129.211.55.124

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	SSH bruteforce	2020-04-21 05:16:31

相同子网IP讨论:

IP	类型	评论内容	时间
129.211.55.22	attack	Jul 22 13:28:53 dignus sshd[25452]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.55.22 Jul 22 13:28:55 dignus sshd[25452]: Failed password for invalid user nelson from 129.211.55.22 port 55362 ssh2 Jul 22 13:35:36 dignus sshd[26351]: Invalid user sshvpn from 129.211.55.22 port 43584 Jul 22 13:35:36 dignus sshd[26351]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.55.22 Jul 22 13:35:38 dignus sshd[26351]: Failed password for invalid user sshvpn from 129.211.55.22 port 43584 ssh2 ...	2020-07-23 04:49:58
129.211.55.22	attackspambots	Jul 20 05:50:04 h2779839 sshd[11125]: Invalid user admin from 129.211.55.22 port 45274 Jul 20 05:50:04 h2779839 sshd[11125]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.55.22 Jul 20 05:50:04 h2779839 sshd[11125]: Invalid user admin from 129.211.55.22 port 45274 Jul 20 05:50:07 h2779839 sshd[11125]: Failed password for invalid user admin from 129.211.55.22 port 45274 ssh2 Jul 20 05:53:53 h2779839 sshd[12679]: Invalid user zxx from 129.211.55.22 port 56264 Jul 20 05:53:53 h2779839 sshd[12679]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.55.22 Jul 20 05:53:53 h2779839 sshd[12679]: Invalid user zxx from 129.211.55.22 port 56264 Jul 20 05:53:55 h2779839 sshd[12679]: Failed password for invalid user zxx from 129.211.55.22 port 56264 ssh2 Jul 20 05:55:08 h2779839 sshd[12828]: Invalid user dekait from 129.211.55.22 port 41328 ...	2020-07-20 14:25:58
129.211.55.22	attack	SSH brute force	2020-07-08 09:37:40
129.211.55.22	attack	2020-06-24T03:25:07.571936billing sshd[7465]: Failed password for invalid user cacti from 129.211.55.22 port 59016 ssh2 2020-06-24T03:32:50.749825billing sshd[24598]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.55.22 user=root 2020-06-24T03:32:52.295782billing sshd[24598]: Failed password for root from 129.211.55.22 port 57948 ssh2 ...	2020-06-24 06:48:19
129.211.55.6	attackspambots	Jun 17 18:29:39 srv sshd[22374]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.55.6	2020-06-18 00:32:54
129.211.55.22	attack	Jun 13 06:24:00 dignus sshd[11402]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.55.22 user=root Jun 13 06:24:02 dignus sshd[11402]: Failed password for root from 129.211.55.22 port 37314 ssh2 Jun 13 06:29:07 dignus sshd[11852]: Invalid user ts3bot1 from 129.211.55.22 port 34474 Jun 13 06:29:07 dignus sshd[11852]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.55.22 Jun 13 06:29:09 dignus sshd[11852]: Failed password for invalid user ts3bot1 from 129.211.55.22 port 34474 ssh2 ...	2020-06-13 21:33:24
129.211.55.6	attack	Jun 9 13:26:35 localhost sshd[53949]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.55.6 user=root Jun 9 13:26:37 localhost sshd[53949]: Failed password for root from 129.211.55.6 port 54728 ssh2 Jun 9 13:32:01 localhost sshd[54430]: Invalid user mjkang from 129.211.55.6 port 57610 Jun 9 13:32:01 localhost sshd[54430]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.55.6 Jun 9 13:32:01 localhost sshd[54430]: Invalid user mjkang from 129.211.55.6 port 57610 Jun 9 13:32:03 localhost sshd[54430]: Failed password for invalid user mjkang from 129.211.55.6 port 57610 ssh2 ...	2020-06-09 21:52:49
129.211.55.22	attackbots	Jun 9 19:10:30 itv-usvr-01 sshd[485]: Invalid user ekologia from 129.211.55.22 Jun 9 19:10:30 itv-usvr-01 sshd[485]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.55.22 Jun 9 19:10:30 itv-usvr-01 sshd[485]: Invalid user ekologia from 129.211.55.22 Jun 9 19:10:32 itv-usvr-01 sshd[485]: Failed password for invalid user ekologia from 129.211.55.22 port 41942 ssh2 Jun 9 19:17:30 itv-usvr-01 sshd[813]: Invalid user cuisine from 129.211.55.22	2020-06-09 21:06:43
129.211.55.22	attackspam	$f2bV_matches	2020-06-04 02:13:43
129.211.55.6	attack	Invalid user mv from 129.211.55.6 port 39540	2020-05-30 12:23:08
129.211.55.22	attackspambots	May 28 14:42:13 vps sshd[1027481]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.55.22 user=root May 28 14:42:16 vps sshd[1027481]: Failed password for root from 129.211.55.22 port 39276 ssh2 May 28 14:48:09 vps sshd[4279]: Invalid user qwert from 129.211.55.22 port 45696 May 28 14:48:09 vps sshd[4279]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.55.22 May 28 14:48:11 vps sshd[4279]: Failed password for invalid user qwert from 129.211.55.22 port 45696 ssh2 ...	2020-05-29 00:14:17
129.211.55.6	attack	May 26 17:51:27 icinga sshd[28795]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.55.6 May 26 17:51:30 icinga sshd[28795]: Failed password for invalid user hadoop from 129.211.55.6 port 60594 ssh2 May 26 18:04:04 icinga sshd[48560]: Failed password for root from 129.211.55.6 port 38580 ssh2 ...	2020-05-27 00:56:55
129.211.55.22	attackbots	May 25 06:07:17 vps sshd[753365]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.55.22 May 25 06:07:19 vps sshd[753365]: Failed password for invalid user webadmin from 129.211.55.22 port 60366 ssh2 May 25 06:12:52 vps sshd[781210]: Invalid user william from 129.211.55.22 port 37204 May 25 06:12:52 vps sshd[781210]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.55.22 May 25 06:12:54 vps sshd[781210]: Failed password for invalid user william from 129.211.55.22 port 37204 ssh2 ...	2020-05-25 16:13:12
129.211.55.6	attackbots	May 25 06:14:36 web1 sshd[16964]: Invalid user neriishi from 129.211.55.6 port 60360 May 25 06:14:36 web1 sshd[16964]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.55.6 May 25 06:14:36 web1 sshd[16964]: Invalid user neriishi from 129.211.55.6 port 60360 May 25 06:14:38 web1 sshd[16964]: Failed password for invalid user neriishi from 129.211.55.6 port 60360 ssh2 May 25 06:26:20 web1 sshd[20156]: Invalid user usuario from 129.211.55.6 port 55972 May 25 06:26:20 web1 sshd[20156]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.55.6 May 25 06:26:20 web1 sshd[20156]: Invalid user usuario from 129.211.55.6 port 55972 May 25 06:26:22 web1 sshd[20156]: Failed password for invalid user usuario from 129.211.55.6 port 55972 ssh2 May 25 06:31:59 web1 sshd[21554]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.55.6 user=root May 25 06:32:01 web1 sshd[2 ...	2020-05-25 04:54:04
129.211.55.22	attackbots	Invalid user bpp from 129.211.55.22 port 41414	2020-05-24 06:43:24

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 129.211.55.124
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 23351
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;129.211.55.124.			IN	A

;; AUTHORITY SECTION:
.			524	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020042001 1800 900 604800 86400

;; Query time: 137 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Apr 21 05:16:27 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 124.55.211.129.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 124.55.211.129.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
118.72.108.115	attackbots	Telnetd brute force attack detected by fail2ban	2019-07-03 21:33:10
140.143.132.167	attackspam	Jul 3 14:22:23 ip-172-31-1-72 sshd\[6106\]: Invalid user elisabeth from 140.143.132.167 Jul 3 14:22:23 ip-172-31-1-72 sshd\[6106\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.132.167 Jul 3 14:22:25 ip-172-31-1-72 sshd\[6106\]: Failed password for invalid user elisabeth from 140.143.132.167 port 58778 ssh2 Jul 3 14:25:11 ip-172-31-1-72 sshd\[6155\]: Invalid user time from 140.143.132.167 Jul 3 14:25:11 ip-172-31-1-72 sshd\[6155\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.132.167	2019-07-03 22:25:48
75.101.200.36	attack	Jul 3 13:28:29 TCP Attack: SRC=75.101.200.36 DST=[Masked] LEN=250 TOS=0x00 PREC=0x00 TTL=234 DF PROTO=TCP SPT=41988 DPT=80 WINDOW=913 RES=0x00 ACK PSH URGP=0	2019-07-03 22:10:52
167.99.65.138	attackspambots	SSH Brute-Forcing (ownc)	2019-07-03 21:41:45
179.43.144.130	attack	GET /web.tar.gz HTTP/1.0	2019-07-03 22:10:23
221.229.162.169	attackspam	Unauthorised access (Jul 3) SRC=221.229.162.169 LEN=40 TTL=103 ID=256 TCP DPT=1433 WINDOW=16384 SYN Unauthorised access (Jul 3) SRC=221.229.162.169 LEN=40 TTL=103 ID=256 TCP DPT=1433 WINDOW=16384 SYN Unauthorised access (Jul 2) SRC=221.229.162.169 LEN=40 TTL=103 ID=256 TCP DPT=1433 WINDOW=16384 SYN Unauthorised access (Jul 2) SRC=221.229.162.169 LEN=40 TTL=103 ID=256 TCP DPT=1433 WINDOW=16384 SYN Unauthorised access (Jul 1) SRC=221.229.162.169 LEN=40 TTL=103 ID=256 TCP DPT=3306 WINDOW=16384 SYN Unauthorised access (Jul 1) SRC=221.229.162.169 LEN=40 TTL=103 ID=256 TCP DPT=1433 WINDOW=16384 SYN Unauthorised access (Jun 30) SRC=221.229.162.169 LEN=40 TTL=103 ID=256 TCP DPT=3306 WINDOW=16384 SYN Unauthorised access (Jun 30) SRC=221.229.162.169 LEN=40 TTL=103 ID=256 TCP DPT=3306 WINDOW=16384 SYN	2019-07-03 21:34:43
185.234.216.33	attackbots	0,36-04/04 concatform PostRequest-Spammer scoring: Lusaka02	2019-07-03 22:07:34
162.243.144.89	attackbotsspam	03.07.2019 13:29:28 Connection to port 900 blocked by firewall	2019-07-03 21:46:29
177.92.16.186	attackbots	SSH invalid-user multiple login attempts	2019-07-03 21:26:45
157.55.39.114	attack	Automatic report - Web App Attack	2019-07-03 21:47:27
210.211.96.112	attackspam	Jul 3 13:28:43 MK-Soft-VM6 sshd\[27482\]: Invalid user carter from 210.211.96.112 port 45360 Jul 3 13:28:43 MK-Soft-VM6 sshd\[27482\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.211.96.112 Jul 3 13:28:45 MK-Soft-VM6 sshd\[27482\]: Failed password for invalid user carter from 210.211.96.112 port 45360 ssh2 ...	2019-07-03 21:59:01
195.159.205.88	attackspam	195.159.205.88 - - \[03/Jul/2019:13:29:19 +0000\] "POST /wp-admin/admin-ajax.php HTTP/1.1" 200 54 "https://centric.upup.se/" "Mozilla/5.0 $Windows NT 10.0\; Win64\; x64$ AppleWebKit/537.36 $KHTML, like Gecko$ Chrome/58.0.3029.110 Safari/537.36 Edge/16.16299" "-"195.159.205.88 - - \[03/Jul/2019:13:29:19 +0000\] "POST /wp-admin/admin-ajax.php HTTP/1.1" 200 54 "https://centric.upup.se/" "Mozilla/5.0 $Windows NT 10.0\; Win64\; x64$ AppleWebKit/537.36 $KHTML, like Gecko$ Chrome/58.0.3029.110 Safari/537.36 Edge/16.16299" "-"195.159.205.88 - - \[03/Jul/2019:13:29:20 +0000\] "POST /wp-admin/admin-ajax.php HTTP/1.1" 200 54 "https://centric.upup.se/" "Mozilla/5.0 $Windows NT 10.0\; Win64\; x64$ AppleWebKit/537.36 $KHTML, like Gecko$ Chrome/58.0.3029.110 Safari/537.36 Edge/16.16299" "-"195.159.205.88 - - \[03/Jul/2019:13:29:20 +0000\] "POST /wp-admin/admin-ajax.php HTTP/1.1" 200 54 "https://centric.upup.se/" "Mozilla/5.0 $Windows NT 10.0\; Win64\; x64$ AppleWebKit/537.36 $KHTML, like Gecko$ Chrome/58.0.3	2019-07-03 21:32:32
153.36.236.35	attack	Jul 3 15:47:31 dev sshd\[16723\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=153.36.236.35 user=root Jul 3 15:47:33 dev sshd\[16723\]: Failed password for root from 153.36.236.35 port 42492 ssh2 ...	2019-07-03 21:48:56
180.156.14.61	attackspambots	23/tcp [2019-07-03]1pkt	2019-07-03 21:28:28
185.173.35.41	attackspambots	03.07.2019 13:28:13 Connection to port 7547 blocked by firewall	2019-07-03 22:17:43

最近上报的IP列表

110.246.176.36	181.16.175.205	90.70.83.201	118.27.15.50
119.93.174.32	77.100.111.24	91.83.100.185	218.41.31.79
79.35.81.65	221.3.106.121	24.231.171.98	44.252.183.227
104.246.4.6	200.128.126.75	92.90.32.95	223.63.62.154
90.183.94.210	35.173.226.9	81.65.160.168	154.146.248.30