129.211.66.107

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Port probing on unauthorized port 6379	2020-08-01 01:03:52

相同子网IP讨论:

IP	类型	评论内容	时间
129.211.66.195	attackspam	Invalid user dolly from 129.211.66.195 port 48922	2020-08-23 16:58:18
129.211.66.71	attackspam	DATE:2020-08-18 10:17:26,IP:129.211.66.71,MATCHES:11,PORT:ssh	2020-08-18 16:25:21
129.211.66.195	attackspambots	Aug 10 16:44:01 journals sshd\[63162\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.66.195 user=root Aug 10 16:44:04 journals sshd\[63162\]: Failed password for root from 129.211.66.195 port 47512 ssh2 Aug 10 16:47:43 journals sshd\[63512\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.66.195 user=root Aug 10 16:47:44 journals sshd\[63512\]: Failed password for root from 129.211.66.195 port 58056 ssh2 Aug 10 16:51:09 journals sshd\[63898\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.66.195 user=root ...	2020-08-11 00:03:00
129.211.66.71	attackspambots	Brute-force attempt banned	2020-08-05 12:18:58
129.211.66.195	attack	(sshd) Failed SSH login from 129.211.66.195 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Aug 3 14:16:02 elude sshd[32075]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.66.195 user=root Aug 3 14:16:04 elude sshd[32075]: Failed password for root from 129.211.66.195 port 59500 ssh2 Aug 3 14:22:20 elude sshd[528]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.66.195 user=root Aug 3 14:22:22 elude sshd[528]: Failed password for root from 129.211.66.195 port 36322 ssh2 Aug 3 14:28:33 elude sshd[1526]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.66.195 user=root	2020-08-03 20:39:15
129.211.66.71	attackbots	(sshd) Failed SSH login from 129.211.66.71 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jul 29 09:53:13 amsweb01 sshd[15533]: Invalid user yangxiao from 129.211.66.71 port 38632 Jul 29 09:53:16 amsweb01 sshd[15533]: Failed password for invalid user yangxiao from 129.211.66.71 port 38632 ssh2 Jul 29 10:02:56 amsweb01 sshd[16849]: Invalid user tanghao from 129.211.66.71 port 44704 Jul 29 10:02:58 amsweb01 sshd[16849]: Failed password for invalid user tanghao from 129.211.66.71 port 44704 ssh2 Jul 29 10:08:07 amsweb01 sshd[17610]: Invalid user imc from 129.211.66.71 port 52482	2020-07-29 16:34:12
129.211.66.71	attackbots	Jul 16 09:48:05 propaganda sshd[90232]: Connection from 129.211.66.71 port 37452 on 10.0.0.160 port 22 rdomain "" Jul 16 09:48:06 propaganda sshd[90232]: Connection closed by 129.211.66.71 port 37452 [preauth]	2020-07-17 04:59:07
129.211.66.71	attack	Jul 14 09:37:55 auw2 sshd\[27810\]: Invalid user jiachen from 129.211.66.71 Jul 14 09:37:55 auw2 sshd\[27810\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.66.71 Jul 14 09:37:57 auw2 sshd\[27810\]: Failed password for invalid user jiachen from 129.211.66.71 port 48034 ssh2 Jul 14 09:42:34 auw2 sshd\[28263\]: Invalid user carla from 129.211.66.71 Jul 14 09:42:34 auw2 sshd\[28263\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.66.71	2020-07-15 03:47:08
129.211.66.71	attackspam	2020-07-08T04:24:19.614160shield sshd\[24411\]: Invalid user banner from 129.211.66.71 port 59908 2020-07-08T04:24:19.617653shield sshd\[24411\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.66.71 2020-07-08T04:24:21.765179shield sshd\[24411\]: Failed password for invalid user banner from 129.211.66.71 port 59908 ssh2 2020-07-08T04:29:06.407672shield sshd\[25379\]: Invalid user sergei from 129.211.66.71 port 38740 2020-07-08T04:29:06.411736shield sshd\[25379\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.66.71	2020-07-08 12:39:56
129.211.66.71	attackspambots	Jun 21 12:05:35 onepixel sshd[4147256]: Invalid user admin from 129.211.66.71 port 49318 Jun 21 12:05:35 onepixel sshd[4147256]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.66.71 Jun 21 12:05:35 onepixel sshd[4147256]: Invalid user admin from 129.211.66.71 port 49318 Jun 21 12:05:37 onepixel sshd[4147256]: Failed password for invalid user admin from 129.211.66.71 port 49318 ssh2 Jun 21 12:10:31 onepixel sshd[4149968]: Invalid user palm from 129.211.66.71 port 59894	2020-06-22 03:04:21
129.211.66.71	attack	Jun 20 05:38:35 ns382633 sshd\[22725\]: Invalid user hadoop from 129.211.66.71 port 42686 Jun 20 05:38:35 ns382633 sshd\[22725\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.66.71 Jun 20 05:38:37 ns382633 sshd\[22725\]: Failed password for invalid user hadoop from 129.211.66.71 port 42686 ssh2 Jun 20 05:55:13 ns382633 sshd\[25963\]: Invalid user ywf from 129.211.66.71 port 51164 Jun 20 05:55:13 ns382633 sshd\[25963\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.66.71	2020-06-20 13:06:08
129.211.66.71	attackbots	Fail2Ban Ban Triggered	2020-06-11 05:03:18

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 129.211.66.107
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 25052
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;129.211.66.107.			IN	A

;; AUTHORITY SECTION:
.			584	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020073100 1800 900 604800 86400

;; Query time: 24 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Aug 01 01:03:45 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 107.66.211.129.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 107.66.211.129.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
164.132.46.197	attack	Dec 14 14:54:53 ncomp sshd[11071]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.132.46.197 user=root Dec 14 14:54:55 ncomp sshd[11071]: Failed password for root from 164.132.46.197 port 34898 ssh2 Dec 14 15:02:50 ncomp sshd[11209]: Invalid user beam from 164.132.46.197	2019-12-14 21:44:57
193.112.127.192	attackbotsspam	Invalid user tuscany from 193.112.127.192 port 60044	2019-12-14 21:46:25
130.162.66.198	attackspambots	Dec 14 16:45:43 server sshd\[19498\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=oc-130-162-66-198.compute.oraclecloud.com user=games Dec 14 16:45:45 server sshd\[19498\]: Failed password for games from 130.162.66.198 port 51393 ssh2 Dec 14 16:54:34 server sshd\[21702\]: Invalid user monitor from 130.162.66.198 Dec 14 16:54:34 server sshd\[21702\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=oc-130-162-66-198.compute.oraclecloud.com Dec 14 16:54:36 server sshd\[21702\]: Failed password for invalid user monitor from 130.162.66.198 port 49436 ssh2 ...	2019-12-14 22:09:32
192.155.88.15	attackbotsspam	Dec 14 00:27:08 server sshd\[16902\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=li572-15.members.linode.com Dec 14 00:27:11 server sshd\[16902\]: Failed password for invalid user butter from 192.155.88.15 port 42098 ssh2 Dec 14 08:11:21 server sshd\[29335\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=li572-15.members.linode.com user=mysql Dec 14 08:11:23 server sshd\[29335\]: Failed password for mysql from 192.155.88.15 port 52312 ssh2 Dec 14 13:44:11 server sshd\[30734\]: Invalid user oracle from 192.155.88.15 Dec 14 13:44:11 server sshd\[30734\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=li572-15.members.linode.com ...	2019-12-14 21:51:39
118.34.37.145	attack	Invalid user digital from 118.34.37.145 port 55364	2019-12-14 21:58:26
77.238.128.220	attack	[portscan] Port scan	2019-12-14 22:05:27
189.108.248.243	attackspambots	1576304552 - 12/14/2019 07:22:32 Host: 189.108.248.243/189.108.248.243 Port: 445 TCP Blocked	2019-12-14 21:37:07
137.74.198.126	attackspambots	2019-12-14T06:17:37.318243abusebot-7.cloudsearch.cf sshd\[10969\]: Invalid user sexual from 137.74.198.126 port 35892 2019-12-14T06:17:37.322441abusebot-7.cloudsearch.cf sshd\[10969\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=126.ip-137-74-198.eu 2019-12-14T06:17:39.691547abusebot-7.cloudsearch.cf sshd\[10969\]: Failed password for invalid user sexual from 137.74.198.126 port 35892 ssh2 2019-12-14T06:22:38.823444abusebot-7.cloudsearch.cf sshd\[10981\]: Invalid user alijo85 from 137.74.198.126 port 44516	2019-12-14 21:32:50
49.235.39.126	attackbots	$f2bV_matches	2019-12-14 21:43:59
188.233.238.213	attackbotsspam	Invalid user pospoint from 188.233.238.213 port 37368	2019-12-14 21:52:08
188.68.48.76	attack	Lines containing failures of 188.68.48.76 Dec 14 06:03:36 supported sshd[9794]: Did not receive identification string from 188.68.48.76 port 45637 Dec 14 06:05:33 supported sshd[10101]: Invalid user hana from 188.68.48.76 port 57544 Dec 14 06:05:33 supported sshd[10101]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.68.48.76 Dec 14 06:05:35 supported sshd[10101]: Failed password for invalid user hana from 188.68.48.76 port 57544 ssh2 Dec 14 06:05:36 supported sshd[10101]: Received disconnect from 188.68.48.76 port 57544:11: Bye Bye [preauth] Dec 14 06:05:36 supported sshd[10101]: Disconnected from invalid user hana 188.68.48.76 port 57544 [preauth] Dec 14 06:07:07 supported sshd[10377]: Invalid user user from 188.68.48.76 port 36889 Dec 14 06:07:07 supported sshd[10377]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.68.48.76 ........ ----------------------------------------------- https://www.blocklist.de/en/view.h	2019-12-14 21:54:20
190.187.78.198	attack	Dec 14 14:35:15 serwer sshd\[24936\]: Invalid user david from 190.187.78.198 port 36791 Dec 14 14:35:15 serwer sshd\[24936\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.187.78.198 Dec 14 14:35:17 serwer sshd\[24936\]: Failed password for invalid user david from 190.187.78.198 port 36791 ssh2 ...	2019-12-14 21:35:38
170.81.148.7	attackspam	Dec 14 03:47:56 wbs sshd\[3623\]: Invalid user webadmin from 170.81.148.7 Dec 14 03:47:56 wbs sshd\[3623\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=sistema.mitelecom.net.br Dec 14 03:47:58 wbs sshd\[3623\]: Failed password for invalid user webadmin from 170.81.148.7 port 33484 ssh2 Dec 14 03:56:21 wbs sshd\[4444\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=sistema.mitelecom.net.br user=root Dec 14 03:56:22 wbs sshd\[4444\]: Failed password for root from 170.81.148.7 port 34002 ssh2	2019-12-14 22:08:01
123.207.233.79	attack	Unauthorized connection attempt detected from IP address 123.207.233.79 to port 22	2019-12-14 21:40:37
119.226.66.66	attack	Unauthorized connection attempt from IP address 119.226.66.66 on Port 445(SMB)	2019-12-14 21:53:06

最近上报的IP列表

153.195.197.178	122.117.125.56	113.131.119.159	65.197.23.240
13.135.142.71	105.18.235.153	209.122.171.210	147.67.107.85
187.1.62.87	50.73.61.252	51.223.214.187	103.236.115.165
72.63.52.53	106.13.201.44	117.39.167.81	82.74.75.147
213.252.76.105	76.165.126.216	59.122.42.231	183.105.27.99