119.29.10.2 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	SSH login attempts with user root.	2019-11-30 06:40:16

相同子网IP讨论:

IP	类型	评论内容	时间
119.29.10.25	attack	$f2bV_matches	2020-09-30 03:13:53
119.29.10.25	attackspam	sshd: Failed password for invalid user .... from 119.29.10.25 port 59874 ssh2 (5 attempts)	2020-09-29 19:18:13
119.29.10.25	attackbotsspam	Sep 24 19:51:21 plg sshd[23357]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.10.25 Sep 24 19:51:22 plg sshd[23357]: Failed password for invalid user csgoserver from 119.29.10.25 port 58615 ssh2 Sep 24 19:54:45 plg sshd[23413]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.10.25 Sep 24 19:54:47 plg sshd[23413]: Failed password for invalid user userftp from 119.29.10.25 port 48723 ssh2 Sep 24 19:58:04 plg sshd[23458]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.10.25 Sep 24 19:58:06 plg sshd[23458]: Failed password for invalid user elsearch from 119.29.10.25 port 38831 ssh2 Sep 24 20:01:20 plg sshd[23499]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.10.25 ...	2020-09-25 03:28:40
119.29.10.25	attackbots	Invalid user duser from 119.29.10.25 port 46147	2020-09-24 19:13:27
119.29.10.25	attack	Aug 17 10:01:03 NPSTNNYC01T sshd[2777]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.10.25 Aug 17 10:01:05 NPSTNNYC01T sshd[2777]: Failed password for invalid user zhangfan from 119.29.10.25 port 57106 ssh2 Aug 17 10:04:48 NPSTNNYC01T sshd[3018]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.10.25 ...	2020-08-17 23:08:07
119.29.10.25	attack	SSH Brute Force	2020-08-07 22:00:43
119.29.10.25	attackbots	Aug 5 16:15:05 marvibiene sshd[23502]: Failed password for root from 119.29.10.25 port 39080 ssh2 Aug 5 16:20:00 marvibiene sshd[23750]: Failed password for root from 119.29.10.25 port 36505 ssh2	2020-08-06 03:53:00
119.29.107.20	attackbots	Aug 3 05:44:28 vm0 sshd[1233]: Failed password for root from 119.29.107.20 port 32107 ssh2 ...	2020-08-03 12:52:02
119.29.10.25	attackspam	Aug 2 16:21:22 Tower sshd[2575]: Connection from 119.29.10.25 port 56062 on 192.168.10.220 port 22 rdomain "" Aug 2 16:21:26 Tower sshd[2575]: Failed password for root from 119.29.10.25 port 56062 ssh2 Aug 2 16:21:26 Tower sshd[2575]: Received disconnect from 119.29.10.25 port 56062:11: Bye Bye [preauth] Aug 2 16:21:26 Tower sshd[2575]: Disconnected from authenticating user root 119.29.10.25 port 56062 [preauth]	2020-08-03 08:09:37
119.29.107.20	attackbotsspam	Jul 23 13:54:08 icinga sshd[50700]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.107.20 Jul 23 13:54:10 icinga sshd[50700]: Failed password for invalid user yip from 119.29.107.20 port 27901 ssh2 Jul 23 14:06:50 icinga sshd[7073]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.107.20 ...	2020-07-24 01:39:06
119.29.10.25	attackbots	2020-07-23T11:49:02+0200 Failed SSH Authentication/Brute Force Attack. (Server 5)	2020-07-23 20:04:24
119.29.10.25	attack	Jul 18 11:29:56 ns392434 sshd[12760]: Invalid user tech from 119.29.10.25 port 41774 Jul 18 11:29:56 ns392434 sshd[12760]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.10.25 Jul 18 11:29:56 ns392434 sshd[12760]: Invalid user tech from 119.29.10.25 port 41774 Jul 18 11:29:58 ns392434 sshd[12760]: Failed password for invalid user tech from 119.29.10.25 port 41774 ssh2 Jul 18 11:38:03 ns392434 sshd[13015]: Invalid user lgonzalez from 119.29.10.25 port 54266 Jul 18 11:38:03 ns392434 sshd[13015]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.10.25 Jul 18 11:38:03 ns392434 sshd[13015]: Invalid user lgonzalez from 119.29.10.25 port 54266 Jul 18 11:38:04 ns392434 sshd[13015]: Failed password for invalid user lgonzalez from 119.29.10.25 port 54266 ssh2 Jul 18 11:44:48 ns392434 sshd[13324]: Invalid user raju from 119.29.10.25 port 60201	2020-07-18 19:30:42
119.29.10.25	attack	Jul 9 06:57:21 vpn01 sshd[17323]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.10.25 Jul 9 06:57:23 vpn01 sshd[17323]: Failed password for invalid user xlong from 119.29.10.25 port 60774 ssh2 ...	2020-07-09 15:12:03
119.29.107.20	attack	Invalid user monitor from 119.29.107.20 port 14338	2020-06-12 17:01:59
119.29.10.25	attackspambots	Jun 10 07:38:57 serwer sshd\[21310\]: Invalid user hlwang from 119.29.10.25 port 53217 Jun 10 07:38:57 serwer sshd\[21310\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.10.25 Jun 10 07:38:58 serwer sshd\[21310\]: Failed password for invalid user hlwang from 119.29.10.25 port 53217 ssh2 ...	2020-06-10 14:52:18

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 119.29.10.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 61265
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;119.29.10.2.			IN	A

;; AUTHORITY SECTION:
.			537	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019112901 1800 900 604800 86400

;; Query time: 104 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Nov 30 06:40:12 CST 2019
;; MSG SIZE  rcvd: 115

HOST信息:

Host 2.10.29.119.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 2.10.29.119.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
202.152.1.67	attackspam	Mar 1 22:46:28 mout sshd[27838]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.152.1.67 user=backup Mar 1 22:46:30 mout sshd[27838]: Failed password for backup from 202.152.1.67 port 37138 ssh2	2020-03-02 07:47:33
198.108.67.57	attackbotsspam	Scanning random ports - tries to find possible vulnerable services	2020-03-02 07:35:52
196.218.129.70	attackspambots	Scanning random ports - tries to find possible vulnerable services	2020-03-02 07:48:43
197.55.16.85	attackspambots	Scanning random ports - tries to find possible vulnerable services	2020-03-02 07:45:27
222.209.185.172	attackbotsspam	Feb 24 21:47:50 ahost sshd[10387]: reveeclipse mapping checking getaddrinfo for 172.185.209.222.broad.cd.sc.dynamic.163data.com.cn [222.209.185.172] failed - POSSIBLE BREAK-IN ATTEMPT! Feb 24 21:47:50 ahost sshd[10387]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.209.185.172 user=r.r Feb 24 21:47:52 ahost sshd[10387]: Failed password for r.r from 222.209.185.172 port 49770 ssh2 Feb 24 21:47:52 ahost sshd[10387]: Received disconnect from 222.209.185.172: 11: Bye Bye [preauth] Feb 24 21:53:05 ahost sshd[10590]: reveeclipse mapping checking getaddrinfo for 172.185.209.222.broad.cd.sc.dynamic.163data.com.cn [222.209.185.172] failed - POSSIBLE BREAK-IN ATTEMPT! Feb 24 21:53:05 ahost sshd[10590]: Invalid user ubuntu from 222.209.185.172 Feb 24 21:53:05 ahost sshd[10590]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.209.185.172 Feb 24 21:53:07 ahost sshd[10590]: Failed password for ........ ------------------------------	2020-03-02 07:47:12
198.108.67.77	attack	Scanning random ports - tries to find possible vulnerable services	2020-03-02 07:35:39
198.46.154.34	attackbotsspam	Multiport scan : 41 ports scanned 7003 7019 7028 7066 7078 7085 7095 7108 7123 7136 7142 7206 7227 7270 7300 7313 7322 7332 7351 7468 7497 7529 7536 7581 7587 7608 7618 7651 7659 7663 7733 7739 7806 7825 7876 7914 7919 7922 7965 7983 7990	2020-03-02 07:41:21
198.108.66.100	attackspam	Scanning random ports - tries to find possible vulnerable services	2020-03-02 07:39:58
197.245.27.87	attack	Scanning random ports - tries to find possible vulnerable services	2020-03-02 07:44:20
198.108.67.83	attack	Multiport scan : 4 ports scanned 7443 12361 17000 18069	2020-03-02 07:34:10
193.138.154.1	attack	Scanning random ports - tries to find possible vulnerable services	2020-03-02 07:54:45
192.241.230.215	attackspam	Scanning random ports - tries to find possible vulnerable services	2020-03-02 08:02:39
198.108.66.70	attack	Scanning random ports - tries to find possible vulnerable services	2020-03-02 07:40:41
198.108.66.110	attackspambots	Mar 2 00:20:40 debian-2gb-nbg1-2 kernel: \[5364025.482129\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=198.108.66.110 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=54321 PROTO=TCP SPT=42717 DPT=11211 WINDOW=65535 RES=0x00 SYN URGP=0	2020-03-02 07:39:40
192.241.228.88	attack	Scan or attack attempt on email service.	2020-03-02 08:04:31

最近上报的IP列表

106.52.106.6	106.52.17.2	106.51.98.1	106.51.0.4
87.99.159.145	3.88.143.18	210.66.20.116	143.255.241.105
106.14.122.2	106.13.52.1	106.13.5.1	106.13.147.6
106.13.15.1	106.12.89.1	67.224.33.144	106.12.220.2
106.12.178.6	106.12.159.2	114.29.236.196	104.244.79.1