190.39.57.12 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Venezuela (Bolivarian Republic of)

Internet Service Provider: CANTV Servicios Venezuela

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Honeypot attack, port: 445, PTR: 190-39-57-12.dyn.dsl.cantv.net.	2020-09-05 01:26:57
attackspam	Honeypot attack, port: 445, PTR: 190-39-57-12.dyn.dsl.cantv.net.	2020-09-04 16:47:43

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 190.39.57.12
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 22122
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;190.39.57.12.			IN	A

;; AUTHORITY SECTION:
.			428	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020090400 1800 900 604800 86400

;; Query time: 65 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Sep 04 16:47:38 CST 2020
;; MSG SIZE  rcvd: 116

Host info

12.57.39.190.in-addr.arpa domain name pointer 190-39-57-12.dyn.dsl.cantv.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
12.57.39.190.in-addr.arpa	name = 190-39-57-12.dyn.dsl.cantv.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
178.128.208.38	attackbotsspam	178.128.208.38 - - [09/Oct/2020:06:11:38 +0200] "POST /xmlrpc.php HTTP/1.1" 403 146 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 178.128.208.38 - - [09/Oct/2020:06:19:02 +0200] "POST /xmlrpc.php HTTP/1.1" 403 146 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-09 16:47:39
45.129.33.80	attackspambots	TCP (SYN) 45.129.33.80:58315 -> port 1377, len 44	2020-10-09 16:49:12
87.251.74.36	attackbotsspam	87 packets to port 22	2020-10-09 17:04:27
66.70.130.152	attack	Oct 9 10:06:46 buvik sshd[16597]: Failed password for invalid user t3st from 66.70.130.152 port 46866 ssh2 Oct 9 10:18:00 buvik sshd[18255]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.70.130.152 user=root Oct 9 10:18:02 buvik sshd[18255]: Failed password for root from 66.70.130.152 port 38292 ssh2 ...	2020-10-09 16:55:27
104.224.183.154	attack	Oct 9 08:06:15 plex-server sshd[2574041]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.224.183.154 Oct 9 08:06:15 plex-server sshd[2574041]: Invalid user nginx from 104.224.183.154 port 50376 Oct 9 08:06:16 plex-server sshd[2574041]: Failed password for invalid user nginx from 104.224.183.154 port 50376 ssh2 Oct 9 08:10:59 plex-server sshd[2576071]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.224.183.154 user=root Oct 9 08:11:01 plex-server sshd[2576071]: Failed password for root from 104.224.183.154 port 41472 ssh2 ...	2020-10-09 16:48:02
112.85.42.91	attack	2020-10-09T11:03:21.414138vps773228.ovh.net sshd[1042]: Failed password for root from 112.85.42.91 port 56722 ssh2 2020-10-09T11:03:24.483997vps773228.ovh.net sshd[1042]: Failed password for root from 112.85.42.91 port 56722 ssh2 2020-10-09T11:03:27.935865vps773228.ovh.net sshd[1042]: Failed password for root from 112.85.42.91 port 56722 ssh2 2020-10-09T11:03:27.937163vps773228.ovh.net sshd[1042]: error: maximum authentication attempts exceeded for root from 112.85.42.91 port 56722 ssh2 [preauth] 2020-10-09T11:03:27.937185vps773228.ovh.net sshd[1042]: Disconnecting: Too many authentication failures [preauth] ...	2020-10-09 17:11:45
123.31.26.130	attackspambots	Oct 9 06:45:19 jane sshd[16846]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.31.26.130 Oct 9 06:45:22 jane sshd[16846]: Failed password for invalid user zabbix from 123.31.26.130 port 10402 ssh2 ...	2020-10-09 17:21:19
178.148.226.151	attackspambots	(cxs) cxs mod_security triggered by 178.148.226.151 (RS/Serbia/cable-178-148-226-151.dynamic.sbb.rs): 1 in the last 3600 secs	2020-10-09 17:20:58
180.101.202.30	attackspam	$f2bV_matches	2020-10-09 17:19:17
179.235.137.203	attackspam	SSH invalid-user multiple login try	2020-10-09 17:07:30
168.196.96.37	attackspam	Oct 9 10:40:20 ns382633 sshd\[28591\]: Invalid user vnc from 168.196.96.37 port 48646 Oct 9 10:40:20 ns382633 sshd\[28591\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.196.96.37 Oct 9 10:40:21 ns382633 sshd\[28591\]: Failed password for invalid user vnc from 168.196.96.37 port 48646 ssh2 Oct 9 10:45:01 ns382633 sshd\[29227\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.196.96.37 user=root Oct 9 10:45:03 ns382633 sshd\[29227\]: Failed password for root from 168.196.96.37 port 57902 ssh2	2020-10-09 16:49:38
119.129.114.42	attackbotsspam	Failed SSH login	2020-10-09 17:03:26
103.44.253.18	attackbots	Oct 9 07:34:01 xeon sshd[18814]: Failed password for root from 103.44.253.18 port 49046 ssh2	2020-10-09 17:08:07
192.241.211.94	attack	Oct 9 09:59:28 pornomens sshd\[23748\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.241.211.94 user=root Oct 9 09:59:30 pornomens sshd\[23748\]: Failed password for root from 192.241.211.94 port 57664 ssh2 Oct 9 10:06:54 pornomens sshd\[23845\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.241.211.94 user=root ...	2020-10-09 17:19:03
175.125.95.160	attack	SSH login attempts.	2020-10-09 17:13:45

Recently Reported IPs

38.86.43.19	213.58.37.197	184.252.21.192	152.76.22.149
118.255.28.169	164.33.21.227	174.217.29.33	56.54.251.9
145.97.133.78	170.162.212.19	144.177.217.222	138.200.169.165
186.252.27.45	164.77.56.167	39.61.12.118	123.50.43.193
96.201.128.230	138.54.254.29	223.217.103.142	247.195.187.142