129.204.19.107

基本信息:

城市(city): unknown

省份(region): Beijing

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Dec 15 23:16:52 auw2 sshd\[8830\]: Invalid user hymans from 129.204.19.107 Dec 15 23:16:52 auw2 sshd\[8830\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.19.107 Dec 15 23:16:54 auw2 sshd\[8830\]: Failed password for invalid user hymans from 129.204.19.107 port 56446 ssh2 Dec 15 23:26:18 auw2 sshd\[9798\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.19.107 user=root Dec 15 23:26:19 auw2 sshd\[9798\]: Failed password for root from 129.204.19.107 port 34538 ssh2	2019-12-16 17:43:30
attackbotsspam	Dec 15 18:00:58 MK-Soft-VM7 sshd[17720]: Failed password for root from 129.204.19.107 port 59374 ssh2 ...	2019-12-16 03:03:54

类型

评论内容

时间

attackbots

Dec 15 23:16:52 auw2 sshd\[8830\]: Invalid user hymans from 129.204.19.107
Dec 15 23:16:52 auw2 sshd\[8830\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.19.107
Dec 15 23:16:54 auw2 sshd\[8830\]: Failed password for invalid user hymans from 129.204.19.107 port 56446 ssh2
Dec 15 23:26:18 auw2 sshd\[9798\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.19.107  user=root
Dec 15 23:26:19 auw2 sshd\[9798\]: Failed password for root from 129.204.19.107 port 34538 ssh2

2019-12-16 17:43:30

attackbotsspam

Dec 15 18:00:58 MK-Soft-VM7 sshd[17720]: Failed password for root from 129.204.19.107 port 59374 ssh2
...

2019-12-16 03:03:54

相同子网IP讨论:

IP	类型	评论内容	时间
129.204.197.29	attack	Oct 7 20:30:21 ms-srv sshd[3080]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.197.29 user=root Oct 7 20:30:23 ms-srv sshd[3080]: Failed password for invalid user root from 129.204.197.29 port 54396 ssh2	2020-10-08 05:17:31
129.204.197.29	attackbotsspam	"fail2ban match"	2020-10-07 21:41:12
129.204.19.9	attackspambots	Aug 30 07:32:55 hosting sshd[25440]: Invalid user nrg from 129.204.19.9 port 51770 ...	2020-08-30 13:44:55
129.204.19.9	attackbotsspam	Aug 16 05:54:44 db sshd[21204]: User root from 129.204.19.9 not allowed because none of user's groups are listed in AllowGroups ...	2020-08-16 14:53:31
129.204.196.245	attack	Port probing on unauthorized port 1099	2020-07-25 23:40:50
129.204.19.9	attackbotsspam	Jul 12 10:54:58 main sshd[27915]: Failed password for invalid user test from 129.204.19.9 port 41182 ssh2	2020-07-13 07:31:19
129.204.199.167	attackspam	$f2bV_matches	2020-07-08 07:44:19
129.204.19.9	attack	20 attempts against mh-ssh on echoip	2020-06-26 17:08:35
129.204.19.9	attackbots	Jun 25 08:05:48 sigma sshd\[13048\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.19.9 user=rootJun 25 08:20:27 sigma sshd\[13666\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.19.9 user=root ...	2020-06-25 17:00:46
129.204.19.190	attack	Unauthorised access (Jun 6) SRC=129.204.19.190 LEN=52 TTL=113 ID=7403 DF TCP DPT=3389 WINDOW=8192 CWR ECE SYN	2020-06-07 05:55:05
129.204.19.9	attackspam	May 26 23:02:50 * sshd[12363]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.19.9 May 26 23:02:53 * sshd[12363]: Failed password for invalid user toor from 129.204.19.9 port 56258 ssh2	2020-05-27 05:24:45
129.204.19.9	attackspambots	May 26 03:16:35 itv-usvr-01 sshd[336]: Invalid user alain from 129.204.19.9 May 26 03:16:35 itv-usvr-01 sshd[336]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.19.9 May 26 03:16:35 itv-usvr-01 sshd[336]: Invalid user alain from 129.204.19.9 May 26 03:16:37 itv-usvr-01 sshd[336]: Failed password for invalid user alain from 129.204.19.9 port 42356 ssh2 May 26 03:23:21 itv-usvr-01 sshd[648]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.19.9 user=root May 26 03:23:23 itv-usvr-01 sshd[648]: Failed password for root from 129.204.19.9 port 41078 ssh2	2020-05-26 05:21:44
129.204.19.9	attackbots	May 23 12:01:06 *** sshd[3041]: Invalid user qyf from 129.204.19.9	2020-05-23 22:40:01
129.204.19.9	attackbotsspam	SSH Brute-Force. Ports scanning.	2020-05-16 01:03:34
129.204.19.9	attackbots	May 10 07:05:11 meumeu sshd[31045]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.19.9 May 10 07:05:13 meumeu sshd[31045]: Failed password for invalid user user0 from 129.204.19.9 port 58714 ssh2 May 10 07:06:37 meumeu sshd[31210]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.19.9 ...	2020-05-10 15:52:50

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 129.204.19.107
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24432
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;129.204.19.107.			IN	A

;; AUTHORITY SECTION:
.			450	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121501 1800 900 604800 86400

;; Query time: 118 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Dec 16 03:03:51 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 107.19.204.129.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 107.19.204.129.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
190.32.21.250	attack	Jun 5 09:44:31 ns382633 sshd\[17663\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.32.21.250 user=root Jun 5 09:44:33 ns382633 sshd\[17663\]: Failed password for root from 190.32.21.250 port 42421 ssh2 Jun 5 09:52:16 ns382633 sshd\[19175\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.32.21.250 user=root Jun 5 09:52:18 ns382633 sshd\[19175\]: Failed password for root from 190.32.21.250 port 57887 ssh2 Jun 5 09:55:12 ns382633 sshd\[19840\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.32.21.250 user=root	2020-06-05 17:04:58
67.217.115.157	attack	20/6/4@23:52:40: FAIL: Alarm-Network address from=67.217.115.157 20/6/4@23:52:40: FAIL: Alarm-Network address from=67.217.115.157 ...	2020-06-05 17:01:16
78.157.49.161	attackspambots	Automatic report - Port Scan Attack	2020-06-05 17:31:04
106.13.182.60	attack	Jun 5 05:45:28 Ubuntu-1404-trusty-64-minimal sshd\[7201\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.182.60 user=root Jun 5 05:45:30 Ubuntu-1404-trusty-64-minimal sshd\[7201\]: Failed password for root from 106.13.182.60 port 46752 ssh2 Jun 5 05:50:51 Ubuntu-1404-trusty-64-minimal sshd\[9256\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.182.60 user=root Jun 5 05:50:53 Ubuntu-1404-trusty-64-minimal sshd\[9256\]: Failed password for root from 106.13.182.60 port 41060 ssh2 Jun 5 05:52:14 Ubuntu-1404-trusty-64-minimal sshd\[9822\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.182.60 user=root	2020-06-05 17:22:13
46.36.27.114	attack	Jun 4 20:18:45 php1 sshd\[28288\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.36.27.114 user=root Jun 4 20:18:48 php1 sshd\[28288\]: Failed password for root from 46.36.27.114 port 42723 ssh2 Jun 4 20:22:29 php1 sshd\[28636\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.36.27.114 user=root Jun 4 20:22:31 php1 sshd\[28636\]: Failed password for root from 46.36.27.114 port 44616 ssh2 Jun 4 20:26:16 php1 sshd\[29031\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.36.27.114 user=root	2020-06-05 17:22:28
217.171.17.193	attackbotsspam	Jun 5 08:00:37 mail sshd[23817]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.171.17.193 ...	2020-06-05 17:22:47
220.88.1.208	attack	Jun 5 10:34:30 sip sshd[549022]: Failed password for root from 220.88.1.208 port 54688 ssh2 Jun 5 10:37:31 sip sshd[549057]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.88.1.208 user=root Jun 5 10:37:33 sip sshd[549057]: Failed password for root from 220.88.1.208 port 51404 ssh2 ...	2020-06-05 17:03:39
222.186.42.136	attack	Jun 5 11:07:30 vmi345603 sshd[582]: Failed password for root from 222.186.42.136 port 24568 ssh2 Jun 5 11:07:32 vmi345603 sshd[582]: Failed password for root from 222.186.42.136 port 24568 ssh2 ...	2020-06-05 17:09:44
201.55.158.87	attack	(BR/Brazil/-) SMTP Bruteforcing attempts	2020-06-05 17:38:25
188.166.147.211	attackbotsspam	Jun 5 08:05:10 mail sshd[27032]: Failed password for root from 188.166.147.211 port 44342 ssh2 ...	2020-06-05 17:05:17
180.76.160.148	attackspambots	Jun 5 06:52:30 debian kernel: [231712.223221] [UFW BLOCK] IN=eth0 OUT= MAC=52:54:00:be:e4:65:08:e8:4f:6e:48:0c:08:00 SRC=180.76.160.148 DST=89.252.131.35 LEN=40 TOS=0x00 PREC=0x00 TTL=240 ID=20132 PROTO=TCP SPT=46907 DPT=28462 WINDOW=1024 RES=0x00 SYN URGP=0	2020-06-05 17:09:23
201.55.180.242	attackbots	(BR/Brazil/-) SMTP Bruteforcing attempts	2020-06-05 17:33:28
202.52.240.17	attackspam	(NP/Nepal/-) SMTP Bruteforcing attempts	2020-06-05 17:23:24
222.186.173.142	attack	Fail2Ban Ban Triggered	2020-06-05 17:31:42
36.37.82.115	attackspambots	TCP (SYN) 36.37.82.115:49997 -> port 3389, len 40	2020-06-05 17:11:54

最近上报的IP列表

115.218.226.175	44.252.50.209	217.138.202.84	196.251.61.185
88.130.2.7	191.96.16.148	1.162.239.79	96.95.223.139
180.190.166.172	84.29.128.50	17.182.171.55	94.30.171.159
77.36.64.234	2002:8e5d:1c8::8e5d:1c8	90.54.176.203	13.233.44.80
42.108.14.112	159.65.168.195	47.190.184.154	68.5.173.39