213.138.196.129

Basic Info

City: unknown

Region: unknown

Country: Russian Federation

Internet Service Provider: Net By Net Holding LLC

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	unauthorized connection attempt	2020-01-28 13:31:02

Comments on same subnet:

IP	Type	Details	Datetime
213.138.196.194	attack	Unauthorized connection attempt detected from IP address 213.138.196.194 to port 80 [J]	2020-01-07 09:24:39

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 213.138.196.129
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 40586
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;213.138.196.129.		IN	A

;; AUTHORITY SECTION:
.			292	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020012702 1800 900 604800 86400

;; Query time: 60 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Jan 28 13:30:56 CST 2020
;; MSG SIZE  rcvd: 119

Host info

Host 129.196.138.213.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 100.100.2.136, trying next server
;; Got SERVFAIL reply from 100.100.2.138, trying next server
Server:		100.100.2.138
Address:	100.100.2.138#53

** server can't find 129.196.138.213.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
182.61.164.210	attackbotsspam	Jul 3 11:15:38 plusreed sshd[8778]: Invalid user postgres01 from 182.61.164.210 ...	2019-07-04 01:09:56
154.125.43.157	attack	Jul 3 15:14:56 econome sshd[7993]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.125.43.157 user=r.r Jul 3 15:14:57 econome sshd[7993]: Failed password for r.r from 154.125.43.157 port 33436 ssh2 Jul 3 15:15:00 econome sshd[7993]: Failed password for r.r from 154.125.43.157 port 33436 ssh2 Jul 3 15:15:02 econome sshd[7993]: Failed password for r.r from 154.125.43.157 port 33436 ssh2 Jul 3 15:15:04 econome sshd[7993]: Failed password for r.r from 154.125.43.157 port 33436 ssh2 Jul 3 15:15:06 econome sshd[7993]: Failed password for r.r from 154.125.43.157 port 33436 ssh2 Jul 3 15:15:08 econome sshd[7993]: Failed password for r.r from 154.125.43.157 port 33436 ssh2 Jul 3 15:15:08 econome sshd[7993]: Disconnecting: Too many authentication failures for r.r from 154.125.43.157 port 33436 ssh2 [preauth] Jul 3 15:15:08 econome sshd[7993]: PAM 5 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.12........ -------------------------------	2019-07-04 01:37:06
113.90.232.89	attack	TCP port 445 (SMB) attempt blocked by firewall. [2019-07-03 15:20:27]	2019-07-04 01:34:06
81.22.45.251	attackbots	03.07.2019 16:47:38 Connection to port 5920 blocked by firewall	2019-07-04 01:42:58
77.240.90.49	attack	Jul 3 09:22:10 localhost kernel: [13404324.155114] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=77.240.90.49 DST=[mungedIP2] LEN=52 TOS=0x00 PREC=0x00 TTL=115 ID=15852 DF PROTO=TCP SPT=15125 DPT=445 WINDOW=65535 RES=0x00 SYN URGP=0 Jul 3 09:22:10 localhost kernel: [13404324.155143] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=77.240.90.49 DST=[mungedIP2] LEN=52 TOS=0x00 PREC=0x00 TTL=115 ID=15852 DF PROTO=TCP SPT=15125 DPT=445 SEQ=1181214701 ACK=0 WINDOW=65535 RES=0x00 SYN URGP=0 OPT (020405B40103030201010402) Jul 3 09:22:13 localhost kernel: [13404327.019113] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=77.240.90.49 DST=[mungedIP2] LEN=52 TOS=0x00 PREC=0x00 TTL=115 ID=15975 DF PROTO=TCP SPT=15125 DPT=445 WINDOW=65535 RES=0x00 SYN URGP=0 Jul 3 09:22:13 localhost kernel: [13404327.019138] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=77.240.90	2019-07-04 01:11:55
185.232.67.13	attackbots	03.07.2019 16:02:58 Connection to port 1723 blocked by firewall	2019-07-04 01:20:17
27.115.124.6	attackspambots	port scan and connect, tcp 443 (https)	2019-07-04 00:52:50
192.144.207.2	attackspam	2019-06-29 16:54:32 10.2.3.200 tcp 192.144.207.2:29659 -> 10.110.1.55:80 SERVER-WEBAPP Drupal 8 remote code execution attempt (1:46316:4) (+0)	2019-07-04 01:27:14
220.197.219.214	attackbots	Port 1433 Scan	2019-07-04 01:38:17
98.196.40.40	attack	RDP Scan	2019-07-04 01:35:41
189.114.140.70	attackbots	IMAP brute force ...	2019-07-04 01:15:06
93.141.135.123	attackspam	2019-07-03 14:47:52 H=93-141-135-123.adsl.net.t-com.hr [93.141.135.123]:16810 I=[10.100.18.20]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=93.141.135.123) 2019-07-03 14:47:53 unexpected disconnection while reading SMTP command from 93-141-135-123.adsl.net.t-com.hr [93.141.135.123]:16810 I=[10.100.18.20]:25 (error: Connection reset by peer) 2019-07-03 15:11:22 H=93-141-135-123.adsl.net.t-com.hr [93.141.135.123]:41470 I=[10.100.18.20]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=93.141.135.123) ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=93.141.135.123	2019-07-04 01:10:34
186.206.210.120	attackbotsspam	Jul 3 15:46:24 core01 sshd\[22711\]: Invalid user canna from 186.206.210.120 port 44688 Jul 3 15:46:24 core01 sshd\[22711\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.206.210.120 ...	2019-07-04 01:23:28
69.117.214.80	attackbotsspam	Jul 3 09:21:33 localhost kernel: [13404286.718336] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=69.117.214.80 DST=[mungedIP2] LEN=52 TOS=0x08 PREC=0x40 TTL=117 ID=27432 DF PROTO=TCP SPT=58420 DPT=8291 WINDOW=8192 RES=0x00 SYN URGP=0 Jul 3 09:21:33 localhost kernel: [13404286.718365] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=69.117.214.80 DST=[mungedIP2] LEN=52 TOS=0x08 PREC=0x40 TTL=117 ID=27432 DF PROTO=TCP SPT=58420 DPT=8291 SEQ=1156774006 ACK=0 WINDOW=8192 RES=0x00 SYN URGP=0 OPT (020405B40103030201010402) Jul 3 09:21:39 localhost kernel: [13404292.792808] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=69.117.214.80 DST=[mungedIP2] LEN=52 TOS=0x08 PREC=0x40 TTL=117 ID=1156 DF PROTO=TCP SPT=58420 DPT=8291 WINDOW=8192 RES=0x00 SYN URGP=0 Jul 3 09:21:39 localhost kernel: [13404292.792839] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=69.117.	2019-07-04 01:31:30
122.144.12.212	attackspam	Jul 3 19:17:24 tux-35-217 sshd\[32035\]: Invalid user anara from 122.144.12.212 port 39523 Jul 3 19:17:24 tux-35-217 sshd\[32035\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.144.12.212 Jul 3 19:17:26 tux-35-217 sshd\[32035\]: Failed password for invalid user anara from 122.144.12.212 port 39523 ssh2 Jul 3 19:21:28 tux-35-217 sshd\[32037\]: Invalid user web9 from 122.144.12.212 port 46267 Jul 3 19:21:28 tux-35-217 sshd\[32037\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.144.12.212 ...	2019-07-04 01:28:30

Recently Reported IPs

181.223.128.2	180.242.183.68	177.71.26.230	176.239.74.41
176.205.3.58	176.123.219.245	170.246.69.83	151.250.222.198
148.243.175.14	135.0.169.12	123.190.118.181	122.116.27.159
117.199.42.198	115.132.26.122	115.86.13.20	114.26.137.24
112.221.159.124	103.232.129.211	103.200.105.4	89.250.223.92