129.204.121.245

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Aug 21 15:55:27 * sshd[30616]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.121.245 Aug 21 15:55:29 * sshd[30616]: Failed password for invalid user admin from 129.204.121.245 port 33103 ssh2	2020-08-21 22:18:44
attack	leo_www	2020-08-20 12:13:48
attack	Aug 18 15:08:39 Host-KEWR-E sshd[13424]: Invalid user ubuntu from 129.204.121.245 port 46571 ...	2020-08-19 04:47:19
attack	Aug 18 08:22:27 vps46666688 sshd[9561]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.121.245 Aug 18 08:22:29 vps46666688 sshd[9561]: Failed password for invalid user schmidt from 129.204.121.245 port 35377 ssh2 ...	2020-08-18 19:42:09
attackbots	2020-08-16T19:23:59.146493billing sshd[22168]: Failed password for invalid user wxd from 129.204.121.245 port 60190 ssh2 2020-08-16T19:27:24.831686billing sshd[29312]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.121.245 user=root 2020-08-16T19:27:26.838214billing sshd[29312]: Failed password for root from 129.204.121.245 port 43551 ssh2 ...	2020-08-16 21:41:30
attackbots	bruteforce detected	2020-08-03 08:04:20
attack	Jul 27 21:15:02 xxxxxxx1 sshd[24032]: Invalid user username from 129.204.121.245 port 33445 Jul 27 21:15:02 xxxxxxx1 sshd[24032]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.121.245 Jul 27 21:15:04 xxxxxxx1 sshd[24032]: Failed password for invalid user username from 129.204.121.245 port 33445 ssh2 Jul 27 21:16:49 xxxxxxx1 sshd[24290]: Invalid user caidanwei from 129.204.121.245 port 52183 Jul 27 21:16:49 xxxxxxx1 sshd[24290]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.121.245 Jul 27 21:16:51 xxxxxxx1 sshd[24290]: Failed password for invalid user caidanwei from 129.204.121.245 port 52183 ssh2 Jul 27 21:17:37 xxxxxxx1 sshd[24306]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.121.245 user=news Jul 27 21:17:39 xxxxxxx1 sshd[24306]: Failed password for news from 129.204.121.245 port 60979 ssh2 Jul 27 21:18:24 xxxxxxx1 ssh........ ------------------------------	2020-08-02 17:53:54
attackspambots	Unauthorized access or intrusion attempt detected from Thor banned IP	2020-07-29 04:23:01

相同子网IP讨论:

IP	类型	评论内容	时间
129.204.121.113	attack	Oct 12 15:40:21 vps639187 sshd\[4903\]: Invalid user jean from 129.204.121.113 port 56088 Oct 12 15:40:21 vps639187 sshd\[4903\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.121.113 Oct 12 15:40:23 vps639187 sshd\[4903\]: Failed password for invalid user jean from 129.204.121.113 port 56088 ssh2 ...	2020-10-13 00:36:08
129.204.121.113	attack	Bruteforce detected by fail2ban	2020-10-12 16:00:44
129.204.121.113	attackspam	Sep 29 05:22:08 ghostname-secure sshd[24149]: Failed password for invalid user b from 129.204.121.113 port 48926 ssh2 Sep 29 05:22:08 ghostname-secure sshd[24149]: Received disconnect from 129.204.121.113: 11: Bye Bye [preauth] Sep 29 05:33:49 ghostname-secure sshd[24237]: Connection closed by 129.204.121.113 [preauth] Sep 29 05:37:18 ghostname-secure sshd[24308]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.121.113 user=r.r Sep 29 05:37:20 ghostname-secure sshd[24308]: Failed password for r.r from 129.204.121.113 port 41428 ssh2 Sep 29 05:37:20 ghostname-secure sshd[24308]: Received disconnect from 129.204.121.113: 11: Bye Bye [preauth] Sep 29 05:41:45 ghostname-secure sshd[24448]: Failed password for invalid user nagios from 129.204.121.113 port 60934 ssh2 Sep 29 05:41:45 ghostname-secure sshd[24448]: Received disconnect from 129.204.121.113: 11: Bye Bye [preauth] Sep 29 05:46:01 ghostname-secure sshd[24493]: Failed ........ -------------------------------	2020-10-04 08:53:37
129.204.121.113	attackbots	Invalid user kara from 129.204.121.113 port 49838	2020-10-04 01:26:57
129.204.121.60	attackbotsspam	Mar 15 09:06:04 yesfletchmain sshd\[23502\]: Invalid user postgres from 129.204.121.60 port 60652 Mar 15 09:06:04 yesfletchmain sshd\[23502\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.121.60 Mar 15 09:06:05 yesfletchmain sshd\[23502\]: Failed password for invalid user postgres from 129.204.121.60 port 60652 ssh2 Mar 15 09:12:52 yesfletchmain sshd\[23728\]: Invalid user eco from 129.204.121.60 port 58674 Mar 15 09:12:52 yesfletchmain sshd\[23728\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.121.60 ...	2019-12-24 04:41:35

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 129.204.121.245
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 52586
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;129.204.121.245.		IN	A

;; AUTHORITY SECTION:
.			284	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020072801 1800 900 604800 86400

;; Query time: 77 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jul 29 04:22:57 CST 2020
;; MSG SIZE  rcvd: 119

HOST信息:

Host 245.121.204.129.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 245.121.204.129.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
49.88.112.55	attackspam	SSH bruteforce (Triggered fail2ban)	2019-12-23 02:14:05
45.55.136.206	attackspambots	Dec 22 18:47:18 sd-53420 sshd\[2057\]: User mysql from 45.55.136.206 not allowed because none of user's groups are listed in AllowGroups Dec 22 18:47:18 sd-53420 sshd\[2057\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.136.206 user=mysql Dec 22 18:47:20 sd-53420 sshd\[2057\]: Failed password for invalid user mysql from 45.55.136.206 port 48872 ssh2 Dec 22 18:54:29 sd-53420 sshd\[4860\]: User root from 45.55.136.206 not allowed because none of user's groups are listed in AllowGroups Dec 22 18:54:29 sd-53420 sshd\[4860\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.136.206 user=root ...	2019-12-23 02:00:25
83.175.213.250	attackbots	Dec 22 18:36:38 OPSO sshd\[14599\]: Invalid user telnetadmin from 83.175.213.250 port 45944 Dec 22 18:36:38 OPSO sshd\[14599\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=83.175.213.250 Dec 22 18:36:41 OPSO sshd\[14599\]: Failed password for invalid user telnetadmin from 83.175.213.250 port 45944 ssh2 Dec 22 18:43:04 OPSO sshd\[15816\]: Invalid user kulisz from 83.175.213.250 port 51410 Dec 22 18:43:04 OPSO sshd\[15816\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=83.175.213.250	2019-12-23 02:04:18
52.175.249.95	attack	MYH,DEF GET /downloader/info.php	2019-12-23 02:19:54
106.12.36.42	attackbotsspam	2019-12-22T17:45:09.944021shield sshd\[21688\]: Invalid user kaiserauer from 106.12.36.42 port 38138 2019-12-22T17:45:09.948419shield sshd\[21688\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.36.42 2019-12-22T17:45:11.698350shield sshd\[21688\]: Failed password for invalid user kaiserauer from 106.12.36.42 port 38138 ssh2 2019-12-22T17:51:32.160471shield sshd\[23940\]: Invalid user kavitha from 106.12.36.42 port 39484 2019-12-22T17:51:32.164615shield sshd\[23940\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.36.42	2019-12-23 02:11:02
222.186.175.154	attack	--- report --- Dec 22 14:57:35 sshd: Connection from 222.186.175.154 port 32332 Dec 22 14:57:57 sshd: Received disconnect from 222.186.175.154: 11: [preauth]	2019-12-23 02:08:50
91.206.200.231	attack	91.206.200.231 has been banned for [spam] ...	2019-12-23 01:53:06
222.186.173.226	attack	2019-12-22T19:16:11.289494scmdmz1 sshd[32528]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.226 user=root 2019-12-22T19:16:12.993802scmdmz1 sshd[32528]: Failed password for root from 222.186.173.226 port 25446 ssh2 2019-12-22T19:16:16.324805scmdmz1 sshd[32528]: Failed password for root from 222.186.173.226 port 25446 ssh2 2019-12-22T19:16:11.289494scmdmz1 sshd[32528]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.226 user=root 2019-12-22T19:16:12.993802scmdmz1 sshd[32528]: Failed password for root from 222.186.173.226 port 25446 ssh2 2019-12-22T19:16:16.324805scmdmz1 sshd[32528]: Failed password for root from 222.186.173.226 port 25446 ssh2 2019-12-22T19:16:11.289494scmdmz1 sshd[32528]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.226 user=root 2019-12-22T19:16:12.993802scmdmz1 sshd[32528]: Failed password for root from 222.186.173.226 port 2544	2019-12-23 02:20:38
217.182.204.72	attack	Dec 22 16:00:45 debian-2gb-nbg1-2 kernel: \[679595.648899\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=217.182.204.72 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=240 ID=12346 PROTO=TCP SPT=57873 DPT=40122 WINDOW=1024 RES=0x00 SYN URGP=0	2019-12-23 02:05:28
107.190.35.106	attackbots	Dec 22 12:49:08 plusreed sshd[26764]: Invalid user mette from 107.190.35.106 ...	2019-12-23 01:57:42
185.209.0.90	attackbotsspam	ET DROP Dshield Block Listed Source group 1 - port: 4404 proto: TCP cat: Misc Attack	2019-12-23 02:18:30
222.186.173.142	attackspam	2019-12-22T18:09:49.544015+00:00 suse sshd[18818]: User root from 222.186.173.142 not allowed because not listed in AllowUsers 2019-12-22T18:09:52.304546+00:00 suse sshd[18818]: error: PAM: Authentication failure for illegal user root from 222.186.173.142 2019-12-22T18:09:49.544015+00:00 suse sshd[18818]: User root from 222.186.173.142 not allowed because not listed in AllowUsers 2019-12-22T18:09:52.304546+00:00 suse sshd[18818]: error: PAM: Authentication failure for illegal user root from 222.186.173.142 2019-12-22T18:09:49.544015+00:00 suse sshd[18818]: User root from 222.186.173.142 not allowed because not listed in AllowUsers 2019-12-22T18:09:52.304546+00:00 suse sshd[18818]: error: PAM: Authentication failure for illegal user root from 222.186.173.142 2019-12-22T18:09:52.306759+00:00 suse sshd[18818]: Failed keyboard-interactive/pam for invalid user root from 222.186.173.142 port 15764 ssh2 ...	2019-12-23 02:13:15
178.62.214.85	attack	Dec 22 12:51:53 TORMINT sshd\[21247\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.62.214.85 user=root Dec 22 12:51:55 TORMINT sshd\[21247\]: Failed password for root from 178.62.214.85 port 34444 ssh2 Dec 22 12:57:57 TORMINT sshd\[21683\]: Invalid user stephani from 178.62.214.85 Dec 22 12:57:57 TORMINT sshd\[21683\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.62.214.85 ...	2019-12-23 02:07:35
134.175.46.166	attack	Dec 22 06:19:37 php1 sshd\[2581\]: Invalid user waitman from 134.175.46.166 Dec 22 06:19:37 php1 sshd\[2581\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.46.166 Dec 22 06:19:39 php1 sshd\[2581\]: Failed password for invalid user waitman from 134.175.46.166 port 32848 ssh2 Dec 22 06:27:50 php1 sshd\[5998\]: Invalid user fazile from 134.175.46.166 Dec 22 06:27:50 php1 sshd\[5998\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.46.166	2019-12-23 01:51:23
121.46.29.116	attack	Dec 22 08:03:33 web9 sshd\[10360\]: Invalid user lobianco from 121.46.29.116 Dec 22 08:03:33 web9 sshd\[10360\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.46.29.116 Dec 22 08:03:35 web9 sshd\[10360\]: Failed password for invalid user lobianco from 121.46.29.116 port 51694 ssh2 Dec 22 08:09:34 web9 sshd\[11297\]: Invalid user hadoop from 121.46.29.116 Dec 22 08:09:34 web9 sshd\[11297\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.46.29.116	2019-12-23 02:10:11

最近上报的IP列表

188.84.224.51	188.32.128.29	178.175.142.134	5.62.18.139
81.17.246.242	213.57.209.130	151.224.110.116	91.122.87.239
115.223.7.110	61.79.139.170	199.21.30.181	195.70.43.234
182.122.18.193	221.223.98.210	182.151.2.98	136.169.168.52
218.106.36.60	92.124.163.137	212.103.48.106	111.250.128.247