119.29.53.107 - IPInfo

基本信息:

城市(city): Beijing

省份(region): Beijing

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): Shenzhen Tencent Computer Systems Company Limited

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Oct 13 15:05:07 ourumov-web sshd\[12428\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.53.107 user=root Oct 13 15:05:09 ourumov-web sshd\[12428\]: Failed password for root from 119.29.53.107 port 35904 ssh2 Oct 13 15:12:34 ourumov-web sshd\[12953\]: Invalid user admin from 119.29.53.107 port 40897 ...	2020-10-13 21:43:51
attackbotsspam	SSH Invalid Login	2020-10-13 05:55:40
attackspam	$f2bV_matches	2020-09-30 06:11:03
attackspam	$f2bV_matches	2020-09-29 22:23:54
attackspambots	Sep 28 00:25:09 dhoomketu sshd[3412758]: Failed password for root from 119.29.53.107 port 46383 ssh2 Sep 28 00:28:25 dhoomketu sshd[3412793]: Invalid user fabio from 119.29.53.107 port 42398 Sep 28 00:28:25 dhoomketu sshd[3412793]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.53.107 Sep 28 00:28:25 dhoomketu sshd[3412793]: Invalid user fabio from 119.29.53.107 port 42398 Sep 28 00:28:26 dhoomketu sshd[3412793]: Failed password for invalid user fabio from 119.29.53.107 port 42398 ssh2 ...	2020-09-28 03:28:36
attackspam	(sshd) Failed SSH login from 119.29.53.107 (CN/China/Guangdong/Shenzhen/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 27 04:41:14 atlas sshd[25469]: Invalid user deployop from 119.29.53.107 port 46295 Sep 27 04:41:16 atlas sshd[25469]: Failed password for invalid user deployop from 119.29.53.107 port 46295 ssh2 Sep 27 04:48:38 atlas sshd[27156]: Invalid user admin from 119.29.53.107 port 52011 Sep 27 04:48:40 atlas sshd[27156]: Failed password for invalid user admin from 119.29.53.107 port 52011 ssh2 Sep 27 04:50:22 atlas sshd[27570]: Invalid user vmuser from 119.29.53.107 port 34202	2020-09-27 19:39:10
attackbots	$f2bV_matches	2020-09-07 15:13:40
attackbots	SSH login attempts.	2020-09-07 07:40:27
attackbots	"fail2ban match"	2020-07-27 21:15:48
attackbotsspam	Jul 21 11:48:00 ns382633 sshd\[15662\]: Invalid user derek from 119.29.53.107 port 40787 Jul 21 11:48:00 ns382633 sshd\[15662\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.53.107 Jul 21 11:48:03 ns382633 sshd\[15662\]: Failed password for invalid user derek from 119.29.53.107 port 40787 ssh2 Jul 21 11:57:30 ns382633 sshd\[17535\]: Invalid user txd from 119.29.53.107 port 58137 Jul 21 11:57:30 ns382633 sshd\[17535\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.53.107	2020-07-21 18:32:17
attack	Jul 19 10:51:47 vpn01 sshd[25927]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.53.107 Jul 19 10:51:49 vpn01 sshd[25927]: Failed password for invalid user qb from 119.29.53.107 port 39939 ssh2 ...	2020-07-19 20:30:36
attackbotsspam	Invalid user rik from 119.29.53.107 port 42610	2020-07-02 03:33:49
attackspam	$f2bV_matches	2020-06-26 16:20:37
attack	Jun 14 14:30:46 gestao sshd[15859]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.53.107 Jun 14 14:30:48 gestao sshd[15859]: Failed password for invalid user nfsd from 119.29.53.107 port 55997 ssh2 Jun 14 14:34:40 gestao sshd[15972]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.53.107 ...	2020-06-15 00:18:36
attackspam	(sshd) Failed SSH login from 119.29.53.107 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jun 8 14:53:16 s1 sshd[27699]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.53.107 user=root Jun 8 14:53:18 s1 sshd[27699]: Failed password for root from 119.29.53.107 port 60693 ssh2 Jun 8 15:00:44 s1 sshd[28048]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.53.107 user=root Jun 8 15:00:45 s1 sshd[28048]: Failed password for root from 119.29.53.107 port 40685 ssh2 Jun 8 15:04:18 s1 sshd[28580]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.53.107 user=root	2020-06-09 01:05:56
attackbotsspam	$f2bV_matches	2020-05-25 21:18:59
attackspam	May 12 08:43:00 lukav-desktop sshd\[1328\]: Invalid user redis from 119.29.53.107 May 12 08:43:00 lukav-desktop sshd\[1328\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.53.107 May 12 08:43:02 lukav-desktop sshd\[1328\]: Failed password for invalid user redis from 119.29.53.107 port 48639 ssh2 May 12 08:46:47 lukav-desktop sshd\[1431\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.53.107 user=root May 12 08:46:50 lukav-desktop sshd\[1431\]: Failed password for root from 119.29.53.107 port 41663 ssh2	2020-05-12 19:00:07
attackbotsspam	Invalid user lyj from 119.29.53.107 port 53300	2020-03-22 14:12:53
attack	Mar 19 17:52:17 master sshd[5317]: Failed password for root from 119.29.53.107 port 47738 ssh2	2020-03-20 03:57:13
attackbotsspam	Invalid user openldap from 119.29.53.107 port 50473 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.53.107 Failed password for invalid user openldap from 119.29.53.107 port 50473 ssh2 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.53.107 user=root Failed password for root from 119.29.53.107 port 45232 ssh2	2020-03-19 19:33:32
attackbotsspam	ssh brute force	2020-02-09 18:02:57
attackbots	Feb 8 04:05:13 mail sshd\[35353\]: Invalid user gid from 119.29.53.107 Feb 8 04:05:13 mail sshd\[35353\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.53.107 ...	2020-02-08 18:21:28
attackspam	Jan 27 00:41:11 server sshd\[475\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.53.107 user=root Jan 27 00:41:13 server sshd\[475\]: Failed password for root from 119.29.53.107 port 33784 ssh2 Jan 27 07:46:54 server sshd\[6662\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.53.107 user=nagios Jan 27 07:46:56 server sshd\[6662\]: Failed password for nagios from 119.29.53.107 port 32801 ssh2 Jan 27 14:10:10 server sshd\[3076\]: Invalid user mr from 119.29.53.107 Jan 27 14:10:10 server sshd\[3076\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.53.107 ...	2020-01-27 22:21:21
attackbots	Unauthorized connection attempt detected from IP address 119.29.53.107 to port 2220 [J]	2020-01-26 06:52:06
attack	Unauthorized connection attempt detected from IP address 119.29.53.107 to port 2220 [J]	2020-01-19 17:47:14
attackbots	Dec 27 00:51:44 sso sshd[6460]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.53.107 Dec 27 00:51:46 sso sshd[6460]: Failed password for invalid user nonorin from 119.29.53.107 port 46927 ssh2 ...	2019-12-27 08:04:11
attack	ssh failed login	2019-12-22 03:57:46
attackspam	Dec 13 19:10:42 mail sshd\[5032\]: Invalid user rcfox from 119.29.53.107 Dec 13 19:10:42 mail sshd\[5032\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.53.107 Dec 13 19:10:43 mail sshd\[5032\]: Failed password for invalid user rcfox from 119.29.53.107 port 33513 ssh2 ...	2019-12-14 04:21:51
attackbotsspam	Fail2Ban - SSH Bruteforce Attempt	2019-12-12 08:58:42
attackspambots	$f2bV_matches	2019-12-04 18:22:28

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 119.29.53.107
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 4145
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;119.29.53.107.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019043000 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Tue Apr 30 23:58:23 +08 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 107.53.29.119.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 107.53.29.119.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
41.230.90.84	attackbotsspam	Unauthorized connection attempt detected from IP address 41.230.90.84 to port 445	2020-02-01 14:56:23
77.42.74.42	attackbotsspam	Automatic report - Port Scan Attack	2020-02-01 15:20:02
173.235.137.181	attackspam	Unauthorized connection attempt detected from IP address 173.235.137.181 to port 2220 [J]	2020-02-01 15:25:00
118.71.97.37	attackbots	1580532947 - 02/01/2020 05:55:47 Host: 118.71.97.37/118.71.97.37 Port: 445 TCP Blocked	2020-02-01 15:10:02
35.180.243.229	attackbots	[SatFeb0105:55:03.4634772020][:error][pid21558:tid47092718393088][client35.180.243.229:59454][client35.180.243.229]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch"\(\?:\\\\\\\\b\(\?:\\\\\\\\.\(\?:ht\(\?:access\\|passwd\\|group\)\\|www_\?acl\)\\|global\\\\\\\\.asa\\|httpd\\\\\\\\.conf\\|boot\\\\\\\\.ini\\|web.config\)\\\\\\\\b\\|\(\\|\^\\|\\\\\\\\.\\\\\\\\.\)/etc/\\|/\\\\\\\\.\(\?:history\\|bash_history\\|sh_history\\|env\)\$\)"atREQUEST_FILENAME.[file"/etc/apache2/conf.d/modsec_rules/10_asl_rules.conf"][line"211"][id"390709"][rev"30"][msg"Atomicorp.comWAFRules:Attempttoaccessprotectedfileremotely"][data"/.env"][severity"CRITICAL"][hostname"fit-easy.com"][uri"/.env"][unique_id"XjUEp1lw@ITNBo5tuwhVOgAAAVI"][SatFeb0105:55:04.1422642020][:error][pid21463:tid47092612081408][client35.180.243.229:60096][client35.180.243.229]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch"\(\?:\\\\\\\\b\(\?:\\\\\\\\.\(\?:ht\(\?:access\\|passwd\\|group\)\\|www_\?acl\)\\|global\\\\\\\\.asa\\|httpd\\\\\\\\.conf	2020-02-01 15:34:51
212.64.127.106	attackspam	Invalid user divaker from 212.64.127.106 port 54166	2020-02-01 15:03:57
68.183.204.162	attackbots	Invalid user elilarasu from 68.183.204.162 port 35794	2020-02-01 15:24:29
194.26.29.129	attackbotsspam	firewall-block, port(s): 33035/tcp, 33057/tcp, 33058/tcp, 33123/tcp	2020-02-01 14:50:26
194.55.185.63	attackspam	FROM MAYAK CONSULTING	2020-02-01 15:12:55
123.6.27.7	attack	Unauthorized connection attempt detected from IP address 123.6.27.7 to port 2220 [J]	2020-02-01 14:55:28
92.50.249.92	attackbotsspam	Feb 1 04:56:15 l02a sshd[10824]: Invalid user jenkins from 92.50.249.92 Feb 1 04:56:15 l02a sshd[10824]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.50.249.92 Feb 1 04:56:15 l02a sshd[10824]: Invalid user jenkins from 92.50.249.92 Feb 1 04:56:16 l02a sshd[10824]: Failed password for invalid user jenkins from 92.50.249.92 port 34894 ssh2	2020-02-01 14:50:58
162.243.128.119	attack	1580532962 - 02/01/2020 05:56:02 Host: zg-0131a-196.stretchoid.com/162.243.128.119 Port: 5632 UDP Blocked	2020-02-01 14:58:51
69.229.6.33	attackbotsspam	Unauthorized connection attempt detected from IP address 69.229.6.33 to port 2220 [J]	2020-02-01 15:30:28
114.67.84.229	attack	$f2bV_matches	2020-02-01 15:11:49
1.2.225.68	attackbots	Unauthorized connection attempt from IP address 1.2.225.68 on Port 445(SMB)	2020-02-01 15:35:44

最近上报的IP列表

8.240.234.214	176.62.84.110	176.59.14.190	49.106.244.35
27.79.194.115	76.143.200.93	182.170.231.21	46.29.10.66
101.23.122.216	62.116.1.100	192.186.3.15	78.107.254.213
36.8.255.190	2.179.183.178	218.37.71.241	142.147.104.68
178.141.53.167	27.167.222.155	11.46.27.199	213.79.91.100