129.204.52.199

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Honeypot attack, port: 23, PTR: PTR record not found	2019-09-23 19:57:33
attackspam	Honeypot attack, port: 23, PTR: PTR record not found	2019-09-05 15:25:38
attackbots	Portscan detected	2019-09-05 04:53:07

相同子网IP讨论:

IP	类型	评论内容	时间
129.204.52.150	attackspam	Jun 7 08:38:09 yesfletchmain sshd\[17492\]: Invalid user teamspeak3 from 129.204.52.150 port 46762 Jun 7 08:38:09 yesfletchmain sshd\[17492\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.52.150 Jun 7 08:38:11 yesfletchmain sshd\[17492\]: Failed password for invalid user teamspeak3 from 129.204.52.150 port 46762 ssh2 Jun 7 08:43:09 yesfletchmain sshd\[17619\]: Invalid user worker from 129.204.52.150 port 52822 Jun 7 08:43:09 yesfletchmain sshd\[17619\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.52.150 ...	2019-12-24 03:14:24
129.204.52.150	attackspambots	Nov 12 07:33:29 localhost sshd\[26780\]: Invalid user nyracai from 129.204.52.150 port 58410 Nov 12 07:33:29 localhost sshd\[26780\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.52.150 Nov 12 07:33:31 localhost sshd\[26780\]: Failed password for invalid user nyracai from 129.204.52.150 port 58410 ssh2 Nov 12 07:38:20 localhost sshd\[26906\]: Invalid user catteryv from 129.204.52.150 port 39362 Nov 12 07:38:20 localhost sshd\[26906\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.52.150 ...	2019-11-12 19:34:15
129.204.52.150	attackspam	$f2bV_matches	2019-11-03 16:30:50
129.204.52.150	attackspambots	Sep 21 02:50:57 mail sshd\[10239\]: Invalid user oracle from 129.204.52.150 Sep 21 02:50:57 mail sshd\[10239\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.52.150 ...	2019-09-21 20:35:47
129.204.52.150	attack	Sep 13 13:21:00 vps647732 sshd[28188]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.52.150 Sep 13 13:21:02 vps647732 sshd[28188]: Failed password for invalid user user7 from 129.204.52.150 port 55594 ssh2 ...	2019-09-13 19:32:20
129.204.52.150	attack	Brute force SMTP login attempted. ...	2019-08-10 09:15:09
129.204.52.150	attack	Jul 27 05:27:24 vps647732 sshd[16453]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.52.150 Jul 27 05:27:26 vps647732 sshd[16453]: Failed password for invalid user add from 129.204.52.150 port 38542 ssh2 ...	2019-07-27 11:39:09
129.204.52.150	attackbots	Jul 24 07:30:04 v22018076622670303 sshd\[9564\]: Invalid user bg from 129.204.52.150 port 43692 Jul 24 07:30:04 v22018076622670303 sshd\[9564\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.52.150 Jul 24 07:30:06 v22018076622670303 sshd\[9564\]: Failed password for invalid user bg from 129.204.52.150 port 43692 ssh2 ...	2019-07-24 14:18:12
129.204.52.150	attack	Jul 23 16:53:37 v22018076622670303 sshd\[3987\]: Invalid user test6 from 129.204.52.150 port 44762 Jul 23 16:53:37 v22018076622670303 sshd\[3987\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.52.150 Jul 23 16:53:39 v22018076622670303 sshd\[3987\]: Failed password for invalid user test6 from 129.204.52.150 port 44762 ssh2 ...	2019-07-23 23:27:36
129.204.52.150	attack	Jul 22 23:28:49 animalibera sshd[19585]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.52.150 user=root Jul 22 23:28:51 animalibera sshd[19585]: Failed password for root from 129.204.52.150 port 44360 ssh2 ...	2019-07-23 07:41:39
129.204.52.150	attackbots	Invalid user zabbix from 129.204.52.150 port 59718	2019-07-19 20:26:24

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 129.204.52.199
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63539
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;129.204.52.199.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019090402 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Sep 05 04:53:02 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 199.52.204.129.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 199.52.204.129.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
184.105.139.82	attack	scan z	2019-10-22 19:49:20
110.80.17.26	attackbotsspam	Oct 22 13:34:06 ns381471 sshd[8561]: Failed password for root from 110.80.17.26 port 53796 ssh2 Oct 22 13:38:39 ns381471 sshd[12406]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.80.17.26 Oct 22 13:38:41 ns381471 sshd[12406]: Failed password for invalid user Raakel from 110.80.17.26 port 33734 ssh2	2019-10-22 19:44:30
95.245.235.96	attackspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/95.245.235.96/ IT - 1H : (90) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : IT NAME ASN : ASN3269 IP : 95.245.235.96 CIDR : 95.245.0.0/16 PREFIX COUNT : 550 UNIQUE IP COUNT : 19507712 ATTACKS DETECTED ASN3269 : 1H - 2 3H - 5 6H - 10 12H - 20 24H - 34 DateTime : 2019-10-22 13:53:47 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-10-22 20:05:59
179.185.121.188	attack	port scan and connect, tcp 23 (telnet)	2019-10-22 20:00:01
47.75.125.146	attack	$f2bV_matches	2019-10-22 19:53:46
106.13.85.56	attackbotsspam	Oct 22 13:17:06 fr01 sshd[30864]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.85.56 user=root Oct 22 13:17:07 fr01 sshd[30864]: Failed password for root from 106.13.85.56 port 58748 ssh2 Oct 22 13:48:42 fr01 sshd[4021]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.85.56 user=root Oct 22 13:48:44 fr01 sshd[4021]: Failed password for root from 106.13.85.56 port 48584 ssh2 Oct 22 13:53:43 fr01 sshd[4875]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.85.56 user=root Oct 22 13:53:46 fr01 sshd[4875]: Failed password for root from 106.13.85.56 port 56202 ssh2 ...	2019-10-22 20:09:02
190.102.140.7	attackbotsspam	Oct 22 08:24:02 master sshd[2976]: Failed password for invalid user daina from 190.102.140.7 port 49542 ssh2 Oct 22 08:30:32 master sshd[3304]: Failed password for root from 190.102.140.7 port 43964 ssh2 Oct 22 08:34:49 master sshd[3316]: Failed password for root from 190.102.140.7 port 55114 ssh2 Oct 22 08:39:14 master sshd[3328]: Failed password for invalid user gregoire from 190.102.140.7 port 38046 ssh2 Oct 22 08:43:34 master sshd[3340]: Failed password for invalid user arma3server from 190.102.140.7 port 49202 ssh2 Oct 22 08:47:53 master sshd[3361]: Failed password for invalid user pink from 190.102.140.7 port 60356 ssh2 Oct 22 08:53:47 master sshd[3379]: Failed password for root from 190.102.140.7 port 43302 ssh2 Oct 22 08:58:18 master sshd[3391]: Failed password for root from 190.102.140.7 port 54460 ssh2 Oct 22 09:02:46 master sshd[3703]: Failed password for invalid user ccccc from 190.102.140.7 port 37386 ssh2 Oct 22 09:07:11 master sshd[3715]: Failed password for root from 190.102.140.7 port 48544 s	2019-10-22 19:44:03
179.49.117.37	attackspambots	Automatic report - Web App Attack	2019-10-22 20:08:26
45.113.71.219	attackbots	UTC: 2019-10-21 port: 85/tcp	2019-10-22 19:45:05
153.127.93.21	attackbots	ssh failed login	2019-10-22 20:13:22
121.142.111.230	attack	Oct 22 13:53:32 jane sshd[22077]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.142.111.230 Oct 22 13:53:34 jane sshd[22077]: Failed password for invalid user bserver from 121.142.111.230 port 60828 ssh2 ...	2019-10-22 20:15:39
27.5.61.57	attackspambots	Brute force attempt	2019-10-22 19:57:52
188.50.177.192	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/188.50.177.192/ SA - 1H : (11) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : SA NAME ASN : ASN25019 IP : 188.50.177.192 CIDR : 188.50.160.0/19 PREFIX COUNT : 918 UNIQUE IP COUNT : 3531776 ATTACKS DETECTED ASN25019 : 1H - 1 3H - 2 6H - 3 12H - 6 24H - 10 DateTime : 2019-10-22 13:53:47 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-10-22 20:04:59
91.191.223.227	attackbots	Invalid user kay from 91.191.223.227 port 55434	2019-10-22 20:00:29
192.3.162.10	attackbotsspam	Oct 22 13:47:43 vmanager6029 sshd\[12072\]: Invalid user vapid from 192.3.162.10 port 41030 Oct 22 13:47:43 vmanager6029 sshd\[12072\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.3.162.10 Oct 22 13:47:45 vmanager6029 sshd\[12072\]: Failed password for invalid user vapid from 192.3.162.10 port 41030 ssh2	2019-10-22 19:48:34

最近上报的IP列表

168.181.51.119	179.48.167.149	209.164.168.249	146.242.56.24
31.128.13.150	146.242.56.17	49.231.229.229	24.55.236.255
163.124.57.196	114.47.182.167	225.205.11.92	61.250.144.195
47.181.10.165	74.32.132.192	49.141.135.184	203.64.211.76
253.20.250.93	3.199.33.83	177.134.217.14	245.135.108.32