139.28.218.141

Basic Info

City: Montreal

Region: Quebec

Country: Canada

Internet Service Provider: unknown

Hostname: unknown

Organization: M247 Ltd

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
139.28.218.34	attack	22/tcp 27017/tcp 5900/tcp... [2020-05-05/07-05]41pkt,14pt.(tcp),3pt.(udp)	2020-07-06 01:59:22
139.28.218.34	attack	" "	2020-06-07 23:09:09
139.28.218.34	attack	TCP (SYN) 139.28.218.34:57239 -> port 11211, len 44	2020-05-24 18:34:57
139.28.218.77	attack	Brute force attack against VPN service	2020-04-18 14:09:10
139.28.218.34	attack	Honeypot hit.	2020-04-17 06:58:59
139.28.218.34	attackbotsspam	Honeypot hit.	2020-02-18 23:28:51
139.28.218.34	attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-13 18:29:58
139.28.218.34	attackbotsspam	" "	2020-02-04 17:02:15
139.28.218.34	attack	Portscan or hack attempt detected by psad/fwsnort	2020-01-11 08:28:43
139.28.218.34	attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2019-12-15 05:38:57
139.28.218.28	attackbots	TCP Port Scanning	2019-11-18 21:04:33
139.28.218.34	attack	Scanning random ports - tries to find possible vulnerable services	2019-11-03 07:56:18
139.28.218.34	attackbotsspam	VN - 1H : (90) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : VN NAME ASN : ASN9009 IP : 139.28.218.34 CIDR : 139.28.218.0/24 PREFIX COUNT : 1708 UNIQUE IP COUNT : 749056 WYKRYTE ATAKI Z ASN9009 : 1H - 1 3H - 3 6H - 5 12H - 7 24H - 9 INFO : SYN Flood DDoS Attack Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN - data recovery https://help-dysk.pl	2019-09-11 23:33:40
139.28.218.130	attackspambots	Postfix DNSBL listed. Trying to send SPAM.	2019-07-08 02:56:39
139.28.218.137	attackbotsspam	Postfix DNSBL listed. Trying to send SPAM.	2019-06-27 22:09:25

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.28.218.141
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24770
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.28.218.141.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019051100 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun May 12 00:09:52 CST 2019
;; MSG SIZE  rcvd: 118

Host info

141.218.28.139.in-addr.arpa domain name pointer pep.ductinmedi.com.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
141.218.28.139.in-addr.arpa	name = pep.ductinmedi.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
185.215.60.137	attack	1582782464 - 02/27/2020 12:47:44 Host: 185.215.60.137.mosline.ru/185.215.60.137 Port: 23 TCP Blocked ...	2020-02-27 15:11:23
218.92.0.184	attackbots	Feb 27 14:33:50 lcl-usvr-02 sshd[19237]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.184 user=root Feb 27 14:33:52 lcl-usvr-02 sshd[19237]: Failed password for root from 218.92.0.184 port 25544 ssh2 ...	2020-02-27 15:53:33
51.79.19.31	attackbotsspam	fake referer, bad user-agent	2020-02-27 15:24:03
148.70.33.136	attackspam	Automatic report - Banned IP Access	2020-02-27 15:47:51
96.73.111.201	attackbotsspam	Honeypot attack, port: 81, PTR: 96-73-111-201-static.hfc.comcastbusiness.net.	2020-02-27 15:37:30
61.177.172.158	attackspambots	2020-02-27T07:23:15.843200shield sshd\[19362\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.177.172.158 user=root 2020-02-27T07:23:18.117489shield sshd\[19362\]: Failed password for root from 61.177.172.158 port 29896 ssh2 2020-02-27T07:23:20.358873shield sshd\[19362\]: Failed password for root from 61.177.172.158 port 29896 ssh2 2020-02-27T07:23:23.209683shield sshd\[19362\]: Failed password for root from 61.177.172.158 port 29896 ssh2 2020-02-27T07:26:39.037601shield sshd\[20057\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.177.172.158 user=root	2020-02-27 15:37:58
45.55.210.248	attackbotsspam	Feb 27 07:07:58 localhost sshd\[31740\]: Invalid user nexus from 45.55.210.248 port 54917 Feb 27 07:07:58 localhost sshd\[31740\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.210.248 Feb 27 07:08:00 localhost sshd\[31740\]: Failed password for invalid user nexus from 45.55.210.248 port 54917 ssh2 Feb 27 07:17:14 localhost sshd\[31951\]: Invalid user nathan from 45.55.210.248 port 49589 Feb 27 07:17:14 localhost sshd\[31951\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.210.248 ...	2020-02-27 15:24:54
115.79.34.49	attackbots	Honeypot attack, port: 445, PTR: adsl.viettel.vn.	2020-02-27 15:19:19
165.227.123.146	attackspam	Feb 25 05:21:58 w sshd[26098]: Invalid user kristofvps from 165.227.123.146 Feb 25 05:21:58 w sshd[26098]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.123.146 Feb 25 05:22:00 w sshd[26098]: Failed password for invalid user kristofvps from 165.227.123.146 port 57330 ssh2 Feb 25 05:22:00 w sshd[26098]: Received disconnect from 165.227.123.146: 11: Bye Bye [preauth] Feb 25 05:55:04 w sshd[26505]: Invalid user sammy from 165.227.123.146 Feb 25 05:55:04 w sshd[26505]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.123.146 Feb 25 05:55:06 w sshd[26505]: Failed password for invalid user sammy from 165.227.123.146 port 46698 ssh2 Feb 25 05:55:06 w sshd[26505]: Received disconnect from 165.227.123.146: 11: Bye Bye [preauth] Feb 25 06:07:49 w sshd[26702]: Invalid user adrian from 165.227.123.146 Feb 25 06:07:49 w sshd[26702]: pam_unix(sshd:auth): authentication failure; logname=........ -------------------------------	2020-02-27 15:44:27
35.189.172.158	attackspambots	2020-02-27T07:04:17.919116shield sshd\[15372\]: Invalid user backup from 35.189.172.158 port 37888 2020-02-27T07:04:17.924173shield sshd\[15372\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=158.172.189.35.bc.googleusercontent.com 2020-02-27T07:04:20.319311shield sshd\[15372\]: Failed password for invalid user backup from 35.189.172.158 port 37888 ssh2 2020-02-27T07:09:30.728473shield sshd\[16545\]: Invalid user steve from 35.189.172.158 port 37782 2020-02-27T07:09:30.731524shield sshd\[16545\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=158.172.189.35.bc.googleusercontent.com	2020-02-27 15:22:47
156.96.58.78	attackspambots	SMTP Brute-Force	2020-02-27 15:20:47
45.227.253.66	attack	SQL Injection attack	2020-02-27 15:54:42
201.124.120.97	attackbotsspam	unauthorized connection attempt	2020-02-27 15:18:58
5.3.6.82	attack	Feb 27 08:19:45 sd-53420 sshd\[24440\]: Invalid user Michelle from 5.3.6.82 Feb 27 08:19:45 sd-53420 sshd\[24440\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.3.6.82 Feb 27 08:19:47 sd-53420 sshd\[24440\]: Failed password for invalid user Michelle from 5.3.6.82 port 34410 ssh2 Feb 27 08:28:06 sd-53420 sshd\[25146\]: User root from 5.3.6.82 not allowed because none of user's groups are listed in AllowGroups Feb 27 08:28:06 sd-53420 sshd\[25146\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.3.6.82 user=root ...	2020-02-27 15:43:23
115.78.2.247	attackbotsspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-02-27 15:13:45

Recently Reported IPs

181.52.239.131	113.65.188.245	27.104.233.191	13.17.149.170
214.197.164.124	13.233.72.34	177.20.225.83	104.7.65.179
112.188.51.180	187.116.80.74	65.208.224.204	112.84.91.99
128.193.94.233	115.86.23.214	125.160.240.129	32.17.132.255
1.148.142.122	188.75.138.234	186.224.88.185	111.37.100.93