91.245.29.196 - IPInfo

基本信息:

城市(city): Havlickova Borova

省份(region): Kraj Vysocina

国家(country): Czechia

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
91.245.29.135	attack	Jun 30 19:00:25 mail.srvfarm.net postfix/smtps/smtpd[1708405]: warning: unknown[91.245.29.135]: SASL PLAIN authentication failed: Jun 30 19:00:25 mail.srvfarm.net postfix/smtps/smtpd[1708405]: lost connection after AUTH from unknown[91.245.29.135] Jun 30 19:01:41 mail.srvfarm.net postfix/smtps/smtpd[1708419]: warning: unknown[91.245.29.135]: SASL PLAIN authentication failed: Jun 30 19:01:41 mail.srvfarm.net postfix/smtps/smtpd[1708419]: lost connection after AUTH from unknown[91.245.29.135] Jun 30 19:02:40 mail.srvfarm.net postfix/smtps/smtpd[1710190]: warning: unknown[91.245.29.135]: SASL PLAIN authentication failed:	2020-07-01 17:40:21

类型

评论内容

时间

91.245.29.135

attack

Jun 30 19:00:25 mail.srvfarm.net postfix/smtps/smtpd[1708405]: warning: unknown[91.245.29.135]: SASL PLAIN authentication failed: 
Jun 30 19:00:25 mail.srvfarm.net postfix/smtps/smtpd[1708405]: lost connection after AUTH from unknown[91.245.29.135]
Jun 30 19:01:41 mail.srvfarm.net postfix/smtps/smtpd[1708419]: warning: unknown[91.245.29.135]: SASL PLAIN authentication failed: 
Jun 30 19:01:41 mail.srvfarm.net postfix/smtps/smtpd[1708419]: lost connection after AUTH from unknown[91.245.29.135]
Jun 30 19:02:40 mail.srvfarm.net postfix/smtps/smtpd[1710190]: warning: unknown[91.245.29.135]: SASL PLAIN authentication failed:

2020-07-01 17:40:21

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 91.245.29.196
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44976
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;91.245.29.196.			IN	A

;; AUTHORITY SECTION:
.			434	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020112201 1800 900 604800 86400

;; Query time: 34 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Nov 23 06:37:47 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

196.29.245.91.in-addr.arpa domain name pointer static29-196.okcomp.cz.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
196.29.245.91.in-addr.arpa	name = static29-196.okcomp.cz.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
123.180.59.165	attack	Sep 20 18:37:34 nirvana postfix/smtpd[7276]: connect from unknown[123.180.59.165] Sep 20 18:37:36 nirvana postfix/smtpd[7276]: lost connection after EHLO from unknown[123.180.59.165] Sep 20 18:37:36 nirvana postfix/smtpd[7276]: disconnect from unknown[123.180.59.165] Sep 20 18:41:01 nirvana postfix/smtpd[7276]: connect from unknown[123.180.59.165] Sep 20 18:41:05 nirvana postfix/smtpd[7276]: warning: unknown[123.180.59.165]: SASL LOGIN authentication failed: authentication failure Sep 20 18:41:06 nirvana postfix/smtpd[7276]: warning: unknown[123.180.59.165]: SASL LOGIN authentication failed: authentication failure Sep 20 18:41:07 nirvana postfix/smtpd[7276]: warning: unknown[123.180.59.165]: SASL LOGIN authentication failed: authentication failure Sep 20 18:41:08 nirvana postfix/smtpd[7276]: warning: unknown[123.180.59.165]: SASL LOGIN authentication failed: authentication failure Sep 20 18:41:09 nirvana postfix/smtpd[7276]: warning: unknown[123.180.59.165]: SASL LOGIN ........ -------------------------------	2020-09-21 04:20:38
99.6.250.218	attackspambots	TCP (SYN) 99.6.250.218:30094 -> port 2323, len 44	2020-09-21 04:32:54
106.12.185.102	attackbotsspam	Sep 21 02:41:47 web1 sshd[14820]: Invalid user upload from 106.12.185.102 port 51764 Sep 21 02:41:47 web1 sshd[14820]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.185.102 Sep 21 02:41:47 web1 sshd[14820]: Invalid user upload from 106.12.185.102 port 51764 Sep 21 02:41:49 web1 sshd[14820]: Failed password for invalid user upload from 106.12.185.102 port 51764 ssh2 Sep 21 02:55:45 web1 sshd[19449]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.185.102 user=root Sep 21 02:55:47 web1 sshd[19449]: Failed password for root from 106.12.185.102 port 43462 ssh2 Sep 21 03:00:36 web1 sshd[21039]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.185.102 user=root Sep 21 03:00:38 web1 sshd[21039]: Failed password for root from 106.12.185.102 port 49850 ssh2 Sep 21 03:05:34 web1 sshd[22723]: Invalid user test from 106.12.185.102 port 56276 ...	2020-09-21 04:07:44
174.217.19.181	attackspambots	Brute forcing email accounts	2020-09-21 04:09:01
209.97.132.66	attackbots	Sep 20 16:59:44 v2202009116398126984 sshd[313826]: Failed password for root from 209.97.132.66 port 58640 ssh2 Sep 20 17:06:41 v2202009116398126984 sshd[314132]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=rentguarantee.org user=root Sep 20 17:06:43 v2202009116398126984 sshd[314132]: Failed password for root from 209.97.132.66 port 43426 ssh2 Sep 20 17:13:27 v2202009116398126984 sshd[314472]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=rentguarantee.org user=root Sep 20 17:13:29 v2202009116398126984 sshd[314472]: Failed password for root from 209.97.132.66 port 55306 ssh2 ...	2020-09-21 03:59:30
64.225.119.100	attack	Sep 20 21:12:36 ip106 sshd[27264]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=64.225.119.100 Sep 20 21:12:38 ip106 sshd[27264]: Failed password for invalid user test from 64.225.119.100 port 60812 ssh2 ...	2020-09-21 04:19:30
111.75.149.221	attack	(smtpauth) Failed SMTP AUTH login from 111.75.149.221 (CN/China/-): 5 in the last 3600 secs	2020-09-21 04:28:55
222.186.175.167	attack	2020-09-20T20:14:28.789155shield sshd\[10323\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.167 user=root 2020-09-20T20:14:30.540886shield sshd\[10323\]: Failed password for root from 222.186.175.167 port 64108 ssh2 2020-09-20T20:14:33.915223shield sshd\[10323\]: Failed password for root from 222.186.175.167 port 64108 ssh2 2020-09-20T20:14:36.845518shield sshd\[10323\]: Failed password for root from 222.186.175.167 port 64108 ssh2 2020-09-20T20:14:40.181910shield sshd\[10323\]: Failed password for root from 222.186.175.167 port 64108 ssh2	2020-09-21 04:18:02
193.112.108.11	attack	Sep 20 17:11:41 ip-172-31-16-56 sshd\[23518\]: Invalid user admin from 193.112.108.11\ Sep 20 17:11:43 ip-172-31-16-56 sshd\[23518\]: Failed password for invalid user admin from 193.112.108.11 port 57426 ssh2\ Sep 20 17:16:41 ip-172-31-16-56 sshd\[23550\]: Invalid user ftp4 from 193.112.108.11\ Sep 20 17:16:43 ip-172-31-16-56 sshd\[23550\]: Failed password for invalid user ftp4 from 193.112.108.11 port 54588 ssh2\ Sep 20 17:21:35 ip-172-31-16-56 sshd\[23576\]: Failed password for root from 193.112.108.11 port 51736 ssh2\	2020-09-21 04:08:11
42.119.59.39	attack	port scan and connect, tcp 23 (telnet)	2020-09-21 04:10:04
218.153.110.52	attack	Sep 20 19:03:56 vps639187 sshd\[29848\]: Invalid user guest from 218.153.110.52 port 33943 Sep 20 19:03:56 vps639187 sshd\[29848\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.153.110.52 Sep 20 19:03:58 vps639187 sshd\[29848\]: Failed password for invalid user guest from 218.153.110.52 port 33943 ssh2 ...	2020-09-21 04:11:01
159.203.111.100	attack	2020-09-20T23:26:32.225557afi-git.jinr.ru sshd[9422]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.111.100 2020-09-20T23:26:32.222301afi-git.jinr.ru sshd[9422]: Invalid user samba from 159.203.111.100 port 50376 2020-09-20T23:26:33.698110afi-git.jinr.ru sshd[9422]: Failed password for invalid user samba from 159.203.111.100 port 50376 ssh2 2020-09-20T23:31:24.068964afi-git.jinr.ru sshd[10400]: pam_sss(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.111.100 user=test 2020-09-20T23:31:25.491142afi-git.jinr.ru sshd[10400]: Failed password for test from 159.203.111.100 port 43100 ssh2 ...	2020-09-21 04:31:44
103.146.202.150	attackspam	103.146.202.150 - - [20/Sep/2020:18:03:58 +0100] "POST /wp-login.php HTTP/1.1" 401 3568 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 103.146.202.150 - - [20/Sep/2020:18:04:01 +0100] "POST /wp-login.php HTTP/1.1" 401 3568 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 103.146.202.150 - - [20/Sep/2020:18:04:02 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-21 04:09:36
106.13.189.172	attackspam	Bruteforce detected by fail2ban	2020-09-21 04:03:35
79.18.88.6	attack	(sshd) Failed SSH login from 79.18.88.6 (IT/Italy/host-79-18-88-6.retail.telecomitalia.it): 3 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 20 13:03:53 internal2 sshd[8103]: Invalid user admin from 79.18.88.6 port 40675 Sep 20 13:03:55 internal2 sshd[8128]: Invalid user admin from 79.18.88.6 port 40731 Sep 20 13:03:57 internal2 sshd[8188]: Invalid user admin from 79.18.88.6 port 40791	2020-09-21 04:12:00

最近上报的IP列表

50.106.249.213	128.201.100.32	5.180.220.173	200.63.253.200
75.176.48.14	200.89.82.89	73.76.73.190	69.131.81.45
108.35.219.38	210.183.232.229	219.152.17.203	128.199.4.158
49.145.194.96	114.124.134.52	186.81.100.55	223.225.58.178
39.41.121.229	213.74.26.138	160.154.129.17	187.245.133.28