41.139.5.231 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Ghana

运营商(isp): Suhum Clients

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	IMAP/SMTP Authentication Failure	2020-05-17 02:08:02

相同子网IP讨论:

IP	类型	评论内容	时间
41.139.58.2	attackspam	20/8/7@08:02:59: FAIL: Alarm-Intrusion address from=41.139.58.2 ...	2020-08-08 01:39:37
41.139.5.197	attackbots	Jul 24 10:27:29 mail.srvfarm.net postfix/smtps/smtpd[2165660]: warning: unknown[41.139.5.197]: SASL PLAIN authentication failed: Jul 24 10:27:29 mail.srvfarm.net postfix/smtps/smtpd[2165660]: lost connection after AUTH from unknown[41.139.5.197] Jul 24 10:29:19 mail.srvfarm.net postfix/smtps/smtpd[2179031]: warning: unknown[41.139.5.197]: SASL PLAIN authentication failed: Jul 24 10:29:20 mail.srvfarm.net postfix/smtps/smtpd[2179031]: lost connection after AUTH from unknown[41.139.5.197] Jul 24 10:29:47 mail.srvfarm.net postfix/smtps/smtpd[2184263]: warning: unknown[41.139.5.197]: SASL PLAIN authentication failed:	2020-07-25 03:01:40
41.139.5.238	attackspambots	(smtpauth) Failed SMTP AUTH login from 41.139.5.238 (GH/Ghana/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-07-08 08:11:26 plain authenticator failed for ([41.139.5.238]) [41.139.5.238]: 535 Incorrect authentication data (set_id=info@hadafisf.ir)	2020-07-08 18:11:30

类型

评论内容

时间

41.139.58.2

attackspam

20/8/7@08:02:59: FAIL: Alarm-Intrusion address from=41.139.58.2
...

2020-08-08 01:39:37

41.139.5.197

attackbots

Jul 24 10:27:29 mail.srvfarm.net postfix/smtps/smtpd[2165660]: warning: unknown[41.139.5.197]: SASL PLAIN authentication failed: 
Jul 24 10:27:29 mail.srvfarm.net postfix/smtps/smtpd[2165660]: lost connection after AUTH from unknown[41.139.5.197]
Jul 24 10:29:19 mail.srvfarm.net postfix/smtps/smtpd[2179031]: warning: unknown[41.139.5.197]: SASL PLAIN authentication failed: 
Jul 24 10:29:20 mail.srvfarm.net postfix/smtps/smtpd[2179031]: lost connection after AUTH from unknown[41.139.5.197]
Jul 24 10:29:47 mail.srvfarm.net postfix/smtps/smtpd[2184263]: warning: unknown[41.139.5.197]: SASL PLAIN authentication failed:

2020-07-25 03:01:40

41.139.5.238

attackspambots

(smtpauth) Failed SMTP AUTH login from 41.139.5.238 (GH/Ghana/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-07-08 08:11:26 plain authenticator failed for ([41.139.5.238]) [41.139.5.238]: 535 Incorrect authentication data (set_id=info@hadafisf.ir)

2020-07-08 18:11:30

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 41.139.5.231
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44792
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;41.139.5.231.			IN	A

;; AUTHORITY SECTION:
.			149	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020051601 1800 900 604800 86400

;; Query time: 109 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun May 17 02:07:57 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

;; connection timed out; no servers could be reached

NSLOOKUP信息:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 231.5.139.41.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
112.85.42.181	attackspam	Failed password for root from 112.85.42.181 port 39557 ssh2 Failed password for root from 112.85.42.181 port 39557 ssh2 Failed password for root from 112.85.42.181 port 39557 ssh2 Failed password for root from 112.85.42.181 port 39557 ssh2	2020-01-22 05:31:04
81.22.45.182	attackspam	" "	2020-01-22 05:42:03
147.135.100.198	attack	Lines containing failures of 147.135.100.198 Jan 21 21:46:54 mx-in-01 sshd[2095]: Invalid user papiro from 147.135.100.198 port 48360 Jan 21 21:46:54 mx-in-01 sshd[2095]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.135.100.198 Jan 21 21:46:56 mx-in-01 sshd[2095]: Failed password for invalid user papiro from 147.135.100.198 port 48360 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=147.135.100.198	2020-01-22 05:30:09
218.92.0.171	attackbots	pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.171 user=root Failed password for root from 218.92.0.171 port 45664 ssh2 Failed password for root from 218.92.0.171 port 45664 ssh2 Failed password for root from 218.92.0.171 port 45664 ssh2 Failed password for root from 218.92.0.171 port 45664 ssh2	2020-01-22 05:42:51
107.189.11.11	attackbots	Unauthorized connection attempt detected from IP address 107.189.11.11 to port 22 [J]	2020-01-22 05:36:47
187.176.187.206	attackbots	Jan 21 21:45:38 mxgate1 postfix/postscreen[16657]: CONNECT from [187.176.187.206]:32750 to [176.31.12.44]:25 Jan 21 21:45:38 mxgate1 postfix/dnsblog[16731]: addr 187.176.187.206 listed by domain cbl.abuseat.org as 127.0.0.2 Jan 21 21:45:38 mxgate1 postfix/dnsblog[16732]: addr 187.176.187.206 listed by domain zen.spamhaus.org as 127.0.0.11 Jan 21 21:45:38 mxgate1 postfix/dnsblog[16732]: addr 187.176.187.206 listed by domain zen.spamhaus.org as 127.0.0.4 Jan 21 21:45:38 mxgate1 postfix/dnsblog[16747]: addr 187.176.187.206 listed by domain ix.dnsbl.xxxxxx.net as 127.0.0.2 Jan 21 21:45:38 mxgate1 postfix/dnsblog[16730]: addr 187.176.187.206 listed by domain b.barracudacentral.org as 127.0.0.2 Jan 21 21:45:44 mxgate1 postfix/postscreen[16657]: DNSBL rank 5 for [187.176.187.206]:32750 Jan x@x Jan 21 21:45:44 mxgate1 postfix/postscreen[16657]: HANGUP after 0.67 from [187.176.187.206]:32750 in tests after SMTP handshake Jan 21 21:45:44 mxgate1 postfix/postscreen[16657]: DISCONN........ -------------------------------	2020-01-22 05:25:44
142.93.204.221	attackspambots	WordPress wp-login brute force :: 142.93.204.221 0.104 BYPASS [21/Jan/2020:21:02:38 0000] [censored_4] "POST /wp-login.php HTTP/1.1" 200 2100 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-01-22 05:50:28
51.77.146.170	attackspam	Jan 21 21:27:20 hcbbdb sshd\[9822\]: Invalid user ubuntu from 51.77.146.170 Jan 21 21:27:20 hcbbdb sshd\[9822\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=170.ip-51-77-146.eu Jan 21 21:27:22 hcbbdb sshd\[9822\]: Failed password for invalid user ubuntu from 51.77.146.170 port 33020 ssh2 Jan 21 21:30:03 hcbbdb sshd\[10213\]: Invalid user le from 51.77.146.170 Jan 21 21:30:03 hcbbdb sshd\[10213\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=170.ip-51-77-146.eu	2020-01-22 05:36:22
114.67.229.245	attackbots	Unauthorized connection attempt detected from IP address 114.67.229.245 to port 2220 [J]	2020-01-22 05:45:10
185.85.190.132	attackbotsspam	Wordpress attack	2020-01-22 05:15:33
183.151.70.62	attackspambots	Lines containing failures of 183.151.70.62 (max 1000) Jan 21 20:43:43 localhost sshd[4459]: User r.r from 183.151.70.62 not allowed because listed in DenyUsers Jan 21 20:43:43 localhost sshd[4459]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.151.70.62 user=r.r Jan 21 20:43:44 localhost sshd[4459]: Failed password for invalid user r.r from 183.151.70.62 port 4200 ssh2 Jan 21 20:43:45 localhost sshd[4459]: Received disconnect from 183.151.70.62 port 4200:11: Bye Bye [preauth] Jan 21 20:43:45 localhost sshd[4459]: Disconnected from invalid user r.r 183.151.70.62 port 4200 [preauth] Jan 21 20:47:31 localhost sshd[5063]: User r.r from 183.151.70.62 not allowed because listed in DenyUsers Jan 21 20:47:31 localhost sshd[5063]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.151.70.62 user=r.r ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=183.151.70.62	2020-01-22 05:33:56
123.30.236.149	attackspam	Jan 21 21:30:01 hcbbdb sshd\[10200\]: Invalid user harry from 123.30.236.149 Jan 21 21:30:01 hcbbdb sshd\[10200\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.30.236.149 Jan 21 21:30:03 hcbbdb sshd\[10200\]: Failed password for invalid user harry from 123.30.236.149 port 13954 ssh2 Jan 21 21:32:32 hcbbdb sshd\[10565\]: Invalid user sms from 123.30.236.149 Jan 21 21:32:32 hcbbdb sshd\[10565\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.30.236.149	2020-01-22 05:48:49
82.207.114.64	attackbotsspam	Unauthorized connection attempt detected from IP address 82.207.114.64 to port 2220 [J]	2020-01-22 05:11:37
125.213.150.7	attack	Jan 21 08:14:41 server sshd\[17538\]: Invalid user master from 125.213.150.7 Jan 21 08:14:41 server sshd\[17538\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.213.150.7 Jan 21 08:14:43 server sshd\[17538\]: Failed password for invalid user master from 125.213.150.7 port 34520 ssh2 Jan 22 00:03:10 server sshd\[20846\]: Invalid user user from 125.213.150.7 Jan 22 00:03:10 server sshd\[20846\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.213.150.7 ...	2020-01-22 05:28:15
223.197.125.10	attackbotsspam	Unauthorized connection attempt detected from IP address 223.197.125.10 to port 2220 [J]	2020-01-22 05:19:43

最近上报的IP列表

42.200.142.45	31.173.25.139	124.88.117.113	88.252.99.120
118.70.186.57	103.211.16.58	77.222.105.191	185.173.106.206
209.182.236.245	165.22.242.108	89.115.97.128	190.186.28.98
81.30.200.35	62.28.203.66	162.253.129.214	46.239.74.91
189.120.134.221	41.45.201.230	42.247.5.70	45.83.64.62