129.205.208.21

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Botswana

运营商(isp): Botswana Fibre Networks (Proprietary) Limited

主机名(hostname): unknown

机构(organization): BOFINET

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Apr 18 21:16:18 yesfletchmain sshd\[24473\]: Invalid user mysql2 from 129.205.208.21 port 22018 Apr 18 21:16:18 yesfletchmain sshd\[24473\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.205.208.21 Apr 18 21:16:21 yesfletchmain sshd\[24473\]: Failed password for invalid user mysql2 from 129.205.208.21 port 22018 ssh2 Apr 18 21:22:59 yesfletchmain sshd\[24739\]: Invalid user temp1 from 129.205.208.21 port 3000 Apr 18 21:22:59 yesfletchmain sshd\[24739\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.205.208.21 ...	2019-12-24 02:40:15
attackspam	Jan 23 15:25:03 motanud sshd\[22063\]: Invalid user wmaina from 129.205.208.21 port 31267 Jan 23 15:25:03 motanud sshd\[22063\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.205.208.21 Jan 23 15:25:05 motanud sshd\[22063\]: Failed password for invalid user wmaina from 129.205.208.21 port 31267 ssh2 Mar 4 07:20:56 motanud sshd\[8200\]: Invalid user ftpadmin from 129.205.208.21 port 9310 Mar 4 07:20:56 motanud sshd\[8200\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.205.208.21 Mar 4 07:20:58 motanud sshd\[8200\]: Failed password for invalid user ftpadmin from 129.205.208.21 port 9310 ssh2	2019-08-04 10:43:31
attackbotsspam	SSH Bruteforce	2019-07-08 12:31:05
attack	Jun 30 15:42:48 lnxded64 sshd[13164]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.205.208.21 Jun 30 15:42:48 lnxded64 sshd[13164]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.205.208.21 Jun 30 15:42:50 lnxded64 sshd[13164]: Failed password for invalid user git from 129.205.208.21 port 27330 ssh2	2019-06-30 22:32:41

相同子网IP讨论:

IP	类型	评论内容	时间
129.205.208.23	attackbotsspam	Apr 23 21:12:40 yesfletchmain sshd\[24809\]: Invalid user informix from 129.205.208.23 port 22498 Apr 23 21:12:40 yesfletchmain sshd\[24809\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.205.208.23 Apr 23 21:12:42 yesfletchmain sshd\[24809\]: Failed password for invalid user informix from 129.205.208.23 port 22498 ssh2 Apr 23 21:16:27 yesfletchmain sshd\[24890\]: Invalid user ezequiel from 129.205.208.23 port 29625 Apr 23 21:16:27 yesfletchmain sshd\[24890\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.205.208.23 ...	2019-12-24 02:37:56
129.205.208.20	attackspam	Jan 23 15:15:28 motanud sshd\[21702\]: Invalid user oracle from 129.205.208.20 port 19106 Jan 23 15:15:28 motanud sshd\[21702\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.205.208.20 Jan 23 15:15:31 motanud sshd\[21702\]: Failed password for invalid user oracle from 129.205.208.20 port 19106 ssh2 Mar 4 07:02:42 motanud sshd\[7359\]: Invalid user jt from 129.205.208.20 port 7616 Mar 4 07:02:42 motanud sshd\[7359\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.205.208.20 Mar 4 07:02:44 motanud sshd\[7359\]: Failed password for invalid user jt from 129.205.208.20 port 7616 ssh2 Mar 4 07:35:40 motanud sshd\[9071\]: Invalid user z from 129.205.208.20 port 1089 Mar 4 07:35:40 motanud sshd\[9071\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.205.208.20 Mar 4 07:35:42 motanud sshd\[9071\]: Failed password for invalid user z from 129.205.208.20 port 1089 ssh2	2019-08-04 10:45:25
129.205.208.22	attack	Jan 23 15:20:48 motanud sshd\[21879\]: Invalid user test1 from 129.205.208.22 port 10659 Jan 23 15:20:48 motanud sshd\[21879\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.205.208.22 Jan 23 15:20:49 motanud sshd\[21879\]: Failed password for invalid user test1 from 129.205.208.22 port 10659 ssh2 Mar 4 07:28:17 motanud sshd\[8624\]: Invalid user td from 129.205.208.22 port 26699 Mar 4 07:28:17 motanud sshd\[8624\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.205.208.22 Mar 4 07:28:19 motanud sshd\[8624\]: Failed password for invalid user td from 129.205.208.22 port 26699 ssh2	2019-08-04 10:40:01
129.205.208.23	attackbots	Jan 23 15:34:00 motanud sshd\[22510\]: Invalid user rafael from 129.205.208.23 port 22230 Jan 23 15:34:00 motanud sshd\[22510\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.205.208.23 Jan 23 15:34:01 motanud sshd\[22510\]: Failed password for invalid user rafael from 129.205.208.23 port 22230 ssh2 Mar 4 07:13:35 motanud sshd\[7767\]: Invalid user hn from 129.205.208.23 port 27528 Mar 4 07:13:35 motanud sshd\[7767\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.205.208.23 Mar 4 07:13:37 motanud sshd\[7767\]: Failed password for invalid user hn from 129.205.208.23 port 27528 ssh2	2019-08-04 10:35:37
129.205.208.22	attackbotsspam	Jul 30 12:20:04 unicornsoft sshd\[25198\]: Invalid user spider from 129.205.208.22 Jul 30 12:20:04 unicornsoft sshd\[25198\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.205.208.22 Jul 30 12:20:06 unicornsoft sshd\[25198\]: Failed password for invalid user spider from 129.205.208.22 port 22465 ssh2	2019-07-30 23:11:05
129.205.208.20	attack	SSH Bruteforce	2019-07-08 13:53:38
129.205.208.23	attackspambots	Jul 7 23:52:46 MK-Soft-VM5 sshd\[1544\]: Invalid user louis from 129.205.208.23 port 27158 Jul 7 23:52:46 MK-Soft-VM5 sshd\[1544\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.205.208.23 Jul 7 23:52:48 MK-Soft-VM5 sshd\[1544\]: Failed password for invalid user louis from 129.205.208.23 port 27158 ssh2 ...	2019-07-08 10:10:06

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 129.205.208.21
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 32326
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;129.205.208.21.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019041301 1800 900 604800 86400

;; Query time: 51 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Sun Apr 14 06:18:45 +08 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 21.208.205.129.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 21.208.205.129.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
139.199.133.160	attack	Automatic report - Banned IP Access	2020-04-04 02:45:35
148.70.183.250	attack	Apr 3 16:24:50 vmd26974 sshd[13111]: Failed password for root from 148.70.183.250 port 59844 ssh2 ...	2020-04-04 02:44:42
49.232.173.147	attackspam	Apr 3 18:14:23 [HOSTNAME] sshd[10074]: Invalid user jigang from 49.232.173.147 port 50848 Apr 3 18:14:23 [HOSTNAME] sshd[10074]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.232.173.147 Apr 3 18:14:25 [HOSTNAME] sshd[10074]: Failed password for invalid user jigang from 49.232.173.147 port 50848 ssh2 ...	2020-04-04 02:24:35
175.24.107.201	attackspambots	Apr 3 09:07:28 dallas01 sshd[1908]: Failed password for root from 175.24.107.201 port 42670 ssh2 Apr 3 09:10:46 dallas01 sshd[4784]: Failed password for root from 175.24.107.201 port 44594 ssh2	2020-04-04 02:42:06
129.204.181.48	attackspambots	2020-04-03T15:19:42.922103abusebot-3.cloudsearch.cf sshd[5823]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.181.48 user=root 2020-04-03T15:19:45.439405abusebot-3.cloudsearch.cf sshd[5823]: Failed password for root from 129.204.181.48 port 39274 ssh2 2020-04-03T15:25:42.699865abusebot-3.cloudsearch.cf sshd[6281]: Invalid user lishuoguo from 129.204.181.48 port 41244 2020-04-03T15:25:42.707838abusebot-3.cloudsearch.cf sshd[6281]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.181.48 2020-04-03T15:25:42.699865abusebot-3.cloudsearch.cf sshd[6281]: Invalid user lishuoguo from 129.204.181.48 port 41244 2020-04-03T15:25:44.647666abusebot-3.cloudsearch.cf sshd[6281]: Failed password for invalid user lishuoguo from 129.204.181.48 port 41244 ssh2 2020-04-03T15:28:07.556071abusebot-3.cloudsearch.cf sshd[6467]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost ...	2020-04-04 02:48:29
198.98.54.28	attackspambots	Invalid user ubnt from 198.98.54.28 port 63058	2020-04-04 02:33:00
162.252.57.211	attackbots	Mar 31 08:19:18 our-server-hostname sshd[3188]: Address 162.252.57.211 maps to nxxxxxxx.miami-servers.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Mar 31 08:19:18 our-server-hostname sshd[3188]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.252.57.211 user=r.r Mar 31 08:19:19 our-server-hostname sshd[3188]: Failed password for r.r from 162.252.57.211 port 59868 ssh2 Mar 31 08:26:10 our-server-hostname sshd[4810]: Address 162.252.57.211 maps to nxxxxxxx.miami-servers.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Mar 31 08:26:10 our-server-hostname sshd[4810]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.252.57.211 user=r.r Mar 31 08:26:11 our-server-hostname sshd[4810]: Failed password for r.r from 162.252.57.211 port 57262 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=162.252.57.211	2020-04-04 02:43:33
49.235.16.103	attack	Invalid user ym from 49.235.16.103 port 53184	2020-04-04 02:23:58
104.236.228.46	attackbotsspam	Invalid user sun from 104.236.228.46 port 59728	2020-04-04 02:14:27
192.241.220.228	attack	Apr 3 17:55:17 markkoudstaal sshd[6483]: Failed password for root from 192.241.220.228 port 37090 ssh2 Apr 3 18:00:15 markkoudstaal sshd[7308]: Failed password for root from 192.241.220.228 port 48094 ssh2	2020-04-04 02:34:08
113.207.83.130	attack	Total attacks: 2	2020-04-04 02:08:16
101.78.149.142	attack	SSH brute force attempt	2020-04-04 02:17:14
134.209.99.220	attackbots	Apr 3 20:25:36 [HOSTNAME] sshd[11621]: Invalid user postgres from 134.209.99.220 port 34930 Apr 3 20:25:36 [HOSTNAME] sshd[11621]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.99.220 Apr 3 20:25:38 [HOSTNAME] sshd[11621]: Failed password for invalid user postgres from 134.209.99.220 port 34930 ssh2 ...	2020-04-04 02:47:00
59.127.172.234	attackspam	SSH Brute Force	2020-04-04 02:19:24
220.158.148.132	attack	Apr 3 20:06:55 ns381471 sshd[19802]: Failed password for root from 220.158.148.132 port 46858 ssh2	2020-04-04 02:27:56

最近上报的IP列表

47.104.29.5	192.40.95.29	148.102.120.208	141.98.10.38
178.113.24.248	42.117.121.20	213.90.54.195	106.13.70.44
177.66.208.6	134.209.8.98	203.186.184.146	2002:755b:fe5e::755b:fe5e
104.248.73.146	103.207.38.151	94.23.156.199	140.129.25.81
113.53.71.35	66.76.58.60	110.164.67.47	151.80.140.166