119.29.10.2 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	SSH login attempts with user root.	2019-11-30 06:40:16

相同子网IP讨论:

IP	类型	评论内容	时间
119.29.10.25	attack	$f2bV_matches	2020-09-30 03:13:53
119.29.10.25	attackspam	sshd: Failed password for invalid user .... from 119.29.10.25 port 59874 ssh2 (5 attempts)	2020-09-29 19:18:13
119.29.10.25	attackbotsspam	Sep 24 19:51:21 plg sshd[23357]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.10.25 Sep 24 19:51:22 plg sshd[23357]: Failed password for invalid user csgoserver from 119.29.10.25 port 58615 ssh2 Sep 24 19:54:45 plg sshd[23413]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.10.25 Sep 24 19:54:47 plg sshd[23413]: Failed password for invalid user userftp from 119.29.10.25 port 48723 ssh2 Sep 24 19:58:04 plg sshd[23458]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.10.25 Sep 24 19:58:06 plg sshd[23458]: Failed password for invalid user elsearch from 119.29.10.25 port 38831 ssh2 Sep 24 20:01:20 plg sshd[23499]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.10.25 ...	2020-09-25 03:28:40
119.29.10.25	attackbots	Invalid user duser from 119.29.10.25 port 46147	2020-09-24 19:13:27
119.29.10.25	attack	Aug 17 10:01:03 NPSTNNYC01T sshd[2777]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.10.25 Aug 17 10:01:05 NPSTNNYC01T sshd[2777]: Failed password for invalid user zhangfan from 119.29.10.25 port 57106 ssh2 Aug 17 10:04:48 NPSTNNYC01T sshd[3018]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.10.25 ...	2020-08-17 23:08:07
119.29.10.25	attack	SSH Brute Force	2020-08-07 22:00:43
119.29.10.25	attackbots	Aug 5 16:15:05 marvibiene sshd[23502]: Failed password for root from 119.29.10.25 port 39080 ssh2 Aug 5 16:20:00 marvibiene sshd[23750]: Failed password for root from 119.29.10.25 port 36505 ssh2	2020-08-06 03:53:00
119.29.107.20	attackbots	Aug 3 05:44:28 vm0 sshd[1233]: Failed password for root from 119.29.107.20 port 32107 ssh2 ...	2020-08-03 12:52:02
119.29.10.25	attackspam	Aug 2 16:21:22 Tower sshd[2575]: Connection from 119.29.10.25 port 56062 on 192.168.10.220 port 22 rdomain "" Aug 2 16:21:26 Tower sshd[2575]: Failed password for root from 119.29.10.25 port 56062 ssh2 Aug 2 16:21:26 Tower sshd[2575]: Received disconnect from 119.29.10.25 port 56062:11: Bye Bye [preauth] Aug 2 16:21:26 Tower sshd[2575]: Disconnected from authenticating user root 119.29.10.25 port 56062 [preauth]	2020-08-03 08:09:37
119.29.107.20	attackbotsspam	Jul 23 13:54:08 icinga sshd[50700]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.107.20 Jul 23 13:54:10 icinga sshd[50700]: Failed password for invalid user yip from 119.29.107.20 port 27901 ssh2 Jul 23 14:06:50 icinga sshd[7073]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.107.20 ...	2020-07-24 01:39:06
119.29.10.25	attackbots	2020-07-23T11:49:02+0200 Failed SSH Authentication/Brute Force Attack. (Server 5)	2020-07-23 20:04:24
119.29.10.25	attack	Jul 18 11:29:56 ns392434 sshd[12760]: Invalid user tech from 119.29.10.25 port 41774 Jul 18 11:29:56 ns392434 sshd[12760]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.10.25 Jul 18 11:29:56 ns392434 sshd[12760]: Invalid user tech from 119.29.10.25 port 41774 Jul 18 11:29:58 ns392434 sshd[12760]: Failed password for invalid user tech from 119.29.10.25 port 41774 ssh2 Jul 18 11:38:03 ns392434 sshd[13015]: Invalid user lgonzalez from 119.29.10.25 port 54266 Jul 18 11:38:03 ns392434 sshd[13015]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.10.25 Jul 18 11:38:03 ns392434 sshd[13015]: Invalid user lgonzalez from 119.29.10.25 port 54266 Jul 18 11:38:04 ns392434 sshd[13015]: Failed password for invalid user lgonzalez from 119.29.10.25 port 54266 ssh2 Jul 18 11:44:48 ns392434 sshd[13324]: Invalid user raju from 119.29.10.25 port 60201	2020-07-18 19:30:42
119.29.10.25	attack	Jul 9 06:57:21 vpn01 sshd[17323]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.10.25 Jul 9 06:57:23 vpn01 sshd[17323]: Failed password for invalid user xlong from 119.29.10.25 port 60774 ssh2 ...	2020-07-09 15:12:03
119.29.107.20	attack	Invalid user monitor from 119.29.107.20 port 14338	2020-06-12 17:01:59
119.29.10.25	attackspambots	Jun 10 07:38:57 serwer sshd\[21310\]: Invalid user hlwang from 119.29.10.25 port 53217 Jun 10 07:38:57 serwer sshd\[21310\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.10.25 Jun 10 07:38:58 serwer sshd\[21310\]: Failed password for invalid user hlwang from 119.29.10.25 port 53217 ssh2 ...	2020-06-10 14:52:18

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 119.29.10.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 61265
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;119.29.10.2.			IN	A

;; AUTHORITY SECTION:
.			537	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019112901 1800 900 604800 86400

;; Query time: 104 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Nov 30 06:40:12 CST 2019
;; MSG SIZE  rcvd: 115

HOST信息:

Host 2.10.29.119.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 2.10.29.119.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
67.205.138.198	attack	Invalid user master from 67.205.138.198 port 54064	2020-02-21 15:59:58
45.252.248.18	attack	45.252.248.18 - - \[21/Feb/2020:05:54:47 +0100\] "POST /wp-login.php HTTP/1.0" 200 7778 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 45.252.248.18 - - \[21/Feb/2020:05:54:50 +0100\] "POST /wp-login.php HTTP/1.0" 200 7768 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 45.252.248.18 - - \[21/Feb/2020:05:54:54 +0100\] "POST /wp-login.php HTTP/1.0" 200 7634 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2020-02-21 16:08:44
217.107.194.5	attackspambots	fell into ViewStateTrap:wien2018	2020-02-21 15:57:37
170.106.37.110	attack	20/2/20@23:54:53: FAIL: Alarm-Intrusion address from=170.106.37.110 ...	2020-02-21 16:10:12
157.55.39.230	attack	Automatic report - Banned IP Access	2020-02-21 16:22:51
36.79.235.22	attackspambots	1582260913 - 02/21/2020 05:55:13 Host: 36.79.235.22/36.79.235.22 Port: 445 TCP Blocked	2020-02-21 15:56:01
106.12.34.56	attack	Automatic report - Banned IP Access	2020-02-21 15:40:11
81.134.196.130	attackspam	firewall-block, port(s): 445/tcp	2020-02-21 16:04:51
18.221.6.250	attackbotsspam	Automatically reported by fail2ban report script (mx1)	2020-02-21 16:16:22
116.1.189.45	attackspam	Portscan detected	2020-02-21 15:50:34
164.77.117.10	attackspam	Feb 21 01:08:08 plusreed sshd[15147]: Invalid user tom from 164.77.117.10 ...	2020-02-21 16:11:48
83.23.152.186	attackspam	Automatic report - Port Scan Attack	2020-02-21 16:17:07
27.106.116.63	attack	Fail2Ban Ban Triggered	2020-02-21 16:09:00
43.228.125.7	attackbots	Invalid user will from 43.228.125.7 port 44000	2020-02-21 16:11:27
34.68.76.76	attack	xmlrpc attack	2020-02-21 16:10:31

最近上报的IP列表

106.52.106.6	106.52.17.2	106.51.98.1	106.51.0.4
87.99.159.145	3.88.143.18	210.66.20.116	143.255.241.105
106.14.122.2	106.13.52.1	106.13.5.1	106.13.147.6
106.13.15.1	106.12.89.1	67.224.33.144	106.12.220.2
106.12.178.6	106.12.159.2	114.29.236.196	104.244.79.1