139.255.24.157

Basic Info

City: unknown

Region: unknown

Country: Indonesia

Internet Service Provider: PT. First Media TBK

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Honeypot attack, port: 445, PTR: ln-static-139-255-24-157.link.net.id.	2020-03-02 13:25:38

Comments on same subnet:

IP	Type	Details	Datetime
139.255.244.34	attackbotsspam	Unauthorized connection attempt from IP address 139.255.244.34 on Port 445(SMB)	2020-07-15 19:17:28
139.255.244.34	attackspam	Unauthorized connection attempt from IP address 139.255.244.34 on Port 445(SMB)	2020-04-15 08:42:00
139.255.244.34	attackbots	Unauthorized connection attempt from IP address 139.255.244.34 on Port 445(SMB)	2020-04-10 01:20:17
139.255.245.62	attackbots	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-05 16:22:34,285 INFO [shellcode_manager] (139.255.245.62) no match, writing hexdump (009d3da666ba07500b424e7a93fb98f4 :2115256) - MS17010 (EternalBlue)	2019-07-06 09:20:26
139.255.244.164	attackbots	19/7/1@23:45:03: FAIL: Alarm-Intrusion address from=139.255.244.164 ...	2019-07-02 19:44:48

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.255.24.157
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 23478
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.255.24.157.			IN	A

;; AUTHORITY SECTION:
.			600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020030200 1800 900 604800 86400

;; Query time: 185 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Mar 02 13:25:31 CST 2020
;; MSG SIZE  rcvd: 118

Host info

157.24.255.139.in-addr.arpa domain name pointer ln-static-139-255-24-157.link.net.id.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
157.24.255.139.in-addr.arpa	name = ln-static-139-255-24-157.link.net.id.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
159.65.182.99	attack	DigitalOcean BotNet attack - 10s of requests to non-existent pages - :443/app-ads.txt - typically bursts of 8 requests per second - undefined, XSS attacks node-superagent/4.1.0	2020-01-05 00:52:22
49.88.112.113	attack	Jan 4 06:46:18 web9 sshd\[24249\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.113 user=root Jan 4 06:46:20 web9 sshd\[24249\]: Failed password for root from 49.88.112.113 port 14048 ssh2 Jan 4 06:47:14 web9 sshd\[24409\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.113 user=root Jan 4 06:47:17 web9 sshd\[24409\]: Failed password for root from 49.88.112.113 port 16632 ssh2 Jan 4 06:48:09 web9 sshd\[24557\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.113 user=root	2020-01-05 00:53:09
198.23.192.74	attackspam	\[2020-01-04 10:36:10\] SECURITY\[2857\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-01-04T10:36:10.354-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="046510420904",SessionID="0x7f0fb406f938",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/198.23.192.74/59262",ACLName="no_extension_match" \[2020-01-04 10:37:57\] SECURITY\[2857\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-01-04T10:37:57.346-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="046213724610",SessionID="0x7f0fb4977ee8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/198.23.192.74/64045",ACLName="no_extension_match" \[2020-01-04 10:38:42\] SECURITY\[2857\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-01-04T10:38:42.917-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="46441408564",SessionID="0x7f0fb4ca4128",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/198.23.192.74/50493",ACLName="no_extension_mat	2020-01-05 00:34:21
80.82.70.239	attackspam	firewall-block, port(s): 3552/tcp, 3556/tcp, 3561/tcp, 3565/tcp, 3566/tcp, 3569/tcp, 3570/tcp, 3571/tcp	2020-01-05 00:37:41
60.250.84.97	attack	Unauthorized connection attempt detected from IP address 60.250.84.97 to port 2220 [J]	2020-01-05 01:13:09
103.213.2.36	attackspam	Unauthorized connection attempt detected from IP address 103.213.2.36 to port 23 [J]	2020-01-05 00:59:54
88.132.237.187	attackbotsspam	Unauthorized connection attempt detected from IP address 88.132.237.187 to port 2220 [J]	2020-01-05 01:05:48
139.59.17.116	attack	fail2ban honeypot	2020-01-05 01:03:18
222.186.173.180	attackspam	port scan and connect, tcp 22 (ssh)	2020-01-05 01:01:10
183.145.84.181	attackspambots	Honeypot attack, port: 445, PTR: PTR record not found	2020-01-05 01:17:42
62.90.235.90	attack	Unauthorized connection attempt detected from IP address 62.90.235.90 to port 2220 [J]	2020-01-05 00:51:33
188.122.236.7	attackspam	Spam Timestamp : 04-Jan-20 12:26 BlockList Provider truncate.gbudb.net (242)	2020-01-05 01:02:10
69.94.158.95	attack	Jan 4 15:03:23 grey postfix/smtpd\[5563\]: NOQUEUE: reject: RCPT from cheap.swingthelamp.com\[69.94.158.95\]: 554 5.7.1 Service unavailable\; Client host \[69.94.158.95\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[69.94.158.95\]\; from=\ to=\ proto=ESMTP helo=\ ...	2020-01-05 00:58:20
62.164.176.194	attackbotsspam	Automatic report - XMLRPC Attack	2020-01-05 01:04:17
167.71.87.56	attackbotsspam	DigitalOcean BotNet attack - 10s of requests to non-existent pages - :443/app-ads.txt - typically bursts of 8 requests per second - undefined, XSS attacks node-superagent/4.1.0	2020-01-05 01:06:57

Recently Reported IPs

205.167.68.92	117.240.169.98	106.12.163.146	32.132.25.88
184.15.155.219	86.9.239.182	204.155.163.154	186.153.215.245
32.69.14.73	124.67.217.9	66.118.0.107	57.116.90.130
93.20.231.218	119.129.201.239	14.232.109.77	86.78.200.157
200.167.184.16	102.230.185.25	81.179.115.210	213.113.137.166