104.129.194.94

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States of America

运营商(isp): Zscaler Inc.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	2020-06-26T21:24:02.043185shield sshd\[25027\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.129.194.94 user=root 2020-06-26T21:24:04.636282shield sshd\[25027\]: Failed password for root from 104.129.194.94 port 16254 ssh2 2020-06-26T21:27:09.635054shield sshd\[25647\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.129.194.94 user=root 2020-06-26T21:27:11.565947shield sshd\[25647\]: Failed password for root from 104.129.194.94 port 16316 ssh2 2020-06-26T21:30:22.216551shield sshd\[26251\]: Invalid user b from 104.129.194.94 port 8764	2020-06-27 06:36:32
attack	Jun 26 03:39:56 itv-usvr-02 sshd[6836]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.129.194.94 user=root Jun 26 03:42:59 itv-usvr-02 sshd[6946]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.129.194.94 user=root Jun 26 03:46:00 itv-usvr-02 sshd[7046]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.129.194.94	2020-06-26 05:12:00

类型

评论内容

时间

attack

2020-06-26T21:24:02.043185shield sshd\[25027\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.129.194.94  user=root
2020-06-26T21:24:04.636282shield sshd\[25027\]: Failed password for root from 104.129.194.94 port 16254 ssh2
2020-06-26T21:27:09.635054shield sshd\[25647\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.129.194.94  user=root
2020-06-26T21:27:11.565947shield sshd\[25647\]: Failed password for root from 104.129.194.94 port 16316 ssh2
2020-06-26T21:30:22.216551shield sshd\[26251\]: Invalid user b from 104.129.194.94 port 8764

2020-06-27 06:36:32

attack

Jun 26 03:39:56 itv-usvr-02 sshd[6836]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.129.194.94  user=root
Jun 26 03:42:59 itv-usvr-02 sshd[6946]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.129.194.94  user=root
Jun 26 03:46:00 itv-usvr-02 sshd[7046]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.129.194.94

2020-06-26 05:12:00

相同子网IP讨论:

IP	类型	评论内容	时间
104.129.194.244	attackbots	Jul 30 00:07:24 plg sshd[4971]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.129.194.244 Jul 30 00:07:26 plg sshd[4971]: Failed password for invalid user liangmm from 104.129.194.244 port 28077 ssh2 Jul 30 00:10:19 plg sshd[5158]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.129.194.244 Jul 30 00:10:21 plg sshd[5158]: Failed password for invalid user luoyun from 104.129.194.244 port 10750 ssh2 Jul 30 00:13:24 plg sshd[5212]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.129.194.244 Jul 30 00:13:26 plg sshd[5212]: Failed password for invalid user linqj from 104.129.194.244 port 49342 ssh2 Jul 30 00:16:16 plg sshd[5256]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.129.194.244 ...	2020-07-30 08:23:49
104.129.194.247	attackbots	Jul 27 07:52:52 meumeu sshd[246706]: Invalid user sadmin from 104.129.194.247 port 64172 Jul 27 07:52:52 meumeu sshd[246706]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.129.194.247 Jul 27 07:52:52 meumeu sshd[246706]: Invalid user sadmin from 104.129.194.247 port 64172 Jul 27 07:52:54 meumeu sshd[246706]: Failed password for invalid user sadmin from 104.129.194.247 port 64172 ssh2 Jul 27 07:56:28 meumeu sshd[246882]: Invalid user postgres from 104.129.194.247 port 64695 Jul 27 07:56:28 meumeu sshd[246882]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.129.194.247 Jul 27 07:56:28 meumeu sshd[246882]: Invalid user postgres from 104.129.194.247 port 64695 Jul 27 07:56:31 meumeu sshd[246882]: Failed password for invalid user postgres from 104.129.194.247 port 64695 ssh2 Jul 27 07:59:59 meumeu sshd[247050]: Invalid user cacti from 104.129.194.247 port 58618 ...	2020-07-27 19:45:22
104.129.194.250	attackspambots	Jul 25 04:49:56 gospond sshd[10013]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.129.194.250 Jul 25 04:49:56 gospond sshd[10013]: Invalid user user from 104.129.194.250 port 60668 Jul 25 04:49:58 gospond sshd[10013]: Failed password for invalid user user from 104.129.194.250 port 60668 ssh2 ...	2020-07-25 17:43:44
104.129.194.216	attack	Jun 23 18:07:37 server sshd[11774]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.129.194.216 Jun 23 18:07:38 server sshd[11774]: Failed password for invalid user corona from 104.129.194.216 port 5054 ssh2 Jun 23 18:22:59 server sshd[12676]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.129.194.216 user=root Jun 23 18:23:01 server sshd[12676]: Failed password for invalid user root from 104.129.194.216 port 37247 ssh2	2020-07-22 08:51:54
104.129.194.243	attack	$f2bV_matches	2020-07-19 02:32:15
104.129.194.89	attackspambots	Jul 16 13:45:22 IngegnereFirenze sshd[23444]: Failed password for invalid user jian from 104.129.194.89 port 46013 ssh2 ...	2020-07-17 03:30:54
104.129.194.242	attack	Jul 12 01:51:49 firewall sshd[16742]: Invalid user luz from 104.129.194.242 Jul 12 01:51:51 firewall sshd[16742]: Failed password for invalid user luz from 104.129.194.242 port 17718 ssh2 Jul 12 01:55:02 firewall sshd[16843]: Invalid user isonadmin from 104.129.194.242 ...	2020-07-12 18:07:20
104.129.194.248	attackbots	Jul 12 06:37:52 vps687878 sshd\[25715\]: Failed password for invalid user egor from 104.129.194.248 port 23422 ssh2 Jul 12 06:41:02 vps687878 sshd\[25968\]: Invalid user bryan from 104.129.194.248 port 37951 Jul 12 06:41:02 vps687878 sshd\[25968\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.129.194.248 Jul 12 06:41:04 vps687878 sshd\[25968\]: Failed password for invalid user bryan from 104.129.194.248 port 37951 ssh2 Jul 12 06:44:10 vps687878 sshd\[26282\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.129.194.248 user=mysql ...	2020-07-12 13:35:52
104.129.194.250	attack	Jul 10 14:30:32 odroid64 sshd\[22076\]: Invalid user hiperg from 104.129.194.250 Jul 10 14:30:32 odroid64 sshd\[22076\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.129.194.250 ...	2020-07-11 04:02:42
104.129.194.192	attackbots	Jul 8 05:42:44 vpn01 sshd[20660]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.129.194.192 Jul 8 05:42:46 vpn01 sshd[20660]: Failed password for invalid user lus from 104.129.194.192 port 48756 ssh2 ...	2020-07-08 17:04:32
104.129.194.96	attackspambots	Jul 6 05:22:22 carla sshd[17193]: Invalid user oradev from 104.129.194.96 Jul 6 05:22:22 carla sshd[17193]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.129.194.96 Jul 6 05:22:24 carla sshd[17193]: Failed password for invalid user oradev from 104.129.194.96 port 2684 ssh2 Jul 6 05:22:24 carla sshd[17194]: Received disconnect from 104.129.194.96: 11: Bye Bye Jul 6 05:33:07 carla sshd[17229]: Invalid user mvx from 104.129.194.96 Jul 6 05:33:07 carla sshd[17229]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.129.194.96 Jul 6 05:33:08 carla sshd[17229]: Failed password for invalid user mvx from 104.129.194.96 port 56886 ssh2 Jul 6 05:33:08 carla sshd[17230]: Received disconnect from 104.129.194.96: 11: Bye Bye Jul 6 05:36:02 carla sshd[17288]: Invalid user programacion from 104.129.194.96 Jul 6 05:36:02 carla sshd[17288]: pam_unix(sshd:auth): authentication failure; logn........ -------------------------------	2020-07-06 15:54:06
104.129.194.255	attackspambots	Jun 28 22:35:05 vps639187 sshd\[30825\]: Invalid user preston from 104.129.194.255 port 14457 Jun 28 22:35:05 vps639187 sshd\[30825\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.129.194.255 Jun 28 22:35:07 vps639187 sshd\[30825\]: Failed password for invalid user preston from 104.129.194.255 port 14457 ssh2 ...	2020-06-29 08:38:56
104.129.194.91	attack	odoo8 ...	2020-06-26 08:45:15
104.129.194.249	attack	2020-06-26T03:42:49.932524billing sshd[12614]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.129.194.249 user=root 2020-06-26T03:42:51.141761billing sshd[12614]: Failed password for root from 104.129.194.249 port 34167 ssh2 2020-06-26T03:45:49.944439billing sshd[19266]: Invalid user csgo from 104.129.194.249 port 43131 ...	2020-06-26 05:55:50
104.129.194.239	attackspam	20 attempts against mh-ssh on star	2020-06-25 23:26:52

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.129.194.94
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 61122
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.129.194.94.			IN	A

;; AUTHORITY SECTION:
.			179	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020062502 1800 900 604800 86400

;; Query time: 99 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jun 26 05:11:56 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 94.194.129.104.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 94.194.129.104.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
183.129.216.58	attackbotsspam	Invalid user admin from 183.129.216.58 port 46172	2020-03-22 04:18:34
181.111.181.50	attackspam	SSH login attempts @ 2020-03-20 15:44:41	2020-03-22 04:21:44
43.225.151.252	attackspambots	Mar 21 20:53:07 srv206 sshd[20521]: Invalid user cd from 43.225.151.252 Mar 21 20:53:07 srv206 sshd[20521]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.225.151.252 Mar 21 20:53:07 srv206 sshd[20521]: Invalid user cd from 43.225.151.252 Mar 21 20:53:09 srv206 sshd[20521]: Failed password for invalid user cd from 43.225.151.252 port 56902 ssh2 ...	2020-03-22 03:59:08
36.189.222.151	attackbots	Mar 21 20:30:44 vpn01 sshd[16927]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.189.222.151 Mar 21 20:30:46 vpn01 sshd[16927]: Failed password for invalid user steamserver from 36.189.222.151 port 52950 ssh2 ...	2020-03-22 04:00:09
20.184.24.149	attack	Mar 21 11:52:04 askasleikir sshd[172193]: Failed password for invalid user postgres2 from 20.184.24.149 port 46216 ssh2	2020-03-22 04:02:44
175.140.32.60	attack	Invalid user ftptest from 175.140.32.60 port 38398	2020-03-22 04:23:58
217.138.76.66	attackspambots	detected by Fail2Ban	2020-03-22 04:08:01
182.61.105.127	attack	Mar 21 16:01:47 reverseproxy sshd[48416]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.105.127 Mar 21 16:01:49 reverseproxy sshd[48416]: Failed password for invalid user adriana from 182.61.105.127 port 40872 ssh2	2020-03-22 04:20:29
138.255.0.27	attack	k+ssh-bruteforce	2020-03-22 04:31:22
192.169.190.108	attackspam	Invalid user solr from 192.169.190.108 port 40232	2020-03-22 04:14:30
180.169.136.138	attack	Invalid user he from 180.169.136.138 port 2534	2020-03-22 04:22:12
154.66.197.36	attackspambots	SSH authentication failure x 6 reported by Fail2Ban ...	2020-03-22 04:29:36
139.170.150.189	attackbots	Mar 21 20:18:48 sso sshd[24903]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.170.150.189 Mar 21 20:18:50 sso sshd[24903]: Failed password for invalid user vdi from 139.170.150.189 port 56239 ssh2 ...	2020-03-22 04:31:07
216.14.172.161	attackbots	Invalid user sbserver from 216.14.172.161 port 44458	2020-03-22 04:08:45
200.129.246.10	attackspam	Invalid user aqmao from 200.129.246.10 port 23970	2020-03-22 04:11:00

最近上报的IP列表

99.151.62.53	195.116.84.46	133.67.204.0	109.253.123.174
69.9.150.242	191.53.105.99	188.112.8.10	126.200.153.94
187.109.171.213	187.87.2.3	126.47.222.7	187.63.37.107
131.155.184.81	186.216.67.57	186.216.64.245	177.190.88.11
58.202.141.136	177.154.236.62	177.154.235.221	170.246.205.241