129.21.149.97 - IPInfo

基本信息:

城市(city): Rochester

省份(region): New York

国家(country): United States

运营商(isp): Rochester Institute of Technology

主机名(hostname): unknown

机构(organization): Rochester Institute of Technology

使用类型(Usage Type): University/College/School

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	SSH/22 MH Probe, BF, Hack -	2019-07-29 23:48:22

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 129.21.149.97
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 49155
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;129.21.149.97.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019072900 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Jul 29 23:48:07 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

97.149.21.129.in-addr.arpa domain name pointer gwc.student.rit.edu.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
97.149.21.129.in-addr.arpa	name = gwc.student.rit.edu.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
185.50.149.26	attack	2020-05-05 15:56:34 dovecot_login authenticator failed for $\[185.50.149.26\]$ \[185.50.149.26\]: 535 Incorrect authentication data $set_id=support@nopcommerce.it$ 2020-05-05 15:56:45 dovecot_login authenticator failed for $\[185.50.149.26\]$ \[185.50.149.26\]: 535 Incorrect authentication data 2020-05-05 15:56:57 dovecot_login authenticator failed for $\[185.50.149.26\]$ \[185.50.149.26\]: 535 Incorrect authentication data 2020-05-05 15:57:04 dovecot_login authenticator failed for $\[185.50.149.26\]$ \[185.50.149.26\]: 535 Incorrect authentication data 2020-05-05 15:57:18 dovecot_login authenticator failed for $\[185.50.149.26\]$ \[185.50.149.26\]: 535 Incorrect authentication data	2020-05-05 22:12:42
181.126.83.125	attack	Cowrie Honeypot: Unauthorised SSH/Telnet login attempt with user "mysql1" at 2020-05-05T14:01:40Z	2020-05-05 22:15:12
106.13.4.86	attackbotsspam	2020-05-05T09:15:10.953702abusebot-2.cloudsearch.cf sshd[9711]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.4.86 user=root 2020-05-05T09:15:13.380412abusebot-2.cloudsearch.cf sshd[9711]: Failed password for root from 106.13.4.86 port 55050 ssh2 2020-05-05T09:19:04.550415abusebot-2.cloudsearch.cf sshd[9761]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.4.86 user=root 2020-05-05T09:19:06.435052abusebot-2.cloudsearch.cf sshd[9761]: Failed password for root from 106.13.4.86 port 47302 ssh2 2020-05-05T09:22:31.196637abusebot-2.cloudsearch.cf sshd[9767]: Invalid user tq from 106.13.4.86 port 36858 2020-05-05T09:22:31.202991abusebot-2.cloudsearch.cf sshd[9767]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.4.86 2020-05-05T09:22:31.196637abusebot-2.cloudsearch.cf sshd[9767]: Invalid user tq from 106.13.4.86 port 36858 2020-05-05T09:22:32.837029 ...	2020-05-05 22:30:55
172.93.38.238	attackbotsspam	May 5 13:40:34 roki-contabo sshd\[4025\]: Invalid user paradigm from 172.93.38.238 May 5 13:40:34 roki-contabo sshd\[4025\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.93.38.238 May 5 13:40:36 roki-contabo sshd\[4025\]: Failed password for invalid user paradigm from 172.93.38.238 port 45844 ssh2 May 5 14:09:23 roki-contabo sshd\[4403\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.93.38.238 user=root May 5 14:09:25 roki-contabo sshd\[4403\]: Failed password for root from 172.93.38.238 port 43892 ssh2 ...	2020-05-05 22:03:09
52.172.158.148	attackspambots	May 5 05:16:37 Tower sshd[11305]: Connection from 52.172.158.148 port 32954 on 192.168.10.220 port 22 rdomain "" May 5 05:16:39 Tower sshd[11305]: Invalid user ellen from 52.172.158.148 port 32954 May 5 05:16:39 Tower sshd[11305]: error: Could not get shadow information for NOUSER May 5 05:16:39 Tower sshd[11305]: Failed password for invalid user ellen from 52.172.158.148 port 32954 ssh2 May 5 05:16:40 Tower sshd[11305]: Received disconnect from 52.172.158.148 port 32954:11: Bye Bye [preauth] May 5 05:16:40 Tower sshd[11305]: Disconnected from invalid user ellen 52.172.158.148 port 32954 [preauth]	2020-05-05 22:28:31
128.199.109.128	attack	May 5 19:05:37 web1 sshd[29949]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.109.128 user=root May 5 19:05:39 web1 sshd[29949]: Failed password for root from 128.199.109.128 port 36118 ssh2 May 5 19:15:25 web1 sshd[32429]: Invalid user testuser from 128.199.109.128 port 46927 May 5 19:15:25 web1 sshd[32429]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.109.128 May 5 19:15:25 web1 sshd[32429]: Invalid user testuser from 128.199.109.128 port 46927 May 5 19:15:27 web1 sshd[32429]: Failed password for invalid user testuser from 128.199.109.128 port 46927 ssh2 May 5 19:23:02 web1 sshd[1841]: Invalid user nas from 128.199.109.128 port 50647 May 5 19:23:02 web1 sshd[1841]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.109.128 May 5 19:23:02 web1 sshd[1841]: Invalid user nas from 128.199.109.128 port 50647 May 5 19:23:04 web1 sshd[1 ...	2020-05-05 22:26:35
106.51.50.2	attackbots	5x Failed Password	2020-05-05 22:13:19
80.82.65.62	attackspam	05/05/2020-10:20:24.213620 80.82.65.62 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2020-05-05 22:31:31
176.31.105.136	attackspambots	May 5 14:24:12 ip-172-31-61-156 sshd[30929]: Invalid user elias from 176.31.105.136 May 5 14:24:15 ip-172-31-61-156 sshd[30929]: Failed password for invalid user elias from 176.31.105.136 port 59164 ssh2 May 5 14:24:12 ip-172-31-61-156 sshd[30929]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=176.31.105.136 May 5 14:24:12 ip-172-31-61-156 sshd[30929]: Invalid user elias from 176.31.105.136 May 5 14:24:15 ip-172-31-61-156 sshd[30929]: Failed password for invalid user elias from 176.31.105.136 port 59164 ssh2 ...	2020-05-05 22:30:36
113.254.47.120	attackbots	Honeypot attack, port: 5555, PTR: 120-47-254-113-on-nets.com.	2020-05-05 22:17:29
191.193.165.198	attackbots	SSH/22 MH Probe, BF, Hack -	2020-05-05 22:00:19
103.99.17.51	attackbots	Honeypot attack, port: 445, PTR: PTR record not found	2020-05-05 22:24:56
64.225.114.157	attackbots	MultiHost/MultiPort Probe, Scan, Hack -	2020-05-05 22:19:19
180.76.101.244	attackbots	May 5 14:27:19 ift sshd\[46230\]: Invalid user chicago from 180.76.101.244May 5 14:27:21 ift sshd\[46230\]: Failed password for invalid user chicago from 180.76.101.244 port 55216 ssh2May 5 14:31:11 ift sshd\[46830\]: Invalid user wine from 180.76.101.244May 5 14:31:13 ift sshd\[46830\]: Failed password for invalid user wine from 180.76.101.244 port 45438 ssh2May 5 14:34:59 ift sshd\[47223\]: Failed password for root from 180.76.101.244 port 35662 ssh2 ...	2020-05-05 22:14:19
188.226.192.115	attack	$f2bV_matches	2020-05-05 22:35:45

最近上报的IP列表

187.73.173.176	178.93.38.117	220.199.77.45	237.226.132.223
129.213.58.226	165.229.238.141	128.92.150.18	115.79.88.79
87.76.33.44	181.210.4.176	4.91.203.189	223.45.158.39
27.158.48.74	49.83.118.120	155.52.78.145	191.112.175.34
24.215.123.121	138.189.9.46	65.124.94.138	46.144.191.181