.net as 127.0.0.2 Aug 10 13:54:30 mxgate1 postfix/dnsblog[6115]: addr 139.255.181.180 listed by domain zen.spamhaus.org as 127.0.0.4 Aug 10 13:54:30 mxgate1 postfix/dnsblog[6112]: addr 139.255.181.180 listed by domain cbl.abuseat.org as 127.0.0.2 Aug 10 13:54:30 mxgate1 postfix/dnsblog[6115]: addr 139.255.181.180 listed by domain zen.spamhaus.org as 127.0.0.11 Aug 10 13:54:30 mxgate1 postfix/dnsblog[6113]: addr 139.255.181.180 listed by domain b.barracudacentral.org as 127.0.0.2 Aug 10 13:54:36 mxgate1 postfix/postscreen[6092]: DNSBL rank 5 for [139.255.181.180]:28992 Aug x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=139.255.181.180	2020-08-11 00:31:24
139.255.18.219	attack	Brute forcing RDP port 3389	2020-07-04 05:46:09
139.255.18.219	attackspam	Unauthorized connection attempt from IP address 139.255.18.219 on Port 445(SMB)	2020-06-24 02:24:54
139.255.18.4	attackbotsspam	1578459189 - 01/08/2020 05:53:09 Host: 139.255.18.4/139.255.18.4 Port: 445 TCP Blocked	2020-01-08 15:29:54

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.255.18.218
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 55108
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.255.18.218.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019062901 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Jun 30 08:54:48 CST 2019
;; MSG SIZE  rcvd: 118

Host info

218.18.255.139.in-addr.arpa domain name pointer ln-static-139-255-18-218.link.net.id.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
218.18.255.139.in-addr.arpa	name = ln-static-139-255-18-218.link.net.id.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
91.121.49.238	attackbotsspam	2020-04-29T03:47:58.448097abusebot-7.cloudsearch.cf sshd[21890]: Invalid user ky from 91.121.49.238 port 33310 2020-04-29T03:47:58.455404abusebot-7.cloudsearch.cf sshd[21890]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip238.ip-91-121-49.eu 2020-04-29T03:47:58.448097abusebot-7.cloudsearch.cf sshd[21890]: Invalid user ky from 91.121.49.238 port 33310 2020-04-29T03:48:00.794907abusebot-7.cloudsearch.cf sshd[21890]: Failed password for invalid user ky from 91.121.49.238 port 33310 ssh2 2020-04-29T03:51:45.274657abusebot-7.cloudsearch.cf sshd[22217]: Invalid user oracle from 91.121.49.238 port 45992 2020-04-29T03:51:45.282890abusebot-7.cloudsearch.cf sshd[22217]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip238.ip-91-121-49.eu 2020-04-29T03:51:45.274657abusebot-7.cloudsearch.cf sshd[22217]: Invalid user oracle from 91.121.49.238 port 45992 2020-04-29T03:51:48.037779abusebot-7.cloudsearch.cf sshd[22217 ...	2020-04-29 19:34:30
150.109.150.77	attackbotsspam	prod11 ...	2020-04-29 19:48:57
120.224.47.86	attackspam	Invalid user pi from 120.224.47.86 port 56580	2020-04-29 20:02:12
51.68.253.1	attackspam	Apr 29 10:56:54 localhost sshd[112736]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip1.ip-51-68-253.eu user=root Apr 29 10:56:57 localhost sshd[112736]: Failed password for root from 51.68.253.1 port 38672 ssh2 Apr 29 11:01:55 localhost sshd[113462]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip1.ip-51-68-253.eu user=root Apr 29 11:01:57 localhost sshd[113462]: Failed password for root from 51.68.253.1 port 52752 ssh2 Apr 29 11:06:55 localhost sshd[118610]: Invalid user test from 51.68.253.1 port 38594 ...	2020-04-29 19:35:48
54.38.175.224	attackbots	Apr 29 11:05:20 mail sshd[29560]: Invalid user testuser from 54.38.175.224 Apr 29 11:05:20 mail sshd[29560]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.175.224 Apr 29 11:05:20 mail sshd[29560]: Invalid user testuser from 54.38.175.224 Apr 29 11:05:23 mail sshd[29560]: Failed password for invalid user testuser from 54.38.175.224 port 47070 ssh2 Apr 29 11:12:32 mail sshd[30640]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.175.224 user=root Apr 29 11:12:34 mail sshd[30640]: Failed password for root from 54.38.175.224 port 41900 ssh2 ...	2020-04-29 19:40:02
203.147.80.38	attackbots	Unauthorized SMTP/IMAP/POP3 connection attempt	2020-04-29 19:32:01
144.217.89.55	attackbots	Apr 29 00:13:51 php1 sshd\[12658\]: Invalid user ubuntu from 144.217.89.55 Apr 29 00:13:51 php1 sshd\[12658\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.217.89.55 Apr 29 00:13:53 php1 sshd\[12658\]: Failed password for invalid user ubuntu from 144.217.89.55 port 37444 ssh2 Apr 29 00:17:46 php1 sshd\[13083\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.217.89.55 user=root Apr 29 00:17:47 php1 sshd\[13083\]: Failed password for root from 144.217.89.55 port 48446 ssh2	2020-04-29 19:48:00
222.186.42.136	attackspambots	Failed password for root from 222.186.42.136 port 45932 ssh2	2020-04-29 20:13:03
187.190.227.18	attack	Dovecot Invalid User Login Attempt.	2020-04-29 19:44:49
134.209.185.131	attack	Apr 29 12:00:33 ip-172-31-61-156 sshd[7667]: Failed password for invalid user support from 134.209.185.131 port 43528 ssh2 Apr 29 12:00:31 ip-172-31-61-156 sshd[7667]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.185.131 Apr 29 12:00:31 ip-172-31-61-156 sshd[7667]: Invalid user support from 134.209.185.131 Apr 29 12:00:33 ip-172-31-61-156 sshd[7667]: Failed password for invalid user support from 134.209.185.131 port 43528 ssh2 Apr 29 12:04:19 ip-172-31-61-156 sshd[7845]: Invalid user windows from 134.209.185.131 ...	2020-04-29 20:08:09
112.85.42.174	attack	Apr 29 13:36:02 server sshd[28716]: Failed none for root from 112.85.42.174 port 15421 ssh2 Apr 29 13:36:04 server sshd[28716]: Failed password for root from 112.85.42.174 port 15421 ssh2 Apr 29 13:36:22 server sshd[29017]: Failed password for root from 112.85.42.174 port 44496 ssh2	2020-04-29 19:47:04
187.50.59.252	attackbotsspam	Apr 29 14:02:43 web01.agentur-b-2.de postfix/smtpd[1077559]: NOQUEUE: reject: RCPT from unknown[187.50.59.252]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=ESMTP helo= Apr 29 14:02:45 web01.agentur-b-2.de postfix/smtpd[1077559]: NOQUEUE: reject: RCPT from unknown[187.50.59.252]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=ESMTP helo= Apr 29 14:02:46 web01.agentur-b-2.de postfix/smtpd[1077559]: NOQUEUE: reject: RCPT from unknown[187.50.59.252]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=ESMTP helo= Apr 29 14:02:47 web01.agentur-b-2.de postfix/smtpd[1077559]: NOQUEUE: reject: RCPT fr	2020-04-29 20:13:39
206.253.167.205	attackspambots	Apr 29 13:04:18 ArkNodeAT sshd\[30832\]: Invalid user bb from 206.253.167.205 Apr 29 13:04:18 ArkNodeAT sshd\[30832\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.253.167.205 Apr 29 13:04:20 ArkNodeAT sshd\[30832\]: Failed password for invalid user bb from 206.253.167.205 port 33170 ssh2	2020-04-29 19:50:23
45.133.9.154	attackspambots	Port probing on unauthorized port 23	2020-04-29 19:59:18
104.237.255.204	attack	$f2bV_matches	2020-04-29 19:54:41

Recently Reported IPs

121.147.191.33	2a02:2f0b:4500:8d00:88d2:bc5c:1603:c224	139.216.59.13	47.244.169.183
94.102.63.57	211.100.230.226	107.161.51.125	191.53.197.50
223.215.187.44	180.183.246.231	143.0.140.145	78.138.105.199
70.234.236.11	80.200.200.132	31.177.95.165	153.122.2.161
204.13.1.148	177.74.182.197	223.215.174.70	115.84.99.127