129.204.180.130

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Mar 10 01:57:19 firewall sshd[19106]: Invalid user office2 from 129.204.180.130 Mar 10 01:57:21 firewall sshd[19106]: Failed password for invalid user office2 from 129.204.180.130 port 41642 ssh2 Mar 10 02:03:21 firewall sshd[19228]: Invalid user admin1 from 129.204.180.130 ...	2020-03-10 13:17:49
attackspam	Feb 25 07:11:01 server sshd\[14021\]: Failed password for mysql from 129.204.180.130 port 42762 ssh2 Feb 25 13:39:51 server sshd\[24028\]: Invalid user db2inst1 from 129.204.180.130 Feb 25 13:39:51 server sshd\[24028\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.180.130 Feb 25 13:39:53 server sshd\[24028\]: Failed password for invalid user db2inst1 from 129.204.180.130 port 39844 ssh2 Feb 25 14:01:09 server sshd\[28300\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.180.130 user=adm ...	2020-02-25 20:37:24
attack	Feb 17 15:32:52 plex sshd[2210]: Invalid user password from 129.204.180.130 port 46584	2020-02-18 00:30:02

类型

评论内容

时间

attackbotsspam

Mar 10 01:57:19 firewall sshd[19106]: Invalid user office2 from 129.204.180.130
Mar 10 01:57:21 firewall sshd[19106]: Failed password for invalid user office2 from 129.204.180.130 port 41642 ssh2
Mar 10 02:03:21 firewall sshd[19228]: Invalid user admin1 from 129.204.180.130
...

2020-03-10 13:17:49

attackspam

Feb 25 07:11:01 server sshd\[14021\]: Failed password for mysql from 129.204.180.130 port 42762 ssh2
Feb 25 13:39:51 server sshd\[24028\]: Invalid user db2inst1 from 129.204.180.130
Feb 25 13:39:51 server sshd\[24028\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.180.130 
Feb 25 13:39:53 server sshd\[24028\]: Failed password for invalid user db2inst1 from 129.204.180.130 port 39844 ssh2
Feb 25 14:01:09 server sshd\[28300\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.180.130  user=adm
...

2020-02-25 20:37:24

attack

Feb 17 15:32:52 plex sshd[2210]: Invalid user password from 129.204.180.130 port 46584

2020-02-18 00:30:02

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 129.204.180.130
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 23265
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;129.204.180.130.		IN	A

;; AUTHORITY SECTION:
.			153	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020021700 1800 900 604800 86400

;; Query time: 104 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 18 00:29:52 CST 2020
;; MSG SIZE  rcvd: 119

HOST信息:

Host 130.180.204.129.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 130.180.204.129.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
112.85.42.188	attackbotsspam	01/09/2020-18:05:02.673644 112.85.42.188 Protocol: 6 ET SCAN Potential SSH Scan	2020-01-10 07:05:26
176.113.115.50	attack	firewall-block, port(s): 3391/tcp, 12000/tcp, 14000/tcp, 28000/tcp, 30303/tcp, 32954/tcp, 33113/tcp	2020-01-10 07:01:20
167.99.226.184	attackspam	WordPress login Brute force / Web App Attack on client site.	2020-01-10 06:44:00
81.28.107.21	attackspam	Jan 9 23:39:58 grey postfix/smtpd\[22278\]: NOQUEUE: reject: RCPT from talented.youavto.com\[81.28.107.21\]: 554 5.7.1 Service unavailable\; Client host \[81.28.107.21\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[81.28.107.21\]\; from=\ to=\ proto=ESMTP helo=\ ...	2020-01-10 06:54:02
189.208.166.14	attackbots	F2B blocked SSH bruteforcing	2020-01-10 06:56:15
211.232.235.250	attack	" "	2020-01-10 07:05:01
200.86.33.140	attackbotsspam	Jan 9 12:48:42 hanapaa sshd\[15626\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=pc-140-33-86-200.cm.vtr.net user=root Jan 9 12:48:44 hanapaa sshd\[15626\]: Failed password for root from 200.86.33.140 port 48107 ssh2 Jan 9 12:51:55 hanapaa sshd\[15940\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=pc-140-33-86-200.cm.vtr.net user=root Jan 9 12:51:58 hanapaa sshd\[15940\]: Failed password for root from 200.86.33.140 port 30963 ssh2 Jan 9 12:55:11 hanapaa sshd\[16263\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=pc-140-33-86-200.cm.vtr.net user=root	2020-01-10 07:02:41
200.194.37.63	attack	Automatic report - Port Scan Attack	2020-01-10 07:01:56
197.55.103.225	attack	Brute-force attempt banned	2020-01-10 06:53:19
140.143.151.93	attackbotsspam	2020-01-09T22:25:24.7514441240 sshd\[14804\]: Invalid user user0 from 140.143.151.93 port 52564 2020-01-09T22:25:24.7543161240 sshd\[14804\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.151.93 2020-01-09T22:25:26.2321081240 sshd\[14804\]: Failed password for invalid user user0 from 140.143.151.93 port 52564 ssh2 ...	2020-01-10 06:41:20
104.131.8.137	attackbotsspam	Port Scan detected from 104.131.8.137 (US/United States/-). 4 hits in the last 66 seconds	2020-01-10 06:55:46
14.56.180.103	attackspam	"SSH brute force auth login attempt."	2020-01-10 06:57:02
80.66.81.143	attackbots	Jan 9 23:34:05 relay postfix/smtpd\[13197\]: warning: unknown\[80.66.81.143\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jan 9 23:34:32 relay postfix/smtpd\[10988\]: warning: unknown\[80.66.81.143\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jan 9 23:34:49 relay postfix/smtpd\[13193\]: warning: unknown\[80.66.81.143\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jan 9 23:34:54 relay postfix/smtpd\[13199\]: warning: unknown\[80.66.81.143\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jan 9 23:35:10 relay postfix/smtpd\[4563\]: warning: unknown\[80.66.81.143\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-01-10 06:41:52
218.92.0.171	attackspambots	Jan 10 03:27:33 gw1 sshd[19625]: Failed password for root from 218.92.0.171 port 34441 ssh2 Jan 10 03:27:47 gw1 sshd[19625]: Failed password for root from 218.92.0.171 port 34441 ssh2 Jan 10 03:27:47 gw1 sshd[19625]: error: maximum authentication attempts exceeded for root from 218.92.0.171 port 34441 ssh2 [preauth] ...	2020-01-10 06:34:55
150.147.244.190	attackbots	Automatic report - Port Scan Attack	2020-01-10 06:54:48

最近上报的IP列表

226.157.8.43	154.33.63.168	162.60.174.195	148.195.52.69
80.211.245.129	62.130.178.10	201.72.142.199	38.54.49.2
210.18.155.227	154.209.105.40	222.0.184.234	37.155.0.52
33.90.203.201	75.67.6.184	49.90.121.51	250.147.177.161
242.164.237.186	213.57.165.123	49.249.245.218	27.219.119.52