129.204.82.4 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Automatic report - Banned IP Access	2020-10-14 07:33:32
attack	Oct 6 23:08:25 itv-usvr-01 sshd[5283]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.82.4 user=root Oct 6 23:08:27 itv-usvr-01 sshd[5283]: Failed password for root from 129.204.82.4 port 19243 ssh2 Oct 6 23:15:56 itv-usvr-01 sshd[5754]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.82.4 user=root Oct 6 23:15:58 itv-usvr-01 sshd[5754]: Failed password for root from 129.204.82.4 port 31066 ssh2	2020-10-07 04:01:54
attackspambots	20 attempts against mh-ssh on cloud	2020-10-06 20:03:12
attackspam	SSH Invalid Login	2020-09-25 08:35:33
attack	malicious Brute-Force reported by https://www.patrick-binder.de ...	2020-08-27 23:13:29
attackspam	Invalid user cmsftp from 129.204.82.4 port 53630	2020-08-22 06:02:56
attack	Aug 12 23:27:26 kh-dev-server sshd[16187]: Failed password for root from 129.204.82.4 port 17713 ssh2 ...	2020-08-13 07:52:17
attackbotsspam	Aug 8 08:47:47 ns382633 sshd\[4787\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.82.4 user=root Aug 8 08:47:48 ns382633 sshd\[4787\]: Failed password for root from 129.204.82.4 port 60189 ssh2 Aug 8 08:55:23 ns382633 sshd\[6418\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.82.4 user=root Aug 8 08:55:25 ns382633 sshd\[6418\]: Failed password for root from 129.204.82.4 port 20555 ssh2 Aug 8 08:58:19 ns382633 sshd\[6709\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.82.4 user=root	2020-08-08 18:46:03
attack	Aug 6 05:42:38 server sshd[1475]: Failed password for root from 129.204.82.4 port 56918 ssh2 Aug 6 05:49:08 server sshd[10879]: Failed password for root from 129.204.82.4 port 12356 ssh2 Aug 6 05:55:29 server sshd[20959]: Failed password for root from 129.204.82.4 port 24291 ssh2	2020-08-06 12:22:15
attackbotsspam	ssh brute force	2020-08-05 15:13:40
attackbotsspam	Jul 22 08:24:29 rancher-0 sshd[509179]: Invalid user pq from 129.204.82.4 port 40235 Jul 22 08:24:31 rancher-0 sshd[509179]: Failed password for invalid user pq from 129.204.82.4 port 40235 ssh2 ...	2020-07-22 14:34:09
attack	Jul 17 12:37:35 mout sshd[1607]: Invalid user amandabackup from 129.204.82.4 port 33961	2020-07-17 18:42:37
attack	Jul 16 03:55:21 scw-6657dc sshd[9512]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.82.4 Jul 16 03:55:21 scw-6657dc sshd[9512]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.82.4 Jul 16 03:55:24 scw-6657dc sshd[9512]: Failed password for invalid user admin from 129.204.82.4 port 63457 ssh2 ...	2020-07-16 12:33:32
attack	Jul 4 20:18:03 Ubuntu-1404-trusty-64-minimal sshd\[12846\]: Invalid user diz from 129.204.82.4 Jul 4 20:18:03 Ubuntu-1404-trusty-64-minimal sshd\[12846\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.82.4 Jul 4 20:18:05 Ubuntu-1404-trusty-64-minimal sshd\[12846\]: Failed password for invalid user diz from 129.204.82.4 port 25534 ssh2 Jul 4 20:24:42 Ubuntu-1404-trusty-64-minimal sshd\[16650\]: Invalid user erica from 129.204.82.4 Jul 4 20:24:42 Ubuntu-1404-trusty-64-minimal sshd\[16650\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.82.4	2020-07-05 02:27:08
attack	2020-04-14 UTC: (48x) - admin,asterisk,banens,coletta,lugf,maryl,msimon,mysqler,napsugar,onm,opedal,root(33x),sfarris,sonos,test,thaiset	2020-04-15 19:06:42
attackspambots	SSH Brute-Force reported by Fail2Ban	2020-04-12 12:49:14
attackspam	Tried sshing with brute force.	2020-04-09 09:28:45
attack	Invalid user toor from 129.204.82.4 port 32278	2020-03-26 01:19:30
attackbotsspam	Feb 3 07:29:52 MK-Soft-Root2 sshd[11834]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.82.4 Feb 3 07:29:54 MK-Soft-Root2 sshd[11834]: Failed password for invalid user jd from 129.204.82.4 port 37936 ssh2 ...	2020-02-03 14:34:04
attackspambots	Feb 2 04:52:48 pi sshd[20786]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.82.4 Feb 2 04:52:50 pi sshd[20786]: Failed password for invalid user develop from 129.204.82.4 port 9776 ssh2	2020-02-02 18:00:12
attackspambots	Jan 26 10:43:23 pkdns2 sshd\[14714\]: Invalid user mega from 129.204.82.4Jan 26 10:43:25 pkdns2 sshd\[14714\]: Failed password for invalid user mega from 129.204.82.4 port 25869 ssh2Jan 26 10:46:57 pkdns2 sshd\[14929\]: Invalid user user1 from 129.204.82.4Jan 26 10:46:59 pkdns2 sshd\[14929\]: Failed password for invalid user user1 from 129.204.82.4 port 52895 ssh2Jan 26 10:52:11 pkdns2 sshd\[15250\]: Invalid user test from 129.204.82.4Jan 26 10:52:13 pkdns2 sshd\[15250\]: Failed password for invalid user test from 129.204.82.4 port 23560 ssh2 ...	2020-01-26 17:03:47
attack	Jan 16 06:27:52 ns37 sshd[13968]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.82.4	2020-01-16 17:48:36
attackspambots	Jan 11 14:09:13 ns382633 sshd\[27153\]: Invalid user rze from 129.204.82.4 port 18662 Jan 11 14:09:13 ns382633 sshd\[27153\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.82.4 Jan 11 14:09:15 ns382633 sshd\[27153\]: Failed password for invalid user rze from 129.204.82.4 port 18662 ssh2 Jan 11 14:38:56 ns382633 sshd\[32083\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.82.4 user=root Jan 11 14:38:58 ns382633 sshd\[32083\]: Failed password for root from 129.204.82.4 port 50685 ssh2	2020-01-12 02:05:15
attackbots	Too many connections or unauthorized access detected from Arctic banned ip	2020-01-03 05:17:09
attack	[Aegis] @ 2019-12-22 15:50:53 0000 -> Attempted Administrator Privilege Gain: ET SCAN LibSSH Based Frequent SSH Connections Likely BruteForce Attack	2019-12-23 01:10:21
attackspam	Dec 14 17:55:28 sshgateway sshd\[19248\]: Invalid user rob_icf from 129.204.82.4 Dec 14 17:55:28 sshgateway sshd\[19248\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.82.4 Dec 14 17:55:31 sshgateway sshd\[19248\]: Failed password for invalid user rob_icf from 129.204.82.4 port 44313 ssh2	2019-12-15 02:00:23

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 129.204.82.4
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 25126
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;129.204.82.4.			IN	A

;; AUTHORITY SECTION:
.			484	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121400 1800 900 604800 86400

;; Query time: 102 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Dec 15 02:00:20 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 4.82.204.129.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 4.82.204.129.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
92.222.91.79	attack	SSH/22 MH Probe, BF, Hack -	2019-09-25 06:23:00
122.138.19.53	attack	23/tcp [2019-09-24]1pkt	2019-09-25 06:20:08
158.140.135.231	attack	Sep 24 11:46:50 tdfoods sshd\[23906\]: Invalid user testuser from 158.140.135.231 Sep 24 11:46:50 tdfoods sshd\[23906\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=158.140.135.231 Sep 24 11:46:53 tdfoods sshd\[23906\]: Failed password for invalid user testuser from 158.140.135.231 port 13476 ssh2 Sep 24 11:51:16 tdfoods sshd\[24326\]: Invalid user admin from 158.140.135.231 Sep 24 11:51:16 tdfoods sshd\[24326\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=158.140.135.231	2019-09-25 06:05:53
82.227.171.9	attackbots	Automatic report - Port Scan Attack	2019-09-25 06:15:26
46.38.144.17	attackbots	Sep 24 23:44:57 mail postfix/smtpd\[14651\]: warning: unknown\[46.38.144.17\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Sep 24 23:46:14 mail postfix/smtpd\[14707\]: warning: unknown\[46.38.144.17\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Sep 25 00:16:43 mail postfix/smtpd\[16103\]: warning: unknown\[46.38.144.17\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Sep 25 00:18:00 mail postfix/smtpd\[16597\]: warning: unknown\[46.38.144.17\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\	2019-09-25 06:31:24
200.201.217.104	attackspambots	$f2bV_matches	2019-09-25 06:03:52
104.131.8.137	attackbots	Sep 24 17:01:14 aat-srv002 sshd[25726]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.8.137 Sep 24 17:01:16 aat-srv002 sshd[25726]: Failed password for invalid user jcampbell from 104.131.8.137 port 59215 ssh2 Sep 24 17:06:14 aat-srv002 sshd[25841]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.8.137 Sep 24 17:06:16 aat-srv002 sshd[25841]: Failed password for invalid user matt from 104.131.8.137 port 51665 ssh2 ...	2019-09-25 06:06:39
186.225.60.102	attackspambots	445/tcp [2019-09-24]1pkt	2019-09-25 06:04:30
5.135.179.178	attackspambots	Sep 25 00:23:09 dedicated sshd[25625]: Invalid user florin from 5.135.179.178 port 5817	2019-09-25 06:29:46
112.85.42.186	attackbots	Sep 25 03:33:43 areeb-Workstation sshd[5082]: Failed password for root from 112.85.42.186 port 21611 ssh2 ...	2019-09-25 06:20:58
156.203.18.67	attackspam	2323/tcp [2019-09-24]1pkt	2019-09-25 06:07:13
222.82.237.238	attackbots	2019-09-24T21:52:25.834538abusebot-7.cloudsearch.cf sshd\[6348\]: Invalid user bocosftp from 222.82.237.238 port 17336	2019-09-25 06:00:28
178.76.233.126	attackspam	8888/tcp [2019-09-24]1pkt	2019-09-25 06:16:36
35.193.74.84	attackbotsspam	[TueSep2423:17:10.6695042019][:error][pid21277:tid46955304654592][client35.193.74.84:57416][client35.193.74.84]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch"python-requests/"atREQUEST_HEADERS:User-Agent.[file"/usr/local/apache.ea3/conf/modsec_rules/20_asl_useragents.conf"][line"211"][id"332039"][rev"4"][msg"Atomicorp.comWAFRules:SuspiciousUnusualUserAgent$python-requests$.Disablethisruleifyouusepython-requests/."][severity"CRITICAL"][hostname"nogano.ch"][uri"/robots.txt"][unique_id"XYqH1n4Vqho1Wi@hIMMh8QAAAFg"][TueSep2423:17:10.7879372019][:error][pid21277:tid46955304654592][client35.193.74.84:57416][client35.193.74.84]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch"python-requests/"atREQUEST_HEADERS:User-Agent.[file"/usr/local/apache.ea3/conf/modsec_rules/20_asl_useragents.conf"][line"211"][id"332039"][rev"4"][msg"Atomicorp.comWAFRules:SuspiciousUnusualUserAgent$python-requests$.Disablethisruleifyouusepython-requests/."][severity"CRITICAL"][hostna	2019-09-25 05:59:13
118.70.15.12	attackspambots	Unauthorised access (Sep 25) SRC=118.70.15.12 LEN=40 TTL=47 ID=44429 TCP DPT=8080 WINDOW=35113 SYN Unauthorised access (Sep 24) SRC=118.70.15.12 LEN=40 TTL=47 ID=41423 TCP DPT=8080 WINDOW=35113 SYN Unauthorised access (Sep 23) SRC=118.70.15.12 LEN=40 TTL=47 ID=16944 TCP DPT=8080 WINDOW=35113 SYN Unauthorised access (Sep 23) SRC=118.70.15.12 LEN=40 TTL=47 ID=15714 TCP DPT=8080 WINDOW=35113 SYN	2019-09-25 06:10:40

最近上报的IP列表

117.201.213.117	62.206.113.83	176.97.84.87	210.153.82.8
203.231.146.217	61.44.6.125	61.119.220.219	100.119.22.13
132.200.119.152	91.201.40.245	67.68.3.187	242.241.194.41
6.171.6.29	31.24.236.13	106.40.151.187	78.243.116.144
194.145.209.202	111.125.245.104	175.147.163.37	138.204.25.226