41.139.12.109 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Ghana

运营商(isp): Y-Zone Service

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Aug 11 05:14:33 mail.srvfarm.net postfix/smtps/smtpd[2148611]: warning: unknown[41.139.12.109]: SASL PLAIN authentication failed: Aug 11 05:14:33 mail.srvfarm.net postfix/smtps/smtpd[2148611]: lost connection after AUTH from unknown[41.139.12.109] Aug 11 05:19:02 mail.srvfarm.net postfix/smtpd[2163446]: warning: unknown[41.139.12.109]: SASL PLAIN authentication failed: Aug 11 05:19:02 mail.srvfarm.net postfix/smtpd[2163446]: lost connection after AUTH from unknown[41.139.12.109] Aug 11 05:19:49 mail.srvfarm.net postfix/smtps/smtpd[2147252]: warning: unknown[41.139.12.109]: SASL PLAIN authentication failed:	2020-08-11 15:44:36

类型

评论内容

时间

attackspam

Aug 11 05:14:33 mail.srvfarm.net postfix/smtps/smtpd[2148611]: warning: unknown[41.139.12.109]: SASL PLAIN authentication failed: 
Aug 11 05:14:33 mail.srvfarm.net postfix/smtps/smtpd[2148611]: lost connection after AUTH from unknown[41.139.12.109]
Aug 11 05:19:02 mail.srvfarm.net postfix/smtpd[2163446]: warning: unknown[41.139.12.109]: SASL PLAIN authentication failed: 
Aug 11 05:19:02 mail.srvfarm.net postfix/smtpd[2163446]: lost connection after AUTH from unknown[41.139.12.109]
Aug 11 05:19:49 mail.srvfarm.net postfix/smtps/smtpd[2147252]: warning: unknown[41.139.12.109]: SASL PLAIN authentication failed:

2020-08-11 15:44:36

相同子网IP讨论:

IP	类型	评论内容	时间
41.139.12.151	attackbotsspam	TCP (SYN) 41.139.12.151:56658 -> port 445, len 40	2020-10-02 03:35:26
41.139.12.151	attack	Icarus honeypot on github	2020-10-01 19:48:17
41.139.128.113	attack	Dovecot Invalid User Login Attempt.	2020-05-29 18:35:01
41.139.12.151	attackspambots	SMB Server BruteForce Attack	2020-02-08 09:24:01
41.139.12.151	attackbots	445/tcp 445/tcp [2019-07-24/08-06]2pkt	2019-08-07 09:40:26

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 41.139.12.109
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 15847
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;41.139.12.109.			IN	A

;; AUTHORITY SECTION:
.			485	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020081100 1800 900 604800 86400

;; Query time: 80 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Aug 11 15:44:29 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 109.12.139.41.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 109.12.139.41.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
118.187.6.176	attackspambots	Web App Attack	2020-03-26 00:18:22
52.212.187.121	attack	Website hacking attempt: Improper php file access [php file]	2020-03-26 00:32:41
61.77.34.77	attack	" "	2020-03-26 00:36:30
49.145.224.55	attack	Registration form abuse	2020-03-25 23:36:53
23.33.200.242	attackspambots	Mar 25 13:48:44 debian-2gb-nbg1-2 kernel: \[7399603.728856\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=23.33.200.242 DST=195.201.40.59 LEN=44 TOS=0x00 PREC=0x00 TTL=48 ID=0 DF PROTO=TCP SPT=80 DPT=13389 WINDOW=29200 RES=0x00 ACK SYN URGP=0	2020-03-26 00:03:32
80.82.77.232	attack	(PERMBLOCK) 80.82.77.232 (NL/Netherlands/-) has had more than 4 temp blocks in the last 86400 secs	2020-03-26 00:25:15
112.170.224.239	attackbots	Honeypot attack, port: 81, PTR: PTR record not found	2020-03-25 23:58:01
152.136.27.247	attack	Too many connections or unauthorized access detected from Arctic banned ip	2020-03-25 23:57:32
122.152.215.115	attackbots	2020-03-25T12:45:01.239822dmca.cloudsearch.cf sshd[21874]: Invalid user buster from 122.152.215.115 port 48684 2020-03-25T12:45:01.245988dmca.cloudsearch.cf sshd[21874]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.152.215.115 2020-03-25T12:45:01.239822dmca.cloudsearch.cf sshd[21874]: Invalid user buster from 122.152.215.115 port 48684 2020-03-25T12:45:04.040203dmca.cloudsearch.cf sshd[21874]: Failed password for invalid user buster from 122.152.215.115 port 48684 ssh2 2020-03-25T12:48:43.997358dmca.cloudsearch.cf sshd[22197]: Invalid user xuming from 122.152.215.115 port 35896 2020-03-25T12:48:44.003145dmca.cloudsearch.cf sshd[22197]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.152.215.115 2020-03-25T12:48:43.997358dmca.cloudsearch.cf sshd[22197]: Invalid user xuming from 122.152.215.115 port 35896 2020-03-25T12:48:46.079503dmca.cloudsearch.cf sshd[22197]: Failed password for invalid user xu ...	2020-03-26 00:00:33
106.13.175.210	attack	Mar 25 14:07:30 OPSO sshd\[19859\]: Invalid user system from 106.13.175.210 port 52118 Mar 25 14:07:30 OPSO sshd\[19859\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.175.210 Mar 25 14:07:33 OPSO sshd\[19859\]: Failed password for invalid user system from 106.13.175.210 port 52118 ssh2 Mar 25 14:12:19 OPSO sshd\[20712\]: Invalid user xv from 106.13.175.210 port 56786 Mar 25 14:12:19 OPSO sshd\[20712\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.175.210	2020-03-26 00:06:47
178.128.13.87	attackspambots	Mar 25 13:48:28 sshd[16815]: Failed password for invalid user test from 178.128.13.87 port 50542 ssh2	2020-03-25 23:38:14
62.173.145.188	attack	Mar 25 16:42:52 debian-2gb-nbg1-2 kernel: \[7410051.203753\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=62.173.145.188 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=14882 DF PROTO=TCP SPT=12941 DPT=804 WINDOW=512 RES=0x00 SYN URGP=0	2020-03-26 00:15:16
94.180.247.20	attackbots	2020-03-24 12:06:56 server sshd[81278]: Failed password for invalid user fpt from 94.180.247.20 port 49232 ssh2	2020-03-25 23:56:59
37.187.97.33	attackbotsspam	2020-03-25T13:21:08.565135shield sshd\[15623\]: Invalid user laraht from 37.187.97.33 port 40326 2020-03-25T13:21:08.574544shield sshd\[15623\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=grupa.poczytajmimako.pl 2020-03-25T13:21:10.201155shield sshd\[15623\]: Failed password for invalid user laraht from 37.187.97.33 port 40326 ssh2 2020-03-25T13:27:39.274156shield sshd\[16851\]: Invalid user admin from 37.187.97.33 port 47443 2020-03-25T13:27:39.282777shield sshd\[16851\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=grupa.poczytajmimako.pl	2020-03-25 23:49:39
179.104.235.151	attackspambots	2020-03-25T16:42:46.922198jannga.de sshd[23228]: Invalid user pu from 179.104.235.151 port 36846 2020-03-25T16:42:48.184422jannga.de sshd[23228]: Failed password for invalid user pu from 179.104.235.151 port 36846 ssh2 ...	2020-03-25 23:43:45

最近上报的IP列表

239.54.127.244	203.200.116.121	248.201.105.249	64.45.166.100
144.52.89.145	192.216.56.228	225.225.81.19	45.78.189.161
156.96.117.187	123.220.235.254	82.62.60.214	223.237.219.44
222.187.224.122	177.185.159.5	220.132.206.215	168.194.161.102
104.137.210.124	1.54.159.9	146.144.181.21	214.108.35.204