104.250.52.209

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Hong Kong

运营商(isp): Kingsoft Cloud Corporation Limited

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Wordpress malicious attack:[sshd]	2020-04-20 14:33:37

相同子网IP讨论:

IP	类型	评论内容	时间
104.250.52.136	attackspambots	Invalid user dongjie from 104.250.52.136 port 46732	2020-07-29 07:23:56
104.250.52.130	attack	Invalid user wei from 104.250.52.130 port 35572	2020-05-16 15:01:46
104.250.52.130	attackspambots	2020-05-11T06:17:48.408183shield sshd\[24708\]: Invalid user daniel from 104.250.52.130 port 49052 2020-05-11T06:17:48.411840shield sshd\[24708\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.250.52.130 2020-05-11T06:17:50.500348shield sshd\[24708\]: Failed password for invalid user daniel from 104.250.52.130 port 49052 ssh2 2020-05-11T06:21:49.867223shield sshd\[25882\]: Invalid user timo from 104.250.52.130 port 37914 2020-05-11T06:21:49.870826shield sshd\[25882\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.250.52.130	2020-05-11 14:51:55
104.250.52.130	attack	2020-04-29T23:35:53.2249601495-001 sshd[7503]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.250.52.130 2020-04-29T23:35:53.2169301495-001 sshd[7503]: Invalid user temp1 from 104.250.52.130 port 65174 2020-04-29T23:35:55.2458011495-001 sshd[7503]: Failed password for invalid user temp1 from 104.250.52.130 port 65174 ssh2 2020-04-29T23:39:27.8276541495-001 sshd[7673]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.250.52.130 user=root 2020-04-29T23:39:29.2261031495-001 sshd[7673]: Failed password for root from 104.250.52.130 port 44334 ssh2 2020-04-29T23:42:58.3277251495-001 sshd[7872]: Invalid user simon from 104.250.52.130 port 23498 ...	2020-04-30 12:04:01
104.250.52.130	attackbotsspam	Apr 9 14:46:49 icinga sshd[28312]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.250.52.130 Apr 9 14:46:52 icinga sshd[28312]: Failed password for invalid user test from 104.250.52.130 port 55236 ssh2 Apr 9 14:59:54 icinga sshd[49972]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.250.52.130 ...	2020-04-10 02:39:36
104.250.52.130	attackbotsspam	$f2bV_matches	2020-04-09 19:07:12
104.250.52.130	attackspambots	2020-04-08T03:41:36.574956abusebot.cloudsearch.cf sshd[6371]: Invalid user postgres from 104.250.52.130 port 3822 2020-04-08T03:41:36.581168abusebot.cloudsearch.cf sshd[6371]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.250.52.130 2020-04-08T03:41:36.574956abusebot.cloudsearch.cf sshd[6371]: Invalid user postgres from 104.250.52.130 port 3822 2020-04-08T03:41:38.287943abusebot.cloudsearch.cf sshd[6371]: Failed password for invalid user postgres from 104.250.52.130 port 3822 ssh2 2020-04-08T03:51:22.860817abusebot.cloudsearch.cf sshd[7143]: Invalid user team1 from 104.250.52.130 port 60378 2020-04-08T03:51:22.869354abusebot.cloudsearch.cf sshd[7143]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.250.52.130 2020-04-08T03:51:22.860817abusebot.cloudsearch.cf sshd[7143]: Invalid user team1 from 104.250.52.130 port 60378 2020-04-08T03:51:25.358583abusebot.cloudsearch.cf sshd[7143]: Failed password f ...	2020-04-08 19:41:31

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.250.52.209
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44125
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.250.52.209.			IN	A

;; AUTHORITY SECTION:
.			596	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020041901 1800 900 604800 86400

;; Query time: 138 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Apr 20 14:33:33 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 209.52.250.104.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 209.52.250.104.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
14.161.2.105	attackbotsspam	"SMTP brute force auth login attempt."	2019-12-31 00:15:46
183.63.220.38	attackbots	Unauthorized connection attempt detected from IP address 183.63.220.38 to port 23	2019-12-31 00:26:53
69.248.223.112	attack	CloudCIX Reconnaissance Scan Detected, PTR: c-69-248-223-112.hsd1.nj.comcast.net.	2019-12-31 00:07:13
122.5.42.150	attackspambots	Unauthorized connection attempt detected from IP address 122.5.42.150 to port 445	2019-12-31 00:32:08
171.109.58.240	attackspambots	" "	2019-12-31 00:19:13
196.219.229.178	attackbotsspam	Unauthorized connection attempt detected from IP address 196.219.229.178 to port 445	2019-12-30 23:48:10
70.231.19.203	attack	Dec 30 08:44:15 askasleikir sshd[189788]: Failed password for invalid user burchfield from 70.231.19.203 port 38790 ssh2	2019-12-31 00:13:29
41.86.10.20	attackbotsspam	Dec 30 15:59:04 datentool sshd[3119]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.86.10.20 user=r.r Dec 30 15:59:06 datentool sshd[3119]: Failed password for r.r from 41.86.10.20 port 45221 ssh2 Dec 30 16:16:31 datentool sshd[3218]: Invalid user dm from 41.86.10.20 Dec 30 16:16:31 datentool sshd[3218]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.86.10.20 Dec 30 16:16:33 datentool sshd[3218]: Failed password for invalid user dm from 41.86.10.20 port 37482 ssh2 Dec 30 16:19:26 datentool sshd[3242]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.86.10.20 user=r.r Dec 30 16:19:28 datentool sshd[3242]: Failed password for r.r from 41.86.10.20 port 49414 ssh2 Dec 30 16:22:14 datentool sshd[3289]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.86.10.20 user=r.r Dec 30 16:22:16 datentool sshd[32........ -------------------------------	2019-12-30 23:54:17
142.93.139.55	attackbotsspam	400 BAD REQUEST	2019-12-31 00:05:12
171.221.210.228	attackspambots	Failed password for root from 171.221.210.228 port 63746 ssh2 Invalid user mdhansen from 171.221.210.228 port 8431 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.221.210.228 Failed password for invalid user mdhansen from 171.221.210.228 port 8431 ssh2 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.221.210.228 user=root	2019-12-31 00:28:46
42.81.86.90	attack	CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2019-12-31 00:03:56
220.133.253.149	attackbots	Shenzhen TVT DVR Remote Code Execution Vulnerability	2019-12-30 23:47:43
180.96.14.25	attack	Unauthorized connection attempt detected from IP address 180.96.14.25 to port 6379	2019-12-31 00:27:53
104.177.180.24	attackspam	Dec 29 07:31:14 shadeyouvpn sshd[1713]: Invalid user working from 104.177.180.24 Dec 29 07:31:14 shadeyouvpn sshd[1713]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104-177-180-24.lightspeed.tukrga.sbcglobal.net Dec 29 07:31:16 shadeyouvpn sshd[1713]: Failed password for invalid user working from 104.177.180.24 port 39304 ssh2 Dec 29 07:31:16 shadeyouvpn sshd[1713]: Received disconnect from 104.177.180.24: 11: Bye Bye [preauth] Dec 29 08:44:49 shadeyouvpn sshd[25725]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104-177-180-24.lightspeed.tukrga.sbcglobal.net user=r.r Dec 29 08:44:51 shadeyouvpn sshd[25725]: Failed password for r.r from 104.177.180.24 port 41456 ssh2 Dec 29 08:44:51 shadeyouvpn sshd[25725]: Received disconnect from 104.177.180.24: 11: Bye Bye [preauth] Dec 30 10:31:09 shadeyouvpn sshd[6897]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh r........ -------------------------------	2019-12-31 00:19:46
51.77.211.94	attack	--- report --- Dec 30 12:32:35 -0300 sshd: Connection from 51.77.211.94 port 55114	2019-12-30 23:53:16

最近上报的IP列表

23.106.219.185	105.159.52.16	198.54.120.148	132.145.188.175
23.106.219.109	106.122.207.44	23.80.97.49	77.42.123.13
128.64.177.186	181.63.146.187	68.183.180.46	203.195.191.249
78.35.224.80	125.119.35.28	129.211.59.87	115.216.41.76
51.254.16.233	5.24.221.42	179.52.22.104	4.7.94.244