145.239.29.12 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): France

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
spam	Exploit.RTF-ObfsStrm.Gen	2025-01-23 20:00:43

相同子网IP讨论:

IP	类型	评论内容	时间
145.239.29.217	attackspam	wp-login.php	2020-10-06 02:01:23
145.239.29.217	attack	Attempt to hack Wordpress Login, XMLRPC or other login	2020-10-05 17:49:52
145.239.29.217	attackbotsspam	(PERMBLOCK) 145.239.29.217 (PL/Poland/ip-145-239-29.eu) has had more than 4 temp blocks in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_PERMBLOCK_COUNT; Logs:	2020-09-29 23:35:29
145.239.29.71	attack	(mod_security) mod_security (id:210492) triggered by 145.239.29.71 (FR/France/-): 5 in the last 3600 secs	2020-09-25 03:30:39
145.239.29.71	attack	(mod_security) mod_security (id:210492) triggered by 145.239.29.71 (FR/France/-): 5 in the last 3600 secs	2020-09-24 19:15:18
145.239.29.217	attackbotsspam	145.239.29.217 - - [21/Sep/2020:06:50:02 +0100] "POST /wp-login.php HTTP/1.1" 200 1861 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 145.239.29.217 - - [21/Sep/2020:06:50:02 +0100] "POST /wp-login.php HTTP/1.1" 200 1839 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 145.239.29.217 - - [21/Sep/2020:06:50:03 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-21 15:37:58
145.239.29.217	attackbots	145.239.29.217 - - [20/Sep/2020:21:50:22 +0100] "POST /wp-login.php HTTP/1.1" 200 2520 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 145.239.29.217 - - [20/Sep/2020:21:50:23 +0100] "POST /wp-login.php HTTP/1.1" 200 2572 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 145.239.29.217 - - [20/Sep/2020:21:50:23 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-21 07:31:58
145.239.29.217	attack	145.239.29.217 - - [14/Sep/2020:08:51:41 +0200] "GET /wp-login.php HTTP/1.1" 200 8558 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 145.239.29.217 - - [14/Sep/2020:08:51:44 +0200] "POST /wp-login.php HTTP/1.1" 200 8809 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 145.239.29.217 - - [14/Sep/2020:08:51:44 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-09-14 23:59:46
145.239.29.217	attackspam	145.239.29.217 - - [14/Sep/2020:08:51:41 +0200] "GET /wp-login.php HTTP/1.1" 200 8558 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 145.239.29.217 - - [14/Sep/2020:08:51:44 +0200] "POST /wp-login.php HTTP/1.1" 200 8809 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 145.239.29.217 - - [14/Sep/2020:08:51:44 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-09-14 15:45:13
145.239.29.217	attack	145.239.29.217 - - [13/Sep/2020:18:59:28 +0100] "POST /wp-login.php HTTP/1.1" 200 2401 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 145.239.29.217 - - [13/Sep/2020:18:59:29 +0100] "POST /wp-login.php HTTP/1.1" 200 2415 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 145.239.29.217 - - [13/Sep/2020:18:59:29 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-14 07:38:29
145.239.29.217	attackspam	GET /wp-login.php HTTP/1.1	2020-09-14 00:21:04
145.239.29.217	attackspambots	xmlrpc attack	2020-09-13 16:09:21
145.239.29.217	attackbotsspam	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-09-13 07:53:02
145.239.29.217	attackspam	ENG,DEF GET /wp-login.php	2020-09-06 02:42:44
145.239.29.217	attackspambots	Automatic report - XMLRPC Attack	2020-09-05 18:18:43

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 145.239.29.12
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 8600
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;145.239.29.12.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025012300 1800 900 604800 86400

;; Query time: 15 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jan 23 20:00:41 CST 2025
;; MSG SIZE  rcvd: 106

HOST信息:

Host 12.29.239.145.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 12.29.239.145.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
159.203.201.112	attackspambots	159.203.201.112 was recorded 5 times by 5 hosts attempting to connect to the following ports: 115,135. Incident counter (4h, 24h, all-time): 5, 8, 23	2019-11-08 14:59:19
81.28.107.54	attackbotsspam	Nov 8 05:52:47 exim[2081]: 2019-11-08 05:52:47 1iSwGM-0000XZ-Gj H=shrill.stop-snore-de.com (shrill.wpkaka.co) [81.28.107.54] F= rejected after DATA: This message scored 103.5 spam points.	2019-11-08 14:18:51
114.141.191.238	attackbotsspam	Nov 8 09:23:09 server sshd\[4762\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.141.191.238 user=root Nov 8 09:23:11 server sshd\[4762\]: Failed password for root from 114.141.191.238 port 47346 ssh2 Nov 8 09:31:53 server sshd\[7131\]: Invalid user wiki from 114.141.191.238 Nov 8 09:31:53 server sshd\[7131\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.141.191.238 Nov 8 09:31:56 server sshd\[7131\]: Failed password for invalid user wiki from 114.141.191.238 port 51897 ssh2 ...	2019-11-08 14:44:52
185.200.118.43	attack	" "	2019-11-08 15:05:52
186.194.179.250	attackspam	Automatic report - Port Scan Attack	2019-11-08 14:58:21
52.22.42.68	attackspambots	RDP Bruteforce	2019-11-08 14:24:38
195.201.129.6	attackbotsspam	2019-11-08T06:31:47.539937abusebot-8.cloudsearch.cf sshd\[6307\]: Invalid user admin from 195.201.129.6 port 21256	2019-11-08 14:43:36
92.118.38.38	attackbots	Nov 8 07:42:02 srv01 postfix/smtpd\[23384\]: warning: unknown\[92.118.38.38\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 8 07:42:11 srv01 postfix/smtpd\[12305\]: warning: unknown\[92.118.38.38\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 8 07:42:31 srv01 postfix/smtpd\[24812\]: warning: unknown\[92.118.38.38\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 8 07:42:38 srv01 postfix/smtpd\[12305\]: warning: unknown\[92.118.38.38\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 8 07:42:45 srv01 postfix/smtpd\[23384\]: warning: unknown\[92.118.38.38\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-11-08 14:46:05
222.186.173.180	attackspam	Nov 8 08:01:13 MainVPS sshd[19901]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.180 user=root Nov 8 08:01:15 MainVPS sshd[19901]: Failed password for root from 222.186.173.180 port 40366 ssh2 Nov 8 08:01:32 MainVPS sshd[19901]: error: maximum authentication attempts exceeded for root from 222.186.173.180 port 40366 ssh2 [preauth] Nov 8 08:01:13 MainVPS sshd[19901]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.180 user=root Nov 8 08:01:15 MainVPS sshd[19901]: Failed password for root from 222.186.173.180 port 40366 ssh2 Nov 8 08:01:32 MainVPS sshd[19901]: error: maximum authentication attempts exceeded for root from 222.186.173.180 port 40366 ssh2 [preauth] Nov 8 08:01:41 MainVPS sshd[19941]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.180 user=root Nov 8 08:01:43 MainVPS sshd[19941]: Failed password for root from 222.186.173.180 port	2019-11-08 15:04:18
159.203.36.154	attackspambots	2019-11-08T07:01:21.088773abusebot-8.cloudsearch.cf sshd\[6447\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.36.154 user=root	2019-11-08 15:07:05
104.131.224.81	attackbotsspam	Nov 8 07:26:38 meumeu sshd[890]: Failed password for root from 104.131.224.81 port 34759 ssh2 Nov 8 07:31:00 meumeu sshd[1422]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.224.81 Nov 8 07:31:02 meumeu sshd[1422]: Failed password for invalid user d from 104.131.224.81 port 53474 ssh2 ...	2019-11-08 15:01:36
155.4.32.16	attack	Nov 7 20:56:57 hanapaa sshd\[2561\]: Invalid user ftpadmin@123 from 155.4.32.16 Nov 7 20:56:57 hanapaa sshd\[2561\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=h-32-16.a182.priv.bahnhof.se Nov 7 20:56:59 hanapaa sshd\[2561\]: Failed password for invalid user ftpadmin@123 from 155.4.32.16 port 50628 ssh2 Nov 7 21:00:54 hanapaa sshd\[2847\]: Invalid user poney from 155.4.32.16 Nov 7 21:00:54 hanapaa sshd\[2847\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=h-32-16.a182.priv.bahnhof.se	2019-11-08 15:07:30
157.55.39.81	attackbotsspam	Automatic report - Banned IP Access	2019-11-08 14:19:30
188.191.201.174	attack	$f2bV_matches	2019-11-08 14:15:20
180.68.177.209	attackspam	Nov 8 07:53:46 meumeu sshd[6616]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.68.177.209 Nov 8 07:53:48 meumeu sshd[6616]: Failed password for invalid user DosCmd@ from 180.68.177.209 port 46970 ssh2 Nov 8 08:01:03 meumeu sshd[7693]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.68.177.209 ...	2019-11-08 15:06:23

最近上报的IP列表

68.87.186.156	193.247.52.71	71.34.63.145	95.59.77.201
108.52.163.82	131.27.230.172	59.25.189.131	249.10.58.244
34.138.85.16	242.195.90.68	164.33.138.67	90.95.165.69
80.196.64.169	120.79.243.169	82.194.35.240	98.247.61.239
73.23.38.140	212.121.59.7	190.47.4.127	44.123.228.121

基本信息:

用户上报:

相同子网IP讨论:

WHOIS信息:

DIG信息:

HOST信息:

NSLOOKUP信息:

相关IP信息:

最新评论:

最近上报的IP列表