City: unknown
Region: unknown
Country: Indonesia
Internet Service Provider: PT. First Media TBK
Hostname: unknown
Organization: unknown
Usage Type: Fixed Line ISP
| Type | Details | Datetime |
|---|---|---|
| attackbotsspam | Unauthorized connection attempt from IP address 139.255.52.98 on Port 445(SMB) |
2020-01-17 23:50:34 |
| IP | Type | Details | Datetime |
|---|---|---|---|
| 139.255.52.58 | attackbotsspam | 445/tcp [2020-10-03]1pkt |
2020-10-05 08:03:32 |
| 139.255.52.58 | attackbotsspam | 445/tcp [2020-10-03]1pkt |
2020-10-05 00:25:34 |
| 139.255.52.58 | attackbotsspam | 445/tcp [2020-10-03]1pkt |
2020-10-04 16:08:24 |
| 139.255.52.218 | attackspam | Unauthorized connection attempt from IP address 139.255.52.218 on Port 445(SMB) |
2020-02-08 04:49:50 |
| 139.255.52.203 | attack | 2019-07-09 06:35:35 1hkhqo-0006V5-70 SMTP connection from \(ln-static-139-255-52-203.link.net.id\) \[139.255.52.203\]:39249 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-07-09 06:35:46 1hkhqz-0006VG-2e SMTP connection from \(ln-static-139-255-52-203.link.net.id\) \[139.255.52.203\]:36139 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-07-09 06:35:54 1hkhr7-0006VN-HF SMTP connection from \(ln-static-139-255-52-203.link.net.id\) \[139.255.52.203\]:48745 I=\[193.107.88.166\]:25 closed by DROP in ACL ... |
2020-02-05 00:47:16 |
| 139.255.52.68 | attackbots | 445/tcp [2019-07-30]1pkt |
2019-07-31 03:27:38 |
| 139.255.52.203 | attackbots | Mail sent to address hacked/leaked from Last.fm |
2019-07-15 14:19:36 |
| 139.255.52.218 | attackspam | @LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-06 00:20:46,229 INFO [shellcode_manager] (139.255.52.218) no match, writing hexdump (7edbc2fd47b865f111efd673b193f6b5 :2164185) - MS17010 (EternalBlue) |
2019-07-06 13:28:06 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.255.52.98
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 39692
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.255.52.98. IN A
;; AUTHORITY SECTION:
. 354 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2020011700 1800 900 604800 86400
;; Query time: 156 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jan 17 23:50:26 CST 2020
;; MSG SIZE rcvd: 11798.52.255.139.in-addr.arpa domain name pointer ln-static-139-255-52-98.link.net.id.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
98.52.255.139.in-addr.arpa name = ln-static-139-255-52-98.link.net.id.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 106.54.109.98 | attackbots | Jun 18 15:20:00 abendstille sshd\[29199\]: Invalid user imj from 106.54.109.98 Jun 18 15:20:00 abendstille sshd\[29199\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.109.98 Jun 18 15:20:02 abendstille sshd\[29199\]: Failed password for invalid user imj from 106.54.109.98 port 50964 ssh2 Jun 18 15:24:24 abendstille sshd\[1104\]: Invalid user oo from 106.54.109.98 Jun 18 15:24:24 abendstille sshd\[1104\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.109.98 ... |
2020-06-18 22:44:41 |
| 163.172.178.167 | attackbotsspam | Jun 18 13:11:46 jumpserver sshd[130083]: Invalid user develop from 163.172.178.167 port 55780 Jun 18 13:11:48 jumpserver sshd[130083]: Failed password for invalid user develop from 163.172.178.167 port 55780 ssh2 Jun 18 13:15:19 jumpserver sshd[130125]: Invalid user oracle from 163.172.178.167 port 55606 ... |
2020-06-18 22:24:17 |
| 54.37.68.66 | attackspambots | 2020-06-18T15:14:15.719170 sshd[31557]: Invalid user ubuntu from 54.37.68.66 port 34592 2020-06-18T15:14:15.732763 sshd[31557]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.68.66 2020-06-18T15:14:15.719170 sshd[31557]: Invalid user ubuntu from 54.37.68.66 port 34592 2020-06-18T15:14:17.948068 sshd[31557]: Failed password for invalid user ubuntu from 54.37.68.66 port 34592 ssh2 ... |
2020-06-18 22:02:09 |
| 124.160.96.249 | attack | SSH Brute Force |
2020-06-18 22:18:18 |
| 141.98.9.160 | attack | Triggered by Fail2Ban at Ares web server |
2020-06-18 22:01:02 |
| 51.159.70.70 | attackbots | Jun 18 16:10:51 vps647732 sshd[12684]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.159.70.70 Jun 18 16:10:54 vps647732 sshd[12684]: Failed password for invalid user fbasjprof from 51.159.70.70 port 59810 ssh2 ... |
2020-06-18 22:23:28 |
| 142.44.218.192 | attack | Jun 18 14:50:10 piServer sshd[12840]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.44.218.192 Jun 18 14:50:13 piServer sshd[12840]: Failed password for invalid user demo from 142.44.218.192 port 35938 ssh2 Jun 18 14:53:59 piServer sshd[13095]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.44.218.192 ... |
2020-06-18 22:12:47 |
| 66.240.236.119 | attack | Unauthorized connection attempt detected from IP address 66.240.236.119 to port 5560 |
2020-06-18 22:03:57 |
| 192.144.132.172 | attackbots | Unauthorised connection attempt detected at AUO MAIN. System is sshd. Protected by AUO Stack Web Application Firewall (WAF) |
2020-06-18 22:04:43 |
| 103.92.26.252 | attackbotsspam | Jun 18 13:52:23 ns382633 sshd\[7873\]: Invalid user tidb from 103.92.26.252 port 51234 Jun 18 13:52:23 ns382633 sshd\[7873\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.92.26.252 Jun 18 13:52:25 ns382633 sshd\[7873\]: Failed password for invalid user tidb from 103.92.26.252 port 51234 ssh2 Jun 18 14:08:14 ns382633 sshd\[10664\]: Invalid user ansible from 103.92.26.252 port 58322 Jun 18 14:08:14 ns382633 sshd\[10664\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.92.26.252 |
2020-06-18 22:18:56 |
| 222.186.180.41 | attack | 2020-06-18T17:18:12.397083afi-git.jinr.ru sshd[9534]: Failed password for root from 222.186.180.41 port 61088 ssh2 2020-06-18T17:18:16.424064afi-git.jinr.ru sshd[9534]: Failed password for root from 222.186.180.41 port 61088 ssh2 2020-06-18T17:18:19.671196afi-git.jinr.ru sshd[9534]: Failed password for root from 222.186.180.41 port 61088 ssh2 2020-06-18T17:18:19.671341afi-git.jinr.ru sshd[9534]: error: maximum authentication attempts exceeded for root from 222.186.180.41 port 61088 ssh2 [preauth] 2020-06-18T17:18:19.671355afi-git.jinr.ru sshd[9534]: Disconnecting: Too many authentication failures [preauth] ... |
2020-06-18 22:22:05 |
| 43.245.185.66 | attackbotsspam | Jun 18 19:07:50 itv-usvr-01 sshd[25439]: Invalid user fuckyou from 43.245.185.66 Jun 18 19:07:50 itv-usvr-01 sshd[25439]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.245.185.66 Jun 18 19:07:50 itv-usvr-01 sshd[25439]: Invalid user fuckyou from 43.245.185.66 Jun 18 19:07:52 itv-usvr-01 sshd[25439]: Failed password for invalid user fuckyou from 43.245.185.66 port 43866 ssh2 |
2020-06-18 22:39:13 |
| 192.236.193.167 | attack | Jun 18 14:40:41 haigwepa sshd[22608]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.236.193.167 Jun 18 14:40:42 haigwepa sshd[22608]: Failed password for invalid user postgres from 192.236.193.167 port 44934 ssh2 ... |
2020-06-18 22:18:05 |
| 47.254.47.38 | attackbots | 20 attempts against mh-ssh on echoip |
2020-06-18 22:10:00 |
| 167.71.192.77 | attack | 2020-06-18T07:05:00.271638server.mjenks.net sshd[1439972]: Invalid user cti from 167.71.192.77 port 45156 2020-06-18T07:05:00.278404server.mjenks.net sshd[1439972]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.192.77 2020-06-18T07:05:00.271638server.mjenks.net sshd[1439972]: Invalid user cti from 167.71.192.77 port 45156 2020-06-18T07:05:02.082336server.mjenks.net sshd[1439972]: Failed password for invalid user cti from 167.71.192.77 port 45156 ssh2 2020-06-18T07:08:28.546221server.mjenks.net sshd[1440356]: Invalid user mch from 167.71.192.77 port 45968 ... |
2020-06-18 22:02:37 |