129.204.52.199

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Honeypot attack, port: 23, PTR: PTR record not found	2019-09-23 19:57:33
attackspam	Honeypot attack, port: 23, PTR: PTR record not found	2019-09-05 15:25:38
attackbots	Portscan detected	2019-09-05 04:53:07

相同子网IP讨论:

IP	类型	评论内容	时间
129.204.52.150	attackspam	Jun 7 08:38:09 yesfletchmain sshd\[17492\]: Invalid user teamspeak3 from 129.204.52.150 port 46762 Jun 7 08:38:09 yesfletchmain sshd\[17492\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.52.150 Jun 7 08:38:11 yesfletchmain sshd\[17492\]: Failed password for invalid user teamspeak3 from 129.204.52.150 port 46762 ssh2 Jun 7 08:43:09 yesfletchmain sshd\[17619\]: Invalid user worker from 129.204.52.150 port 52822 Jun 7 08:43:09 yesfletchmain sshd\[17619\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.52.150 ...	2019-12-24 03:14:24
129.204.52.150	attackspambots	Nov 12 07:33:29 localhost sshd\[26780\]: Invalid user nyracai from 129.204.52.150 port 58410 Nov 12 07:33:29 localhost sshd\[26780\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.52.150 Nov 12 07:33:31 localhost sshd\[26780\]: Failed password for invalid user nyracai from 129.204.52.150 port 58410 ssh2 Nov 12 07:38:20 localhost sshd\[26906\]: Invalid user catteryv from 129.204.52.150 port 39362 Nov 12 07:38:20 localhost sshd\[26906\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.52.150 ...	2019-11-12 19:34:15
129.204.52.150	attackspam	$f2bV_matches	2019-11-03 16:30:50
129.204.52.150	attackspambots	Sep 21 02:50:57 mail sshd\[10239\]: Invalid user oracle from 129.204.52.150 Sep 21 02:50:57 mail sshd\[10239\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.52.150 ...	2019-09-21 20:35:47
129.204.52.150	attack	Sep 13 13:21:00 vps647732 sshd[28188]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.52.150 Sep 13 13:21:02 vps647732 sshd[28188]: Failed password for invalid user user7 from 129.204.52.150 port 55594 ssh2 ...	2019-09-13 19:32:20
129.204.52.150	attack	Brute force SMTP login attempted. ...	2019-08-10 09:15:09
129.204.52.150	attack	Jul 27 05:27:24 vps647732 sshd[16453]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.52.150 Jul 27 05:27:26 vps647732 sshd[16453]: Failed password for invalid user add from 129.204.52.150 port 38542 ssh2 ...	2019-07-27 11:39:09
129.204.52.150	attackbots	Jul 24 07:30:04 v22018076622670303 sshd\[9564\]: Invalid user bg from 129.204.52.150 port 43692 Jul 24 07:30:04 v22018076622670303 sshd\[9564\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.52.150 Jul 24 07:30:06 v22018076622670303 sshd\[9564\]: Failed password for invalid user bg from 129.204.52.150 port 43692 ssh2 ...	2019-07-24 14:18:12
129.204.52.150	attack	Jul 23 16:53:37 v22018076622670303 sshd\[3987\]: Invalid user test6 from 129.204.52.150 port 44762 Jul 23 16:53:37 v22018076622670303 sshd\[3987\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.52.150 Jul 23 16:53:39 v22018076622670303 sshd\[3987\]: Failed password for invalid user test6 from 129.204.52.150 port 44762 ssh2 ...	2019-07-23 23:27:36
129.204.52.150	attack	Jul 22 23:28:49 animalibera sshd[19585]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.52.150 user=root Jul 22 23:28:51 animalibera sshd[19585]: Failed password for root from 129.204.52.150 port 44360 ssh2 ...	2019-07-23 07:41:39
129.204.52.150	attackbots	Invalid user zabbix from 129.204.52.150 port 59718	2019-07-19 20:26:24

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 129.204.52.199
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63539
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;129.204.52.199.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019090402 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Sep 05 04:53:02 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 199.52.204.129.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 199.52.204.129.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
185.53.88.44	attack	ET SCAN Sipvicious Scan - port: 5060 proto: UDP cat: Attempted Information Leak	2020-02-22 05:08:46
103.1.209.245	attackspambots	Invalid user informix from 103.1.209.245 port 8808	2020-02-22 05:07:07
118.26.136.162	attackspam	suspicious action Fri, 21 Feb 2020 10:10:14 -0300	2020-02-22 05:10:07
46.101.103.191	attack	Feb 20 19:12:25 giraffe sshd[3414]: Did not receive identification string from 46.101.103.191 Feb 20 19:12:48 giraffe sshd[3415]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.103.191 user=r.r Feb 20 19:12:50 giraffe sshd[3415]: Failed password for r.r from 46.101.103.191 port 42430 ssh2 Feb 20 19:12:50 giraffe sshd[3415]: Received disconnect from 46.101.103.191 port 42430:11: Normal Shutdown, Thank you for playing [preauth] Feb 20 19:12:50 giraffe sshd[3415]: Disconnected from 46.101.103.191 port 42430 [preauth] Feb 20 19:13:31 giraffe sshd[3419]: Invalid user oracle from 46.101.103.191 Feb 20 19:13:31 giraffe sshd[3419]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.103.191 Feb 20 19:13:33 giraffe sshd[3419]: Failed password for invalid user oracle from 46.101.103.191 port 60122 ssh2 Feb 20 19:13:33 giraffe sshd[3419]: Received disconnect from 46.101.103.191 port 60122:1........ -------------------------------	2020-02-22 04:59:16
218.92.0.211	attack	Feb 21 21:57:13 eventyay sshd[16846]: Failed password for root from 218.92.0.211 port 42256 ssh2 Feb 21 22:00:53 eventyay sshd[16910]: Failed password for root from 218.92.0.211 port 35400 ssh2 ...	2020-02-22 05:19:46
218.92.0.189	attack	Feb 21 22:02:52 legacy sshd[3039]: Failed password for root from 218.92.0.189 port 36971 ssh2 Feb 21 22:02:54 legacy sshd[3039]: Failed password for root from 218.92.0.189 port 36971 ssh2 Feb 21 22:02:56 legacy sshd[3039]: Failed password for root from 218.92.0.189 port 36971 ssh2 ...	2020-02-22 05:06:13
130.185.108.140	attack	Feb 21 14:10:19 grey postfix/smtpd\[31717\]: NOQUEUE: reject: RCPT from bridge.graddoll.com\[130.185.108.140\]: 554 5.7.1 Service unavailable\; Client host \[130.185.108.140\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[130.185.108.140\]\; from=\ to=\ proto=ESMTP helo=\ ...	2020-02-22 05:05:49
37.139.24.190	attackbotsspam	Feb 21 15:10:25 vps58358 sshd\[21171\]: Failed password for lp from 37.139.24.190 port 50990 ssh2Feb 21 15:12:48 vps58358 sshd\[21179\]: Failed password for backup from 37.139.24.190 port 45610 ssh2Feb 21 15:15:22 vps58358 sshd\[21205\]: Invalid user daniel from 37.139.24.190Feb 21 15:15:24 vps58358 sshd\[21205\]: Failed password for invalid user daniel from 37.139.24.190 port 40230 ssh2Feb 21 15:17:54 vps58358 sshd\[21215\]: Failed password for games from 37.139.24.190 port 34848 ssh2Feb 21 15:20:18 vps58358 sshd\[21227\]: Invalid user tom from 37.139.24.190 ...	2020-02-22 05:23:12
187.188.90.141	attackbotsspam	Invalid user wisonadmin from 187.188.90.141 port 33170	2020-02-22 05:20:16
51.75.23.173	attack	Feb 21 16:45:45 lnxmysql61 sshd[29805]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.23.173	2020-02-22 05:29:14
162.243.132.128	attack	Port 5351 scan denied	2020-02-22 04:58:44
220.134.5.12	attackbots	firewall-block, port(s): 23/tcp	2020-02-22 05:00:00
212.64.14.178	attackbotsspam	Feb 21 22:17:21 plex sshd[18384]: Invalid user csgoserver from 212.64.14.178 port 53026 Feb 21 22:17:22 plex sshd[18384]: Failed password for invalid user csgoserver from 212.64.14.178 port 53026 ssh2 Feb 21 22:17:21 plex sshd[18384]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.14.178 Feb 21 22:17:21 plex sshd[18384]: Invalid user csgoserver from 212.64.14.178 port 53026 Feb 21 22:17:22 plex sshd[18384]: Failed password for invalid user csgoserver from 212.64.14.178 port 53026 ssh2	2020-02-22 05:30:30
54.39.145.31	attackbots	Feb 21 16:25:35 dedicated sshd[20806]: Invalid user scan from 54.39.145.31 port 46930	2020-02-22 05:28:48
91.121.211.34	attackspam	Invalid user steamuser from 91.121.211.34 port 57132	2020-02-22 05:26:21

最近上报的IP列表

168.181.51.119	179.48.167.149	209.164.168.249	146.242.56.24
31.128.13.150	146.242.56.17	49.231.229.229	24.55.236.255
163.124.57.196	114.47.182.167	225.205.11.92	61.250.144.195
47.181.10.165	74.32.132.192	49.141.135.184	203.64.211.76
253.20.250.93	3.199.33.83	177.134.217.14	245.135.108.32