64.249.129.196

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): None

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 64.249.129.196
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 55463
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;64.249.129.196.			IN	A

;; AUTHORITY SECTION:
.			486	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019102901 1800 900 604800 86400

;; Query time: 91 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Oct 30 08:52:13 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

196.129.249.64.in-addr.arpa domain name pointer 64-249-129-196.client.dsl.net.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
196.129.249.64.in-addr.arpa	name = 64-249-129-196.client.dsl.net.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
115.210.64.215	attack	Sep 12 16:24:55 garuda postfix/smtpd[29365]: connect from unknown[115.210.64.215] Sep 12 16:24:56 garuda postfix/smtpd[29365]: warning: unknown[115.210.64.215]: SASL LOGIN authentication failed: authentication failure Sep 12 16:24:57 garuda postfix/smtpd[29365]: lost connection after AUTH from unknown[115.210.64.215] Sep 12 16:24:57 garuda postfix/smtpd[29365]: disconnect from unknown[115.210.64.215] ehlo=1 auth=0/1 commands=1/2 Sep 12 16:24:57 garuda postfix/smtpd[29365]: connect from unknown[115.210.64.215] Sep 12 16:24:59 garuda postfix/smtpd[29365]: warning: unknown[115.210.64.215]: SASL LOGIN authentication failed: authentication failure Sep 12 16:25:00 garuda postfix/smtpd[29365]: lost connection after AUTH from unknown[115.210.64.215] Sep 12 16:25:00 garuda postfix/smtpd[29365]: disconnect from unknown[115.210.64.215] ehlo=1 auth=0/1 commands=1/2 Sep 12 16:25:00 garuda postfix/smtpd[29365]: connect from unknown[115.210.64.215] Sep 12 16:25:01 garuda postfix/smtpd........ -------------------------------	2019-09-13 05:31:36
151.80.41.64	attack	Sep 12 11:33:54 sachi sshd\[1012\]: Invalid user abc123 from 151.80.41.64 Sep 12 11:33:54 sachi sshd\[1012\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns398062.ip-151-80-41.eu Sep 12 11:33:56 sachi sshd\[1012\]: Failed password for invalid user abc123 from 151.80.41.64 port 50087 ssh2 Sep 12 11:39:25 sachi sshd\[1586\]: Invalid user tomcat1 from 151.80.41.64 Sep 12 11:39:25 sachi sshd\[1586\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns398062.ip-151-80-41.eu	2019-09-13 05:47:59
159.203.197.173	attack	Scanning random ports - tries to find possible vulnerable services	2019-09-13 06:02:54
113.175.203.124	attackspambots	Sep 12 16:28:48 pl3server sshd[2642068]: Address 113.175.203.124 maps to static.vnpt.vn, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Sep 12 16:28:48 pl3server sshd[2642068]: Invalid user admin from 113.175.203.124 Sep 12 16:28:48 pl3server sshd[2642068]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.175.203.124 Sep 12 16:28:51 pl3server sshd[2642068]: Failed password for invalid user admin from 113.175.203.124 port 59777 ssh2 Sep 12 16:28:52 pl3server sshd[2642068]: Connection closed by 113.175.203.124 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=113.175.203.124	2019-09-13 05:44:22
181.143.72.66	attackspambots	fail2ban	2019-09-13 05:33:42
160.20.12.142	attackspam	Spam	2019-09-13 05:45:48
117.60.81.57	attack	Sep 12 09:45:58 dallas01 sshd[14258]: Failed password for root from 117.60.81.57 port 60247 ssh2 Sep 12 09:46:02 dallas01 sshd[14258]: Failed password for root from 117.60.81.57 port 60247 ssh2 Sep 12 09:46:08 dallas01 sshd[14258]: Failed password for root from 117.60.81.57 port 60247 ssh2 Sep 12 09:46:12 dallas01 sshd[14258]: Failed password for root from 117.60.81.57 port 60247 ssh2	2019-09-13 06:13:08
94.6.219.175	attackspambots	Sep 12 23:27:35 meumeu sshd[25611]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.6.219.175 Sep 12 23:27:37 meumeu sshd[25611]: Failed password for invalid user admin from 94.6.219.175 port 51018 ssh2 Sep 12 23:33:09 meumeu sshd[26227]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.6.219.175 ...	2019-09-13 05:34:59
112.85.42.171	attackspambots	Sep 12 23:20:25 yabzik sshd[26053]: Failed password for root from 112.85.42.171 port 61105 ssh2 Sep 12 23:20:28 yabzik sshd[26053]: Failed password for root from 112.85.42.171 port 61105 ssh2 Sep 12 23:20:30 yabzik sshd[26053]: Failed password for root from 112.85.42.171 port 61105 ssh2 Sep 12 23:20:33 yabzik sshd[26053]: Failed password for root from 112.85.42.171 port 61105 ssh2	2019-09-13 05:36:13
27.9.126.55	attackbotsspam	Sep 12 16:32:47 m1 sshd[15377]: Invalid user admin from 27.9.126.55 Sep 12 16:32:49 m1 sshd[15377]: Failed password for invalid user admin from 27.9.126.55 port 42905 ssh2 Sep 12 16:32:51 m1 sshd[15377]: Failed password for invalid user admin from 27.9.126.55 port 42905 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=27.9.126.55	2019-09-13 06:09:37
121.121.86.184	attack	19/9/12@10:46:32: FAIL: IoT-Telnet address from=121.121.86.184 ...	2019-09-13 06:07:20
103.252.13.11	attack	2019-09-12 09:47:24 H=(luxuryevents.it) [103.252.13.11]:57722 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.4, 127.0.0.11, 127.0.0.3) (https://www.spamhaus.org/sbl/query/SBLCSS) 2019-09-12 09:47:24 H=(luxuryevents.it) [103.252.13.11]:57722 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.4, 127.0.0.11, 127.0.0.3) (https://www.spamhaus.org/sbl/query/SBLCSS) 2019-09-12 09:47:25 H=(luxuryevents.it) [103.252.13.11]:57722 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.4, 127.0.0.3, 127.0.0.11) (https://www.spamhaus.org/query/ip/103.252.13.11) ...	2019-09-13 05:34:20
178.128.217.58	attack	Sep 12 22:33:53 tux-35-217 sshd\[28815\]: Invalid user 1234 from 178.128.217.58 port 34260 Sep 12 22:33:53 tux-35-217 sshd\[28815\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.217.58 Sep 12 22:33:54 tux-35-217 sshd\[28815\]: Failed password for invalid user 1234 from 178.128.217.58 port 34260 ssh2 Sep 12 22:40:37 tux-35-217 sshd\[28836\]: Invalid user luser from 178.128.217.58 port 41028 Sep 12 22:40:37 tux-35-217 sshd\[28836\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.217.58 ...	2019-09-13 05:39:37
167.114.152.139	attackspambots	Sep 12 05:42:16 eddieflores sshd\[8842\]: Invalid user vnc from 167.114.152.139 Sep 12 05:42:16 eddieflores sshd\[8842\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.ip-167-114-152.net Sep 12 05:42:17 eddieflores sshd\[8842\]: Failed password for invalid user vnc from 167.114.152.139 port 48062 ssh2 Sep 12 05:49:16 eddieflores sshd\[9419\]: Invalid user apitest from 167.114.152.139 Sep 12 05:49:16 eddieflores sshd\[9419\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.ip-167-114-152.net	2019-09-13 06:10:05
89.248.172.175	attackspambots	webserver:80 [12/Sep/2019] "GET /yealink/y000000000000.cfg HTTP/1.1" 404 341 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:56.0) Gecko/20100101 Firefox/56.0" webserver:80 [12/Sep/2019] "GET /xml/y000000000000.cfg HTTP/1.1" 404 341 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:56.0) Gecko/20100101 Firefox/56.0" webserver:80 [12/Sep/2019] "GET /voipprov/y000000000000.cfg HTTP/1.1" 404 341 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:56.0) Gecko/20100101 Firefox/56.0" webserver:80 [12/Sep/2019] "GET /voip/y000000000000.cfg HTTP/1.1" 404 397 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:56.0) Gecko/20100101 Firefox/56.0" webserver:80 [12/Sep/2019] "GET /pv/y000000000032.cfg HTTP/1.1" 404 397 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:56.0) Gecko/20100101 Firefox/56.0" webserver:80 [11/Sep/2019] "HEAD / HTTP/1.1" 200 320 "-" "python-requests/2.7.0 CPython/2.7.14 Windows/2012ServerR2"	2019-09-13 06:07:44

最近上报的IP列表

237.91.255.107	43.160.167.122	178.205.170.206	56.163.10.221
5.162.233.197	22.43.82.54	115.8.138.72	182.150.35.128
174.217.99.73	98.118.40.49	201.42.71.232	103.12.228.94
207.36.1.83	68.252.131.27	166.171.246.139	169.11.226.231
141.37.175.23	41.76.42.241	134.9.106.11	136.215.112.172