104.129.194.94

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States of America

运营商(isp): Zscaler Inc.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	2020-06-26T21:24:02.043185shield sshd\[25027\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.129.194.94 user=root 2020-06-26T21:24:04.636282shield sshd\[25027\]: Failed password for root from 104.129.194.94 port 16254 ssh2 2020-06-26T21:27:09.635054shield sshd\[25647\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.129.194.94 user=root 2020-06-26T21:27:11.565947shield sshd\[25647\]: Failed password for root from 104.129.194.94 port 16316 ssh2 2020-06-26T21:30:22.216551shield sshd\[26251\]: Invalid user b from 104.129.194.94 port 8764	2020-06-27 06:36:32
attack	Jun 26 03:39:56 itv-usvr-02 sshd[6836]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.129.194.94 user=root Jun 26 03:42:59 itv-usvr-02 sshd[6946]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.129.194.94 user=root Jun 26 03:46:00 itv-usvr-02 sshd[7046]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.129.194.94	2020-06-26 05:12:00

类型

评论内容

时间

attack

2020-06-26T21:24:02.043185shield sshd\[25027\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.129.194.94  user=root
2020-06-26T21:24:04.636282shield sshd\[25027\]: Failed password for root from 104.129.194.94 port 16254 ssh2
2020-06-26T21:27:09.635054shield sshd\[25647\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.129.194.94  user=root
2020-06-26T21:27:11.565947shield sshd\[25647\]: Failed password for root from 104.129.194.94 port 16316 ssh2
2020-06-26T21:30:22.216551shield sshd\[26251\]: Invalid user b from 104.129.194.94 port 8764

2020-06-27 06:36:32

attack

Jun 26 03:39:56 itv-usvr-02 sshd[6836]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.129.194.94  user=root
Jun 26 03:42:59 itv-usvr-02 sshd[6946]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.129.194.94  user=root
Jun 26 03:46:00 itv-usvr-02 sshd[7046]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.129.194.94

2020-06-26 05:12:00

相同子网IP讨论:

IP	类型	评论内容	时间
104.129.194.244	attackbots	Jul 30 00:07:24 plg sshd[4971]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.129.194.244 Jul 30 00:07:26 plg sshd[4971]: Failed password for invalid user liangmm from 104.129.194.244 port 28077 ssh2 Jul 30 00:10:19 plg sshd[5158]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.129.194.244 Jul 30 00:10:21 plg sshd[5158]: Failed password for invalid user luoyun from 104.129.194.244 port 10750 ssh2 Jul 30 00:13:24 plg sshd[5212]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.129.194.244 Jul 30 00:13:26 plg sshd[5212]: Failed password for invalid user linqj from 104.129.194.244 port 49342 ssh2 Jul 30 00:16:16 plg sshd[5256]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.129.194.244 ...	2020-07-30 08:23:49
104.129.194.247	attackbots	Jul 27 07:52:52 meumeu sshd[246706]: Invalid user sadmin from 104.129.194.247 port 64172 Jul 27 07:52:52 meumeu sshd[246706]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.129.194.247 Jul 27 07:52:52 meumeu sshd[246706]: Invalid user sadmin from 104.129.194.247 port 64172 Jul 27 07:52:54 meumeu sshd[246706]: Failed password for invalid user sadmin from 104.129.194.247 port 64172 ssh2 Jul 27 07:56:28 meumeu sshd[246882]: Invalid user postgres from 104.129.194.247 port 64695 Jul 27 07:56:28 meumeu sshd[246882]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.129.194.247 Jul 27 07:56:28 meumeu sshd[246882]: Invalid user postgres from 104.129.194.247 port 64695 Jul 27 07:56:31 meumeu sshd[246882]: Failed password for invalid user postgres from 104.129.194.247 port 64695 ssh2 Jul 27 07:59:59 meumeu sshd[247050]: Invalid user cacti from 104.129.194.247 port 58618 ...	2020-07-27 19:45:22
104.129.194.250	attackspambots	Jul 25 04:49:56 gospond sshd[10013]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.129.194.250 Jul 25 04:49:56 gospond sshd[10013]: Invalid user user from 104.129.194.250 port 60668 Jul 25 04:49:58 gospond sshd[10013]: Failed password for invalid user user from 104.129.194.250 port 60668 ssh2 ...	2020-07-25 17:43:44
104.129.194.216	attack	Jun 23 18:07:37 server sshd[11774]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.129.194.216 Jun 23 18:07:38 server sshd[11774]: Failed password for invalid user corona from 104.129.194.216 port 5054 ssh2 Jun 23 18:22:59 server sshd[12676]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.129.194.216 user=root Jun 23 18:23:01 server sshd[12676]: Failed password for invalid user root from 104.129.194.216 port 37247 ssh2	2020-07-22 08:51:54
104.129.194.243	attack	$f2bV_matches	2020-07-19 02:32:15
104.129.194.89	attackspambots	Jul 16 13:45:22 IngegnereFirenze sshd[23444]: Failed password for invalid user jian from 104.129.194.89 port 46013 ssh2 ...	2020-07-17 03:30:54
104.129.194.242	attack	Jul 12 01:51:49 firewall sshd[16742]: Invalid user luz from 104.129.194.242 Jul 12 01:51:51 firewall sshd[16742]: Failed password for invalid user luz from 104.129.194.242 port 17718 ssh2 Jul 12 01:55:02 firewall sshd[16843]: Invalid user isonadmin from 104.129.194.242 ...	2020-07-12 18:07:20
104.129.194.248	attackbots	Jul 12 06:37:52 vps687878 sshd\[25715\]: Failed password for invalid user egor from 104.129.194.248 port 23422 ssh2 Jul 12 06:41:02 vps687878 sshd\[25968\]: Invalid user bryan from 104.129.194.248 port 37951 Jul 12 06:41:02 vps687878 sshd\[25968\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.129.194.248 Jul 12 06:41:04 vps687878 sshd\[25968\]: Failed password for invalid user bryan from 104.129.194.248 port 37951 ssh2 Jul 12 06:44:10 vps687878 sshd\[26282\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.129.194.248 user=mysql ...	2020-07-12 13:35:52
104.129.194.250	attack	Jul 10 14:30:32 odroid64 sshd\[22076\]: Invalid user hiperg from 104.129.194.250 Jul 10 14:30:32 odroid64 sshd\[22076\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.129.194.250 ...	2020-07-11 04:02:42
104.129.194.192	attackbots	Jul 8 05:42:44 vpn01 sshd[20660]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.129.194.192 Jul 8 05:42:46 vpn01 sshd[20660]: Failed password for invalid user lus from 104.129.194.192 port 48756 ssh2 ...	2020-07-08 17:04:32
104.129.194.96	attackspambots	Jul 6 05:22:22 carla sshd[17193]: Invalid user oradev from 104.129.194.96 Jul 6 05:22:22 carla sshd[17193]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.129.194.96 Jul 6 05:22:24 carla sshd[17193]: Failed password for invalid user oradev from 104.129.194.96 port 2684 ssh2 Jul 6 05:22:24 carla sshd[17194]: Received disconnect from 104.129.194.96: 11: Bye Bye Jul 6 05:33:07 carla sshd[17229]: Invalid user mvx from 104.129.194.96 Jul 6 05:33:07 carla sshd[17229]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.129.194.96 Jul 6 05:33:08 carla sshd[17229]: Failed password for invalid user mvx from 104.129.194.96 port 56886 ssh2 Jul 6 05:33:08 carla sshd[17230]: Received disconnect from 104.129.194.96: 11: Bye Bye Jul 6 05:36:02 carla sshd[17288]: Invalid user programacion from 104.129.194.96 Jul 6 05:36:02 carla sshd[17288]: pam_unix(sshd:auth): authentication failure; logn........ -------------------------------	2020-07-06 15:54:06
104.129.194.255	attackspambots	Jun 28 22:35:05 vps639187 sshd\[30825\]: Invalid user preston from 104.129.194.255 port 14457 Jun 28 22:35:05 vps639187 sshd\[30825\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.129.194.255 Jun 28 22:35:07 vps639187 sshd\[30825\]: Failed password for invalid user preston from 104.129.194.255 port 14457 ssh2 ...	2020-06-29 08:38:56
104.129.194.91	attack	odoo8 ...	2020-06-26 08:45:15
104.129.194.249	attack	2020-06-26T03:42:49.932524billing sshd[12614]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.129.194.249 user=root 2020-06-26T03:42:51.141761billing sshd[12614]: Failed password for root from 104.129.194.249 port 34167 ssh2 2020-06-26T03:45:49.944439billing sshd[19266]: Invalid user csgo from 104.129.194.249 port 43131 ...	2020-06-26 05:55:50
104.129.194.239	attackspam	20 attempts against mh-ssh on star	2020-06-25 23:26:52

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.129.194.94
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 61122
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.129.194.94.			IN	A

;; AUTHORITY SECTION:
.			179	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020062502 1800 900 604800 86400

;; Query time: 99 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jun 26 05:11:56 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 94.194.129.104.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 94.194.129.104.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
84.45.251.243	attackbotsspam	Jun 29 16:41:50 XXX sshd[20612]: Invalid user apollinaire from 84.45.251.243 port 49576	2019-06-30 01:41:25
81.218.141.8	attackbots	Jun 29 22:37:18 tanzim-HP-Z238-Microtower-Workstation sshd\[18934\]: Invalid user deb from 81.218.141.8 Jun 29 22:37:18 tanzim-HP-Z238-Microtower-Workstation sshd\[18934\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.218.141.8 Jun 29 22:37:20 tanzim-HP-Z238-Microtower-Workstation sshd\[18934\]: Failed password for invalid user deb from 81.218.141.8 port 52100 ssh2 ...	2019-06-30 01:51:54
149.202.45.205	attackbotsspam	Invalid user julien from 149.202.45.205 port 55714	2019-06-30 01:40:23
177.221.111.254	attackspambots	Lines containing failures of 177.221.111.254 2019-06-25 x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=177.221.111.254	2019-06-30 02:13:50
82.64.94.134	attackspambots	Jun 28 02:46:30 mail sshd[4577]: Invalid user edwin from 82.64.94.134 Jun 28 02:46:30 mail sshd[4577]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.64.94.134 Jun 28 02:46:30 mail sshd[4577]: Invalid user edwin from 82.64.94.134 Jun 28 02:46:32 mail sshd[4577]: Failed password for invalid user edwin from 82.64.94.134 port 37272 ssh2 ...	2019-06-30 01:47:04
185.47.161.228	attackspambots	Jun 29 10:12:21 apollo sshd\[30069\]: Invalid user nina from 185.47.161.228Jun 29 10:12:23 apollo sshd\[30069\]: Failed password for invalid user nina from 185.47.161.228 port 57506 ssh2Jun 29 10:25:46 apollo sshd\[30098\]: Invalid user igor from 185.47.161.228 ...	2019-06-30 01:55:44
183.236.34.133	attackspam	DATE:2019-06-29 10:25:46, IP:183.236.34.133, PORT:1433 - MSSQL brute force auth on a honeypot server (epe-dc)	2019-06-30 01:56:13
71.56.218.201	attackspam	2019-06-29T14:49:41.4805431240 sshd\[24863\]: Invalid user daniel from 71.56.218.201 port 44548 2019-06-29T14:49:41.4874811240 sshd\[24863\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=71.56.218.201 2019-06-29T14:49:43.2822901240 sshd\[24863\]: Failed password for invalid user daniel from 71.56.218.201 port 44548 ssh2 ...	2019-06-30 02:00:10
181.160.26.94	attack	Honeypot attack, port: 23, PTR: 181-160-26-94.baf.movistar.cl.	2019-06-30 01:45:14
181.58.188.81	attackbots	Honeypot attack, port: 23, PTR: static-ip-1815818881.cable.net.co.	2019-06-30 01:19:21
58.243.182.85	attackspam	Jun 28 09:22:11 MAKserver05 sshd[1867]: Invalid user prueba from 58.243.182.85 port 43598 Jun 28 09:22:11 MAKserver05 sshd[1867]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.243.182.85 Jun 28 09:22:13 MAKserver05 sshd[1867]: Failed password for invalid user prueba from 58.243.182.85 port 43598 ssh2 Jun 28 09:22:14 MAKserver05 sshd[1867]: Received disconnect from 58.243.182.85 port 43598:11: Normal Shutdown, Thank you for playing [preauth] Jun 28 09:22:14 MAKserver05 sshd[1867]: Disconnected from 58.243.182.85 port 43598 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=58.243.182.85	2019-06-30 02:12:56
202.162.204.90	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-06-30 01:55:13
178.221.89.239	attack	Honeypot attack, port: 23, PTR: 178-221-89-239.dynamic.isp.telekom.rs.	2019-06-30 01:31:39
84.253.140.10	attackspam	Jun 29 08:55:56 vps200512 sshd\[16642\]: Invalid user pi from 84.253.140.10 Jun 29 08:55:56 vps200512 sshd\[16642\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=84.253.140.10 Jun 29 08:55:59 vps200512 sshd\[16642\]: Failed password for invalid user pi from 84.253.140.10 port 60616 ssh2 Jun 29 08:57:42 vps200512 sshd\[16662\]: Invalid user deploy2 from 84.253.140.10 Jun 29 08:57:42 vps200512 sshd\[16662\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=84.253.140.10	2019-06-30 01:42:33
162.243.140.61	attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-06-30 02:14:38

最近上报的IP列表

99.151.62.53	195.116.84.46	133.67.204.0	109.253.123.174
69.9.150.242	191.53.105.99	188.112.8.10	126.200.153.94
187.109.171.213	187.87.2.3	126.47.222.7	187.63.37.107
131.155.184.81	186.216.67.57	186.216.64.245	177.190.88.11
58.202.141.136	177.154.236.62	177.154.235.221	170.246.205.241