212.129.138.211

基本信息:

城市(city): unknown

省份(region): Beijing

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd

主机名(hostname): unknown

机构(organization): Shenzhen Tencent Computer Systems Company Limited

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Invalid user DUP from 212.129.138.211 port 34866	2019-11-01 16:01:03
attackbots	Invalid user DUP from 212.129.138.211 port 49417	2019-11-01 08:16:42
attackbotsspam	Automatic report - Banned IP Access	2019-08-02 20:33:38
attackbotsspam	Invalid user DUP from 212.129.138.211 port 48599	2019-07-28 07:55:27
attackspambots	Invalid user DUP from 212.129.138.211 port 48599	2019-07-24 17:27:22

相同子网IP讨论:

IP	类型	评论内容	时间
212.129.138.198	attackspam	Nov 21 22:16:13 ms-srv sshd[53269]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.129.138.198 user=nobody Nov 21 22:16:15 ms-srv sshd[53269]: Failed password for invalid user nobody from 212.129.138.198 port 56501 ssh2	2020-03-09 04:11:53
212.129.138.198	attackspam	Nov 21 22:16:13 ms-srv sshd[53269]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.129.138.198 user=nobody Nov 21 22:16:15 ms-srv sshd[53269]: Failed password for invalid user nobody from 212.129.138.198 port 56501 ssh2	2020-02-15 23:44:33
212.129.138.198	attackbots	Dec 22 16:43:07 vps691689 sshd[26358]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.129.138.198 Dec 22 16:43:09 vps691689 sshd[26358]: Failed password for invalid user salim from 212.129.138.198 port 43049 ssh2 Dec 22 16:49:34 vps691689 sshd[26550]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.129.138.198 ...	2019-12-23 02:51:59
212.129.138.198	attackspam	web-1 [ssh_2] SSH Attack	2019-12-21 02:44:24
212.129.138.198	attackbots	--- report --- Dec 17 18:58:08 sshd: Connection from 212.129.138.198 port 35432 Dec 17 18:58:11 sshd: Failed password for root from 212.129.138.198 port 35432 ssh2 Dec 17 18:58:12 sshd: Received disconnect from 212.129.138.198: 11: Bye Bye [preauth]	2019-12-18 06:26:15
212.129.138.198	attackbotsspam	Dec 17 08:49:13 ny01 sshd[26073]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.129.138.198 Dec 17 08:49:15 ny01 sshd[26073]: Failed password for invalid user server from 212.129.138.198 port 55663 ssh2 Dec 17 08:57:02 ny01 sshd[27254]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.129.138.198	2019-12-17 22:08:05
212.129.138.67	attack	Dec 4 03:05:36 sachi sshd\[27060\]: Invalid user brasov from 212.129.138.67 Dec 4 03:05:36 sachi sshd\[27060\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.129.138.67 Dec 4 03:05:38 sachi sshd\[27060\]: Failed password for invalid user brasov from 212.129.138.67 port 41416 ssh2 Dec 4 03:13:47 sachi sshd\[27942\]: Invalid user corette from 212.129.138.67 Dec 4 03:13:47 sachi sshd\[27942\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.129.138.67	2019-12-05 00:23:10
212.129.138.67	attack	$f2bV_matches	2019-12-04 06:00:40
212.129.138.67	attack	Nov 28 09:55:27 microserver sshd[57335]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.129.138.67 user=root Nov 28 09:55:29 microserver sshd[57335]: Failed password for root from 212.129.138.67 port 44214 ssh2 Nov 28 10:03:06 microserver sshd[58185]: Invalid user deboer from 212.129.138.67 port 54964 Nov 28 10:03:06 microserver sshd[58185]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.129.138.67 Nov 28 10:03:08 microserver sshd[58185]: Failed password for invalid user deboer from 212.129.138.67 port 54964 ssh2 Nov 28 10:18:24 microserver sshd[60241]: Invalid user gronnesby from 212.129.138.67 port 48232 Nov 28 10:18:24 microserver sshd[60241]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.129.138.67 Nov 28 10:18:27 microserver sshd[60241]: Failed password for invalid user gronnesby from 212.129.138.67 port 48232 ssh2 Nov 28 10:26:01 microserver sshd[61494]: Invalid user h	2019-11-28 17:57:08
212.129.138.67	attackbots	Nov 27 15:43:46 root sshd[8694]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.129.138.67 Nov 27 15:43:48 root sshd[8694]: Failed password for invalid user hoea from 212.129.138.67 port 51110 ssh2 Nov 27 15:52:35 root sshd[8837]: Failed password for backup from 212.129.138.67 port 34356 ssh2 ...	2019-11-28 01:24:52
212.129.138.67	attack	Invalid user podolsky from 212.129.138.67 port 33684	2019-11-24 14:10:15
212.129.138.198	attackbotsspam	Nov 19 12:32:56 gw1 sshd[3127]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.129.138.198 Nov 19 12:32:58 gw1 sshd[3127]: Failed password for invalid user knoebel from 212.129.138.198 port 54586 ssh2 ...	2019-11-19 15:53:00
212.129.138.198	attack	2019-11-18T15:54:57.690607abusebot-2.cloudsearch.cf sshd\[22087\]: Invalid user maccarthy from 212.129.138.198 port 60336	2019-11-19 00:20:06
212.129.138.67	attack	SSH Brute Force, server-1 sshd[32541]: Failed password for invalid user guest from 212.129.138.67 port 48480 ssh2	2019-11-14 03:58:47
212.129.138.67	attackbotsspam	2019-11-10T05:44:13.622110 sshd[12399]: Invalid user freware from 212.129.138.67 port 39012 2019-11-10T05:44:13.635684 sshd[12399]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.129.138.67 2019-11-10T05:44:13.622110 sshd[12399]: Invalid user freware from 212.129.138.67 port 39012 2019-11-10T05:44:15.836205 sshd[12399]: Failed password for invalid user freware from 212.129.138.67 port 39012 ssh2 2019-11-10T05:54:40.673306 sshd[12537]: Invalid user abcs from 212.129.138.67 port 52162 ...	2019-11-10 13:20:01

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 212.129.138.211
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 29257
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;212.129.138.211.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019041400 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Sun Apr 14 18:34:00 +08 2019
;; MSG SIZE  rcvd: 119

HOST信息:

Host 211.138.129.212.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 211.138.129.212.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
190.53.232.61	attack	Brute force attempt	2019-11-23 16:45:07
222.186.180.8	attackspam	Nov 23 09:00:40 venus sshd\[28020\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.8 user=root Nov 23 09:00:42 venus sshd\[28020\]: Failed password for root from 222.186.180.8 port 11006 ssh2 Nov 23 09:00:44 venus sshd\[28020\]: Failed password for root from 222.186.180.8 port 11006 ssh2 ...	2019-11-23 17:05:22
176.10.250.50	attackspambots	Lines containing failures of 176.10.250.50 Nov 20 21:54:08 dns01 sshd[19784]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=176.10.250.50 user=r.r Nov 20 21:54:11 dns01 sshd[19784]: Failed password for r.r from 176.10.250.50 port 44894 ssh2 Nov 20 21:54:11 dns01 sshd[19784]: Received disconnect from 176.10.250.50 port 44894:11: Bye Bye [preauth] Nov 20 21:54:11 dns01 sshd[19784]: Disconnected from authenticating user r.r 176.10.250.50 port 44894 [preauth] Nov 20 22:17:05 dns01 sshd[24403]: Invalid user zulmarie from 176.10.250.50 port 49692 Nov 20 22:17:05 dns01 sshd[24403]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=176.10.250.50 Nov 20 22:17:07 dns01 sshd[24403]: Failed password for invalid user zulmarie from 176.10.250.50 port 49692 ssh2 Nov 20 22:17:07 dns01 sshd[24403]: Received disconnect from 176.10.250.50 port 49692:11: Bye Bye [preauth] Nov 20 22:17:07 dns01 sshd[24403]: Disc........ ------------------------------	2019-11-23 16:54:07
122.170.177.102	attackbots	2019-11-20 07:35:16 H=(abts-mum-dynamic-102.177.170.122-airtelbroadband.in) [122.170.177.102]:25616 I=[10.100.18.23]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=122.170.177.102) 2019-11-20 07:35:16 unexpected disconnection while reading SMTP command from (abts-mum-dynamic-102.177.170.122-airtelbroadband.in) [122.170.177.102]:25616 I=[10.100.18.23]:25 (error: Connection reset by peer) 2019-11-20 08:11:50 H=(abts-mum-dynamic-102.177.170.122-airtelbroadband.in) [122.170.177.102]:30392 I=[10.100.18.23]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=122.170.177.102) ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=122.170.177.102	2019-11-23 16:40:27
180.101.125.162	attackspam	Nov 22 22:29:09 kapalua sshd\[14522\]: Invalid user info from 180.101.125.162 Nov 22 22:29:09 kapalua sshd\[14522\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.101.125.162 Nov 22 22:29:11 kapalua sshd\[14522\]: Failed password for invalid user info from 180.101.125.162 port 42420 ssh2 Nov 22 22:33:49 kapalua sshd\[14916\]: Invalid user nedelec from 180.101.125.162 Nov 22 22:33:49 kapalua sshd\[14916\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.101.125.162	2019-11-23 16:37:09
117.50.49.57	attackbots	Invalid user jira from 117.50.49.57 port 57732	2019-11-23 17:04:23
152.136.151.152	attackbotsspam	$f2bV_matches	2019-11-23 16:55:23
186.227.142.201	attackbots	Automatic report - Port Scan Attack	2019-11-23 16:29:58
106.12.92.88	attackspam	2019-11-23T01:12:01.1022811495-001 sshd\[51933\]: Invalid user wwwadmin from 106.12.92.88 port 42790 2019-11-23T01:12:01.1070561495-001 sshd\[51933\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.92.88 2019-11-23T01:12:03.3096641495-001 sshd\[51933\]: Failed password for invalid user wwwadmin from 106.12.92.88 port 42790 ssh2 2019-11-23T01:17:09.9293291495-001 sshd\[52094\]: Invalid user zhaine from 106.12.92.88 port 49092 2019-11-23T01:17:09.9367671495-001 sshd\[52094\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.92.88 2019-11-23T01:17:12.4207381495-001 sshd\[52094\]: Failed password for invalid user zhaine from 106.12.92.88 port 49092 ssh2 ...	2019-11-23 16:33:15
143.137.177.26	attackspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/143.137.177.26/ BR - 1H : (154) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : BR NAME ASN : ASN263426 IP : 143.137.177.26 CIDR : 143.137.176.0/23 PREFIX COUNT : 5 UNIQUE IP COUNT : 2048 ATTACKS DETECTED ASN263426 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 1 DateTime : 2019-11-23 07:26:56 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-11-23 17:03:57
106.12.32.48	attack	Nov 23 09:13:16 vps666546 sshd\[30631\]: Invalid user 1234567 from 106.12.32.48 port 33758 Nov 23 09:13:16 vps666546 sshd\[30631\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.32.48 Nov 23 09:13:18 vps666546 sshd\[30631\]: Failed password for invalid user 1234567 from 106.12.32.48 port 33758 ssh2 Nov 23 09:18:27 vps666546 sshd\[30765\]: Invalid user Motdepasse_111 from 106.12.32.48 port 39696 Nov 23 09:18:27 vps666546 sshd\[30765\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.32.48 ...	2019-11-23 16:29:26
92.81.119.26	attackbotsspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/92.81.119.26/ RO - 1H : (16) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : RO NAME ASN : ASN9050 IP : 92.81.119.26 CIDR : 92.81.0.0/17 PREFIX COUNT : 222 UNIQUE IP COUNT : 1518080 ATTACKS DETECTED ASN9050 : 1H - 1 3H - 2 6H - 2 12H - 4 24H - 8 DateTime : 2019-11-23 07:27:32 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-11-23 16:42:13
173.45.164.2	attackbots	Nov 23 07:30:19 ip-172-31-62-245 sshd\[25740\]: Invalid user 11zz22xx from 173.45.164.2\ Nov 23 07:30:21 ip-172-31-62-245 sshd\[25740\]: Failed password for invalid user 11zz22xx from 173.45.164.2 port 46680 ssh2\ Nov 23 07:33:55 ip-172-31-62-245 sshd\[25753\]: Invalid user gamma123 from 173.45.164.2\ Nov 23 07:33:56 ip-172-31-62-245 sshd\[25753\]: Failed password for invalid user gamma123 from 173.45.164.2 port 54330 ssh2\ Nov 23 07:37:30 ip-172-31-62-245 sshd\[25782\]: Invalid user ykusyylq from 173.45.164.2\	2019-11-23 16:38:46
168.197.77.231	attackspam	" "	2019-11-23 16:36:53
182.61.27.149	attack	Nov 23 09:18:38 OPSO sshd\[25194\]: Invalid user gdms from 182.61.27.149 port 43062 Nov 23 09:18:38 OPSO sshd\[25194\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.27.149 Nov 23 09:18:40 OPSO sshd\[25194\]: Failed password for invalid user gdms from 182.61.27.149 port 43062 ssh2 Nov 23 09:23:34 OPSO sshd\[26014\]: Invalid user 124680 from 182.61.27.149 port 50130 Nov 23 09:23:34 OPSO sshd\[26014\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.27.149	2019-11-23 16:31:36

最近上报的IP列表

49.150.94.13	193.228.57.30	110.49.40.2	212.156.113.66
184.22.124.85	162.243.160.215	193.95.183.104	94.97.33.255
201.59.14.26	42.238.144.50	157.230.108.13	206.41.177.126
103.53.165.1	142.93.67.103	116.68.105.247	107.174.150.106
177.52.26.26	134.209.74.77	82.235.80.66	179.110.224.27