41.139.135.10 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Kenya

运营商(isp): For Converged Solution for NRB

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	1581576924 - 02/13/2020 07:55:24 Host: 41.139.135.10/41.139.135.10 Port: 445 TCP Blocked	2020-02-13 16:18:39
attackbots	port scan and connect, tcp 1433 (ms-sql-s)	2020-02-09 22:24:06

相同子网IP讨论:

IP	类型	评论内容	时间
41.139.135.89	attack	(imapd) Failed IMAP login from 41.139.135.89 (KE/Kenya/41-139-135-89.safaricombusiness.co.ke): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Jul 11 01:44:54 ir1 dovecot[2885757]: imap-login: Disconnected (auth failed, 1 attempts in 5 secs): user=, method=PLAIN, rip=41.139.135.89, lip=5.63.12.44, session=<1znK1ByqnrEpi4dZ>	2020-07-11 06:38:58

类型

评论内容

时间

41.139.135.89

attack

(imapd) Failed IMAP login from 41.139.135.89 (KE/Kenya/41-139-135-89.safaricombusiness.co.ke): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Jul 11 01:44:54 ir1 dovecot[2885757]: imap-login: Disconnected (auth failed, 1 attempts in 5 secs): user=, method=PLAIN, rip=41.139.135.89, lip=5.63.12.44, session=<1znK1ByqnrEpi4dZ>

2020-07-11 06:38:58

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 41.139.135.10
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 18520
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;41.139.135.10.			IN	A

;; AUTHORITY SECTION:
.			476	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020020900 1800 900 604800 86400

;; Query time: 401 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 09 22:23:49 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

10.135.139.41.in-addr.arpa domain name pointer 41-139-135-10.safaricombusiness.co.ke.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
10.135.139.41.in-addr.arpa	name = 41-139-135-10.safaricombusiness.co.ke.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
89.232.48.43	attackspam	Invalid user sekar from 89.232.48.43 port 60760	2019-10-25 04:05:24
98.126.32.74	attackspambots	Invalid user ubuntu from 98.126.32.74 port 55752	2019-10-25 04:04:44
5.196.75.178	attackspam	2019-10-24T14:32:24.6525401495-001 sshd\[16680\]: Failed password for root from 5.196.75.178 port 35134 ssh2 2019-10-24T15:39:29.0573061495-001 sshd\[19866\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=0007.seedbox.com.ar user=root 2019-10-24T15:39:31.0662261495-001 sshd\[19866\]: Failed password for root from 5.196.75.178 port 52812 ssh2 2019-10-24T15:47:00.3454921495-001 sshd\[20097\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=0007.seedbox.com.ar user=root 2019-10-24T15:47:02.0725591495-001 sshd\[20097\]: Failed password for root from 5.196.75.178 port 39108 ssh2 2019-10-24T15:54:43.2185541495-001 sshd\[20439\]: Invalid user ddddd from 5.196.75.178 port 53844 ...	2019-10-25 04:14:49
218.94.136.90	attackspambots	Oct 24 22:11:05 amit sshd\[15169\]: Invalid user cmd from 218.94.136.90 Oct 24 22:11:05 amit sshd\[15169\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.94.136.90 Oct 24 22:11:07 amit sshd\[15169\]: Failed password for invalid user cmd from 218.94.136.90 port 14683 ssh2 ...	2019-10-25 04:17:34
193.32.163.182	attack	Oct 24 22:17:45 fr01 sshd[27346]: Invalid user admin from 193.32.163.182 ...	2019-10-25 04:30:43
185.156.73.52	attack	10/24/2019-16:23:57.697144 185.156.73.52 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-10-25 04:24:32
3.15.107.234	attackbotsspam	Invalid user postgres from 3.15.107.234 port 62362	2019-10-25 04:15:36
119.28.107.182	attackbots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/119.28.107.182/ CN - 1H : (913) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : CN NAME ASN : ASN132203 IP : 119.28.107.182 CIDR : 119.28.106.0/23 PREFIX COUNT : 595 UNIQUE IP COUNT : 481792 ATTACKS DETECTED ASN132203 : 1H - 1 3H - 3 6H - 3 12H - 3 24H - 3 DateTime : 2019-10-24 22:17:58 INFO : HACK ! - Looking for resource vulnerabilities Scan Detected and Blocked by ADMIN - data recovery	2019-10-25 04:20:26
62.234.127.88	attackbotsspam	2019-10-25T03:17:49.686066enmeeting.mahidol.ac.th sshd\[23081\]: User root from 62.234.127.88 not allowed because not listed in AllowUsers 2019-10-25T03:17:49.811817enmeeting.mahidol.ac.th sshd\[23081\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.127.88 user=root 2019-10-25T03:17:51.373086enmeeting.mahidol.ac.th sshd\[23081\]: Failed password for invalid user root from 62.234.127.88 port 39192 ssh2 ...	2019-10-25 04:25:09
87.197.166.67	attackbotsspam	Failed password for invalid user Administrator from 87.197.166.67 port 59675 ssh2 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=87.197.166.67 user=root Failed password for root from 87.197.166.67 port 51276 ssh2 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=87.197.166.67 user=root Failed password for root from 87.197.166.67 port 42875 ssh2	2019-10-25 04:05:54
37.139.13.105	attack	Invalid user ubuntu from 37.139.13.105 port 40186	2019-10-25 04:12:43
69.53.235.101	attack	Invalid user xo from 69.53.235.101 port 3726	2019-10-25 04:07:47
58.254.132.239	attack	SSH brutforce	2019-10-25 04:21:06
79.157.217.179	attackbotsspam	Oct 24 10:13:10 php1 sshd\[19826\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.red-79-157-217.dynamicip.rima-tde.net user=root Oct 24 10:13:12 php1 sshd\[19826\]: Failed password for root from 79.157.217.179 port 59244 ssh2 Oct 24 10:17:35 php1 sshd\[20335\]: Invalid user com from 79.157.217.179 Oct 24 10:17:35 php1 sshd\[20335\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.red-79-157-217.dynamicip.rima-tde.net Oct 24 10:17:36 php1 sshd\[20335\]: Failed password for invalid user com from 79.157.217.179 port 52078 ssh2	2019-10-25 04:34:51
78.37.176.180	attackspambots	Invalid user admin from 78.37.176.180 port 43040	2019-10-25 04:07:01

最近上报的IP列表

109.194.14.0	111.7.104.175	223.17.94.212	71.6.233.49
49.113.247.180	222.85.110.51	172.105.68.209	223.18.149.185
229.237.248.193	90.153.218.213	197.246.251.218	114.47.138.133
43.83.6.209	113.253.218.251	93.107.43.251	42.227.33.207
125.91.123.212	49.206.231.3	1.64.1.147	113.23.4.141