134.73.129.29 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): EliDC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	2019-07-28T23:25:01.864684centos sshd\[29612\]: Invalid user p@sswd123\$%\^ from 134.73.129.29 port 41710 2019-07-28T23:25:01.871442centos sshd\[29612\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.73.129.29 2019-07-28T23:25:03.686474centos sshd\[29612\]: Failed password for invalid user p@sswd123\$%\^ from 134.73.129.29 port 41710 ssh2	2019-07-29 10:21:59

类型

评论内容

时间

attackbots

2019-07-28T23:25:01.864684centos sshd\[29612\]: Invalid user p@sswd123\$%\^ from 134.73.129.29 port 41710
2019-07-28T23:25:01.871442centos sshd\[29612\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.73.129.29
2019-07-28T23:25:03.686474centos sshd\[29612\]: Failed password for invalid user p@sswd123\$%\^ from 134.73.129.29 port 41710 ssh2

2019-07-29 10:21:59

相同子网IP讨论:

IP	类型	评论内容	时间
134.73.129.2	attackbotsspam	Aug 16 00:26:46 MK-Soft-VM7 sshd\[5700\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.73.129.2 user=root Aug 16 00:26:48 MK-Soft-VM7 sshd\[5700\]: Failed password for root from 134.73.129.2 port 45102 ssh2 Aug 16 00:31:16 MK-Soft-VM7 sshd\[5746\]: Invalid user client from 134.73.129.2 port 43024 ...	2019-08-16 09:43:59
134.73.129.2	attack	Aug 13 12:47:30 plex sshd[2174]: Invalid user mc from 134.73.129.2 port 58614	2019-08-13 19:11:20
134.73.129.111	attackbotsspam	Brute force SMTP login attempted. ...	2019-08-10 05:00:58
134.73.129.125	attackspambots	Brute force SMTP login attempted. ...	2019-08-10 05:00:23
134.73.129.127	attackbots	Brute force SMTP login attempted. ...	2019-08-10 05:00:06
134.73.129.130	attackbots	Brute force SMTP login attempted. ...	2019-08-10 04:59:48
134.73.129.134	attackbotsspam	Brute force SMTP login attempted. ...	2019-08-10 04:58:31
134.73.129.143	attack	Brute force SMTP login attempted. ...	2019-08-10 04:56:39
134.73.129.154	attack	Brute force SMTP login attempted. ...	2019-08-10 04:56:15
134.73.129.156	attackbots	Brute force SMTP login attempted. ...	2019-08-10 04:55:12
134.73.129.161	attackspam	Brute force SMTP login attempted. ...	2019-08-10 04:54:40
134.73.129.162	attack	Brute force SMTP login attempted. ...	2019-08-10 04:54:03
134.73.129.170	attackbotsspam	Brute force SMTP login attempted. ...	2019-08-10 04:53:15
134.73.129.173	attackbotsspam	Brute force SMTP login attempted. ...	2019-08-10 04:52:24
134.73.129.190	attack	Brute force SMTP login attempted. ...	2019-08-10 04:51:23

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 134.73.129.29
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 39936
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;134.73.129.29.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019072801 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Jul 29 10:21:52 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 29.129.73.134.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 29.129.73.134.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
51.38.32.230	attackspambots	Invalid user demo1 from 51.38.32.230 port 57768	2020-08-31 18:39:46
141.98.9.36	attackspam	" "	2020-08-31 18:54:11
103.106.242.100	attackbots	20/8/30@23:49:18: FAIL: Alarm-Network address from=103.106.242.100 20/8/30@23:49:18: FAIL: Alarm-Network address from=103.106.242.100 ...	2020-08-31 18:37:03
183.110.223.149	attackspambots	TCP port : 19207	2020-08-31 18:41:40
142.90.1.45	attack	Time: Sun Aug 30 23:50:57 2020 -0400 IP: 142.90.1.45 (CA/Canada/ip-142-90-1-45.user.start.ca) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Aug 30 23:40:28 pv-11-ams1 sshd[12801]: Failed password for root from 142.90.1.45 port 43986 ssh2 Aug 30 23:46:59 pv-11-ams1 sshd[13108]: Invalid user yxu from 142.90.1.45 port 46998 Aug 30 23:47:01 pv-11-ams1 sshd[13108]: Failed password for invalid user yxu from 142.90.1.45 port 46998 ssh2 Aug 30 23:50:49 pv-11-ams1 sshd[13242]: Invalid user oracle from 142.90.1.45 port 50980 Aug 30 23:50:52 pv-11-ams1 sshd[13242]: Failed password for invalid user oracle from 142.90.1.45 port 50980 ssh2	2020-08-31 18:44:59
146.88.240.4	attack	UDP 146.88.240.4:33090 -> port 389, len 81	2020-08-31 18:40:05
176.27.216.16	attackspam	Invalid user g from 176.27.216.16 port 53529	2020-08-31 18:58:28
95.232.73.111	attackspambots	DATE:2020-08-31 05:48:45, IP:95.232.73.111, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2020-08-31 18:56:54
141.98.9.166	attackbots	2020-08-30 UTC: (4x) - admin(2x),ubnt(2x)	2020-08-31 19:02:44
128.199.214.208	attackspambots	(sshd) Failed SSH login from 128.199.214.208 (SG/Singapore/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Aug 31 04:01:51 server5 sshd[23742]: Invalid user xxxx from 128.199.214.208 Aug 31 04:01:51 server5 sshd[23742]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.214.208 Aug 31 04:01:53 server5 sshd[23742]: Failed password for invalid user xxxx from 128.199.214.208 port 48786 ssh2 Aug 31 04:08:29 server5 sshd[26406]: Invalid user testftp from 128.199.214.208 Aug 31 04:08:29 server5 sshd[26406]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.214.208	2020-08-31 18:42:31
200.27.212.22	attack	Aug 31 03:27:23 dignus sshd[12157]: Failed password for invalid user lexis from 200.27.212.22 port 45604 ssh2 Aug 31 03:32:52 dignus sshd[12890]: Invalid user david from 200.27.212.22 port 49542 Aug 31 03:32:52 dignus sshd[12890]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.27.212.22 Aug 31 03:32:54 dignus sshd[12890]: Failed password for invalid user david from 200.27.212.22 port 49542 ssh2 Aug 31 03:38:12 dignus sshd[13559]: Invalid user xwz from 200.27.212.22 port 53488 ...	2020-08-31 19:00:48
121.55.240.208	attackbots	Port probing on unauthorized port 5555	2020-08-31 18:42:59
141.98.9.35	attackbotsspam	" "	2020-08-31 18:54:27
119.96.93.33	attack	Unauthorized connection attempt detected from IP address 119.96.93.33 to port 23 [T]	2020-08-31 18:45:29
190.111.184.2	attackspambots	Unauthorized connection attempt detected from IP address 190.111.184.2 to port 80 [T]	2020-08-31 18:56:27

最近上报的IP列表

13.73.105.153	183.131.18.170	159.89.84.60	119.1.35.249
49.236.203.166	39.74.106.98	125.224.110.52	1.163.44.172
4.69.202.222	120.29.75.77	42.6.137.128	85.106.162.30
148.247.102.222	180.117.110.52	62.234.142.165	106.90.222.221
118.33.32.214	171.125.48.184	116.104.93.66	132.162.227.42