129.204.51.140

Basic Info

City: unknown

Region: Beijing

Country: China

Internet Service Provider: Tencent Cloud Computing (Beijing) Co. Ltd

Hostname: unknown

Organization: Shenzhen Tencent Computer Systems Company Limited

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	JP - 1H : (63) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : JP NAME ASN : ASN45090 IP : 129.204.51.140 CIDR : 129.204.0.0/18 PREFIX COUNT : 1788 UNIQUE IP COUNT : 2600192 WYKRYTE ATAKI Z ASN45090 : 1H - 2 3H - 5 6H - 9 12H - 15 24H - 35 INFO : SERVER - Looking for resource vulnerabilities Detected and Blocked by ADMIN - data recovery https://help-dysk.pl	2019-09-12 04:42:31
attackbotsspam	10 attempts against mh-pma-try-ban on air.magehost.pro	2019-07-10 23:26:34

Type

Details

Datetime

attackspam

JP - 1H : (63)  Protection Against DDoS WordPress plugin :  
 "odzyskiwanie danych help-dysk" 
 IP Address Ranges by Country : JP 
 NAME ASN : ASN45090 
 
 IP : 129.204.51.140 
 
 CIDR : 129.204.0.0/18 
 
 PREFIX COUNT : 1788 
 
 UNIQUE IP COUNT : 2600192 
 
 
 WYKRYTE ATAKI Z ASN45090 :  
  1H - 2 
  3H - 5 
  6H - 9 
 12H - 15 
 24H - 35 
 
 INFO : SERVER - Looking for resource vulnerabilities Detected and Blocked by ADMIN  - data recovery 
  https://help-dysk.pl

2019-09-12 04:42:31

attackbotsspam

10 attempts against mh-pma-try-ban on air.magehost.pro

2019-07-10 23:26:34

Comments on same subnet:

IP	Type	Details	Datetime
129.204.51.77	attack	Jul 20 20:55:54 pixelmemory sshd[858000]: Invalid user user from 129.204.51.77 port 60779 Jul 20 20:55:54 pixelmemory sshd[858000]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.51.77 Jul 20 20:55:54 pixelmemory sshd[858000]: Invalid user user from 129.204.51.77 port 60779 Jul 20 20:55:56 pixelmemory sshd[858000]: Failed password for invalid user user from 129.204.51.77 port 60779 ssh2 Jul 20 20:58:05 pixelmemory sshd[860565]: Invalid user webserver from 129.204.51.77 port 42632 ...	2020-07-21 12:42:32
129.204.51.77	attack	Jul 20 06:27:12 OPSO sshd\[31534\]: Invalid user kowal from 129.204.51.77 port 36214 Jul 20 06:27:12 OPSO sshd\[31534\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.51.77 Jul 20 06:27:14 OPSO sshd\[31534\]: Failed password for invalid user kowal from 129.204.51.77 port 36214 ssh2 Jul 20 06:32:38 OPSO sshd\[32561\]: Invalid user nova from 129.204.51.77 port 33662 Jul 20 06:32:38 OPSO sshd\[32561\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.51.77	2020-07-20 12:51:25
129.204.51.77	attackbots	20 attempts against mh-ssh on train	2020-06-22 14:32:33
129.204.51.226	attackspam	May 14 20:32:22 yesfletchmain sshd\[12753\]: Invalid user student6 from 129.204.51.226 port 60846 May 14 20:32:22 yesfletchmain sshd\[12753\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.51.226 May 14 20:32:24 yesfletchmain sshd\[12753\]: Failed password for invalid user student6 from 129.204.51.226 port 60846 ssh2 May 14 20:37:10 yesfletchmain sshd\[12824\]: Invalid user readonly from 129.204.51.226 port 36228 May 14 20:37:10 yesfletchmain sshd\[12824\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.51.226 ...	2019-12-24 03:20:01
129.204.51.226	attack	Brute force SMTP login attempted. ...	2019-08-10 09:17:24

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 129.204.51.140
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 16057
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;129.204.51.140.			IN	A

;; AUTHORITY SECTION:
.			2179	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019061702 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Jun 18 18:03:04 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 140.51.204.129.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 140.51.204.129.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
103.44.253.18	attack	frenzy	2020-05-31 18:58:15
177.193.88.63	attackbots	May 29 00:23:17 nbi10206 sshd[29119]: User r.r from 177.193.88.63 not allowed because not listed in AllowUsers May 29 00:23:17 nbi10206 sshd[29119]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.193.88.63 user=r.r May 29 00:23:20 nbi10206 sshd[29119]: Failed password for invalid user r.r from 177.193.88.63 port 8782 ssh2 May 29 00:23:20 nbi10206 sshd[29119]: Received disconnect from 177.193.88.63 port 8782:11: Bye Bye [preauth] May 29 00:23:20 nbi10206 sshd[29119]: Disconnected from 177.193.88.63 port 8782 [preauth] May 29 00:34:13 nbi10206 sshd[32138]: User r.r from 177.193.88.63 not allowed because not listed in AllowUsers May 29 00:34:13 nbi10206 sshd[32138]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.193.88.63 user=r.r May 29 00:34:15 nbi10206 sshd[32138]: Failed password for invalid user r.r from 177.193.88.63 port 34314 ssh2 May 29 00:34:15 nbi10206 sshd[32138]: Receiv........ -------------------------------	2020-05-31 19:15:38
220.247.236.239	attack	Unauthorized connection attempt from IP address 220.247.236.239 on Port 445(SMB)	2020-05-31 19:01:53
14.234.220.171	attackbotsspam	2020-05-3105:42:311jfErm-0002Zk-8a\<=info@whatsup2013.chH=$localhost$[113.190.64.33]:58932P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=2997id=08bd0b585378525ac6c375d93e4a607c5384d9@whatsup2013.chT="toalexxvistin09"foralexxvistin09@gmail.combharani_brethart@yahoo.comgauravdas699@gmail.com2020-05-3105:45:191jfEuU-0002jN-Ob\<=info@whatsup2013.chH=$localhost$[113.173.244.174]:49937P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=2991id=003187d4dff4ded64a4ff955b2c6ecf01dfe6c@whatsup2013.chT="tokevin_j_jhonatan"forkevin_j_jhonatan@hotmail.comdrb_0072002@yahoo.co.inshahbazgull786.ryk@gmail.com2020-05-3105:45:101jfEuL-0002iI-5p\<=info@whatsup2013.chH=$localhost$[14.234.220.171]:52850P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=3001id=adf5a0f3f8d3060a2d68de8d79be34380b07fd30@whatsup2013.chT="topaulapuzzo566"forpaulapuzzo566@gmail.comohman.kirk85@gmail.comssdtrrdff@hotmail.co	2020-05-31 19:08:39
51.91.212.81	attack	port scan and connect, tcp 25 (smtp)	2020-05-31 18:44:33
111.67.206.52	attackbots	web-1 [ssh_2] SSH Attack	2020-05-31 18:56:31
45.88.13.242	attackbotsspam	SSH Brute-Forcing (server1)	2020-05-31 19:04:05
34.96.228.73	attack	Lines containing failures of 34.96.228.73 May 28 09:39:47 cdb sshd[22439]: Invalid user admin from 34.96.228.73 port 59798 May 28 09:39:47 cdb sshd[22439]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=34.96.228.73 May 28 09:39:49 cdb sshd[22439]: Failed password for invalid user admin from 34.96.228.73 port 59798 ssh2 May 28 09:39:49 cdb sshd[22439]: Received disconnect from 34.96.228.73 port 59798:11: Bye Bye [preauth] May 28 09:39:49 cdb sshd[22439]: Disconnected from invalid user admin 34.96.228.73 port 59798 [preauth] May 28 09:55:29 cdb sshd[26646]: Invalid user laboratorio from 34.96.228.73 port 44602 May 28 09:55:29 cdb sshd[26646]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=34.96.228.73 May 28 09:55:31 cdb sshd[26646]: Failed password for invalid user laboratorio from 34.96.228.73 port 44602 ssh2 May 28 09:55:31 cdb sshd[26646]: Received disconnect from 34.96.228.73 port 44602........ ------------------------------	2020-05-31 18:46:16
62.234.145.195	attackbotsspam	IP blocked	2020-05-31 19:19:19
167.172.121.115	attackspambots	May 31 10:03:18 vmi345603 sshd[8828]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.172.121.115 May 31 10:03:20 vmi345603 sshd[8828]: Failed password for invalid user aogola from 167.172.121.115 port 52372 ssh2 ...	2020-05-31 18:55:29
58.87.67.226	attack	May 31 12:34:27 pve1 sshd[23691]: Failed password for root from 58.87.67.226 port 37396 ssh2 ...	2020-05-31 18:55:10
134.175.178.118	attackbots	May 31 11:29:17 sip sshd[13016]: Failed password for root from 134.175.178.118 port 49582 ssh2 May 31 11:34:31 sip sshd[14927]: Failed password for root from 134.175.178.118 port 48262 ssh2 May 31 11:37:38 sip sshd[16058]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.178.118	2020-05-31 18:47:00
114.218.231.31	attackbotsspam	Telnetd brute force attack detected by fail2ban	2020-05-31 19:14:03
178.128.183.90	attackbots	May 31 10:22:06 ns382633 sshd\[7294\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.183.90 user=root May 31 10:22:08 ns382633 sshd\[7294\]: Failed password for root from 178.128.183.90 port 46628 ssh2 May 31 10:26:44 ns382633 sshd\[8212\]: Invalid user nbalbi from 178.128.183.90 port 35596 May 31 10:26:44 ns382633 sshd\[8212\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.183.90 May 31 10:26:46 ns382633 sshd\[8212\]: Failed password for invalid user nbalbi from 178.128.183.90 port 35596 ssh2	2020-05-31 19:21:00
182.61.37.35	attackbotsspam	$f2bV_matches	2020-05-31 18:47:51

Recently Reported IPs

88.101.157.33	79.49.209.255	138.255.15.160	151.74.142.149
47.111.198.207	183.93.90.13	94.87.172.122	117.112.148.98
178.164.140.189	68.8.80.12	121.15.86.199	40.170.33.88
146.145.98.124	106.38.241.174	37.255.117.57	97.199.168.94
64.228.243.193	106.120.173.106	105.186.134.183	77.247.221.192