164.52.29.3 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Hong Kong

运营商(isp): Capital Online Data Service HK Co Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	2020-05-28T23:06:46.503578lavrinenko.info sshd[16070]: Invalid user hexin from 164.52.29.3 port 13084 2020-05-28T23:06:46.513268lavrinenko.info sshd[16070]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.52.29.3 2020-05-28T23:06:46.503578lavrinenko.info sshd[16070]: Invalid user hexin from 164.52.29.3 port 13084 2020-05-28T23:06:48.420986lavrinenko.info sshd[16070]: Failed password for invalid user hexin from 164.52.29.3 port 13084 ssh2 2020-05-28T23:09:42.998707lavrinenko.info sshd[16247]: Invalid user trading from 164.52.29.3 port 33224 ...	2020-05-29 04:38:59
attackbots	Apr 29 02:03:51 server sshd[12518]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.52.29.3 Apr 29 02:03:52 server sshd[12518]: Failed password for invalid user user from 164.52.29.3 port 37295 ssh2 Apr 29 02:05:51 server sshd[12751]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.52.29.3 Apr 29 02:05:53 server sshd[12751]: Failed password for invalid user admin from 164.52.29.3 port 56015 ssh2 ...	2020-04-29 16:13:48

类型

评论内容

时间

attackspambots

2020-05-28T23:06:46.503578lavrinenko.info sshd[16070]: Invalid user hexin from 164.52.29.3 port 13084
2020-05-28T23:06:46.513268lavrinenko.info sshd[16070]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.52.29.3
2020-05-28T23:06:46.503578lavrinenko.info sshd[16070]: Invalid user hexin from 164.52.29.3 port 13084
2020-05-28T23:06:48.420986lavrinenko.info sshd[16070]: Failed password for invalid user hexin from 164.52.29.3 port 13084 ssh2
2020-05-28T23:09:42.998707lavrinenko.info sshd[16247]: Invalid user trading from 164.52.29.3 port 33224
...

2020-05-29 04:38:59

attackbots

Apr 29 02:03:51 server sshd[12518]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.52.29.3 Apr 29 02:03:52 server sshd[12518]: Failed password for invalid user user from 164.52.29.3 port 37295 ssh2 Apr 29 02:05:51 server sshd[12751]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.52.29.3 Apr 29 02:05:53 server sshd[12751]: Failed password for invalid user admin from 164.52.29.3 port 56015 ssh2 ...

2020-04-29 16:13:48

相同子网IP讨论:

IP	类型	评论内容	时间
164.52.29.174	attackbotsspam	IBM Rational Quality Manager and Test Lab Manager Remote Code Execution Vulnerability	2020-07-15 17:19:17
164.52.29.174	attackspambots	1592106771 - 06/14/2020 10:52:51 Host: 164.52.29.174/164.52.29.174 Port: 8080 TCP Blocked ...	2020-06-14 15:05:19
164.52.29.174	attackbots	Apache2 login page brute-force attempt	2020-05-22 07:15:10
164.52.29.174	attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-12-30 22:49:32

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 164.52.29.3
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 55930
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;164.52.29.3.			IN	A

;; AUTHORITY SECTION:
.			290	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020042900 1800 900 604800 86400

;; Query time: 94 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Apr 29 16:13:41 CST 2020
;; MSG SIZE  rcvd: 115

HOST信息:

;; connection timed out; no servers could be reached

NSLOOKUP信息:

Server:		183.60.82.98
Address:	183.60.82.98#53

Non-authoritative answer:
*** Can't find 3.29.52.164.in-addr.arpa.: No answer

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
35.164.75.120	attackbots	...	2019-09-10 02:08:48
81.22.45.219	attackbotsspam	firewall-block, port(s): 5006/tcp, 9443/tcp, 10100/tcp, 22222/tcp, 40001/tcp, 49374/tcp	2019-09-10 02:19:01
94.23.204.136	attackspam	2019-09-09T17:57:07.675722 sshd[26943]: Invalid user a from 94.23.204.136 port 57184 2019-09-09T17:57:07.689526 sshd[26943]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.23.204.136 2019-09-09T17:57:07.675722 sshd[26943]: Invalid user a from 94.23.204.136 port 57184 2019-09-09T17:57:09.859586 sshd[26943]: Failed password for invalid user a from 94.23.204.136 port 57184 ssh2 2019-09-09T18:03:02.529148 sshd[27018]: Invalid user vmadmin from 94.23.204.136 port 33908 ...	2019-09-10 02:24:34
120.52.121.86	attackbots	Sep 9 20:08:39 plex sshd[19445]: Invalid user 12qwaszx from 120.52.121.86 port 44550	2019-09-10 02:18:37
222.186.42.15	attackbots	Sep 9 08:36:41 tdfoods sshd\[13586\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.15 user=root Sep 9 08:36:43 tdfoods sshd\[13586\]: Failed password for root from 222.186.42.15 port 44208 ssh2 Sep 9 08:36:48 tdfoods sshd\[13593\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.15 user=root Sep 9 08:36:51 tdfoods sshd\[13593\]: Failed password for root from 222.186.42.15 port 45554 ssh2 Sep 9 08:36:53 tdfoods sshd\[13593\]: Failed password for root from 222.186.42.15 port 45554 ssh2	2019-09-10 02:43:12
111.29.27.97	attackspam	Sep 9 19:39:56 vps691689 sshd[675]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.29.27.97 Sep 9 19:39:58 vps691689 sshd[675]: Failed password for invalid user guest from 111.29.27.97 port 40692 ssh2 ...	2019-09-10 01:58:35
140.143.241.251	attack	Sep 9 05:51:57 auw2 sshd\[19109\]: Invalid user amsftp from 140.143.241.251 Sep 9 05:51:57 auw2 sshd\[19109\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.241.251 Sep 9 05:51:59 auw2 sshd\[19109\]: Failed password for invalid user amsftp from 140.143.241.251 port 47292 ssh2 Sep 9 05:56:44 auw2 sshd\[19555\]: Invalid user user from 140.143.241.251 Sep 9 05:56:44 auw2 sshd\[19555\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.241.251	2019-09-10 01:57:51
218.92.0.191	attackbots	Sep 9 20:05:03 dcd-gentoo sshd[9644]: User root from 218.92.0.191 not allowed because none of user's groups are listed in AllowGroups Sep 9 20:05:06 dcd-gentoo sshd[9644]: error: PAM: Authentication failure for illegal user root from 218.92.0.191 Sep 9 20:05:03 dcd-gentoo sshd[9644]: User root from 218.92.0.191 not allowed because none of user's groups are listed in AllowGroups Sep 9 20:05:06 dcd-gentoo sshd[9644]: error: PAM: Authentication failure for illegal user root from 218.92.0.191 Sep 9 20:05:03 dcd-gentoo sshd[9644]: User root from 218.92.0.191 not allowed because none of user's groups are listed in AllowGroups Sep 9 20:05:06 dcd-gentoo sshd[9644]: error: PAM: Authentication failure for illegal user root from 218.92.0.191 Sep 9 20:05:06 dcd-gentoo sshd[9644]: Failed keyboard-interactive/pam for invalid user root from 218.92.0.191 port 18592 ssh2 ...	2019-09-10 02:12:24
183.167.196.65	attackbots	Sep 9 05:35:37 kapalua sshd\[31068\]: Invalid user testuser from 183.167.196.65 Sep 9 05:35:37 kapalua sshd\[31068\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.167.196.65 Sep 9 05:35:39 kapalua sshd\[31068\]: Failed password for invalid user testuser from 183.167.196.65 port 59808 ssh2 Sep 9 05:42:08 kapalua sshd\[31859\]: Invalid user sftp from 183.167.196.65 Sep 9 05:42:08 kapalua sshd\[31859\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.167.196.65	2019-09-10 02:26:48
142.4.204.122	attack	Sep 9 19:15:21 microserver sshd[31848]: Invalid user testuser from 142.4.204.122 port 53671 Sep 9 19:15:21 microserver sshd[31848]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.4.204.122 Sep 9 19:15:23 microserver sshd[31848]: Failed password for invalid user testuser from 142.4.204.122 port 53671 ssh2 Sep 9 19:21:37 microserver sshd[32633]: Invalid user mcserver from 142.4.204.122 port 56103 Sep 9 19:21:37 microserver sshd[32633]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.4.204.122 Sep 9 19:33:51 microserver sshd[34134]: Invalid user ts3 from 142.4.204.122 port 60982 Sep 9 19:33:51 microserver sshd[34134]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.4.204.122 Sep 9 19:33:53 microserver sshd[34134]: Failed password for invalid user ts3 from 142.4.204.122 port 60982 ssh2 Sep 9 19:40:17 microserver sshd[35300]: Invalid user node from 142.4.204.122 port 35209 S	2019-09-10 02:17:37
60.113.85.41	attack	Sep 9 21:14:07 server sshd\[31564\]: Invalid user chris from 60.113.85.41 port 51664 Sep 9 21:14:07 server sshd\[31564\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.113.85.41 Sep 9 21:14:08 server sshd\[31564\]: Failed password for invalid user chris from 60.113.85.41 port 51664 ssh2 Sep 9 21:20:04 server sshd\[6789\]: Invalid user sdtdserver from 60.113.85.41 port 54482 Sep 9 21:20:04 server sshd\[6789\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.113.85.41	2019-09-10 02:32:29
197.158.87.234	attack	Sep 9 07:57:04 wbs sshd\[14570\]: Invalid user owncloud from 197.158.87.234 Sep 9 07:57:04 wbs sshd\[14570\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.158.87.234 Sep 9 07:57:06 wbs sshd\[14570\]: Failed password for invalid user owncloud from 197.158.87.234 port 45756 ssh2 Sep 9 08:05:40 wbs sshd\[15405\]: Invalid user p@ssw0rd from 197.158.87.234 Sep 9 08:05:40 wbs sshd\[15405\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.158.87.234	2019-09-10 02:12:56
148.70.62.12	attack	Sep 9 17:45:10 localhost sshd\[27302\]: Invalid user admin from 148.70.62.12 port 37196 Sep 9 17:45:10 localhost sshd\[27302\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.62.12 Sep 9 17:45:12 localhost sshd\[27302\]: Failed password for invalid user admin from 148.70.62.12 port 37196 ssh2	2019-09-10 01:57:11
60.184.214.8	attackbots	port scan and connect, tcp 22 (ssh)	2019-09-10 02:21:42
50.236.39.195	attack	port scan and connect, tcp 80 (http)	2019-09-10 02:34:11

最近上报的IP列表

142.93.202.188	167.172.98.198	181.222.240.108	101.127.178.98
111.229.196.144	122.51.235.159	128.199.246.107	128.199.82.232
51.158.105.34	183.89.214.117	103.145.12.61	162.243.138.239
109.233.18.202	1.159.18.236	102.188.91.4	89.122.131.36
23.106.219.98	31.131.30.139	137.215.207.137	172.93.188.209