129.204.139.206

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Sep 10 17:10:49 eddieflores sshd\[7354\]: Invalid user usuario from 129.204.139.206 Sep 10 17:10:49 eddieflores sshd\[7354\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.139.206 Sep 10 17:10:50 eddieflores sshd\[7354\]: Failed password for invalid user usuario from 129.204.139.206 port 51792 ssh2 Sep 10 17:17:51 eddieflores sshd\[7971\]: Invalid user tommy from 129.204.139.206 Sep 10 17:17:51 eddieflores sshd\[7971\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.139.206	2019-09-11 11:26:05
attackbotsspam	Sep 10 06:51:19 taivassalofi sshd[117672]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.139.206 Sep 10 06:51:21 taivassalofi sshd[117672]: Failed password for invalid user cloud from 129.204.139.206 port 51376 ssh2 ...	2019-09-10 15:40:01

类型

评论内容

时间

attack

Sep 10 17:10:49 eddieflores sshd\[7354\]: Invalid user usuario from 129.204.139.206
Sep 10 17:10:49 eddieflores sshd\[7354\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.139.206
Sep 10 17:10:50 eddieflores sshd\[7354\]: Failed password for invalid user usuario from 129.204.139.206 port 51792 ssh2
Sep 10 17:17:51 eddieflores sshd\[7971\]: Invalid user tommy from 129.204.139.206
Sep 10 17:17:51 eddieflores sshd\[7971\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.139.206

2019-09-11 11:26:05

attackbotsspam

Sep 10 06:51:19 taivassalofi sshd[117672]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.139.206
Sep 10 06:51:21 taivassalofi sshd[117672]: Failed password for invalid user cloud from 129.204.139.206 port 51376 ssh2
...

2019-09-10 15:40:01

相同子网IP讨论:

IP	类型	评论内容	时间
129.204.139.26	attack	2020-08-11T13:57:48.672400v22018076590370373 sshd[23784]: Failed password for root from 129.204.139.26 port 49286 ssh2 2020-08-11T14:02:08.106559v22018076590370373 sshd[12339]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.139.26 user=root 2020-08-11T14:02:10.252449v22018076590370373 sshd[12339]: Failed password for root from 129.204.139.26 port 36622 ssh2 2020-08-11T14:06:21.826831v22018076590370373 sshd[1238]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.139.26 user=root 2020-08-11T14:06:23.369992v22018076590370373 sshd[1238]: Failed password for root from 129.204.139.26 port 52172 ssh2 ...	2020-08-12 03:04:26
129.204.139.26	attackbots	Invalid user emms from 129.204.139.26 port 58460	2020-07-28 06:43:51
129.204.139.26	attackbotsspam	Invalid user vdc from 129.204.139.26 port 54926	2020-07-26 15:01:40
129.204.139.26	attack	Jul 24 15:59:07 inter-technics sshd[20442]: Invalid user user from 129.204.139.26 port 37834 Jul 24 15:59:07 inter-technics sshd[20442]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.139.26 Jul 24 15:59:07 inter-technics sshd[20442]: Invalid user user from 129.204.139.26 port 37834 Jul 24 15:59:10 inter-technics sshd[20442]: Failed password for invalid user user from 129.204.139.26 port 37834 ssh2 Jul 24 16:05:53 inter-technics sshd[20822]: Invalid user yhy from 129.204.139.26 port 52826 ...	2020-07-25 03:19:04
129.204.139.26	attackbotsspam	Unauthorised connection attempt detected at AUO NODE 4. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-07-14 15:28:31
129.204.139.26	attackspam	Brute-force attempt banned	2020-07-01 06:27:32
129.204.139.26	attack	Jun 28 12:08:36 rush sshd[16756]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.139.26 Jun 28 12:08:38 rush sshd[16756]: Failed password for invalid user fds from 129.204.139.26 port 34328 ssh2 Jun 28 12:12:24 rush sshd[16894]: Failed password for root from 129.204.139.26 port 49048 ssh2 ...	2020-06-28 23:23:57
129.204.139.26	attackspam	Jun 28 08:02:45 minden010 sshd[16027]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.139.26 Jun 28 08:02:48 minden010 sshd[16027]: Failed password for invalid user tv from 129.204.139.26 port 57412 ssh2 Jun 28 08:07:52 minden010 sshd[18347]: Failed password for root from 129.204.139.26 port 56312 ssh2 ...	2020-06-28 14:26:41
129.204.139.26	attack	$f2bV_matches	2020-06-24 18:54:20
129.204.139.26	attackspambots	Jun 6 12:26:39 lnxmail61 sshd[32476]: Failed password for root from 129.204.139.26 port 44786 ssh2 Jun 6 12:29:25 lnxmail61 sshd[322]: Failed password for root from 129.204.139.26 port 46396 ssh2	2020-06-06 19:06:45
129.204.139.26	attackspambots	May 26 22:17:14 ArkNodeAT sshd\[8063\]: Invalid user newsetup from 129.204.139.26 May 26 22:17:14 ArkNodeAT sshd\[8063\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.139.26 May 26 22:17:16 ArkNodeAT sshd\[8063\]: Failed password for invalid user newsetup from 129.204.139.26 port 49954 ssh2	2020-05-27 04:51:50
129.204.139.26	attackbotsspam	May 16 21:16:38 game-panel sshd[16250]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.139.26 May 16 21:16:40 game-panel sshd[16250]: Failed password for invalid user gr from 129.204.139.26 port 50564 ssh2 May 16 21:19:06 game-panel sshd[16322]: Failed password for root from 129.204.139.26 port 51708 ssh2	2020-05-17 05:58:03
129.204.139.26	attackspam	May 2 14:00:10 ns382633 sshd\[404\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.139.26 user=root May 2 14:00:13 ns382633 sshd\[404\]: Failed password for root from 129.204.139.26 port 36658 ssh2 May 2 14:06:43 ns382633 sshd\[1552\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.139.26 user=root May 2 14:06:46 ns382633 sshd\[1552\]: Failed password for root from 129.204.139.26 port 34158 ssh2 May 2 14:11:10 ns382633 sshd\[2530\]: Invalid user asf from 129.204.139.26 port 52090 May 2 14:11:10 ns382633 sshd\[2530\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.139.26	2020-05-03 00:23:46
129.204.139.26	attack	20 attempts against mh-ssh on cloud	2020-05-01 16:17:48
129.204.139.26	attack	Apr 15 08:42:32 powerpi2 sshd[15062]: Invalid user ed from 129.204.139.26 port 39550 Apr 15 08:42:34 powerpi2 sshd[15062]: Failed password for invalid user ed from 129.204.139.26 port 39550 ssh2 Apr 15 08:47:24 powerpi2 sshd[15274]: Invalid user toor from 129.204.139.26 port 33454 ...	2020-04-15 17:44:39

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 129.204.139.206
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 47694
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;129.204.139.206.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019091000 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Sep 10 15:39:55 CST 2019
;; MSG SIZE  rcvd: 119

HOST信息:

Host 206.139.204.129.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 206.139.204.129.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
185.105.121.55	attack	Aug 20 10:55:37 legacy sshd[31425]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.105.121.55 Aug 20 10:55:39 legacy sshd[31425]: Failed password for invalid user ai from 185.105.121.55 port 24331 ssh2 Aug 20 10:59:42 legacy sshd[31536]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.105.121.55 ...	2019-08-20 19:07:06
115.43.97.27	attackbots	firewall-block, port(s): 445/tcp	2019-08-20 18:56:20
132.232.118.214	attackspambots	SSH brute-force: detected 7 distinct usernames within a 24-hour window.	2019-08-20 19:36:07
118.25.25.202	attackbotsspam	Aug 20 07:09:01 [munged] sshd[18348]: Invalid user franklin from 118.25.25.202 port 60524 Aug 20 07:09:01 [munged] sshd[18348]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.25.202	2019-08-20 19:06:03
107.167.183.210	attackspambots	Aug 20 12:57:44 ubuntu-2gb-nbg1-dc3-1 sshd[20824]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.167.183.210 Aug 20 12:57:45 ubuntu-2gb-nbg1-dc3-1 sshd[20824]: Failed password for invalid user webmaster from 107.167.183.210 port 59364 ssh2 ...	2019-08-20 19:44:20
49.232.46.207	attackbotsspam	Aug 20 06:03:38 legacy sshd[24642]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.232.46.207 Aug 20 06:03:40 legacy sshd[24642]: Failed password for invalid user server from 49.232.46.207 port 36768 ssh2 Aug 20 06:05:23 legacy sshd[24677]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.232.46.207 ...	2019-08-20 19:17:19
68.183.236.92	attack	2019-08-20T10:47:53.262250abusebot-6.cloudsearch.cf sshd\[7620\]: Invalid user jfrog from 68.183.236.92 port 39652	2019-08-20 19:40:46
123.151.146.250	attack	Automatic report - Banned IP Access	2019-08-20 19:36:39
5.196.7.123	attackbotsspam	Aug 20 06:05:43 aat-srv002 sshd[8591]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.196.7.123 Aug 20 06:05:44 aat-srv002 sshd[8591]: Failed password for invalid user oracle from 5.196.7.123 port 43318 ssh2 Aug 20 06:10:02 aat-srv002 sshd[8718]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.196.7.123 Aug 20 06:10:04 aat-srv002 sshd[8718]: Failed password for invalid user bavmk from 5.196.7.123 port 60604 ssh2 ...	2019-08-20 19:11:04
200.122.224.200	attackspambots	[SMB remote code execution attempt: port tcp/445] *(RWIN=8192)(08201224)	2019-08-20 19:11:23
134.119.221.7	attack	\[2019-08-20 07:02:42\] SECURITY\[2326\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-08-20T07:02:42.902-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="0081046903433972",SessionID="0x7ff4d07952f8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/134.119.221.7/52142",ACLName="no_extension_match" \[2019-08-20 07:05:39\] SECURITY\[2326\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-08-20T07:05:39.199-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="0981046903433972",SessionID="0x7ff4d03e6408",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/134.119.221.7/65378",ACLName="no_extension_match" \[2019-08-20 07:08:34\] SECURITY\[2326\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-08-20T07:08:34.808-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="00981046903433972",SessionID="0x7ff4d07952f8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/134.119.221.7/61384",ACLName="no	2019-08-20 19:26:27
103.88.113.74	attackbotsspam	Unauthorized connection attempt from IP address 103.88.113.74 on Port 445(SMB)	2019-08-20 19:39:11
60.249.80.37	attack	1433/tcp 445/tcp... [2019-08-20]4pkt,2pt.(tcp)	2019-08-20 19:36:59
77.87.77.33	attack	[SMB remote code execution attempt: port tcp/445] *(RWIN=1024)(08201224)	2019-08-20 19:00:34
115.75.191.206	attackspam	445/tcp [2019-08-20]1pkt	2019-08-20 19:04:58

最近上报的IP列表

168.217.246.195	91.214.179.23	52.53.192.226	185.220.0.141
95.9.128.250	186.146.151.197	131.158.37.17	202.169.246.200
186.228.180.206	103.121.117.181	171.249.243.168	196.70.143.76
144.144.118.51	126.254.60.211	120.32.194.204	51.146.26.67
24.35.32.239	23.225.177.12	14.169.227.156	136.141.33.215