119.29.2.157 - IPInfo

基本信息:

城市(city): Beijing

省份(region): Beijing

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): Shenzhen Tencent Computer Systems Company Limited

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Brute-force attempt banned	2020-09-17 21:17:59
attack	Tried sshing with brute force.	2020-09-17 13:28:54
attack	Sep 16 21:12:21 [host] sshd[3819]: pam_unix(sshd:a Sep 16 21:12:23 [host] sshd[3819]: Failed password Sep 16 21:14:03 [host] sshd[3859]: pam_unix(sshd:a	2020-09-17 04:34:52
attack	Fail2Ban - SSH Bruteforce Attempt	2020-08-16 22:54:24
attack	Aug 15 16:17:48 *** sshd[26621]: User root from 119.29.2.157 not allowed because not listed in AllowUsers	2020-08-16 00:27:00
attack	Aug 9 08:05:48 ns381471 sshd[26817]: Failed password for root from 119.29.2.157 port 58077 ssh2	2020-08-09 17:34:17
attack	Aug 5 08:39:50 v22019038103785759 sshd\[30666\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.2.157 user=root Aug 5 08:39:51 v22019038103785759 sshd\[30666\]: Failed password for root from 119.29.2.157 port 46139 ssh2 Aug 5 08:42:31 v22019038103785759 sshd\[30793\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.2.157 user=root Aug 5 08:42:34 v22019038103785759 sshd\[30793\]: Failed password for root from 119.29.2.157 port 58884 ssh2 Aug 5 08:44:27 v22019038103785759 sshd\[30890\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.2.157 user=root ...	2020-08-05 16:41:28
attackbotsspam	Invalid user luser from 119.29.2.157 port 55525	2020-07-24 01:16:05
attackbotsspam	$f2bV_matches	2020-07-17 12:38:32
attack	Invalid user reini from 119.29.2.157 port 60722	2020-07-16 17:02:07
attackbotsspam	2020-07-06T13:31:03.505823shield sshd\[24354\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.2.157 user=ftp 2020-07-06T13:31:04.973054shield sshd\[24354\]: Failed password for ftp from 119.29.2.157 port 55592 ssh2 2020-07-06T13:33:34.183911shield sshd\[25411\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.2.157 user=root 2020-07-06T13:33:36.383429shield sshd\[25411\]: Failed password for root from 119.29.2.157 port 43593 ssh2 2020-07-06T13:36:10.519844shield sshd\[26917\]: Invalid user ucc from 119.29.2.157 port 59804	2020-07-06 23:01:40
attack	SSH auth scanning - multiple failed logins	2020-06-30 02:16:03
attackbotsspam	2020-06-03T22:50:03.920819linuxbox-skyline sshd[125644]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.2.157 user=root 2020-06-03T22:50:05.715607linuxbox-skyline sshd[125644]: Failed password for root from 119.29.2.157 port 37899 ssh2 ...	2020-06-04 14:28:13
attackbots	Invalid user akshays from 119.29.2.157 port 57294	2020-05-27 13:21:42
attack	(sshd) Failed SSH login from 119.29.2.157 (CN/China/-): 5 in the last 3600 secs	2020-05-24 05:54:02
attack	2020-05-15T20:47:09.969942shield sshd\[2447\]: Invalid user atul from 119.29.2.157 port 34956 2020-05-15T20:47:09.975872shield sshd\[2447\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.2.157 2020-05-15T20:47:11.387836shield sshd\[2447\]: Failed password for invalid user atul from 119.29.2.157 port 34956 ssh2 2020-05-15T20:51:16.061279shield sshd\[3316\]: Invalid user www-data from 119.29.2.157 port 58044 2020-05-15T20:51:16.067256shield sshd\[3316\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.2.157	2020-05-16 04:56:48
attackbotsspam	Repeated brute force against a port	2020-05-12 07:21:00
attackspam	Wordpress malicious attack:[sshd]	2020-05-08 15:26:16
attackspambots	May 3 14:26:48 eventyay sshd[8086]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.2.157 May 3 14:26:50 eventyay sshd[8086]: Failed password for invalid user ly from 119.29.2.157 port 34930 ssh2 May 3 14:31:06 eventyay sshd[8278]: Failed password for root from 119.29.2.157 port 59348 ssh2 ...	2020-05-03 20:43:36
attack	Invalid user j from 119.29.2.157 port 34203	2020-05-03 13:27:52
attackbotsspam	Invalid user j from 119.29.2.157 port 34203	2020-05-01 12:32:04
attackbotsspam	20 attempts against mh-ssh on cloud	2020-04-15 13:57:24
attackbotsspam	Apr 14 22:43:33 ns382633 sshd\[20971\]: Invalid user admin from 119.29.2.157 port 55025 Apr 14 22:43:33 ns382633 sshd\[20971\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.2.157 Apr 14 22:43:36 ns382633 sshd\[20971\]: Failed password for invalid user admin from 119.29.2.157 port 55025 ssh2 Apr 14 22:49:25 ns382633 sshd\[22039\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.2.157 user=root Apr 14 22:49:28 ns382633 sshd\[22039\]: Failed password for root from 119.29.2.157 port 59509 ssh2	2020-04-15 06:14:29
attackbots	Apr 13 09:40:36 cdc sshd[16443]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.2.157 Apr 13 09:40:38 cdc sshd[16443]: Failed password for invalid user admin from 119.29.2.157 port 39321 ssh2	2020-04-13 23:40:36
attack	k+ssh-bruteforce	2020-04-13 12:33:57
attackbots	2020-04-11T08:10:37.893074linuxbox-skyline sshd[50250]: Invalid user etienne from 119.29.2.157 port 45146 ...	2020-04-11 22:20:17
attackspam	2020-03-26T21:31:45.545582shield sshd\[851\]: Invalid user xne from 119.29.2.157 port 39436 2020-03-26T21:31:45.550747shield sshd\[851\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.2.157 2020-03-26T21:31:47.572675shield sshd\[851\]: Failed password for invalid user xne from 119.29.2.157 port 39436 ssh2 2020-03-26T21:34:02.116147shield sshd\[1354\]: Invalid user rxb from 119.29.2.157 port 32962 2020-03-26T21:34:02.126295shield sshd\[1354\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.2.157	2020-03-27 05:56:54
attackspambots	Mar 1 09:55:35 web1 sshd\[21585\]: Invalid user mapred from 119.29.2.157 Mar 1 09:55:35 web1 sshd\[21585\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.2.157 Mar 1 09:55:37 web1 sshd\[21585\]: Failed password for invalid user mapred from 119.29.2.157 port 54946 ssh2 Mar 1 10:01:13 web1 sshd\[22122\]: Invalid user demo from 119.29.2.157 Mar 1 10:01:13 web1 sshd\[22122\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.2.157	2020-03-02 04:07:25
attackbots	Feb 7 20:16:15 web9 sshd\[8719\]: Invalid user cqx from 119.29.2.157 Feb 7 20:16:15 web9 sshd\[8719\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.2.157 Feb 7 20:16:17 web9 sshd\[8719\]: Failed password for invalid user cqx from 119.29.2.157 port 60404 ssh2 Feb 7 20:19:36 web9 sshd\[9266\]: Invalid user flz from 119.29.2.157 Feb 7 20:19:36 web9 sshd\[9266\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.2.157	2020-02-08 20:50:23
attackbots	Unauthorized connection attempt detected from IP address 119.29.2.157 to port 2220 [J]	2020-01-12 04:17:29

相同子网IP讨论:

IP	类型	评论内容	时间
119.29.247.187	attack	$f2bV_matches	2020-10-13 02:11:42
119.29.231.121	attack	Oct 12 14:27:21 hidden sshd[10866]: Failed password for invalid user postgres from 119.29.231.121 port 48316 ssh2 Oct 12 14:33:01 hidden sshd[11015]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.231.121 user=root Oct 12 14:33:03 hidden sshd[11015]: Failed password for hidden from 119.29.231.121 port 56910 ssh2	2020-10-13 01:08:33
119.29.247.187	attack	$f2bV_matches	2020-10-12 17:36:50
119.29.231.121	attackbotsspam	Oct 12 10:26:28 ns37 sshd[26844]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.231.121 Oct 12 10:26:28 ns37 sshd[26844]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.231.121	2020-10-12 16:31:16
119.29.230.78	attackspam	Oct 11 17:16:28 sigma sshd\[22913\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.230.78 user=rootOct 11 17:22:18 sigma sshd\[23484\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.230.78 user=root ...	2020-10-12 05:31:28
119.29.230.78	attackbots	Brute%20Force%20SSH	2020-10-11 21:38:05
119.29.230.78	attack	Connection to SSH Honeypot - Detected by HoneypotDB	2020-10-11 13:34:45
119.29.230.78	attackbots	Oct 11 02:39:41 mx sshd[1336053]: Failed password for root from 119.29.230.78 port 44630 ssh2 Oct 11 02:43:46 mx sshd[1336167]: Invalid user greg from 119.29.230.78 port 35784 Oct 11 02:43:46 mx sshd[1336167]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.230.78 Oct 11 02:43:46 mx sshd[1336167]: Invalid user greg from 119.29.230.78 port 35784 Oct 11 02:43:49 mx sshd[1336167]: Failed password for invalid user greg from 119.29.230.78 port 35784 ssh2 ...	2020-10-11 06:58:28
119.29.216.238	attack	SSH BruteForce Attack	2020-10-10 05:46:29
119.29.216.238	attackbotsspam	Oct 8 22:53:15 dev0-dcde-rnet sshd[6866]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.216.238 Oct 8 22:53:17 dev0-dcde-rnet sshd[6866]: Failed password for invalid user marketing from 119.29.216.238 port 34206 ssh2 Oct 8 22:56:53 dev0-dcde-rnet sshd[6892]: Failed password for root from 119.29.216.238 port 35458 ssh2	2020-10-09 21:52:24
119.29.216.238	attackbots	Oct 8 22:53:15 dev0-dcde-rnet sshd[6866]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.216.238 Oct 8 22:53:17 dev0-dcde-rnet sshd[6866]: Failed password for invalid user marketing from 119.29.216.238 port 34206 ssh2 Oct 8 22:56:53 dev0-dcde-rnet sshd[6892]: Failed password for root from 119.29.216.238 port 35458 ssh2	2020-10-09 13:42:26
119.29.247.187	attack	SSH BruteForce Attack	2020-10-06 06:23:30
119.29.247.187	attackbots	Oct 5 15:03:12 marvibiene sshd[31382]: Failed password for root from 119.29.247.187 port 56332 ssh2	2020-10-05 22:29:34
119.29.247.187	attack	Banned for a week because repeated abuses, for example SSH, but not only	2020-10-05 14:23:35
119.29.216.238	attackbots	Bruteforce detected by fail2ban	2020-10-04 07:44:55

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 119.29.2.157
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 64084
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;119.29.2.157.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019040400 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Fri Apr 05 00:26:32 +08 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 157.2.29.119.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 157.2.29.119.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
80.211.78.132	attack	DATE:2020-03-04 01:21:33, IP:80.211.78.132, PORT:ssh SSH brute force auth (docker-dc)	2020-03-04 08:38:56
119.27.165.134	attack	Mar 3 13:37:35 hanapaa sshd\[10850\]: Invalid user gzx from 119.27.165.134 Mar 3 13:37:35 hanapaa sshd\[10850\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.27.165.134 Mar 3 13:37:37 hanapaa sshd\[10850\]: Failed password for invalid user gzx from 119.27.165.134 port 60058 ssh2 Mar 3 13:45:02 hanapaa sshd\[11867\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.27.165.134 user=mysql Mar 3 13:45:04 hanapaa sshd\[11867\]: Failed password for mysql from 119.27.165.134 port 47381 ssh2	2020-03-04 08:23:14
106.12.27.11	attackspam	Mar 3 19:18:24 plusreed sshd[17812]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.27.11 user=postgres Mar 3 19:18:26 plusreed sshd[17812]: Failed password for postgres from 106.12.27.11 port 41506 ssh2 ...	2020-03-04 08:26:11
185.143.223.161	attack	Mar 4 01:46:06 web01.agentur-b-2.de postfix/smtpd[34696]: NOQUEUE: reject: RCPT from unknown[185.143.223.161]: 554 5.7.1 : Relay access denied; from= to= proto=ESMTP helo=<[185.143.223.170]> Mar 4 01:46:06 web01.agentur-b-2.de postfix/smtpd[34696]: NOQUEUE: reject: RCPT from unknown[185.143.223.161]: 554 5.7.1 : Relay access denied; from= to= proto=ESMTP helo=<[185.143.223.170]> Mar 4 01:46:06 web01.agentur-b-2.de postfix/smtpd[34696]: NOQUEUE: reject: RCPT from unknown[185.143.223.161]: 554 5.7.1 : Relay access denied; from= to= proto=ESMTP helo=<[185.143.223.170]> Mar 4 01:46:06 web01.agentur-b-2.de postfix/smtpd[34696]: NOQUEUE: reject: RCPT from unknown[185.143.223.161]: 554 5.7.1 : Relay access denied; from= to=	2020-03-04 08:51:23
80.211.242.203	attack	Mar 3 23:38:33 ns381471 sshd[2817]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.242.203 Mar 3 23:38:35 ns381471 sshd[2817]: Failed password for invalid user admin from 80.211.242.203 port 39276 ssh2	2020-03-04 08:44:54
134.209.57.3	attackspam	2020-03-04T01:25:05.791945ns386461 sshd\[16156\]: Invalid user ftpuser from 134.209.57.3 port 33738 2020-03-04T01:25:05.796351ns386461 sshd\[16156\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.57.3 2020-03-04T01:25:08.606462ns386461 sshd\[16156\]: Failed password for invalid user ftpuser from 134.209.57.3 port 33738 ssh2 2020-03-04T01:42:21.725468ns386461 sshd\[31322\]: Invalid user teamsystem from 134.209.57.3 port 42802 2020-03-04T01:42:21.729135ns386461 sshd\[31322\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.57.3 ...	2020-03-04 08:43:54
185.68.28.237	attackspam	Mar 4 01:03:53 haigwepa sshd[11614]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.68.28.237 Mar 4 01:03:55 haigwepa sshd[11614]: Failed password for invalid user kelly from 185.68.28.237 port 48298 ssh2 ...	2020-03-04 08:22:12
222.186.173.154	attack	Mar 3 19:36:23 NPSTNNYC01T sshd[2998]: Failed password for root from 222.186.173.154 port 3092 ssh2 Mar 3 19:36:27 NPSTNNYC01T sshd[2998]: Failed password for root from 222.186.173.154 port 3092 ssh2 Mar 3 19:36:30 NPSTNNYC01T sshd[2998]: Failed password for root from 222.186.173.154 port 3092 ssh2 Mar 3 19:36:36 NPSTNNYC01T sshd[2998]: error: maximum authentication attempts exceeded for root from 222.186.173.154 port 3092 ssh2 [preauth] ...	2020-03-04 08:49:12
209.250.238.202	attack	Mar 4 05:21:27 areeb-Workstation sshd[19212]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=209.250.238.202 Mar 4 05:21:29 areeb-Workstation sshd[19212]: Failed password for invalid user niiv from 209.250.238.202 port 55490 ssh2 ...	2020-03-04 08:29:34
67.207.88.180	attack	Mar 4 01:43:10 ns381471 sshd[9900]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=67.207.88.180 Mar 4 01:43:13 ns381471 sshd[9900]: Failed password for invalid user qtss from 67.207.88.180 port 59292 ssh2	2020-03-04 08:48:39
80.232.252.82	attackspam	Mar 4 00:33:30 ArkNodeAT sshd\[22416\]: Invalid user graphics from 80.232.252.82 Mar 4 00:33:30 ArkNodeAT sshd\[22416\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.232.252.82 Mar 4 00:33:31 ArkNodeAT sshd\[22416\]: Failed password for invalid user graphics from 80.232.252.82 port 44012 ssh2	2020-03-04 08:31:00
45.227.255.58	attackspambots	22 attempts against mh-misbehave-ban on tree	2020-03-04 08:32:51
222.186.30.57	attackbotsspam	03/03/2020-19:32:01.035075 222.186.30.57 Protocol: 6 ET SCAN Potential SSH Scan	2020-03-04 08:44:29
31.133.0.44	attackbotsspam	2020-03-04T00:09:12.085380randservbullet-proofcloud-66.localdomain sshd[5989]: Invalid user mapred from 31.133.0.44 port 57338 2020-03-04T00:09:12.092353randservbullet-proofcloud-66.localdomain sshd[5989]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=31.133.0.44 2020-03-04T00:09:12.085380randservbullet-proofcloud-66.localdomain sshd[5989]: Invalid user mapred from 31.133.0.44 port 57338 2020-03-04T00:09:13.739465randservbullet-proofcloud-66.localdomain sshd[5989]: Failed password for invalid user mapred from 31.133.0.44 port 57338 ssh2 ...	2020-03-04 08:22:45
144.217.136.227	attackspambots	Mar 4 01:23:39 ns381471 sshd[8916]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.217.136.227 Mar 4 01:23:41 ns381471 sshd[8916]: Failed password for invalid user azureuser from 144.217.136.227 port 33746 ssh2	2020-03-04 08:33:32

最近上报的IP列表

118.89.106.252	83.234.8.214	78.94.181.182	14.116.251.199
107.170.204.25	121.146.117.94	119.29.11.100	118.25.62.242
37.32.120.130	80.229.28.86	116.234.39.28	93.159.154.206
185.176.221.164	109.81.214.48	154.70.48.11	103.231.92.231
87.9.39.13	185.53.88.52	157.112.183.19	5.34.160.38