城市(city): Guangzhou
省份(region): Guangdong
国家(country): China
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 129.204.188.93 | attack | Aug 18 22:38:11 inter-technics sshd[32527]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.188.93 user=root Aug 18 22:38:13 inter-technics sshd[32527]: Failed password for root from 129.204.188.93 port 42512 ssh2 Aug 18 22:43:35 inter-technics sshd[506]: Invalid user sac from 129.204.188.93 port 48594 Aug 18 22:43:35 inter-technics sshd[506]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.188.93 Aug 18 22:43:35 inter-technics sshd[506]: Invalid user sac from 129.204.188.93 port 48594 Aug 18 22:43:37 inter-technics sshd[506]: Failed password for invalid user sac from 129.204.188.93 port 48594 ssh2 ... |
2020-08-19 08:49:46 |
| 129.204.188.93 | attackbotsspam | Aug 18 15:25:09 PorscheCustomer sshd[23755]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.188.93 Aug 18 15:25:11 PorscheCustomer sshd[23755]: Failed password for invalid user plaza from 129.204.188.93 port 52958 ssh2 Aug 18 15:26:45 PorscheCustomer sshd[23778]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.188.93 ... |
2020-08-18 21:29:57 |
| 129.204.188.93 | attackspambots | Aug 4 05:58:54 mout sshd[6107]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.188.93 user=root Aug 4 05:58:56 mout sshd[6107]: Failed password for root from 129.204.188.93 port 55928 ssh2 |
2020-08-04 12:35:01 |
| 129.204.188.93 | attack | 2020-07-29T23:31:06.334930snf-827550 sshd[14995]: Invalid user liupan from 129.204.188.93 port 33462 2020-07-29T23:31:08.034521snf-827550 sshd[14995]: Failed password for invalid user liupan from 129.204.188.93 port 33462 ssh2 2020-07-29T23:34:48.459326snf-827550 sshd[15028]: Invalid user dwhuang from 129.204.188.93 port 46668 ... |
2020-07-30 05:08:29 |
| 129.204.188.93 | attackspambots | Jul 24 08:02:29 rancher-0 sshd[547375]: Invalid user syamsul from 129.204.188.93 port 50988 ... |
2020-07-24 20:30:57 |
| 129.204.188.93 | attackspam | sshd jail - ssh hack attempt |
2020-07-13 02:57:51 |
| 129.204.188.93 | attackbots | Jul 8 03:46:42 vps sshd[960662]: Failed password for invalid user dior from 129.204.188.93 port 36658 ssh2 Jul 8 03:49:47 vps sshd[973464]: Invalid user chengyinghui from 129.204.188.93 port 41188 Jul 8 03:49:47 vps sshd[973464]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.188.93 Jul 8 03:49:49 vps sshd[973464]: Failed password for invalid user chengyinghui from 129.204.188.93 port 41188 ssh2 Jul 8 03:52:38 vps sshd[995982]: Invalid user yort from 129.204.188.93 port 43230 ... |
2020-07-08 10:52:20 |
| 129.204.188.93 | attackspam | Jun 21 11:04:55 mx sshd[31063]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.188.93 Jun 21 11:04:57 mx sshd[31063]: Failed password for invalid user rstudio from 129.204.188.93 port 39264 ssh2 |
2020-06-21 23:58:11 |
| 129.204.188.93 | attack | sshd |
2020-06-14 04:28:12 |
| 129.204.188.93 | attackspambots | 2020-06-13T06:10:30.498126+02:00 |
2020-06-13 13:00:41 |
| 129.204.188.93 | attackbotsspam | $f2bV_matches |
2020-06-03 19:34:18 |
| 129.204.188.93 | attackbots | May 29 23:51:40 server sshd[27092]: Failed password for invalid user follow from 129.204.188.93 port 51158 ssh2 May 29 23:54:30 server sshd[29519]: Failed password for invalid user rjkj@rjkj@GZ from 129.204.188.93 port 56484 ssh2 May 29 23:57:22 server sshd[31893]: Failed password for invalid user mikeg from 129.204.188.93 port 33580 ssh2 |
2020-05-30 06:11:40 |
| 129.204.188.93 | attackspam | May 15 22:32:40 lukav-desktop sshd\[22006\]: Invalid user Manager from 129.204.188.93 May 15 22:32:40 lukav-desktop sshd\[22006\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.188.93 May 15 22:32:42 lukav-desktop sshd\[22006\]: Failed password for invalid user Manager from 129.204.188.93 port 45012 ssh2 May 15 22:37:44 lukav-desktop sshd\[22067\]: Invalid user cary from 129.204.188.93 May 15 22:37:44 lukav-desktop sshd\[22067\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.188.93 |
2020-05-16 03:52:29 |
| 129.204.188.93 | attackbots | $f2bV_matches |
2020-05-13 08:33:28 |
| 129.204.188.93 | attackspam | Invalid user test from 129.204.188.93 port 57022 |
2020-05-12 07:38:34 |
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#
NetRange: 129.204.0.0 - 129.204.255.255
CIDR: 129.204.0.0/16
NetName: APNIC
NetHandle: NET-129-204-0-0-1
Parent: NET129 (NET-129-0-0-0-0)
NetType: Early Registrations, Transferred to APNIC
OriginAS:
Organization: Asia Pacific Network Information Centre (APNIC)
RegDate: 2018-01-03
Updated: 2018-01-03
Ref: https://rdap.arin.net/registry/ip/129.204.0.0
ResourceLink: https://apps.db.ripe.net/db-web-ui/query
ResourceLink: whois://whois.apnic.net
OrgName: Asia Pacific Network Information Centre
OrgId: APNIC
Address: PO Box 3646
City: South Brisbane
StateProv: QLD
PostalCode: 4101
Country: AU
RegDate:
Updated: 2012-01-24
Ref: https://rdap.arin.net/registry/entity/APNIC
ReferralServer: whois://whois.apnic.net
ResourceLink: http://wq.apnic.net/whois-search/static/search.html
OrgAbuseHandle: AWC12-ARIN
OrgAbuseName: APNIC Whois Contact
OrgAbusePhone: +61 7 3858 3188
OrgAbuseEmail: search-apnic-not-arin@apnic.net
OrgAbuseRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
OrgTechHandle: AWC12-ARIN
OrgTechName: APNIC Whois Contact
OrgTechPhone: +61 7 3858 3188
OrgTechEmail: search-apnic-not-arin@apnic.net
OrgTechRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#
Found a referral to whois.apnic.net.
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
% Information related to '129.204.0.0 - 129.204.255.255'
% Abuse contact for '129.204.0.0 - 129.204.255.255' is 'abuse@tencent.com'
inetnum: 129.204.0.0 - 129.204.255.255
netname: TENCENT-CN
descr: Tencent Cloud Computing (Beijing) Co., Ltd
descr: Floor 6, Yinke Building, 38 Haidian St, Haidian District
country: CN
org: ORG-TCCC1-AP
admin-c: TCA15-AP
tech-c: TCA15-AP
abuse-c: AT992-AP
status: ALLOCATED PORTABLE
remarks: --------------------------------------------------------
remarks: To report network abuse, please contact mnt-irt
remarks: For troubleshooting, please contact tech-c and admin-c
remarks: Report invalid contact via www.apnic.net/invalidcontact
remarks: --------------------------------------------------------
mnt-by: APNIC-HM
mnt-lower: MAINT-TENCENT-CN
mnt-routes: MAINT-TENCENT-CN
mnt-irt: IRT-TENCENT-CN
last-modified: 2020-07-22T13:10:58Z
source: APNIC
irt: IRT-TENCENT-CN
address: Floor 6, Yinke Building, 38 Haidian St, Haidian District, Beijing Beijing 100080
e-mail: tencent_noc@tencent.com
abuse-mailbox: abuse@tencent.com
admin-c: TCA15-AP
tech-c: TCA15-AP
auth: # Filtered
remarks: abuse@tencent.com was validated on 2026-05-15
remarks: tencent_noc@tencent.com was validated on 2026-06-05
mnt-by: MAINT-COMSENZ1-CN
last-modified: 2026-06-05T07:58:46Z
source: APNIC
organisation: ORG-TCCC1-AP
org-name: Tencent Cloud Computing (Beijing) Co., Ltd
org-type: LIR
country: CN
address: 309 West Zone, 3F. 49 Zhichun Road. Haidian District.
phone: +86-10-62671299
fax-no: +86-10-82602088-41299
e-mail: tencent_idc@tencent.com
mnt-ref: APNIC-HM
mnt-by: APNIC-HM
last-modified: 2023-09-05T02:16:21Z
source: APNIC
role: ABUSE TENCENTCN
country: ZZ
address: Floor 6, Yinke Building, 38 Haidian St, Haidian District, Beijing Beijing 100080
phone: +000000000
e-mail: tencent_noc@tencent.com
admin-c: TCA15-AP
tech-c: TCA15-AP
nic-hdl: AT992-AP
remarks: Generated from irt object IRT-TENCENT-CN
remarks: abuse@tencent.com was validated on 2026-05-15
remarks: tencent_noc@tencent.com was validated on 2026-06-05
abuse-mailbox: abuse@tencent.com
mnt-by: APNIC-ABUSE
last-modified: 2026-06-05T07:59:01Z
source: APNIC
role: Tencent Cloud administrator
address: Floor 6, Yinke Building, 38 Haidian St, Haidian District, Beijing Beijing 100080
country: CN
phone: +86-10-62671299
e-mail: tencent_idc@tencent.com
admin-c: TCA15-AP
tech-c: TCA15-AP
nic-hdl: TCA15-AP
mnt-by: MAINT-AP-DIALPAD
fax-no: +86-10-62671299
last-modified: 2017-04-04T10:34:03Z
source: APNIC
% Information related to '129.204.0.0/16AS45090'
route: 129.204.0.0/16
origin: AS45090
descr: Tencent Cloud Computing (Beijing) Co., Ltd
309 West Zone, 3F. 49 Zhichun Road. Haidian District.
mnt-by: MAINT-TENCENT-CN
last-modified: 2018-01-17T08:23:26Z
source: APNIC
% This query was served by the APNIC Whois Service version 1.88.48 (WHOIS-AU5); <<>> DiG 9.10.3-P4-Ubuntu <<>> 129.204.188.64
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 3071
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;129.204.188.64. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2026061001 1800 900 604800 86400
;; Query time: 12 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jun 11 05:30:17 CST 2026
;; MSG SIZE rcvd: 107Host 64.188.204.129.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 64.188.204.129.in-addr.arpa: NXDOMAIN| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 49.88.112.114 | attack | Mar 5 14:19:07 php1 sshd\[25625\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.114 user=root Mar 5 14:19:09 php1 sshd\[25625\]: Failed password for root from 49.88.112.114 port 54205 ssh2 Mar 5 14:20:10 php1 sshd\[25793\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.114 user=root Mar 5 14:20:12 php1 sshd\[25793\]: Failed password for root from 49.88.112.114 port 47005 ssh2 Mar 5 14:21:17 php1 sshd\[26057\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.114 user=root |
2020-03-06 08:24:48 |
| 196.52.43.65 | attackspambots | Honeypot attack, port: 139, PTR: 196.52.43.65.netsystemsresearch.com. |
2020-03-06 08:38:58 |
| 54.38.36.56 | attack | Invalid user carlo from 54.38.36.56 port 51556 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.36.56 Failed password for invalid user carlo from 54.38.36.56 port 51556 ssh2 Invalid user redbot from 54.38.36.56 port 42412 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.36.56 |
2020-03-06 08:24:11 |
| 61.178.249.23 | attackbots | Honeypot attack, port: 445, PTR: PTR record not found |
2020-03-06 08:36:30 |
| 156.96.116.122 | attackbotsspam | DATE:2020-03-05 22:56:51, IP:156.96.116.122, PORT:1433 - MSSQL brute force auth on a honeypot server (epe-dc) |
2020-03-06 08:40:22 |
| 195.154.133.15 | attackspambots | [2020-03-05 19:26:28] NOTICE[1148][C-0000e778] chan_sip.c: Call from '' (195.154.133.15:62928) to extension '67700000441904911107' rejected because extension not found in context 'public'. [2020-03-05 19:26:28] SECURITY[1163] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-03-05T19:26:28.607-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="67700000441904911107",SessionID="0x7fd82c40d3d8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/195.154.133.15/62928",ACLName="no_extension_match" [2020-03-05 19:30:34] NOTICE[1148][C-0000e77d] chan_sip.c: Call from '' (195.154.133.15:51970) to extension '25200000441904911107' rejected because extension not found in context 'public'. [2020-03-05 19:30:34] SECURITY[1163] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-03-05T19:30:34.647-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="25200000441904911107",SessionID="0x7fd82ca9d388",LocalAddress="IPV4/UDP/192.168.244.6/5060",R ... |
2020-03-06 08:49:35 |
| 110.10.174.179 | attackspam | Mar 6 00:22:14 Ubuntu-1404-trusty-64-minimal sshd\[14526\]: Invalid user reiseblog7123 from 110.10.174.179 Mar 6 00:22:14 Ubuntu-1404-trusty-64-minimal sshd\[14526\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.10.174.179 Mar 6 00:22:16 Ubuntu-1404-trusty-64-minimal sshd\[14526\]: Failed password for invalid user reiseblog7123 from 110.10.174.179 port 60463 ssh2 Mar 6 00:29:05 Ubuntu-1404-trusty-64-minimal sshd\[17688\]: Invalid user ftpuser from 110.10.174.179 Mar 6 00:29:05 Ubuntu-1404-trusty-64-minimal sshd\[17688\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.10.174.179 |
2020-03-06 08:34:13 |
| 125.212.217.214 | attackspam | Mar 5 23:05:00 debian-2gb-nbg1-2 kernel: \[5705068.371611\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=125.212.217.214 DST=195.201.40.59 LEN=44 TOS=0x00 PREC=0x00 TTL=107 ID=57644 PROTO=TCP SPT=26200 DPT=806 WINDOW=34262 RES=0x00 SYN URGP=0 |
2020-03-06 08:30:55 |
| 201.168.208.26 | attackspam | Honeypot attack, port: 445, PTR: ip-201-168-208-26.marcatel.net.mx. |
2020-03-06 08:37:42 |
| 89.248.160.178 | attackbots | 03/05/2020-19:15:25.849912 89.248.160.178 Protocol: 6 ET SCAN NMAP -sS window 1024 |
2020-03-06 08:22:07 |
| 106.12.34.97 | attackspambots | SSH / Telnet Brute Force Attempts on Honeypot |
2020-03-06 08:11:00 |
| 177.1.214.84 | attack | Mar 5 03:13:35 XXX sshd[33792]: Invalid user 01 from 177.1.214.84 port 49929 |
2020-03-06 08:30:12 |
| 195.154.156.190 | attack | [2020-03-05 19:15:00] NOTICE[1148][C-0000e76e] chan_sip.c: Call from '' (195.154.156.190:60312) to extension '810441235619315' rejected because extension not found in context 'public'. [2020-03-05 19:15:00] SECURITY[1163] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-03-05T19:15:00.553-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="810441235619315",SessionID="0x7fd82c530768",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/195.154.156.190/60312",ACLName="no_extension_match" [2020-03-05 19:17:59] NOTICE[1148][C-0000e771] chan_sip.c: Call from '' (195.154.156.190:52128) to extension '009011441235619315' rejected because extension not found in context 'public'. [2020-03-05 19:17:59] SECURITY[1163] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-03-05T19:17:59.466-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="009011441235619315",SessionID="0x7fd82c530768",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddres ... |
2020-03-06 08:23:10 |
| 61.75.225.35 | attackspambots | Honeypot attack, port: 81, PTR: PTR record not found |
2020-03-06 08:50:55 |
| 138.68.93.14 | attack | $f2bV_matches |
2020-03-06 08:13:52 |