41.139.12.109 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Ghana

运营商(isp): Y-Zone Service

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Aug 11 05:14:33 mail.srvfarm.net postfix/smtps/smtpd[2148611]: warning: unknown[41.139.12.109]: SASL PLAIN authentication failed: Aug 11 05:14:33 mail.srvfarm.net postfix/smtps/smtpd[2148611]: lost connection after AUTH from unknown[41.139.12.109] Aug 11 05:19:02 mail.srvfarm.net postfix/smtpd[2163446]: warning: unknown[41.139.12.109]: SASL PLAIN authentication failed: Aug 11 05:19:02 mail.srvfarm.net postfix/smtpd[2163446]: lost connection after AUTH from unknown[41.139.12.109] Aug 11 05:19:49 mail.srvfarm.net postfix/smtps/smtpd[2147252]: warning: unknown[41.139.12.109]: SASL PLAIN authentication failed:	2020-08-11 15:44:36

类型

评论内容

时间

attackspam

Aug 11 05:14:33 mail.srvfarm.net postfix/smtps/smtpd[2148611]: warning: unknown[41.139.12.109]: SASL PLAIN authentication failed: 
Aug 11 05:14:33 mail.srvfarm.net postfix/smtps/smtpd[2148611]: lost connection after AUTH from unknown[41.139.12.109]
Aug 11 05:19:02 mail.srvfarm.net postfix/smtpd[2163446]: warning: unknown[41.139.12.109]: SASL PLAIN authentication failed: 
Aug 11 05:19:02 mail.srvfarm.net postfix/smtpd[2163446]: lost connection after AUTH from unknown[41.139.12.109]
Aug 11 05:19:49 mail.srvfarm.net postfix/smtps/smtpd[2147252]: warning: unknown[41.139.12.109]: SASL PLAIN authentication failed:

2020-08-11 15:44:36

相同子网IP讨论:

IP	类型	评论内容	时间
41.139.12.151	attackbotsspam	TCP (SYN) 41.139.12.151:56658 -> port 445, len 40	2020-10-02 03:35:26
41.139.12.151	attack	Icarus honeypot on github	2020-10-01 19:48:17
41.139.128.113	attack	Dovecot Invalid User Login Attempt.	2020-05-29 18:35:01
41.139.12.151	attackspambots	SMB Server BruteForce Attack	2020-02-08 09:24:01
41.139.12.151	attackbots	445/tcp 445/tcp [2019-07-24/08-06]2pkt	2019-08-07 09:40:26

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 41.139.12.109
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 15847
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;41.139.12.109.			IN	A

;; AUTHORITY SECTION:
.			485	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020081100 1800 900 604800 86400

;; Query time: 80 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Aug 11 15:44:29 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 109.12.139.41.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 109.12.139.41.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
54.37.155.165	attack	Nov 20 07:44:36 sauna sshd[110413]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.155.165 Nov 20 07:44:37 sauna sshd[110413]: Failed password for invalid user par0t from 54.37.155.165 port 60406 ssh2 ...	2019-11-20 14:00:49
183.88.229.23	attack	Nov 20 01:56:10 ws22vmsma01 sshd[140297]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.88.229.23 Nov 20 01:56:12 ws22vmsma01 sshd[140297]: Failed password for invalid user angermeier from 183.88.229.23 port 34754 ssh2 ...	2019-11-20 13:58:30
103.74.123.158	attackspambots	php WP PHPmyadamin ABUSE blocked for 12h	2019-11-20 14:05:09
218.92.0.206	attackbots	Nov 20 06:56:42 MK-Soft-Root1 sshd[21922]: Failed password for root from 218.92.0.206 port 19723 ssh2 Nov 20 06:56:46 MK-Soft-Root1 sshd[21922]: Failed password for root from 218.92.0.206 port 19723 ssh2 ...	2019-11-20 14:13:51
129.204.50.75	attack	Nov 20 01:02:25 TORMINT sshd\[29912\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.50.75 user=root Nov 20 01:02:27 TORMINT sshd\[29912\]: Failed password for root from 129.204.50.75 port 56814 ssh2 Nov 20 01:06:54 TORMINT sshd\[30167\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.50.75 user=root ...	2019-11-20 14:08:33
1.245.61.144	attack	Invalid user psybnc from 1.245.61.144 port 54985	2019-11-20 14:05:38
218.27.204.33	attack	2019-11-20 05:56:00,341 fail2ban.actions: WARNING [ssh] Ban 218.27.204.33	2019-11-20 14:06:08
24.142.48.139	attackbotsspam	RDP Bruteforce	2019-11-20 14:07:29
222.186.190.2	attackspam	Nov 20 11:08:47 gw1 sshd[2330]: Failed password for root from 222.186.190.2 port 61778 ssh2 Nov 20 11:08:59 gw1 sshd[2330]: error: maximum authentication attempts exceeded for root from 222.186.190.2 port 61778 ssh2 [preauth] ...	2019-11-20 14:09:52
103.28.53.146	attackspam	LGS,WP GET /wp-login.php	2019-11-20 14:28:17
70.61.189.19	attackspam	Automatic report - Port Scan Attack	2019-11-20 14:24:56
54.36.120.197	attack	php WP PHPmyadamin ABUSE blocked for 12h	2019-11-20 14:02:39
83.86.67.179	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/83.86.67.179/ NL - 1H : (16) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : NL NAME ASN : ASN33915 IP : 83.86.67.179 CIDR : 83.84.0.0/14 PREFIX COUNT : 142 UNIQUE IP COUNT : 3653888 ATTACKS DETECTED ASN33915 : 1H - 1 3H - 1 6H - 2 12H - 2 24H - 2 DateTime : 2019-11-20 05:55:35 INFO :	2019-11-20 14:16:57
183.136.149.181	attackbotsspam	Unauthorised access (Nov 20) SRC=183.136.149.181 LEN=40 TTL=50 ID=42027 TCP DPT=23 WINDOW=17094 SYN	2019-11-20 14:27:31
198.108.66.102	attackbots	" "	2019-11-20 13:53:17

最近上报的IP列表

239.54.127.244	203.200.116.121	248.201.105.249	64.45.166.100
144.52.89.145	192.216.56.228	225.225.81.19	45.78.189.161
156.96.117.187	123.220.235.254	82.62.60.214	223.237.219.44
222.187.224.122	177.185.159.5	220.132.206.215	168.194.161.102
104.137.210.124	1.54.159.9	146.144.181.21	214.108.35.204