119.29.2.157 - IPInfo

基本信息:

城市(city): Beijing

省份(region): Beijing

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): Shenzhen Tencent Computer Systems Company Limited

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Brute-force attempt banned	2020-09-17 21:17:59
attack	Tried sshing with brute force.	2020-09-17 13:28:54
attack	Sep 16 21:12:21 [host] sshd[3819]: pam_unix(sshd:a Sep 16 21:12:23 [host] sshd[3819]: Failed password Sep 16 21:14:03 [host] sshd[3859]: pam_unix(sshd:a	2020-09-17 04:34:52
attack	Fail2Ban - SSH Bruteforce Attempt	2020-08-16 22:54:24
attack	Aug 15 16:17:48 *** sshd[26621]: User root from 119.29.2.157 not allowed because not listed in AllowUsers	2020-08-16 00:27:00
attack	Aug 9 08:05:48 ns381471 sshd[26817]: Failed password for root from 119.29.2.157 port 58077 ssh2	2020-08-09 17:34:17
attack	Aug 5 08:39:50 v22019038103785759 sshd\[30666\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.2.157 user=root Aug 5 08:39:51 v22019038103785759 sshd\[30666\]: Failed password for root from 119.29.2.157 port 46139 ssh2 Aug 5 08:42:31 v22019038103785759 sshd\[30793\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.2.157 user=root Aug 5 08:42:34 v22019038103785759 sshd\[30793\]: Failed password for root from 119.29.2.157 port 58884 ssh2 Aug 5 08:44:27 v22019038103785759 sshd\[30890\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.2.157 user=root ...	2020-08-05 16:41:28
attackbotsspam	Invalid user luser from 119.29.2.157 port 55525	2020-07-24 01:16:05
attackbotsspam	$f2bV_matches	2020-07-17 12:38:32
attack	Invalid user reini from 119.29.2.157 port 60722	2020-07-16 17:02:07
attackbotsspam	2020-07-06T13:31:03.505823shield sshd\[24354\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.2.157 user=ftp 2020-07-06T13:31:04.973054shield sshd\[24354\]: Failed password for ftp from 119.29.2.157 port 55592 ssh2 2020-07-06T13:33:34.183911shield sshd\[25411\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.2.157 user=root 2020-07-06T13:33:36.383429shield sshd\[25411\]: Failed password for root from 119.29.2.157 port 43593 ssh2 2020-07-06T13:36:10.519844shield sshd\[26917\]: Invalid user ucc from 119.29.2.157 port 59804	2020-07-06 23:01:40
attack	SSH auth scanning - multiple failed logins	2020-06-30 02:16:03
attackbotsspam	2020-06-03T22:50:03.920819linuxbox-skyline sshd[125644]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.2.157 user=root 2020-06-03T22:50:05.715607linuxbox-skyline sshd[125644]: Failed password for root from 119.29.2.157 port 37899 ssh2 ...	2020-06-04 14:28:13
attackbots	Invalid user akshays from 119.29.2.157 port 57294	2020-05-27 13:21:42
attack	(sshd) Failed SSH login from 119.29.2.157 (CN/China/-): 5 in the last 3600 secs	2020-05-24 05:54:02
attack	2020-05-15T20:47:09.969942shield sshd\[2447\]: Invalid user atul from 119.29.2.157 port 34956 2020-05-15T20:47:09.975872shield sshd\[2447\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.2.157 2020-05-15T20:47:11.387836shield sshd\[2447\]: Failed password for invalid user atul from 119.29.2.157 port 34956 ssh2 2020-05-15T20:51:16.061279shield sshd\[3316\]: Invalid user www-data from 119.29.2.157 port 58044 2020-05-15T20:51:16.067256shield sshd\[3316\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.2.157	2020-05-16 04:56:48
attackbotsspam	Repeated brute force against a port	2020-05-12 07:21:00
attackspam	Wordpress malicious attack:[sshd]	2020-05-08 15:26:16
attackspambots	May 3 14:26:48 eventyay sshd[8086]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.2.157 May 3 14:26:50 eventyay sshd[8086]: Failed password for invalid user ly from 119.29.2.157 port 34930 ssh2 May 3 14:31:06 eventyay sshd[8278]: Failed password for root from 119.29.2.157 port 59348 ssh2 ...	2020-05-03 20:43:36
attack	Invalid user j from 119.29.2.157 port 34203	2020-05-03 13:27:52
attackbotsspam	Invalid user j from 119.29.2.157 port 34203	2020-05-01 12:32:04
attackbotsspam	20 attempts against mh-ssh on cloud	2020-04-15 13:57:24
attackbotsspam	Apr 14 22:43:33 ns382633 sshd\[20971\]: Invalid user admin from 119.29.2.157 port 55025 Apr 14 22:43:33 ns382633 sshd\[20971\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.2.157 Apr 14 22:43:36 ns382633 sshd\[20971\]: Failed password for invalid user admin from 119.29.2.157 port 55025 ssh2 Apr 14 22:49:25 ns382633 sshd\[22039\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.2.157 user=root Apr 14 22:49:28 ns382633 sshd\[22039\]: Failed password for root from 119.29.2.157 port 59509 ssh2	2020-04-15 06:14:29
attackbots	Apr 13 09:40:36 cdc sshd[16443]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.2.157 Apr 13 09:40:38 cdc sshd[16443]: Failed password for invalid user admin from 119.29.2.157 port 39321 ssh2	2020-04-13 23:40:36
attack	k+ssh-bruteforce	2020-04-13 12:33:57
attackbots	2020-04-11T08:10:37.893074linuxbox-skyline sshd[50250]: Invalid user etienne from 119.29.2.157 port 45146 ...	2020-04-11 22:20:17
attackspam	2020-03-26T21:31:45.545582shield sshd\[851\]: Invalid user xne from 119.29.2.157 port 39436 2020-03-26T21:31:45.550747shield sshd\[851\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.2.157 2020-03-26T21:31:47.572675shield sshd\[851\]: Failed password for invalid user xne from 119.29.2.157 port 39436 ssh2 2020-03-26T21:34:02.116147shield sshd\[1354\]: Invalid user rxb from 119.29.2.157 port 32962 2020-03-26T21:34:02.126295shield sshd\[1354\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.2.157	2020-03-27 05:56:54
attackspambots	Mar 1 09:55:35 web1 sshd\[21585\]: Invalid user mapred from 119.29.2.157 Mar 1 09:55:35 web1 sshd\[21585\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.2.157 Mar 1 09:55:37 web1 sshd\[21585\]: Failed password for invalid user mapred from 119.29.2.157 port 54946 ssh2 Mar 1 10:01:13 web1 sshd\[22122\]: Invalid user demo from 119.29.2.157 Mar 1 10:01:13 web1 sshd\[22122\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.2.157	2020-03-02 04:07:25
attackbots	Feb 7 20:16:15 web9 sshd\[8719\]: Invalid user cqx from 119.29.2.157 Feb 7 20:16:15 web9 sshd\[8719\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.2.157 Feb 7 20:16:17 web9 sshd\[8719\]: Failed password for invalid user cqx from 119.29.2.157 port 60404 ssh2 Feb 7 20:19:36 web9 sshd\[9266\]: Invalid user flz from 119.29.2.157 Feb 7 20:19:36 web9 sshd\[9266\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.2.157	2020-02-08 20:50:23
attackbots	Unauthorized connection attempt detected from IP address 119.29.2.157 to port 2220 [J]	2020-01-12 04:17:29

相同子网IP讨论:

IP	类型	评论内容	时间
119.29.247.187	attack	$f2bV_matches	2020-10-13 02:11:42
119.29.231.121	attack	Oct 12 14:27:21 hidden sshd[10866]: Failed password for invalid user postgres from 119.29.231.121 port 48316 ssh2 Oct 12 14:33:01 hidden sshd[11015]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.231.121 user=root Oct 12 14:33:03 hidden sshd[11015]: Failed password for hidden from 119.29.231.121 port 56910 ssh2	2020-10-13 01:08:33
119.29.247.187	attack	$f2bV_matches	2020-10-12 17:36:50
119.29.231.121	attackbotsspam	Oct 12 10:26:28 ns37 sshd[26844]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.231.121 Oct 12 10:26:28 ns37 sshd[26844]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.231.121	2020-10-12 16:31:16
119.29.230.78	attackspam	Oct 11 17:16:28 sigma sshd\[22913\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.230.78 user=rootOct 11 17:22:18 sigma sshd\[23484\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.230.78 user=root ...	2020-10-12 05:31:28
119.29.230.78	attackbots	Brute%20Force%20SSH	2020-10-11 21:38:05
119.29.230.78	attack	Connection to SSH Honeypot - Detected by HoneypotDB	2020-10-11 13:34:45
119.29.230.78	attackbots	Oct 11 02:39:41 mx sshd[1336053]: Failed password for root from 119.29.230.78 port 44630 ssh2 Oct 11 02:43:46 mx sshd[1336167]: Invalid user greg from 119.29.230.78 port 35784 Oct 11 02:43:46 mx sshd[1336167]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.230.78 Oct 11 02:43:46 mx sshd[1336167]: Invalid user greg from 119.29.230.78 port 35784 Oct 11 02:43:49 mx sshd[1336167]: Failed password for invalid user greg from 119.29.230.78 port 35784 ssh2 ...	2020-10-11 06:58:28
119.29.216.238	attack	SSH BruteForce Attack	2020-10-10 05:46:29
119.29.216.238	attackbotsspam	Oct 8 22:53:15 dev0-dcde-rnet sshd[6866]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.216.238 Oct 8 22:53:17 dev0-dcde-rnet sshd[6866]: Failed password for invalid user marketing from 119.29.216.238 port 34206 ssh2 Oct 8 22:56:53 dev0-dcde-rnet sshd[6892]: Failed password for root from 119.29.216.238 port 35458 ssh2	2020-10-09 21:52:24
119.29.216.238	attackbots	Oct 8 22:53:15 dev0-dcde-rnet sshd[6866]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.216.238 Oct 8 22:53:17 dev0-dcde-rnet sshd[6866]: Failed password for invalid user marketing from 119.29.216.238 port 34206 ssh2 Oct 8 22:56:53 dev0-dcde-rnet sshd[6892]: Failed password for root from 119.29.216.238 port 35458 ssh2	2020-10-09 13:42:26
119.29.247.187	attack	SSH BruteForce Attack	2020-10-06 06:23:30
119.29.247.187	attackbots	Oct 5 15:03:12 marvibiene sshd[31382]: Failed password for root from 119.29.247.187 port 56332 ssh2	2020-10-05 22:29:34
119.29.247.187	attack	Banned for a week because repeated abuses, for example SSH, but not only	2020-10-05 14:23:35
119.29.216.238	attackbots	Bruteforce detected by fail2ban	2020-10-04 07:44:55

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 119.29.2.157
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 64084
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;119.29.2.157.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019040400 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Fri Apr 05 00:26:32 +08 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 157.2.29.119.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 157.2.29.119.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
62.233.65.111	attackbots	[2020-02-10 17:57:57] NOTICE[1148][C-00007cdd] chan_sip.c: Call from '' (62.233.65.111:60414) to extension '9001441519470678' rejected because extension not found in context 'public'. [2020-02-10 17:57:57] SECURITY[1163] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-02-10T17:57:57.122-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="9001441519470678",SessionID="0x7fd82c2348d8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/62.233.65.111/60414",ACLName="no_extension_match" [2020-02-10 18:07:02] NOTICE[1148][C-00007ce6] chan_sip.c: Call from '' (62.233.65.111:52760) to extension '0019441519470678' rejected because extension not found in context 'public'. [2020-02-10 18:07:02] SECURITY[1163] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-02-10T18:07:02.675-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="0019441519470678",SessionID="0x7fd82c31abc8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/ ...	2020-02-11 07:19:48
139.162.122.110	attack	SSH-bruteforce attempts	2020-02-11 07:02:40
222.252.32.70	attack	2020-02-1023:11:491j1HHQ-0003IE-BQ\<=verena@rs-solution.chH=$localhost$[222.252.32.70]:53547P=esmtpsaX=TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:verena@rs-solution.chS=2544id=959026757EAA8437EBEEA71FEBBD5287@rs-solution.chT="\;\)beveryhappytoreceiveyouranswerandtalkwithyou."forstefanhuang385@gmail.comtaylortrevor95@gmail.com2020-02-1023:12:191j1HHv-0003Ip-78\<=verena@rs-solution.chH=$localhost$[156.218.166.177]:40592P=esmtpsaX=TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:verena@rs-solution.chS=2591id=1217A1F2F92D03B06C6920986CC530D9@rs-solution.chT="\;DIwouldbepleasedtoobtainyourmailorchatwithme."forryan.burgess7@hotmail.commikejames9184@gmail.com2020-02-1023:11:301j1HH8-0003Hp-30\<=verena@rs-solution.chH=$localhost$[197.50.59.37]:48333P=esmtpsaX=TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:verena@rs-solution.chS=2523id=1510A6F5FE2A04B76B6E279F6B669688@rs-solution.chT="\;Dbedelightedtoobtainyourreply\	2020-02-11 07:43:35
142.44.160.214	attackbotsspam	Feb 11 00:08:33 zulu412 sshd\[31821\]: Invalid user odd from 142.44.160.214 port 47876 Feb 11 00:08:33 zulu412 sshd\[31821\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.44.160.214 Feb 11 00:08:35 zulu412 sshd\[31821\]: Failed password for invalid user odd from 142.44.160.214 port 47876 ssh2 ...	2020-02-11 07:14:45
49.233.92.6	attack	Feb 10 12:40:07 auw2 sshd\[12728\]: Invalid user kcg from 49.233.92.6 Feb 10 12:40:07 auw2 sshd\[12728\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.92.6 Feb 10 12:40:09 auw2 sshd\[12728\]: Failed password for invalid user kcg from 49.233.92.6 port 52646 ssh2 Feb 10 12:43:39 auw2 sshd\[13047\]: Invalid user tpb from 49.233.92.6 Feb 10 12:43:39 auw2 sshd\[13047\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.92.6	2020-02-11 07:08:59
185.176.27.6	attack	02/11/2020-00:22:20.883994 185.176.27.6 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2020-02-11 07:36:54
31.207.34.146	attackbotsspam	Automatic report - XMLRPC Attack	2020-02-11 07:06:29
191.248.195.36	attack	Unauthorized connection attempt detected from IP address 191.248.195.36 to port 23	2020-02-11 07:05:13
137.59.15.210	attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-02-11 07:34:58
122.100.110.64	attack	port scan and connect, tcp 23 (telnet)	2020-02-11 07:42:51
177.103.232.152	attackbots	Honeypot attack, port: 445, PTR: 177-103-232-152.dsl.telesp.net.br.	2020-02-11 07:32:41
185.68.28.237	attackspam	Feb 11 00:25:12 [host] sshd[21617]: Invalid user n Feb 11 00:25:12 [host] sshd[21617]: pam_unix(sshd: Feb 11 00:25:14 [host] sshd[21617]: Failed passwor	2020-02-11 07:32:23
193.253.182.33	attack	Feb 10 22:55:35 game-panel sshd[14497]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.253.182.33 Feb 10 22:55:37 game-panel sshd[14497]: Failed password for invalid user idg from 193.253.182.33 port 37944 ssh2 Feb 10 22:59:36 game-panel sshd[14640]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.253.182.33	2020-02-11 07:12:57
203.156.246.78	attackspambots	Hacking	2020-02-11 07:15:42
45.237.140.120	attack	Feb 11 00:04:42 legacy sshd[26883]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.237.140.120 Feb 11 00:04:44 legacy sshd[26883]: Failed password for invalid user fsd from 45.237.140.120 port 53214 ssh2 Feb 11 00:08:07 legacy sshd[27122]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.237.140.120 ...	2020-02-11 07:25:41

最近上报的IP列表

118.89.106.252	83.234.8.214	78.94.181.182	14.116.251.199
107.170.204.25	121.146.117.94	119.29.11.100	118.25.62.242
37.32.120.130	80.229.28.86	116.234.39.28	93.159.154.206
185.176.221.164	109.81.214.48	154.70.48.11	103.231.92.231
87.9.39.13	185.53.88.52	157.112.183.19	5.34.160.38