104.250.52.209

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Hong Kong

运营商(isp): Kingsoft Cloud Corporation Limited

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Wordpress malicious attack:[sshd]	2020-04-20 14:33:37

相同子网IP讨论:

IP	类型	评论内容	时间
104.250.52.136	attackspambots	Invalid user dongjie from 104.250.52.136 port 46732	2020-07-29 07:23:56
104.250.52.130	attack	Invalid user wei from 104.250.52.130 port 35572	2020-05-16 15:01:46
104.250.52.130	attackspambots	2020-05-11T06:17:48.408183shield sshd\[24708\]: Invalid user daniel from 104.250.52.130 port 49052 2020-05-11T06:17:48.411840shield sshd\[24708\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.250.52.130 2020-05-11T06:17:50.500348shield sshd\[24708\]: Failed password for invalid user daniel from 104.250.52.130 port 49052 ssh2 2020-05-11T06:21:49.867223shield sshd\[25882\]: Invalid user timo from 104.250.52.130 port 37914 2020-05-11T06:21:49.870826shield sshd\[25882\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.250.52.130	2020-05-11 14:51:55
104.250.52.130	attack	2020-04-29T23:35:53.2249601495-001 sshd[7503]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.250.52.130 2020-04-29T23:35:53.2169301495-001 sshd[7503]: Invalid user temp1 from 104.250.52.130 port 65174 2020-04-29T23:35:55.2458011495-001 sshd[7503]: Failed password for invalid user temp1 from 104.250.52.130 port 65174 ssh2 2020-04-29T23:39:27.8276541495-001 sshd[7673]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.250.52.130 user=root 2020-04-29T23:39:29.2261031495-001 sshd[7673]: Failed password for root from 104.250.52.130 port 44334 ssh2 2020-04-29T23:42:58.3277251495-001 sshd[7872]: Invalid user simon from 104.250.52.130 port 23498 ...	2020-04-30 12:04:01
104.250.52.130	attackbotsspam	Apr 9 14:46:49 icinga sshd[28312]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.250.52.130 Apr 9 14:46:52 icinga sshd[28312]: Failed password for invalid user test from 104.250.52.130 port 55236 ssh2 Apr 9 14:59:54 icinga sshd[49972]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.250.52.130 ...	2020-04-10 02:39:36
104.250.52.130	attackbotsspam	$f2bV_matches	2020-04-09 19:07:12
104.250.52.130	attackspambots	2020-04-08T03:41:36.574956abusebot.cloudsearch.cf sshd[6371]: Invalid user postgres from 104.250.52.130 port 3822 2020-04-08T03:41:36.581168abusebot.cloudsearch.cf sshd[6371]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.250.52.130 2020-04-08T03:41:36.574956abusebot.cloudsearch.cf sshd[6371]: Invalid user postgres from 104.250.52.130 port 3822 2020-04-08T03:41:38.287943abusebot.cloudsearch.cf sshd[6371]: Failed password for invalid user postgres from 104.250.52.130 port 3822 ssh2 2020-04-08T03:51:22.860817abusebot.cloudsearch.cf sshd[7143]: Invalid user team1 from 104.250.52.130 port 60378 2020-04-08T03:51:22.869354abusebot.cloudsearch.cf sshd[7143]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.250.52.130 2020-04-08T03:51:22.860817abusebot.cloudsearch.cf sshd[7143]: Invalid user team1 from 104.250.52.130 port 60378 2020-04-08T03:51:25.358583abusebot.cloudsearch.cf sshd[7143]: Failed password f ...	2020-04-08 19:41:31

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.250.52.209
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44125
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.250.52.209.			IN	A

;; AUTHORITY SECTION:
.			596	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020041901 1800 900 604800 86400

;; Query time: 138 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Apr 20 14:33:33 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 209.52.250.104.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 209.52.250.104.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
115.159.237.70	attackbotsspam	Sep 10 21:26:44 aat-srv002 sshd[29991]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.159.237.70 Sep 10 21:26:46 aat-srv002 sshd[29991]: Failed password for invalid user 123 from 115.159.237.70 port 59476 ssh2 Sep 10 21:32:55 aat-srv002 sshd[30180]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.159.237.70 Sep 10 21:32:56 aat-srv002 sshd[30180]: Failed password for invalid user devel from 115.159.237.70 port 56362 ssh2 ...	2019-09-11 10:55:27
104.211.225.139	attackspambots	Sep 10 13:46:40 auw2 sshd\[18153\]: Invalid user csgoserver from 104.211.225.139 Sep 10 13:46:40 auw2 sshd\[18153\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.211.225.139 Sep 10 13:46:41 auw2 sshd\[18153\]: Failed password for invalid user csgoserver from 104.211.225.139 port 27184 ssh2 Sep 10 13:53:28 auw2 sshd\[18804\]: Invalid user webadmin from 104.211.225.139 Sep 10 13:53:28 auw2 sshd\[18804\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.211.225.139	2019-09-11 11:19:29
101.205.76.26	attack	Sep 10 21:46:26 euve59663 sshd[12697]: Invalid user user from 101.205.7= 6.26 Sep 10 21:46:26 euve59663 sshd[12697]: pam_unix(sshd:auth): authenticat= ion failure; logname=3D uid=3D0 euid=3D0 tty=3Dssh ruser=3D rhost=3D101= .205.76.26=20 Sep 10 21:46:28 euve59663 sshd[12697]: Failed password for invalid user= user from 101.205.76.26 port 39445 ssh2 Sep 10 21:46:29 euve59663 sshd[12697]: Failed password for invalid user= user from 101.205.76.26 port 39445 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=101.205.76.26	2019-09-11 10:56:25
196.52.43.91	attackbotsspam	firewall-block, port(s): 118/tcp	2019-09-11 11:20:38
185.43.209.203	attackspambots	UTC: 2019-09-10 pkts: 3 port: 81/tcp	2019-09-11 11:14:20
106.75.45.180	attack	Invalid user user from 106.75.45.180 port 54347	2019-09-11 11:10:45
82.80.37.162	attackspam	Unauthorized connection attempt from IP address 82.80.37.162 on Port 445(SMB)	2019-09-11 10:45:24
187.8.159.140	attack	Sep 10 22:34:36 ny01 sshd[26193]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.8.159.140 Sep 10 22:34:38 ny01 sshd[26193]: Failed password for invalid user webadmin from 187.8.159.140 port 40429 ssh2 Sep 10 22:43:00 ny01 sshd[27796]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.8.159.140	2019-09-11 10:46:57
218.98.26.183	attack	SSH Brute Force, server-1 sshd[5105]: Failed password for root from 218.98.26.183 port 56341 ssh2	2019-09-11 11:03:56
104.248.185.25	attackbots	Port scan attempt detected by AWS-CCS, CTS, India	2019-09-11 11:26:41
159.203.199.8	attack	" "	2019-09-11 11:18:56
183.88.20.15	attackspambots	Sep 11 04:47:18 legacy sshd[2029]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.88.20.15 Sep 11 04:47:20 legacy sshd[2029]: Failed password for invalid user kafka from 183.88.20.15 port 35128 ssh2 Sep 11 04:54:13 legacy sshd[2299]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.88.20.15 ...	2019-09-11 11:04:51
218.98.26.164	attack	Sep 11 04:04:46 plex sshd[15655]: Failed password for root from 218.98.26.164 port 51583 ssh2 Sep 11 04:04:49 plex sshd[15655]: Failed password for root from 218.98.26.164 port 51583 ssh2 Sep 11 04:04:44 plex sshd[15655]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.98.26.164 user=root Sep 11 04:04:46 plex sshd[15655]: Failed password for root from 218.98.26.164 port 51583 ssh2 Sep 11 04:04:49 plex sshd[15655]: Failed password for root from 218.98.26.164 port 51583 ssh2	2019-09-11 10:51:07
218.98.26.180	attack	Sep 11 02:49:26 *** sshd[17610]: User root from 218.98.26.180 not allowed because not listed in AllowUsers	2019-09-11 11:16:01
217.67.21.68	attackbotsspam	2019-09-10T22:10:18.569461abusebot-3.cloudsearch.cf sshd\[20040\]: Invalid user test101 from 217.67.21.68 port 40510	2019-09-11 11:31:09

最近上报的IP列表

23.106.219.185	105.159.52.16	198.54.120.148	132.145.188.175
23.106.219.109	106.122.207.44	23.80.97.49	77.42.123.13
128.64.177.186	181.63.146.187	68.183.180.46	203.195.191.249
78.35.224.80	125.119.35.28	129.211.59.87	115.216.41.76
51.254.16.233	5.24.221.42	179.52.22.104	4.7.94.244