129.204.52.199

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Honeypot attack, port: 23, PTR: PTR record not found	2019-09-23 19:57:33
attackspam	Honeypot attack, port: 23, PTR: PTR record not found	2019-09-05 15:25:38
attackbots	Portscan detected	2019-09-05 04:53:07

相同子网IP讨论:

IP	类型	评论内容	时间
129.204.52.150	attackspam	Jun 7 08:38:09 yesfletchmain sshd\[17492\]: Invalid user teamspeak3 from 129.204.52.150 port 46762 Jun 7 08:38:09 yesfletchmain sshd\[17492\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.52.150 Jun 7 08:38:11 yesfletchmain sshd\[17492\]: Failed password for invalid user teamspeak3 from 129.204.52.150 port 46762 ssh2 Jun 7 08:43:09 yesfletchmain sshd\[17619\]: Invalid user worker from 129.204.52.150 port 52822 Jun 7 08:43:09 yesfletchmain sshd\[17619\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.52.150 ...	2019-12-24 03:14:24
129.204.52.150	attackspambots	Nov 12 07:33:29 localhost sshd\[26780\]: Invalid user nyracai from 129.204.52.150 port 58410 Nov 12 07:33:29 localhost sshd\[26780\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.52.150 Nov 12 07:33:31 localhost sshd\[26780\]: Failed password for invalid user nyracai from 129.204.52.150 port 58410 ssh2 Nov 12 07:38:20 localhost sshd\[26906\]: Invalid user catteryv from 129.204.52.150 port 39362 Nov 12 07:38:20 localhost sshd\[26906\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.52.150 ...	2019-11-12 19:34:15
129.204.52.150	attackspam	$f2bV_matches	2019-11-03 16:30:50
129.204.52.150	attackspambots	Sep 21 02:50:57 mail sshd\[10239\]: Invalid user oracle from 129.204.52.150 Sep 21 02:50:57 mail sshd\[10239\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.52.150 ...	2019-09-21 20:35:47
129.204.52.150	attack	Sep 13 13:21:00 vps647732 sshd[28188]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.52.150 Sep 13 13:21:02 vps647732 sshd[28188]: Failed password for invalid user user7 from 129.204.52.150 port 55594 ssh2 ...	2019-09-13 19:32:20
129.204.52.150	attack	Brute force SMTP login attempted. ...	2019-08-10 09:15:09
129.204.52.150	attack	Jul 27 05:27:24 vps647732 sshd[16453]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.52.150 Jul 27 05:27:26 vps647732 sshd[16453]: Failed password for invalid user add from 129.204.52.150 port 38542 ssh2 ...	2019-07-27 11:39:09
129.204.52.150	attackbots	Jul 24 07:30:04 v22018076622670303 sshd\[9564\]: Invalid user bg from 129.204.52.150 port 43692 Jul 24 07:30:04 v22018076622670303 sshd\[9564\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.52.150 Jul 24 07:30:06 v22018076622670303 sshd\[9564\]: Failed password for invalid user bg from 129.204.52.150 port 43692 ssh2 ...	2019-07-24 14:18:12
129.204.52.150	attack	Jul 23 16:53:37 v22018076622670303 sshd\[3987\]: Invalid user test6 from 129.204.52.150 port 44762 Jul 23 16:53:37 v22018076622670303 sshd\[3987\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.52.150 Jul 23 16:53:39 v22018076622670303 sshd\[3987\]: Failed password for invalid user test6 from 129.204.52.150 port 44762 ssh2 ...	2019-07-23 23:27:36
129.204.52.150	attack	Jul 22 23:28:49 animalibera sshd[19585]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.52.150 user=root Jul 22 23:28:51 animalibera sshd[19585]: Failed password for root from 129.204.52.150 port 44360 ssh2 ...	2019-07-23 07:41:39
129.204.52.150	attackbots	Invalid user zabbix from 129.204.52.150 port 59718	2019-07-19 20:26:24

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 129.204.52.199
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63539
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;129.204.52.199.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019090402 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Sep 05 04:53:02 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 199.52.204.129.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 199.52.204.129.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
69.94.131.11	attackspam	Apr 23 11:51:45 web01.agentur-b-2.de postfix/smtpd[151314]: NOQUEUE: reject: RCPT from unknown[69.94.131.11]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=ESMTP helo= Apr 23 11:51:45 web01.agentur-b-2.de postfix/smtpd[148165]: NOQUEUE: reject: RCPT from unknown[69.94.131.11]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=ESMTP helo= Apr 23 11:51:45 web01.agentur-b-2.de postfix/smtpd[153585]: NOQUEUE: reject: RCPT from unknown[69.94.131.11]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=ESMTP helo= Apr 23 11:51:45 web01.agentur-b-2.de postfix/smtpd[153584]: NOQUEUE: reject: RCPT from unknown[69.94.131.11]: 45	2020-04-23 21:57:04
122.51.211.249	attack	Apr 23 14:43:07 tuxlinux sshd[43461]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.211.249 user=root Apr 23 14:43:09 tuxlinux sshd[43461]: Failed password for root from 122.51.211.249 port 43704 ssh2 Apr 23 14:43:07 tuxlinux sshd[43461]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.211.249 user=root Apr 23 14:43:09 tuxlinux sshd[43461]: Failed password for root from 122.51.211.249 port 43704 ssh2 ...	2020-04-23 22:00:45
118.42.232.140	attackbots	Telnet/23 MH Probe, Scan, BF, Hack -	2020-04-23 22:27:25
137.116.126.217	attackspambots	Scanning for exploits - //wp-includes/wlwmanifest.xml	2020-04-23 22:20:39
83.239.38.2	attackspambots	"Unauthorized connection attempt on SSHD detected"	2020-04-23 22:24:19
178.62.224.217	attack	" "	2020-04-23 22:13:42
5.196.63.250	attackspam	Apr 23 15:56:17 vps647732 sshd[23492]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.196.63.250 Apr 23 15:56:19 vps647732 sshd[23492]: Failed password for invalid user tester from 5.196.63.250 port 55986 ssh2 ...	2020-04-23 22:13:06
200.133.39.24	attack	Apr 23 11:03:50 XXX sshd[38221]: Invalid user jo from 200.133.39.24 port 47186	2020-04-23 22:18:46
113.164.176.252	attackspam	Unauthorized connection attempt from IP address 113.164.176.252 on Port 445(SMB)	2020-04-23 22:09:31
197.86.219.33	attackbotsspam	Unauthorized connection attempt from IP address 197.86.219.33 on Port 445(SMB)	2020-04-23 22:10:38
193.108.211.92	attackbotsspam	Port probing on unauthorized port 445	2020-04-23 22:20:02
182.53.30.60	attackbots	Unauthorized connection attempt from IP address 182.53.30.60 on Port 445(SMB)	2020-04-23 22:21:57
185.234.219.82	attackspambots	Apr 23 12:35:36 h2829583 postfix/smtpd[18359]: lost connection after EHLO from unknown[185.234.219.82] Apr 23 12:48:24 h2829583 postfix/smtpd[18584]: lost connection after CONNECT from unknown[185.234.219.82]	2020-04-23 21:59:02
71.47.252.26	attackbotsspam	[portscan] tcp/23 [TELNET] *(RWIN=46827)(04231254)	2020-04-23 22:21:06
121.241.109.210	attackbotsspam	Unauthorized connection attempt from IP address 121.241.109.210 on Port 445(SMB)	2020-04-23 22:26:22

最近上报的IP列表

168.181.51.119	179.48.167.149	209.164.168.249	146.242.56.24
31.128.13.150	146.242.56.17	49.231.229.229	24.55.236.255
163.124.57.196	114.47.182.167	225.205.11.92	61.250.144.195
47.181.10.165	74.32.132.192	49.141.135.184	203.64.211.76
253.20.250.93	3.199.33.83	177.134.217.14	245.135.108.32