129.204.173.145

Basic Info

City: unknown

Region: Beijing

Country: China

Internet Service Provider: Tencent Cloud Computing (Beijing) Co. Ltd

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Feb 13 07:45:55 dillonfme sshd\[31394\]: Invalid user teste from 129.204.173.145 port 38930 Feb 13 07:45:55 dillonfme sshd\[31394\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.173.145 Feb 13 07:45:57 dillonfme sshd\[31394\]: Failed password for invalid user teste from 129.204.173.145 port 38930 ssh2 Feb 13 07:52:58 dillonfme sshd\[31665\]: Invalid user joel from 129.204.173.145 port 58508 Feb 13 07:52:58 dillonfme sshd\[31665\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.173.145 ...	2019-12-24 04:26:59

Type

Details

Datetime

attackspam

Feb 13 07:45:55 dillonfme sshd\[31394\]: Invalid user teste from 129.204.173.145 port 38930
Feb 13 07:45:55 dillonfme sshd\[31394\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.173.145
Feb 13 07:45:57 dillonfme sshd\[31394\]: Failed password for invalid user teste from 129.204.173.145 port 38930 ssh2
Feb 13 07:52:58 dillonfme sshd\[31665\]: Invalid user joel from 129.204.173.145 port 58508
Feb 13 07:52:58 dillonfme sshd\[31665\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.173.145
...

2019-12-24 04:26:59

Comments on same subnet:

IP	Type	Details	Datetime
129.204.173.194	attackspambots	2020-08-22T11:32:10.476487galaxy.wi.uni-potsdam.de sshd[3643]: Invalid user oracle from 129.204.173.194 port 37876 2020-08-22T11:32:10.481456galaxy.wi.uni-potsdam.de sshd[3643]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.173.194 2020-08-22T11:32:10.476487galaxy.wi.uni-potsdam.de sshd[3643]: Invalid user oracle from 129.204.173.194 port 37876 2020-08-22T11:32:12.726693galaxy.wi.uni-potsdam.de sshd[3643]: Failed password for invalid user oracle from 129.204.173.194 port 37876 ssh2 2020-08-22T11:34:50.489441galaxy.wi.uni-potsdam.de sshd[3952]: Invalid user postgres from 129.204.173.194 port 40584 2020-08-22T11:34:50.495251galaxy.wi.uni-potsdam.de sshd[3952]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.173.194 2020-08-22T11:34:50.489441galaxy.wi.uni-potsdam.de sshd[3952]: Invalid user postgres from 129.204.173.194 port 40584 2020-08-22T11:34:52.368402galaxy.wi.uni-potsdam.de sshd[3952]: ...	2020-08-22 17:55:23
129.204.173.194	attackbots	Aug 16 22:45:45 buvik sshd[23252]: Failed password for invalid user adva from 129.204.173.194 port 40500 ssh2 Aug 16 22:50:46 buvik sshd[23959]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.173.194 user=root Aug 16 22:50:48 buvik sshd[23959]: Failed password for root from 129.204.173.194 port 49838 ssh2 ...	2020-08-17 07:32:48
129.204.173.194	attackbots	2020-08-14T01:50:18.388739devel sshd[6380]: Failed password for root from 129.204.173.194 port 42748 ssh2 2020-08-14T01:54:51.289372devel sshd[6651]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.173.194 user=root 2020-08-14T01:54:54.120660devel sshd[6651]: Failed password for root from 129.204.173.194 port 37938 ssh2	2020-08-14 14:51:50
129.204.173.194	attackbots	Aug 12 19:36:30 itv-usvr-01 sshd[24421]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.173.194 user=root Aug 12 19:36:31 itv-usvr-01 sshd[24421]: Failed password for root from 129.204.173.194 port 43428 ssh2 Aug 12 19:40:22 itv-usvr-01 sshd[24734]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.173.194 user=root Aug 12 19:40:25 itv-usvr-01 sshd[24734]: Failed password for root from 129.204.173.194 port 53394 ssh2 Aug 12 19:43:05 itv-usvr-01 sshd[24858]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.173.194 user=root Aug 12 19:43:07 itv-usvr-01 sshd[24858]: Failed password for root from 129.204.173.194 port 54344 ssh2	2020-08-12 21:47:48
129.204.173.194	attackspambots	Aug 1 10:46:53 webhost01 sshd[4996]: Failed password for root from 129.204.173.194 port 60474 ssh2 ...	2020-08-01 16:14:02
129.204.173.194	attackbotsspam	"$f2bV_matches"	2020-07-31 05:41:55
129.204.173.194	attackspambots	Repeated brute force against a port	2020-07-19 08:05:18
129.204.173.194	attackspam	Jul 13 12:52:17 euve59663 sshd[14130]: Invalid user kobis from 129.204.= 173.194 Jul 13 12:52:17 euve59663 sshd[14130]: pam_unix(sshd:auth): authenticat= ion failure; logname=3D uid=3D0 euid=3D0 tty=3Dssh ruser=3D rhost=3D129= .204.173.194=20 Jul 13 12:52:20 euve59663 sshd[14130]: Failed password for invalid user= kobis from 129.204.173.194 port 32956 ssh2 Jul 13 12:52:20 euve59663 sshd[14130]: Received disconnect from 129.204= .173.194: 11: Bye Bye [preauth] Jul 13 13:19:54 euve59663 sshd[15985]: Invalid user tobin from 129.204.= 173.194 Jul 13 13:19:54 euve59663 sshd[15985]: pam_unix(sshd:auth): authenticat= ion failure; logname=3D uid=3D0 euid=3D0 tty=3Dssh ruser=3D rhost=3D129= .204.173.194=20 Jul 13 13:19:56 euve59663 sshd[15985]: Failed password for invalid user= tobin from 129.204.173.194 port 43288 ssh2 Jul 13 13:19:56 euve59663 sshd[15985]: Received disconnect from 129.204= .173.194: 11: Bye Bye [preauth] Jul 13 13:24:14 euve59663 sshd[16015]: Invalid user ji........ -------------------------------	2020-07-14 16:06:14

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 129.204.173.145
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 65066
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;129.204.173.145.		IN	A

;; AUTHORITY SECTION:
.			411	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019122302 1800 900 604800 86400

;; Query time: 107 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Dec 24 04:26:57 CST 2019
;; MSG SIZE  rcvd: 119

Host info

Host 145.173.204.129.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 145.173.204.129.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
213.32.21.139	attackspambots	Sep 23 09:15:30 Tower sshd[26714]: Connection from 213.32.21.139 port 60870 on 192.168.10.220 port 22 Sep 23 09:15:33 Tower sshd[26714]: Invalid user temp from 213.32.21.139 port 60870 Sep 23 09:15:33 Tower sshd[26714]: error: Could not get shadow information for NOUSER Sep 23 09:15:33 Tower sshd[26714]: Failed password for invalid user temp from 213.32.21.139 port 60870 ssh2 Sep 23 09:15:34 Tower sshd[26714]: Received disconnect from 213.32.21.139 port 60870:11: Bye Bye [preauth] Sep 23 09:15:34 Tower sshd[26714]: Disconnected from invalid user temp 213.32.21.139 port 60870 [preauth]	2019-09-24 02:37:37
79.137.35.70	attack	Sep 23 13:17:26 plusreed sshd[26029]: Invalid user dbagent from 79.137.35.70 ...	2019-09-24 02:45:47
188.166.18.69	attackspambots	A portscan was detected. Details about the event: Time.............: 2019-09-23 14:33:59 Source IP address: 188.166.18.69	2019-09-24 03:02:35
222.112.65.55	attackbots	Sep 23 14:34:30 vps647732 sshd[7153]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.112.65.55 Sep 23 14:34:32 vps647732 sshd[7153]: Failed password for invalid user atlasmaritime from 222.112.65.55 port 51291 ssh2 ...	2019-09-24 03:07:14
197.253.19.74	attack	Sep 23 08:28:48 aiointranet sshd\[13778\]: Invalid user herbert from 197.253.19.74 Sep 23 08:28:48 aiointranet sshd\[13778\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.253.19.74 Sep 23 08:28:50 aiointranet sshd\[13778\]: Failed password for invalid user herbert from 197.253.19.74 port 11342 ssh2 Sep 23 08:33:09 aiointranet sshd\[14111\]: Invalid user deploy from 197.253.19.74 Sep 23 08:33:09 aiointranet sshd\[14111\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.253.19.74	2019-09-24 02:35:41
80.211.51.116	attack	Sep 23 21:29:51 webhost01 sshd[20524]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.51.116 Sep 23 21:29:53 webhost01 sshd[20524]: Failed password for invalid user user from 80.211.51.116 port 57330 ssh2 ...	2019-09-24 02:40:01
118.187.6.24	attackbotsspam	Sep 23 08:32:20 php1 sshd\[12290\]: Invalid user temp from 118.187.6.24 Sep 23 08:32:20 php1 sshd\[12290\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.187.6.24 Sep 23 08:32:22 php1 sshd\[12290\]: Failed password for invalid user temp from 118.187.6.24 port 44348 ssh2 Sep 23 08:36:20 php1 sshd\[12629\]: Invalid user q from 118.187.6.24 Sep 23 08:36:20 php1 sshd\[12629\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.187.6.24	2019-09-24 02:41:47
222.186.173.142	attackspambots	fraudulent SSH attempt	2019-09-24 02:46:16
47.184.222.96	attack	Sep 23 21:38:40 www sshd\[22344\]: Invalid user deploy from 47.184.222.96 Sep 23 21:38:40 www sshd\[22344\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=47.184.222.96 Sep 23 21:38:42 www sshd\[22344\]: Failed password for invalid user deploy from 47.184.222.96 port 58834 ssh2 ...	2019-09-24 02:54:53
106.13.48.157	attackspam	Sep 23 20:24:43 v22019058497090703 sshd[19486]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.157 Sep 23 20:24:45 v22019058497090703 sshd[19486]: Failed password for invalid user transfer from 106.13.48.157 port 54588 ssh2 Sep 23 20:29:55 v22019058497090703 sshd[19892]: Failed password for root from 106.13.48.157 port 38938 ssh2 ...	2019-09-24 02:59:28
106.13.147.69	attack	Sep 23 14:09:34 mail sshd[20152]: Invalid user FFT from 106.13.147.69 Sep 23 14:09:34 mail sshd[20152]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.147.69 Sep 23 14:09:34 mail sshd[20152]: Invalid user FFT from 106.13.147.69 Sep 23 14:09:35 mail sshd[20152]: Failed password for invalid user FFT from 106.13.147.69 port 51210 ssh2 Sep 23 14:34:40 mail sshd[26840]: Invalid user mc2 from 106.13.147.69 ...	2019-09-24 02:59:04
51.75.202.120	attack	fraudulent SSH attempt	2019-09-24 03:01:58
50.31.8.136	attack	50.31.8.136 - - [23/Sep/2019:08:16:30 -0400] "GET /?page=products&action=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd%00&manufacturerID=1&productID=6501.15M&linkID=3128 HTTP/1.1" 200 17216 "https://baldwinbrasshardware.com/?page=products&action=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd%00&manufacturerID=1&productID=6501.15M&linkID=3128" "Mozilla/5.0 (Windows NT 10.0; WOW64; Rv:50.0) Gecko/20100101 Firefox/50.0" ...	2019-09-24 02:35:57
178.91.55.148	attackbotsspam	Autoban 178.91.55.148 AUTH/CONNECT	2019-09-24 03:07:40
118.24.101.182	attackbotsspam	Sep 23 14:34:58 jane sshd[6675]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.101.182 Sep 23 14:35:00 jane sshd[6675]: Failed password for invalid user arkserver from 118.24.101.182 port 52902 ssh2 ...	2019-09-24 02:47:37

Recently Reported IPs

208.217.183.16	98.228.223.235	141.223.8.20	98.97.52.118
129.204.142.185	49.207.17.99	177.36.95.29	176.220.234.65
142.243.13.127	219.250.65.116	101.182.121.100	195.154.226.126
167.71.101.172	115.49.189.81	155.248.233.117	40.78.140.144
70.228.34.206	34.210.186.119	83.87.13.64	84.15.113.98